@glw907/cairn-cms 0.26.0 → 0.33.0

package/src/lib/components/cairn-admin.css

@@ -1,13 +1,24 @@
+/* Cairn's own typeface, self-hosted so the admin needs no external font request. Figtree carries the
+   body and UI (friendly, highly legible at small sizes); Bricolage Grotesque gives the brand and the
+   page headings a distinct voice. Both are variable (one file spans the weight range) and licensed
+   under the SIL Open Font License. The `@font-face` rules are added by scripts/build-admin-css.mjs
+   after compile (so the woff2 url stays relative to the shipped sheet, not the source tree). */
+
 /* Warm Stone: the cairn admin theme. Self-contained, since DaisyUI v5 reads these vars at point
    of use, so this fully overrides the host's theme with no @plugin and no host build step. */
 [data-theme='cairn-admin'] {
   color-scheme: light;
-  font-family: system-ui, -apple-system, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif;
+  --font-body: 'Figtree Variable', system-ui, -apple-system, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif;
+  --font-display: 'Bricolage Grotesque Variable', var(--font-body);
+  font-family: var(--font-body);
+  /* Crisper, lighter glyph rendering for the variable fonts. */
+  -webkit-font-smoothing: antialiased;
+  -moz-osx-font-smoothing: grayscale;
 
-  --color-base-100: oklch(98.5% 0.004 75);
-  --color-base-200: oklch(96% 0.005 75);
-  --color-base-300: oklch(92% 0.008 75);
-  --color-base-content: oklch(28% 0.012 75);
+  --color-base-100: oklch(99% 0.004 75);
+  --color-base-200: oklch(96.5% 0.006 75);
+  --color-base-300: oklch(89% 0.011 75);
+  --color-base-content: oklch(26% 0.014 75);
 
   --color-primary: oklch(52% 0.2 293);
   --color-primary-content: oklch(98% 0.012 293);
@@ -32,11 +43,155 @@
   --color-subtle: oklch(42% 0.01 75);
 
   --radius-selector: 0.5rem;
-  --radius-field: 0.5rem;
-  --radius-box: 0.75rem;
+  --radius-field: 0.625rem;
+  --radius-box: 1rem;
+  --size-selector: 0.25rem;
+  --size-field: 0.25rem;
+  --border: 1px;
+  --depth: 1;
+  --noise: 0;
+
+  /* Soft, layered elevation: a close contact shadow plus a wide, diffuse one, warm-tinted. The cards
+     float gently instead of sitting in hard boxes, which reads more current than a flat border. */
+  --cairn-shadow: 0 1px 2px oklch(28% 0.02 75 / 0.05), 0 8px 24px -6px oklch(28% 0.02 75 / 0.1);
+  /* A faint hairline for the floating cards in light, where the shadow carries the definition. */
+  --cairn-card-border: oklch(93% 0.008 75);
+}
+
+/* Warm Stone, dark. Mirrors the light palette in dark tones, keeping the same hues (the warm 75 and
+   the violet 293 primary) so the admin reads as one theme under either mode. DaisyUI v5 reads these
+   at point of use, so the compiled component classes need no change. The muted and subtle tones keep
+   >= 4.5:1 contrast on the dark bases. The polish pass tunes these values against the reference. */
+[data-theme='cairn-admin-dark'] {
+  color-scheme: dark;
+  --font-body: 'Figtree Variable', system-ui, -apple-system, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif;
+  --font-display: 'Bricolage Grotesque Variable', var(--font-body);
+  font-family: var(--font-body);
+  /* Crisper, lighter glyph rendering for the variable fonts. */
+  -webkit-font-smoothing: antialiased;
+  -moz-osx-font-smoothing: grayscale;
+
+  /* Dark surface layering: the panels (sidebar, topbar, cards = base-100) lift clearly above the app
+     background (base-200, the deepest tone), with base-300 borders lighter still for a visible edge.
+     The wider base-100-to-base-200 gap is what reads as depth on dark, since shadows barely show. */
+  --color-base-100: oklch(24% 0.01 75);
+  --color-base-200: oklch(15.5% 0.009 75);
+  --color-base-300: oklch(30% 0.014 75);
+  --color-base-content: oklch(93% 0.006 75);
+
+  --color-primary: oklch(68% 0.18 293);
+  --color-primary-content: oklch(20% 0.04 293);
+  --color-secondary: oklch(72% 0.02 75);
+  --color-secondary-content: oklch(20% 0.008 75);
+  --color-accent: oklch(70% 0.14 300);
+  --color-accent-content: oklch(20% 0.04 300);
+  --color-neutral: oklch(80% 0.01 75);
+  --color-neutral-content: oklch(22% 0.008 75);
+
+  --color-info: oklch(72% 0.12 240);
+  --color-info-content: oklch(20% 0.04 240);
+  --color-success: oklch(70% 0.12 150);
+  --color-success-content: oklch(20% 0.04 150);
+  --color-warning: oklch(80% 0.14 70);
+  --color-warning-content: oklch(24% 0.05 70);
+  --color-error: oklch(70% 0.18 25);
+  --color-error-content: oklch(20% 0.04 25);
+
+  /* Accessible muted text tones on the dark bases. */
+  --color-muted: oklch(72% 0.01 75);
+  --color-subtle: oklch(80% 0.008 75);
+
+  --radius-selector: 0.5rem;
+  --radius-field: 0.625rem;
+  --radius-box: 1rem;
   --size-selector: 0.25rem;
   --size-field: 0.25rem;
   --border: 1px;
   --depth: 1;
   --noise: 0;
+
+  /* On dark, a soft shadow barely registers, so it is deeper and darker to still lift the cards. */
+  --cairn-shadow: 0 1px 2px oklch(0% 0 0 / 0.35), 0 8px 24px -6px oklch(0% 0 0 / 0.5);
+  /* On dark the shadow does little, so the card keeps a visible border for definition. */
+  --cairn-card-border: oklch(30% 0.014 75);
+}
+
+/* The scoped reset that replaces global Preflight (which the admin sheet omits). It applies only
+   inside the admin theme roots, so it never reaches the host's pages. The dark root has no variables
+   yet (plan 2 adds them); naming it here is harmless and keeps the reset stable across both themes. */
+[data-theme='cairn-admin'] *,
+[data-theme='cairn-admin'] *::before,
+[data-theme='cairn-admin'] *::after,
+[data-theme='cairn-admin-dark'] *,
+[data-theme='cairn-admin-dark'] *::before,
+[data-theme='cairn-admin-dark'] *::after {
+  box-sizing: border-box;
+}
+
+/* Anchors inherit their color and drop the underline by default, which the omitted Preflight used to
+   do. This lives in the `components` layer, below `utilities`, so a Tailwind utility (a `text-*`
+   color, a `hover:underline`) and DaisyUI's own `.link`/`.breadcrumbs` rules (which sit in the
+   utilities layer) all override it. Cascade layers resolve before specificity, so an unlayered reset
+   here would instead beat every utility and silently kill those hover and link affordances. */
+@layer components {
+  :where([data-theme='cairn-admin'], [data-theme='cairn-admin-dark']) a {
+    color: inherit;
+    text-decoration: none;
+  }
+
+  /* Collapsible nav sections use a native <details>. Hide the default disclosure marker and rotate
+     the caret to point down when the section is open. Scoped to the admin, components layer so a
+     utility still wins. */
+  :where([data-theme='cairn-admin'], [data-theme='cairn-admin-dark']) summary {
+    list-style: none;
+  }
+  :where([data-theme='cairn-admin'], [data-theme='cairn-admin-dark']) summary::-webkit-details-marker {
+    display: none;
+  }
+  :where([data-theme='cairn-admin'], [data-theme='cairn-admin-dark']) .cairn-caret {
+    transition: rotate 150ms ease;
+  }
+  :where([data-theme='cairn-admin'], [data-theme='cairn-admin-dark']) details[open] > summary .cairn-caret {
+    rotate: 90deg;
+  }
+
+  /* Selected text picks up the brand violet, so highlighting reads as Cairn rather than the browser
+     default blue. A light tint keeps the text legible. */
+  :where([data-theme='cairn-admin'], [data-theme='cairn-admin-dark']) ::selection {
+    background-color: color-mix(in oklch, var(--color-primary) 24%, transparent);
+  }
+
+  /* One brand-violet keyboard-focus ring across the admin, so every control shows the same clear
+     focus, including the links, nav items, and summaries that the browser would otherwise outline in
+     its default color. Only keyboard focus triggers it. */
+  :where([data-theme='cairn-admin'], [data-theme='cairn-admin-dark']) :focus-visible {
+    outline: 2px solid var(--color-primary);
+    outline-offset: 2px;
+  }
+
+  /* The primary action carries a soft violet lift that grows on hover, so the main call to action
+     reads as raised and current rather than a flat fill. The mix adapts to the theme's primary. */
+  :where([data-theme='cairn-admin'], [data-theme='cairn-admin-dark']) .btn-primary:not(:disabled) {
+    box-shadow:
+      0 1px 2px color-mix(in oklch, var(--color-primary) 22%, transparent),
+      0 6px 16px -5px color-mix(in oklch, var(--color-primary) 38%, transparent);
+  }
+  :where([data-theme='cairn-admin'], [data-theme='cairn-admin-dark']) .btn-primary:not(:disabled):hover {
+    box-shadow:
+      0 2px 4px color-mix(in oklch, var(--color-primary) 26%, transparent),
+      0 10px 24px -5px color-mix(in oklch, var(--color-primary) 48%, transparent);
+  }
+}
+
+/* Respect a reduced-motion preference inside the admin. DaisyUI's modal, drawer, and the admin's
+   own hover transitions otherwise animate regardless. Scoped to the admin roots, so it never
+   reaches the host's pages. */
+@media (prefers-reduced-motion: reduce) {
+  [data-theme='cairn-admin'] *,
+  [data-theme='cairn-admin-dark'] * {
+    animation-duration: 0.01ms !important;
+    animation-iteration-count: 1 !important;
+    transition-duration: 0.01ms !important;
+    scroll-behavior: auto !important;
+  }
 }

package/src/lib/components/cairn-favicon.ts

@@ -0,0 +1,9 @@
+// The cairn mark as an inline SVG data URL, so an admin browser tab carries Cairn's brand. The fill
+// is a fixed violet near the admin primary, since a favicon cannot read a CSS variable. The path is
+// the same public-domain Temaki cairn used by CairnLogo.svelte.
+const svg =
+  '<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 15 15" fill="#7c3aed">' +
+  '<path d="M6.28 14C5.56 14 1 13.89 1 12.91C1 11.46 2.16 11.07 3.2 10.81C4.36 10.51 13.18 9.77 13.76 10.07C14.46 10.43 13.52 12.49 12.44 12.77C11.28 13.07 10.21 14 8.48 14C7.05 14 9.69 14 6.28 14ZM6.92 4.5C6.67 4.5 5 4.43 5 3.88C5 3.07 5.75 2.51 5.96 2.35C6.36 2.03 6.32 1.62 6.54 1.27C6.84 0.79 7.61 0.5 7.88 0.5C8.1 0.5 8.75 0.9 9.23 1.42C9.45 1.66 10 2.77 10 3.12C10 4.22 9.36 4.5 8.85 4.5C8.33 4.5 8.15 4.5 6.92 4.5ZM3.68 8.22C3 7.73 3.67 6.86 4.57 6.21C5.38 5.63 5.92 5.96 6.79 5.7C8.33 5.24 9.02 5.72 9.02 5.72L10.9 6.82C12.03 7.63 10.99 7.67 10.38 8.56C9.79 9.42 8.18 9.11 7.42 9.33C6.78 9.53 5.75 9.71 4.62 8.9L3.68 8.22Z"/></svg>';
+
+/** The cairn mark as a `data:image/svg+xml` URL, for a `<link rel="icon">` on the admin pages. */
+export const cairnFaviconHref = `data:image/svg+xml,${encodeURIComponent(svg)}`;

package/src/lib/components/chrome-guard.ts

@@ -0,0 +1,62 @@
+// Dev-only structural check that catches a host mounting the admin inside its own chrome. Every admin
+// rule is scoped and the admin self-styles, but a host whose root layout wraps the admin in a
+// width-constraining container (a `<main class="container">`) or renders its nav and footer around it
+// breaks the full-bleed admin shell. The engine cannot prevent that layout mistake, so it names it.
+// The check walks the ancestor chain once on mount and emits one console.error that points at the
+// route-structure doc. The public entry runs only under import.meta.env.DEV, never throws, and changes
+// no rendering.
+
+const DOC = 'docs/admin-route-structure.md';
+
+// max-width values that do not actually constrain the admin below the viewport. A host that sets a
+// defensive `max-width: 100%` or `100vw` on a wrapper is not chrome, so skip those to avoid a spurious
+// dev error. A real constraining container uses an absolute length (`64rem`, `1280px`) or a sub-100
+// percentage, both of which still trip the guard.
+const NON_CONSTRAINING = new Set(['none', '100%', '100vw']);
+
+function describe(el: Element): string {
+	const tag = el.tagName.toLowerCase();
+	const cls = el.getAttribute('class');
+	return cls ? `<${tag} class="${cls}">` : `<${tag}>`;
+}
+
+/**
+ * Inspect the admin root's ancestor chain for host chrome. Returns a diagnostic when a
+ * width-constraining ancestor sits between the root and <body>, else null. Pure over the DOM so a
+ * test can build either shape. The sibling signal (host elements outside the admin subtree) is folded
+ * into the message as context rather than raised on its own, because it is the noisier of the two.
+ */
+export function detectChromeWrap(root: HTMLElement): string | null {
+	const body = root.ownerDocument.body;
+	let constrainer: HTMLElement | null = null;
+	let maxWidth = '';
+	for (let el = root.parentElement; el && el !== body; el = el.parentElement) {
+		const elMaxWidth = getComputedStyle(el).maxWidth;
+		if (elMaxWidth && !NON_CONSTRAINING.has(elMaxWidth)) {
+			constrainer = el;
+			maxWidth = elMaxWidth;
+			break;
+		}
+	}
+	if (!constrainer) return null;
+
+	const siblings = [...body.children].filter(
+		(el) => !el.contains(root) && !root.contains(el) && el !== root,
+	);
+	const siblingNote = siblings.length
+		? ` Host elements also sit beside the admin in <body> (${siblings.map(describe).join(', ')}).`
+		: '';
+	return (
+		`[cairn-cms] The admin is rendering inside host chrome. A width-constraining ancestor ` +
+		`${describe(constrainer)} (max-width: ${maxWidth}) sits between the admin root and <body>, so the ` +
+		`admin shell cannot fill the viewport.${siblingNote} Keep the host root layout chrome-free and move ` +
+		`your nav, footer, and app.css into a (site) route group. See ${DOC}.`
+	);
+}
+
+/** Run the check in dev and log one error when host chrome is detected. A no-op in production. */
+export function warnIfChromeWrapped(root: HTMLElement): void {
+	if (!import.meta.env.DEV) return;
+	const problem = detectChromeWrap(root);
+	if (problem) console.error(problem);
+}

package/src/lib/components/fonts/BricolageGrotesque-OFL.txt

@@ -0,0 +1,93 @@
+Copyright 2022 The Bricolage Grotesque Project Authors (https://github.com/ateliertriay/bricolage)
+
+This Font Software is licensed under the SIL Open Font License, Version 1.1.
+This license is copied below, and is also available with a FAQ at:
+https://scripts.sil.org/OFL
+
+
+-----------------------------------------------------------
+SIL OPEN FONT LICENSE Version 1.1 - 26 February 2007
+-----------------------------------------------------------
+
+PREAMBLE
+The goals of the Open Font License (OFL) are to stimulate worldwide
+development of collaborative font projects, to support the font creation
+efforts of academic and linguistic communities, and to provide a free and
+open framework in which fonts may be shared and improved in partnership
+with others.
+
+The OFL allows the licensed fonts to be used, studied, modified and
+redistributed freely as long as they are not sold by themselves. The
+fonts, including any derivative works, can be bundled, embedded, 
+redistributed and/or sold with any software provided that any reserved
+names are not used by derivative works. The fonts and derivatives,
+however, cannot be released under any other type of license. The
+requirement for fonts to remain under this license does not apply
+to any document created using the fonts or their derivatives.
+
+DEFINITIONS
+"Font Software" refers to the set of files released by the Copyright
+Holder(s) under this license and clearly marked as such. This may
+include source files, build scripts and documentation.
+
+"Reserved Font Name" refers to any names specified as such after the
+copyright statement(s).
+
+"Original Version" refers to the collection of Font Software components as
+distributed by the Copyright Holder(s).
+
+"Modified Version" refers to any derivative made by adding to, deleting,
+or substituting -- in part or in whole -- any of the components of the
+Original Version, by changing formats or by porting the Font Software to a
+new environment.
+
+"Author" refers to any designer, engineer, programmer, technical
+writer or other person who contributed to the Font Software.
+
+PERMISSION & CONDITIONS
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of the Font Software, to use, study, copy, merge, embed, modify,
+redistribute, and sell modified and unmodified copies of the Font
+Software, subject to the following conditions:
+
+1) Neither the Font Software nor any of its individual components,
+in Original or Modified Versions, may be sold by itself.
+
+2) Original or Modified Versions of the Font Software may be bundled,
+redistributed and/or sold with any software, provided that each copy
+contains the above copyright notice and this license. These can be
+included either as stand-alone text files, human-readable headers or
+in the appropriate machine-readable metadata fields within text or
+binary files as long as those fields can be easily viewed by the user.
+
+3) No Modified Version of the Font Software may use the Reserved Font
+Name(s) unless explicit written permission is granted by the corresponding
+Copyright Holder. This restriction only applies to the primary font name as
+presented to the users.
+
+4) The name(s) of the Copyright Holder(s) or the Author(s) of the Font
+Software shall not be used to promote, endorse or advertise any
+Modified Version, except to acknowledge the contribution(s) of the
+Copyright Holder(s) and the Author(s) or with their explicit written
+permission.
+
+5) The Font Software, modified or unmodified, in part or in whole,
+must be distributed entirely under this license, and must not be
+distributed under any other license. The requirement for fonts to
+remain under this license does not apply to any document created
+using the Font Software.
+
+TERMINATION
+This license becomes null and void if any of the above conditions are
+not met.
+
+DISCLAIMER
+THE FONT SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
+OF COPYRIGHT, PATENT, TRADEMARK, OR OTHER RIGHT. IN NO EVENT SHALL THE
+COPYRIGHT HOLDER BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+INCLUDING ANY GENERAL, SPECIAL, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL
+DAMAGES, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM, OUT OF THE USE OR INABILITY TO USE THE FONT SOFTWARE OR FROM
+OTHER DEALINGS IN THE FONT SOFTWARE.

package/src/lib/components/fonts/Figtree-OFL.txt

@@ -0,0 +1,93 @@
+Copyright 2022 The Figtree Project Authors (https://github.com/erikdkennedy/figtree)
+
+This Font Software is licensed under the SIL Open Font License, Version 1.1.
+This license is copied below, and is also available with a FAQ at:
+http://scripts.sil.org/OFL
+
+
+-----------------------------------------------------------
+SIL OPEN FONT LICENSE Version 1.1 - 26 February 2007
+-----------------------------------------------------------
+
+PREAMBLE
+The goals of the Open Font License (OFL) are to stimulate worldwide
+development of collaborative font projects, to support the font creation
+efforts of academic and linguistic communities, and to provide a free and
+open framework in which fonts may be shared and improved in partnership
+with others.
+
+The OFL allows the licensed fonts to be used, studied, modified and
+redistributed freely as long as they are not sold by themselves. The
+fonts, including any derivative works, can be bundled, embedded, 
+redistributed and/or sold with any software provided that any reserved
+names are not used by derivative works. The fonts and derivatives,
+however, cannot be released under any other type of license. The
+requirement for fonts to remain under this license does not apply
+to any document created using the fonts or their derivatives.
+
+DEFINITIONS
+"Font Software" refers to the set of files released by the Copyright
+Holder(s) under this license and clearly marked as such. This may
+include source files, build scripts and documentation.
+
+"Reserved Font Name" refers to any names specified as such after the
+copyright statement(s).
+
+"Original Version" refers to the collection of Font Software components as
+distributed by the Copyright Holder(s).
+
+"Modified Version" refers to any derivative made by adding to, deleting,
+or substituting -- in part or in whole -- any of the components of the
+Original Version, by changing formats or by porting the Font Software to a
+new environment.
+
+"Author" refers to any designer, engineer, programmer, technical
+writer or other person who contributed to the Font Software.
+
+PERMISSION & CONDITIONS
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of the Font Software, to use, study, copy, merge, embed, modify,
+redistribute, and sell modified and unmodified copies of the Font
+Software, subject to the following conditions:
+
+1) Neither the Font Software nor any of its individual components,
+in Original or Modified Versions, may be sold by itself.
+
+2) Original or Modified Versions of the Font Software may be bundled,
+redistributed and/or sold with any software, provided that each copy
+contains the above copyright notice and this license. These can be
+included either as stand-alone text files, human-readable headers or
+in the appropriate machine-readable metadata fields within text or
+binary files as long as those fields can be easily viewed by the user.
+
+3) No Modified Version of the Font Software may use the Reserved Font
+Name(s) unless explicit written permission is granted by the corresponding
+Copyright Holder. This restriction only applies to the primary font name as
+presented to the users.
+
+4) The name(s) of the Copyright Holder(s) or the Author(s) of the Font
+Software shall not be used to promote, endorse or advertise any
+Modified Version, except to acknowledge the contribution(s) of the
+Copyright Holder(s) and the Author(s) or with their explicit written
+permission.
+
+5) The Font Software, modified or unmodified, in part or in whole,
+must be distributed entirely under this license, and must not be
+distributed under any other license. The requirement for fonts to
+remain under this license does not apply to any document created
+using the Font Software.
+
+TERMINATION
+This license becomes null and void if any of the above conditions are
+not met.
+
+DISCLAIMER
+THE FONT SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
+OF COPYRIGHT, PATENT, TRADEMARK, OR OTHER RIGHT. IN NO EVENT SHALL THE
+COPYRIGHT HOLDER BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+INCLUDING ANY GENERAL, SPECIAL, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL
+DAMAGES, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM, OUT OF THE USE OR INABILITY TO USE THE FONT SOFTWARE OR FROM
+OTHER DEALINGS IN THE FONT SOFTWARE.

package/src/lib/content/compose.ts

@@ -4,8 +4,8 @@
 // concepts, components, field types, and save hooks. Shaped now so the extension contract
 // is additive later.
 import type { AdminPanel, CairnAdapter, CairnExtension, CairnRuntime, ConceptConfig, FieldTypeDef } from './types.js';
-import { normalizeConcepts } from './concepts.js';
-import { urlPolicyFrom, type SiteConfig } from '../nav/site-config.js';
+import { resolveConcepts } from './concepts.js';
+import type { SiteConfig } from '../nav/site-config.js';
 
 /** The input to {@link composeRuntime}. `siteConfig` is required so the per-concept URL policy is
  *  always derived from one source and can never be silently dropped. `extensions` fold in after the
@@ -36,7 +36,7 @@ export function composeRuntime({ adapter, siteConfig, extensions = [] }: Compose
   }
   return {
     siteName: adapter.siteName,
-    concepts: normalizeConcepts(content, urlPolicyFrom(siteConfig)),
+    concepts: resolveConcepts(content, siteConfig),
     backend: adapter.backend,
     sender: adapter.sender,
     render: adapter.render,

package/src/lib/content/concepts.ts

@@ -4,6 +4,7 @@
 // future Fragments concept attaches by adding one key under `content` and one routing
 // entry, with no reshape here.
 import type { ConceptConfig, ConceptDescriptor, ConceptUrlPolicy, RoutingRule } from './types.js';
+import { urlPolicyFrom, type SiteConfig } from '../nav/site-config.js';
 
 /**
  * Concept-fixed routing, keyed by concept id (spec §7.2). Posts are dated feed entries;
@@ -28,6 +29,43 @@ function defaultPermalink(id: string): string {
   return id === 'pages' ? '/:slug' : `/${id}/:slug`;
 }
 
+/** Permalink tokens the resolver understands. */
+const KNOWN_TOKENS = new Set(['slug', 'year', 'month', 'day']);
+/** The date-bearing tokens; valid only for a dated concept. */
+const DATE_TOKENS = new Set(['year', 'month', 'day']);
+/** The valid date-prefix granularities. A runtime check, since the YAML is untyped. */
+const DATE_PREFIXES = new Set<string>(['year', 'month', 'day']);
+
+/**
+ * Validate one concept's URL policy at build, so a misconfigured permalink or datePrefix fails loudly
+ * here rather than emitting a wrong or defaulted URL at render. The permalink must be root-relative and
+ * use only known tokens, a date token requires a dated concept, and the datePrefix must be in range.
+ */
+function validateUrlPolicy(id: string, policy: ConceptUrlPolicy, dated: boolean): void {
+  if (policy.permalink !== undefined) {
+    const pattern = policy.permalink;
+    if (!pattern.startsWith('/')) {
+      throw new Error(`cairn: concept "${id}" permalink "${pattern}" must start with "/"`);
+    }
+    for (const match of pattern.matchAll(/:(\w+)/g)) {
+      const token = match[1];
+      if (!KNOWN_TOKENS.has(token)) {
+        throw new Error(`cairn: concept "${id}" permalink "${pattern}" uses unknown token ":${token}"`);
+      }
+      if (DATE_TOKENS.has(token) && !dated) {
+        throw new Error(
+          `cairn: concept "${id}" is not dated, so permalink "${pattern}" cannot use the date token ":${token}"`,
+        );
+      }
+    }
+  }
+  if (policy.datePrefix !== undefined && !DATE_PREFIXES.has(policy.datePrefix)) {
+    throw new Error(
+      `cairn: concept "${id}" datePrefix "${policy.datePrefix}" must be one of year, month, day`,
+    );
+  }
+}
+
 /**
  * Normalize an adapter's declared concepts into uniform descriptors (seam 1). URL policy
  * (`permalink`, `datePrefix`) comes from the YAML site-config, passed here as `urlPolicy` keyed by
@@ -41,6 +79,14 @@ export function normalizeConcepts(
   routing: Readonly<Record<string, RoutingRule>> = CONCEPT_ROUTING,
 ): ConceptDescriptor[] {
   const descriptors: ConceptDescriptor[] = [];
+  const declaredConcepts = new Set(
+    Object.keys(content).filter((key) => content[key] !== undefined),
+  );
+  for (const key of Object.keys(urlPolicy)) {
+    if (!declaredConcepts.has(key)) {
+      throw new Error(`cairn: URL policy names concept "${key}", which is not declared under content`);
+    }
+  }
   for (const [id, config] of Object.entries(content)) {
     if (!config) continue;
     const summaryFields = config.summaryFields ?? [];
@@ -51,12 +97,14 @@ export function normalizeConcepts(
         `cairn: concept "${id}" summaryFields key "${undeclared}" is not a declared field`,
       );
     }
+    const conceptRouting = routing[id] ?? DEFAULT_ROUTING;
     const policy = urlPolicy[id] ?? {};
+    validateUrlPolicy(id, policy, conceptRouting.dated);
     descriptors.push({
       id,
       label: config.label ?? defaultLabel(id),
       dir: config.dir,
-      routing: routing[id] ?? DEFAULT_ROUTING,
+      routing: conceptRouting,
       permalink: policy.permalink ?? defaultPermalink(id),
       datePrefix: policy.datePrefix ?? 'day',
       fields: config.schema.fields,
@@ -67,6 +115,18 @@ export function normalizeConcepts(
   return descriptors;
 }
 
+/**
+ * Resolve a site's concept descriptors from its content map and parsed site config. The admin runtime
+ * (composeRuntime) and the delivery layer (siteDescriptors) both call this, so the per-concept URL
+ * policy is derived once from the YAML and the runtime and delivery permalinks cannot diverge.
+ */
+export function resolveConcepts(
+  content: Record<string, ConceptConfig | undefined>,
+  siteConfig: SiteConfig,
+): ConceptDescriptor[] {
+  return normalizeConcepts(content, urlPolicyFrom(siteConfig));
+}
+
 /** Look up a normalized concept by id, or undefined when the site does not enable it. */
 export function findConcept(
   concepts: ConceptDescriptor[],

package/src/lib/content/identity.ts

@@ -0,0 +1,60 @@
+// cairn-cms: a content entry's URL identity in one place (engine-hardening pass 3). The id, the
+// slug, the date, and the permalink are computed here, so the content index and the manifest cannot
+// drift on what an entry's URL is. A cairn: link resolves through the manifest in the admin preview
+// and through the content index in the public build, so the two must agree by construction.
+import { idFromFilename, slugFromId } from './ids.js';
+import { permalink } from './permalink.js';
+import type { ConceptDescriptor } from './types.js';
+
+/** A content entry's resolved URL identity. */
+export interface EntryIdentity {
+  id: string;
+  slug: string;
+  date?: string;
+  permalink: string;
+}
+
+/** The basename of a glob path: the segment after the last slash, or the whole path. */
+function basename(path: string): string {
+  const slash = path.lastIndexOf('/');
+  return slash >= 0 ? path.slice(slash + 1) : path;
+}
+
+/** A present, non-empty string, else undefined. The read-model string coercion. */
+export function asString(value: unknown): string | undefined {
+  return typeof value === 'string' && value.trim() ? value : undefined;
+}
+
+/** A YYYY-MM-DD date. An unquoted YAML date parses as a JS Date; a string is sliced to its date head. */
+export function asDate(value: unknown): string | undefined {
+  if (value instanceof Date) return Number.isNaN(value.getTime()) ? undefined : value.toISOString().slice(0, 10);
+  if (typeof value === 'string') return value.match(/^\d{4}-\d{2}-\d{2}/)?.[0];
+  return undefined;
+}
+
+/** Tags as an array, empty when the file declares none. */
+export function asTags(value: unknown): string[] {
+  return Array.isArray(value) ? value.map(String) : [];
+}
+
+/** A content entry's id: its filename stem (the date prefix is part of a dated id). */
+export function entryId(path: string): string {
+  return idFromFilename(basename(path));
+}
+
+/**
+ * Resolve a content entry's URL identity from its concept descriptor, its file path, and its parsed
+ * frontmatter. The slug strips the leading date prefix for a dated concept and is the id verbatim for
+ * an undated one. The permalink is the one resolver every reader shares. The caller parses the markdown
+ * once and passes the frontmatter, so there is no second parse here.
+ */
+export function entryIdentity(
+  descriptor: ConceptDescriptor,
+  path: string,
+  frontmatter: Record<string, unknown>,
+): EntryIdentity {
+  const id = entryId(path);
+  const slug = slugFromId(id, descriptor.routing.dated ? descriptor.datePrefix : null);
+  const date = asDate(frontmatter.date);
+  return { id, slug, date, permalink: permalink(descriptor, { id, slug, date }) };
+}