@emdash-cms/cloudflare 0.0.1

package/dist/plugins/index.mjs

@@ -0,0 +1,163 @@
+import { extractPlainText } from "emdash";
+
+//#region src/plugins/vectorize-search.ts
+/** Safely extract a string from an unknown value */
+function toString(value) {
+	return typeof value === "string" ? value : "";
+}
+/** Type guard: check if value is a record-like object */
+function isRecord(value) {
+	return value != null && typeof value === "object" && !Array.isArray(value);
+}
+/**
+* Get Cloudflare runtime environment from request
+*/
+function getCloudflareEnv(request) {
+	const locals = request[Symbol.for("astro.locals")];
+	if (locals?.runtime?.env) return locals.runtime.env;
+	return null;
+}
+/**
+* Extract searchable text from content entry
+*/
+function extractSearchableText(content) {
+	const parts = [];
+	if (typeof content.title === "string") parts.push(content.title);
+	for (const [key, value] of Object.entries(content)) {
+		if (key === "title" || key === "id" || key === "slug") continue;
+		if (typeof value === "string") {
+			const text = extractPlainText(value);
+			if (text) parts.push(text);
+		} else if (Array.isArray(value)) {
+			const text = extractPlainText(value);
+			if (text) parts.push(text);
+		}
+	}
+	return parts.join("\n");
+}
+/**
+* Create a Vectorize Search plugin definition
+*
+* Note: This returns a plain plugin definition object, not a resolved plugin.
+* It should be passed to the emdash() integration's plugins array.
+*/
+function vectorizeSearch(config = {}) {
+	const model = config.model ?? "@cf/bge-base-en-v1.5";
+	const targetCollections = config.collections;
+	let cachedEnv = null;
+	return {
+		id: "vectorize-search",
+		version: "1.0.0",
+		capabilities: ["read:content"],
+		hooks: {
+			"content:afterSave": { handler: async (event, _ctx) => {
+				const { content, collection } = event;
+				if (targetCollections && !targetCollections.includes(collection)) return;
+				if (!cachedEnv) {
+					console.warn("[vectorize-search] Environment not available in hook. Call the /query route first to initialize, or reindex manually.");
+					return;
+				}
+				const env = cachedEnv;
+				if (!env.AI || !env.VECTORIZE) {
+					console.warn("[vectorize-search] AI or VECTORIZE binding not available, skipping indexing");
+					return;
+				}
+				try {
+					const text = extractSearchableText(content);
+					if (!text.trim()) return;
+					const embedResult = await env.AI.run(model, { text: [text] });
+					if (!embedResult?.data?.[0]) {
+						console.error("[vectorize-search] Failed to generate embedding");
+						return;
+					}
+					const contentId = toString(content.id);
+					const contentSlug = toString(content.slug);
+					const contentTitle = toString(content.title);
+					await env.VECTORIZE.upsert([{
+						id: contentId,
+						values: embedResult.data[0],
+						metadata: {
+							collection,
+							slug: contentSlug ?? "",
+							title: contentTitle ?? ""
+						}
+					}]);
+					console.log(`[vectorize-search] Indexed ${collection}/${contentId}`);
+				} catch (error) {
+					console.error("[vectorize-search] Error indexing content:", error);
+				}
+			} },
+			"content:afterDelete": { handler: async (event, _ctx) => {
+				const { id, collection } = event;
+				if (targetCollections && !targetCollections.includes(collection)) return;
+				if (!cachedEnv?.VECTORIZE) return;
+				try {
+					await cachedEnv.VECTORIZE.deleteByIds([id]);
+					console.log(`[vectorize-search] Removed ${collection}/${id} from index`);
+				} catch (error) {
+					console.error("[vectorize-search] Error removing from index:", error);
+				}
+			} }
+		},
+		routes: {
+			query: { handler: async (ctx) => {
+				const { request } = ctx;
+				const input = isRecord(ctx.input) ? ctx.input : void 0;
+				const env = getCloudflareEnv(request);
+				if (env) cachedEnv = env;
+				if (!env?.AI || !env?.VECTORIZE) return {
+					error: "Vectorize or AI binding not available",
+					results: []
+				};
+				const query = typeof input?.q === "string" ? input.q : void 0;
+				if (!query) return {
+					error: "Query parameter 'q' is required",
+					results: []
+				};
+				try {
+					const embedResult = await env.AI.run(model, { text: [query] });
+					if (!embedResult?.data?.[0]) return {
+						error: "Failed to generate query embedding",
+						results: []
+					};
+					const queryOptions = {
+						topK: typeof input?.limit === "number" ? input.limit : 20,
+						returnMetadata: "all"
+					};
+					const collection = typeof input?.collection === "string" ? input.collection : void 0;
+					if (collection) queryOptions.filter = { collection };
+					return { results: (await env.VECTORIZE.query(embedResult.data[0], queryOptions)).matches.map((match) => ({
+						id: match.id,
+						score: match.score,
+						collection: toString(match.metadata?.collection),
+						slug: toString(match.metadata?.slug),
+						title: toString(match.metadata?.title)
+					})) };
+				} catch (error) {
+					console.error("[vectorize-search] Query error:", error);
+					return {
+						error: error instanceof Error ? error.message : "Query failed",
+						results: []
+					};
+				}
+			} },
+			reindex: { handler: async (ctx) => {
+				const { request } = ctx;
+				const env = getCloudflareEnv(request);
+				if (env) cachedEnv = env;
+				return {
+					success: false,
+					error: "REINDEX_NOT_SUPPORTED"
+				};
+			} }
+		},
+		admin: { pages: [{
+			path: "/settings",
+			label: "Vectorize Search",
+			icon: "search"
+		}] }
+	};
+}
+
+//#endregion
+export { vectorizeSearch };

package/dist/sandbox/index.d.mts

@@ -0,0 +1,255 @@
+import { WorkerEntrypoint } from "cloudflare:workers";
+import { PluginManifest, SandboxEmailSendCallback, SandboxOptions, SandboxRunner, SandboxRunnerFactory, SandboxedPlugin } from "emdash";
+
+//#region src/sandbox/runner.d.ts
+interface PluginBridgeProps {
+  pluginId: string;
+  pluginVersion: string;
+  capabilities: string[];
+  allowedHosts: string[];
+  storageCollections: string[];
+}
+/**
+ * Cloudflare sandbox runner using Worker Loader.
+ */
+declare class CloudflareSandboxRunner implements SandboxRunner {
+  private plugins;
+  private options;
+  private resolvedLimits;
+  private siteInfo?;
+  constructor(options: SandboxOptions);
+  /**
+   * Set the email send callback for sandboxed plugins.
+   * Called after the EmailPipeline is created, since the pipeline
+   * doesn't exist when the sandbox runner is constructed.
+   */
+  setEmailSend(callback: SandboxEmailSendCallback | null): void;
+  /**
+   * Check if Worker Loader is available.
+   */
+  isAvailable(): boolean;
+  /**
+   * Load a sandboxed plugin.
+   *
+   * @param manifest - Plugin manifest with capabilities and storage declarations
+   * @param code - The bundled plugin JavaScript code
+   */
+  load(manifest: PluginManifest, code: string): Promise<SandboxedPlugin>;
+  /**
+   * Terminate all loaded plugins.
+   */
+  terminateAll(): Promise<void>;
+}
+/**
+ * Factory function for creating the Cloudflare sandbox runner.
+ *
+ * Matches the SandboxRunnerFactory signature. The LOADER and PluginBridge
+ * are obtained internally from cloudflare:workers imports.
+ */
+declare const createSandboxRunner: SandboxRunnerFactory;
+//#endregion
+//#region src/sandbox/bridge.d.ts
+/**
+ * Set the email send callback for all bridge instances.
+ * Called by the runner when the EmailPipeline is available.
+ */
+declare function setEmailSendCallback(callback: SandboxEmailSendCallback | null): void;
+/**
+ * Environment bindings required by PluginBridge
+ */
+interface PluginBridgeEnv {
+  DB: D1Database;
+  MEDIA?: R2Bucket;
+}
+/**
+ * Props passed to the bridge via ctx.props when creating the loopback binding
+ */
+interface PluginBridgeProps$1 {
+  pluginId: string;
+  pluginVersion: string;
+  capabilities: string[];
+  allowedHosts: string[];
+  storageCollections: string[];
+}
+/**
+ * PluginBridge WorkerEntrypoint
+ *
+ * Provides the context API to sandboxed plugins via RPC.
+ * All methods validate capabilities and scope operations to the plugin.
+ *
+ * Usage:
+ * 1. Export this class from your worker entrypoint
+ * 2. Sandboxed plugins get a binding to it via ctx.exports.PluginBridge({...})
+ * 3. Plugins call bridge methods which validate and proxy to the database
+ */
+declare class PluginBridge extends WorkerEntrypoint<PluginBridgeEnv, PluginBridgeProps$1> {
+  /**
+   * KV operations use _plugin_storage with a special "__kv" collection.
+   * This provides consistent storage across sandboxed and non-sandboxed modes.
+   */
+  kvGet(key: string): Promise<unknown>;
+  kvSet(key: string, value: unknown): Promise<void>;
+  kvDelete(key: string): Promise<boolean>;
+  kvList(prefix?: string): Promise<Array<{
+    key: string;
+    value: unknown;
+  }>>;
+  storageGet(collection: string, id: string): Promise<unknown>;
+  storagePut(collection: string, id: string, data: unknown): Promise<void>;
+  storageDelete(collection: string, id: string): Promise<boolean>;
+  storageQuery(collection: string, opts?: {
+    limit?: number;
+    cursor?: string;
+  }): Promise<{
+    items: Array<{
+      id: string;
+      data: unknown;
+    }>;
+    hasMore: boolean;
+    cursor?: string;
+  }>;
+  storageCount(collection: string): Promise<number>;
+  storageGetMany(collection: string, ids: string[]): Promise<Map<string, unknown>>;
+  storagePutMany(collection: string, items: Array<{
+    id: string;
+    data: unknown;
+  }>): Promise<void>;
+  storageDeleteMany(collection: string, ids: string[]): Promise<number>;
+  contentGet(collection: string, id: string): Promise<{
+    id: string;
+    type: string;
+    data: Record<string, unknown>;
+    createdAt: string;
+    updatedAt: string;
+  } | null>;
+  contentList(collection: string, opts?: {
+    limit?: number;
+    cursor?: string;
+  }): Promise<{
+    items: Array<{
+      id: string;
+      type: string;
+      data: Record<string, unknown>;
+      createdAt: string;
+      updatedAt: string;
+    }>;
+    cursor?: string;
+    hasMore: boolean;
+  }>;
+  contentCreate(collection: string, data: Record<string, unknown>): Promise<{
+    id: string;
+    type: string;
+    data: Record<string, unknown>;
+    createdAt: string;
+    updatedAt: string;
+  }>;
+  contentUpdate(collection: string, id: string, data: Record<string, unknown>): Promise<{
+    id: string;
+    type: string;
+    data: Record<string, unknown>;
+    createdAt: string;
+    updatedAt: string;
+  }>;
+  contentDelete(collection: string, id: string): Promise<boolean>;
+  mediaGet(id: string): Promise<{
+    id: string;
+    filename: string;
+    mimeType: string;
+    size: number | null;
+    url: string;
+    createdAt: string;
+  } | null>;
+  mediaList(opts?: {
+    limit?: number;
+    cursor?: string;
+    mimeType?: string;
+  }): Promise<{
+    items: Array<{
+      id: string;
+      filename: string;
+      mimeType: string;
+      size: number | null;
+      url: string;
+      createdAt: string;
+    }>;
+    cursor?: string;
+    hasMore: boolean;
+  }>;
+  /**
+   * Create a pending media record and write bytes directly to R2.
+   *
+   * Unlike the admin UI flow (presigned URL → client PUT → confirm), sandboxed
+   * plugins are network-isolated and can't make external requests. The bridge
+   * accepts the file bytes directly and writes them to storage.
+   *
+   * Returns the media ID, storage key, and confirm URL. The plugin should
+   * call the confirm endpoint after this to finalize the record.
+   */
+  mediaUpload(filename: string, contentType: string, bytes: ArrayBuffer): Promise<{
+    mediaId: string;
+    storageKey: string;
+    url: string;
+  }>;
+  mediaDelete(id: string): Promise<boolean>;
+  httpFetch(url: string, init?: RequestInit): Promise<{
+    status: number;
+    headers: Record<string, string>;
+    text: string;
+  }>;
+  userGet(id: string): Promise<{
+    id: string;
+    email: string;
+    name: string | null;
+    role: number;
+    createdAt: string;
+  } | null>;
+  userGetByEmail(email: string): Promise<{
+    id: string;
+    email: string;
+    name: string | null;
+    role: number;
+    createdAt: string;
+  } | null>;
+  userList(opts?: {
+    role?: number;
+    limit?: number;
+    cursor?: string;
+  }): Promise<{
+    items: Array<{
+      id: string;
+      email: string;
+      name: string | null;
+      role: number;
+      createdAt: string;
+    }>;
+    nextCursor?: string;
+  }>;
+  emailSend(message: {
+    to: string;
+    subject: string;
+    text: string;
+    html?: string;
+  }): Promise<void>;
+  log(level: "debug" | "info" | "warn" | "error", msg: string, data?: unknown): void;
+}
+//#endregion
+//#region src/sandbox/wrapper.d.ts
+/**
+ * Options for wrapper generation
+ *
+ * **Known limitation:** `site` info is baked into the generated wrapper code
+ * at load time. If site settings change (e.g., admin updates site name/URL),
+ * sandboxed plugins will see stale values until the worker restarts.
+ * Trusted-mode plugins always read fresh values from the database.
+ */
+interface WrapperOptions {
+  /** Site info to inject into the context (no RPC needed) */
+  site?: {
+    name: string;
+    url: string;
+    locale: string;
+  };
+}
+declare function generatePluginWrapper(manifest: PluginManifest, options?: WrapperOptions): string;
+//#endregion
+export { CloudflareSandboxRunner, PluginBridge, type PluginBridgeEnv, type PluginBridgeProps, createSandboxRunner, generatePluginWrapper, setEmailSendCallback };