@gmickel/gno 1.0.0 → 1.0.3

package/README.md

@@ -653,6 +653,11 @@ Upload the artifact at [gno.sh/studio](https://gno.sh/studio) and pick a visibil
 
 Republishing a public, secret-link, or invite-only artifact updates the same URL. Encrypted shares should be replaced from a fresh local export so the server never needs your plaintext.
 
+Encrypted source-backed publish on `gno.sh` is intentionally disabled. For encrypted shares, use:
+
+- `gno publish export --visibility encrypted --passphrase ...`, or
+- the browser-side encrypted markdown upload path in `gno.sh/studio`
+
 > **Full story**: [gno.sh/publish](https://gno.sh/publish) · **Try it**: [gno.sh/studio](https://gno.sh/studio)
 
 ---

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gmickel/gno",
-  "version": "1.0.0",
+  "version": "1.0.3",
   "description": "Local semantic search for your documents. Index Markdown, PDF, and Office files with hybrid BM25 + vector search.",
   "keywords": [
     "embeddings",

package/src/cli/commands/publish.ts

@@ -13,9 +13,11 @@ import type {
   PublishArtifact,
   PublishVisibility,
 } from "../../publish/artifact";
+import type { SanitizeWarning } from "../../publish/obsidian-sanitize";
 
 import { derivePublishArtifactFilename, slugify } from "../../publish/artifact";
 import { exportPublishArtifact } from "../../publish/export-service";
+import { formatSanitizeWarnings } from "../../publish/obsidian-sanitize";
 import { initStore } from "./shared";
 
 export interface PublishExportOptions {
@@ -23,6 +25,7 @@ export interface PublishExportOptions {
   encryptionPassphrase?: string;
   json?: boolean;
   out?: string;
+  preview?: boolean;
   slug?: string;
   summary?: string;
   title?: string;
@@ -35,7 +38,10 @@ export type PublishExportResult =
       data: {
         artifact: PublishArtifact;
         outPath: string;
+        preview?: string;
         uploadUrl: string;
+        warnings: SanitizeWarning[];
+        warningsDisplay: string[];
       };
     }
   | { success: false; error: string; isValidation?: boolean };
@@ -73,7 +79,7 @@ export async function publishExport(
   const { collections, store } = initResult;
 
   try {
-    const artifact = await exportPublishArtifact({
+    const { artifact, warnings } = await exportPublishArtifact({
       collections,
       options: {
         routeSlug: options.slug,
@@ -85,6 +91,28 @@ export async function publishExport(
       store,
       target,
     });
+    const warningsDisplay = formatSanitizeWarnings(warnings);
+
+    if (options.preview) {
+      const preview =
+        artifact.version === 1
+          ? (artifact.spaces[0]?.notes
+              .map((note) => `\n# ${note.title}\n\n${note.markdown.trim()}`)
+              .join("\n\n---\n") ?? "")
+          : "(Encrypted artifact — preview unavailable)";
+      return {
+        success: true,
+        data: {
+          artifact,
+          outPath: "",
+          preview,
+          uploadUrl: "https://gno.sh/studio",
+          warnings,
+          warningsDisplay,
+        },
+      };
+    }
+
     const outPath =
       options.out?.trim() || buildDefaultPublishExportPath(artifact);
 
@@ -97,6 +125,8 @@ export async function publishExport(
         artifact,
         outPath,
         uploadUrl: "https://gno.sh/studio",
+        warnings,
+        warningsDisplay,
       },
     };
   } catch (error) {
@@ -129,8 +159,25 @@ export function formatPublishExport(
     return JSON.stringify(result.data, null, 2);
   }
 
-  const { artifact, outPath, uploadUrl } = result.data;
+  const { artifact, outPath, preview, uploadUrl, warningsDisplay } =
+    result.data;
   const space = artifact.spaces[0];
+  const warningsSection =
+    warningsDisplay.length > 0
+      ? ["", "Preprocessor notes:", ...warningsDisplay]
+      : [];
+
+  if (preview !== undefined) {
+    return [
+      `Preview (no file written) — ${space?.sourceType ?? "artifact"}`,
+      `Route slug: ${space?.routeSlug ?? slugify(artifact.source)}`,
+      `Visibility: ${space?.visibility ?? "public"}`,
+      ...warningsSection,
+      "",
+      "─── sanitized markdown ───",
+      preview.trim(),
+    ].join("\n");
+  }
 
   return [
     `Exported ${space?.sourceType ?? "artifact"} to ${outPath}`,
@@ -138,5 +185,6 @@ export function formatPublishExport(
     `Visibility: ${space?.visibility ?? "public"}`,
     `Filename: ${derivePublishArtifactFilename(artifact)}`,
     `Next: open ${uploadUrl} and drop ${outPath} into the upload zone.`,
+    ...warningsSection,
   ].join("\n");
 }

package/src/cli/program.ts

@@ -1651,6 +1651,10 @@ function wirePublishCommand(program: Command): void {
     .option("--slug <slug>", "route slug override")
     .option("--title <title>", "space title override")
     .option("--summary <summary>", "space summary override")
+    .option(
+      "--preview",
+      "print sanitized markdown + warnings instead of writing the artifact"
+    )
     .option("--json", "JSON output")
     .action(async (target: string, cmdOpts: Record<string, unknown>) => {
       const format = getFormat(cmdOpts);
@@ -1684,6 +1688,7 @@ function wirePublishCommand(program: Command): void {
         json: format === "json",
         out: typeof cmdOpts.out === "string" ? cmdOpts.out : undefined,
         encryptionPassphrase: passphrase,
+        preview: cmdOpts.preview === true,
         slug: cmdOpts.slug as string | undefined,
         summary: cmdOpts.summary as string | undefined,
         title: cmdOpts.title as string | undefined,

package/src/converters/adapters/markitdownTs/adapter.ts

@@ -15,6 +15,7 @@ import type {
 import {
   adapterError,
   corruptError,
+  permissionError,
   timeoutError,
   tooLargeError,
 } from "../../errors";
@@ -33,6 +34,15 @@ const SUPPORTED_MIMES = [
   "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
 ];
 
+const PDF_SIGNATURE = new Uint8Array([0x25, 0x50, 0x44, 0x46, 0x2d]);
+const CFB_SIGNATURE = new Uint8Array([
+  0xd0, 0xcf, 0x11, 0xe0, 0xa1, 0xb1, 0x1a, 0xe1,
+]);
+const ENCRYPTION_INFO = utf16le("EncryptionInfo");
+const ENCRYPTED_PACKAGE = utf16le("EncryptedPackage");
+const MAX_MESSAGE_LENGTH = 200;
+const PASSWORD_ERROR_REGEX = /password(?:-protected)?|no password given/i;
+
 /**
  * Create zero-copy Buffer view of Uint8Array.
  * Assumes input.bytes is immutable (contract requirement).
@@ -41,6 +51,103 @@ function toBuffer(bytes: Uint8Array): Buffer {
   return Buffer.from(bytes.buffer, bytes.byteOffset, bytes.byteLength);
 }
 
+function utf16le(value: string): Uint8Array {
+  return new Uint8Array(Buffer.from(value, "utf16le"));
+}
+
+function hasPrefix(bytes: Uint8Array, prefix: Uint8Array): boolean {
+  if (bytes.length < prefix.length) {
+    return false;
+  }
+
+  for (let index = 0; index < prefix.length; index += 1) {
+    if (bytes[index] !== prefix[index]) {
+      return false;
+    }
+  }
+
+  return true;
+}
+
+function includesBytes(bytes: Uint8Array, needle: Uint8Array): boolean {
+  if (needle.length === 0 || bytes.length < needle.length) {
+    return false;
+  }
+
+  outer: for (
+    let index = 0;
+    index <= bytes.length - needle.length;
+    index += 1
+  ) {
+    for (let offset = 0; offset < needle.length; offset += 1) {
+      if (bytes[index + offset] !== needle[offset]) {
+        continue outer;
+      }
+    }
+    return true;
+  }
+
+  return false;
+}
+
+function isPasswordProtectedPdf(bytes: Uint8Array): boolean {
+  if (!hasPrefix(bytes, PDF_SIGNATURE)) {
+    return false;
+  }
+
+  const tailStart = Math.max(0, bytes.length - 64 * 1024);
+  const tail = Buffer.from(bytes.subarray(tailStart)).toString("latin1");
+  return /\/Encrypt\b/.test(tail);
+}
+
+function isPasswordProtectedXlsx(bytes: Uint8Array): boolean {
+  return (
+    hasPrefix(bytes, CFB_SIGNATURE) &&
+    includesBytes(bytes, ENCRYPTION_INFO) &&
+    includesBytes(bytes, ENCRYPTED_PACKAGE)
+  );
+}
+
+function isPasswordProtected(input: ConvertInput): boolean {
+  if (input.ext === ".pdf") {
+    return isPasswordProtectedPdf(input.bytes);
+  }
+
+  if (input.ext === ".xlsx") {
+    return isPasswordProtectedXlsx(input.bytes);
+  }
+
+  return false;
+}
+
+function sanitizeErrorMessage(message: string, input: ConvertInput): string {
+  const normalized = message.trim();
+
+  let hasControlChars = false;
+  for (const char of normalized) {
+    const code = char.charCodeAt(0);
+    if (
+      (code >= 0 && code <= 8) ||
+      code === 11 ||
+      code === 12 ||
+      (code >= 14 && code <= 31)
+    ) {
+      hasControlChars = true;
+      break;
+    }
+  }
+
+  if (
+    normalized.length === 0 ||
+    normalized.length > MAX_MESSAGE_LENGTH ||
+    hasControlChars
+  ) {
+    return `Could not convert ${input.ext} file to markdown`;
+  }
+
+  return normalized;
+}
+
 export const markitdownAdapter: Converter = {
   id: CONVERTER_ID,
   version: CONVERTER_VERSION,
@@ -55,6 +162,21 @@ export const markitdownAdapter: Converter = {
       return { ok: false, error: tooLargeError(input, CONVERTER_ID) };
     }
 
+    // 1b. Detect password-protected documents before calling markitdown-ts.
+    // markitdown-ts logs dependency stack traces to stderr for these files.
+    if (isPasswordProtected(input)) {
+      return {
+        ok: false,
+        error: permissionError(
+          input,
+          CONVERTER_ID,
+          "File is password-protected",
+          undefined,
+          { protection: input.ext.slice(1) }
+        ),
+      };
+    }
+
     // 2. Setup timeout handling
     // Note: markitdown-ts doesn't support AbortSignal, so underlying
     // work may continue after timeout (known limitation; process isolation future work)
@@ -128,14 +250,27 @@ export const markitdownAdapter: Converter = {
       }
 
       // Map adapter errors
+      const message =
+        err instanceof Error
+          ? sanitizeErrorMessage(err.message, input)
+          : `Could not convert ${input.ext} file to markdown`;
+
+      if (PASSWORD_ERROR_REGEX.test(message)) {
+        return {
+          ok: false,
+          error: permissionError(
+            input,
+            CONVERTER_ID,
+            "File is password-protected",
+            err,
+            { protection: input.ext.slice(1) }
+          ),
+        };
+      }
+
       return {
         ok: false,
-        error: adapterError(
-          input,
-          CONVERTER_ID,
-          err instanceof Error ? err.message : "Unknown error",
-          err
-        ),
+        error: adapterError(input, CONVERTER_ID, message, err),
       };
     }
   },

package/src/converters/errors.ts

@@ -179,6 +179,29 @@ export function corruptError(
   });
 }
 
+/**
+ * Create an error for permission-gated files (for example password-protected documents).
+ */
+export function permissionError(
+  input: Pick<ConvertInput, "sourcePath" | "mime" | "ext">,
+  converterId: string,
+  message: string,
+  cause?: unknown,
+  details?: Record<string, unknown>
+): ConvertError {
+  return convertError("PERMISSION", {
+    message,
+    retryable: false,
+    fatal: false,
+    converterId,
+    sourcePath: input.sourcePath,
+    mime: input.mime,
+    ext: input.ext,
+    cause,
+    details,
+  });
+}
+
 /**
  * Create an error for adapter-level failures.
  */

package/src/publish/encrypted-export.ts

@@ -2,8 +2,6 @@ import { randomBytes, webcrypto } from "node:crypto";
 
 import type { EncryptedArtifactPayload, PublishArtifactNote } from "./artifact";
 
-import { slugify } from "./artifact";
-
 const { subtle } = webcrypto;
 
 const PBKDF2_ITERATIONS = 210_000;
@@ -19,6 +17,7 @@ type MetadataEntry = {
 
 type NoteBlock =
   | { type: "paragraph"; text: string }
+  | { type: "markdown"; markdown: string }
   | { type: "heading"; depth: 2 | 3; id: string; text: string }
   | { type: "list"; items: string[]; style: "ordered" | "unordered" }
   | { code: string; language: string; type: "code" }
@@ -108,120 +107,12 @@ const filterMetadata = (
   }));
 };
 
-const parseMarkdownBlocks = (markdown: string): NoteBlock[] => {
-  const blocks: NoteBlock[] = [];
-  const lines = stripFrontmatter(markdown).split("\n");
-  let paragraph: string[] = [];
-  let listItems: string[] = [];
-  let codeFence: { code: string[]; language: string } | null = null;
-
-  const flushParagraph = () => {
-    if (paragraph.length === 0) {
-      return;
-    }
-
-    blocks.push({
-      type: "paragraph",
-      text: paragraph.join(" ").trim(),
-    });
-    paragraph = [];
-  };
-
-  const flushList = () => {
-    if (listItems.length === 0) {
-      return;
-    }
-
-    blocks.push({
-      type: "list",
-      style: "unordered",
-      items: listItems,
-    });
-    listItems = [];
-  };
-
-  for (const line of lines) {
-    if (codeFence) {
-      if (line.startsWith("```")) {
-        blocks.push({
-          type: "code",
-          language: codeFence.language || "text",
-          code: codeFence.code.join("\n"),
-        });
-        codeFence = null;
-        continue;
-      }
-
-      codeFence.code.push(line);
-      continue;
-    }
-
-    const trimmed = line.trim();
-    if (!trimmed) {
-      flushParagraph();
-      flushList();
-      continue;
-    }
-
-    const codeMatch = trimmed.match(/^```([\w-]*)$/);
-    if (codeMatch) {
-      flushParagraph();
-      flushList();
-      codeFence = { code: [], language: codeMatch[1] || "text" };
-      continue;
-    }
-
-    const headingMatch = trimmed.match(/^(#{1,3})\s+(.*)$/);
-    if (headingMatch) {
-      flushParagraph();
-      flushList();
-      const headingText = headingMatch[2] ?? "";
-      blocks.push({
-        type: "heading",
-        depth: headingMatch[1] === "###" ? 3 : 2,
-        id: slugify(headingText),
-        text: headingText,
-      });
-      continue;
-    }
-
-    const imageMatch = trimmed.match(/^!\[(.*?)\]\((.*?)\)$/);
-    if (imageMatch) {
-      flushParagraph();
-      flushList();
-      const alt = imageMatch[1] ?? "";
-      const src = imageMatch[2] ?? "";
-      blocks.push({
-        type: "image",
-        alt,
-        src,
-        caption: alt,
-      });
-      continue;
-    }
-
-    const listMatch = trimmed.match(/^[-*]\s+(.*)$/);
-    if (listMatch) {
-      flushParagraph();
-      listItems.push(listMatch[1] ?? "");
-      continue;
-    }
-
-    paragraph.push(trimmed);
-  }
-
-  flushParagraph();
-  flushList();
-
-  if (blocks.length === 0) {
-    blocks.push({
-      type: "paragraph",
-      text: markdown.trim(),
-    });
-  }
-
-  return blocks;
-};
+const parseMarkdownBlocks = (markdown: string): NoteBlock[] => [
+  {
+    type: "markdown",
+    markdown: stripFrontmatter(markdown).trim(),
+  },
+];
 
 const getOutline = (blocks: NoteBlock[]) =>
   blocks.flatMap((block) =>

package/src/publish/export-service.ts

@@ -23,6 +23,11 @@ import {
   type PublishVisibility,
 } from "./artifact";
 import { buildEncryptedArtifactPayload } from "./encrypted-export";
+import {
+  isPublishDisabledByFrontmatter,
+  sanitizeObsidianMarkdown,
+  type SanitizeWarning,
+} from "./obsidian-sanitize";
 
 export interface PublishExportCoreOptions {
   encryptionPassphrase?: string;
@@ -129,7 +134,8 @@ async function exportCollectionArtifact(
   store: StorePort,
   collections: Collection[],
   target: string,
-  options: PublishExportCoreOptions
+  options: PublishExportCoreOptions,
+  warnings: SanitizeWarning[]
 ) {
   const collection = resolveCollection(collections, target);
   if (!collection) {
@@ -151,7 +157,13 @@ async function exportCollectionArtifact(
 
   const notes: PublishArtifactNote[] = [];
   for (const doc of activeDocs) {
-    const markdown = await loadDocumentMarkdown(store, doc);
+    const rawMarkdown = await loadDocumentMarkdown(store, doc);
+    if (isPublishDisabledByFrontmatter(rawMarkdown)) {
+      continue;
+    }
+    const sanitized = sanitizeObsidianMarkdown(rawMarkdown);
+    warnings.push(...sanitized.warnings);
+    const markdown = sanitized.markdown;
     const tags = await loadDocumentTags(store, doc);
     const frontmatter = parseFrontmatter(markdown).metadata;
     const title = deriveExportedTitle(doc);
@@ -164,6 +176,12 @@ async function exportCollectionArtifact(
     });
   }
 
+  if (notes.length === 0) {
+    throw new Error(
+      `Collection "${collection.name}" has no publishable documents (all notes carry publish: false frontmatter)`
+    );
+  }
+
   const title = options.title ?? collection.name;
   const summary =
     options.summary ??
@@ -217,14 +235,23 @@ async function exportCollectionArtifact(
 async function exportDocumentArtifact(
   store: StorePort,
   target: string,
-  options: PublishExportCoreOptions
+  options: PublishExportCoreOptions,
+  warnings: SanitizeWarning[]
 ) {
   const doc = await lookupDocument(store, target);
   if (!doc?.active) {
     throw new Error(`Document not found: ${target}`);
   }
 
-  const markdown = await loadDocumentMarkdown(store, doc);
+  const rawMarkdown = await loadDocumentMarkdown(store, doc);
+  if (isPublishDisabledByFrontmatter(rawMarkdown)) {
+    throw new Error(
+      `Refused to export: ${doc.uri} has publish: false in frontmatter`
+    );
+  }
+  const sanitized = sanitizeObsidianMarkdown(rawMarkdown);
+  warnings.push(...sanitized.warnings);
+  const markdown = sanitized.markdown;
   const tags = await loadDocumentTags(store, doc);
   const frontmatter = parseFrontmatter(markdown).metadata;
   const title = options.title ?? deriveExportedTitle(doc);
@@ -287,19 +314,31 @@ async function exportDocumentArtifact(
   });
 }
 
+export interface ExportPublishArtifactResult {
+  artifact: PublishArtifact;
+  warnings: SanitizeWarning[];
+}
+
 export async function exportPublishArtifact(input: {
   collections: Collection[];
   options: PublishExportCoreOptions;
   store: StorePort;
   target: string;
-}): Promise<PublishArtifact> {
-  return (
+}): Promise<ExportPublishArtifactResult> {
+  const warnings: SanitizeWarning[] = [];
+  const artifact =
     (await exportCollectionArtifact(
       input.store,
       input.collections,
       input.target,
-      input.options
+      input.options,
+      warnings
     )) ??
-    (await exportDocumentArtifact(input.store, input.target, input.options))
-  );
+    (await exportDocumentArtifact(
+      input.store,
+      input.target,
+      input.options,
+      warnings
+    ));
+  return { artifact, warnings };
 }

package/src/publish/obsidian-sanitize.ts

@@ -0,0 +1,176 @@
+/**
+ * Obsidian-aware markdown pre-processor for publish export.
+ *
+ * Strips wikilinks, drops navigation sidebar idioms, removes references to
+ * private (`_internal/`) paths, and warns on unresolvable image embeds before
+ * the markdown enters the publish artifact.
+ *
+ * @module src/publish/obsidian-sanitize
+ */
+
+const WIKILINK_INTERNAL_PREFIX = /_internal\//i;
+const NAV_SIDEBAR_LINE = /^(!?\[\[[^\]]+\]\]\s*\|?\s*)+$/;
+const IMAGE_EMBED = /!\[\[([^\]]+)\]\]/g;
+const INTERNAL_WIKILINK = /\[\[\s*_internal\/[^\]]+\]\]/gi;
+const ALIASED_WIKILINK = /\[\[([^\]|]+)\|([^\]]+)\]\]/g;
+const BARE_WIKILINK = /\[\[([^\]]+)\]\]/g;
+const TAIL_SEGMENT = /[^/]+$/;
+const BLOCK_ID_SUFFIX = /#\^?[\w-]+$/;
+
+export interface SanitizeWarning {
+  kind:
+    | "image-embed-dropped"
+    | "internal-reference-stripped"
+    | "nav-sidebar-dropped"
+    | "wikilink-unresolved";
+  detail: string;
+}
+
+export interface SanitizeResult {
+  markdown: string;
+  warnings: SanitizeWarning[];
+}
+
+const splitFrontmatter = (
+  source: string
+): { body: string; frontmatter: string } => {
+  if (!source.startsWith("---\n") && !source.startsWith("---\r\n")) {
+    return { body: source, frontmatter: "" };
+  }
+  const endIndex = source.indexOf("\n---\n");
+  const endIndexCrlf = source.indexOf("\r\n---\r\n");
+  const terminators = [endIndex, endIndexCrlf].filter((index) => index !== -1);
+  if (terminators.length === 0) {
+    return { body: source, frontmatter: "" };
+  }
+  const earliest = Math.min(...terminators);
+  const matched =
+    earliest === endIndex
+      ? source.slice(0, earliest + 5)
+      : source.slice(0, earliest + 7);
+  return {
+    body: source.slice(matched.length),
+    frontmatter: matched,
+  };
+};
+
+const deriveLinkDisplay = (target: string): string => {
+  const raw = target.trim();
+  const withoutBlockId = raw.replace(BLOCK_ID_SUFFIX, "").trim();
+  const tail = withoutBlockId.match(TAIL_SEGMENT)?.[0] ?? withoutBlockId;
+  return tail.trim() || raw;
+};
+
+export function sanitizeObsidianMarkdown(source: string): SanitizeResult {
+  const { body, frontmatter } = splitFrontmatter(source);
+  const warnings: SanitizeWarning[] = [];
+  const lines = body.split("\n");
+  const output: string[] = [];
+  let seenContent = false;
+
+  for (const rawLine of lines) {
+    const rawTrimmed = rawLine.trim();
+
+    if (!seenContent && rawTrimmed && NAV_SIDEBAR_LINE.test(rawTrimmed)) {
+      warnings.push({
+        kind: "nav-sidebar-dropped",
+        detail: rawTrimmed,
+      });
+      continue;
+    }
+
+    let line = rawLine;
+
+    line = line.replace(IMAGE_EMBED, (_match, target: string) => {
+      warnings.push({
+        kind: "image-embed-dropped",
+        detail: target.trim(),
+      });
+      return "";
+    });
+
+    line = line.replace(INTERNAL_WIKILINK, (match) => {
+      warnings.push({
+        kind: "internal-reference-stripped",
+        detail: match,
+      });
+      return "";
+    });
+
+    line = line.replace(
+      ALIASED_WIKILINK,
+      (_match, target: string, alias: string) => {
+        if (WIKILINK_INTERNAL_PREFIX.test(target)) {
+          warnings.push({
+            kind: "internal-reference-stripped",
+            detail: target.trim(),
+          });
+          return "";
+        }
+        return alias.trim();
+      }
+    );
+
+    line = line.replace(BARE_WIKILINK, (_match, target: string) => {
+      if (WIKILINK_INTERNAL_PREFIX.test(target)) {
+        warnings.push({
+          kind: "internal-reference-stripped",
+          detail: target.trim(),
+        });
+        return "";
+      }
+      const display = deriveLinkDisplay(target);
+      warnings.push({
+        kind: "wikilink-unresolved",
+        detail: target.trim(),
+      });
+      return display;
+    });
+
+    if (line.trim()) {
+      seenContent = true;
+    }
+
+    output.push(line);
+  }
+
+  return {
+    markdown: `${frontmatter}${output.join("\n")}`,
+    warnings,
+  };
+}
+
+const FRONTMATTER_PUBLISH_FALSE = /^publish:\s*(false|no|0)\s*$/im;
+
+export function isPublishDisabledByFrontmatter(source: string): boolean {
+  const { frontmatter } = splitFrontmatter(source);
+  if (!frontmatter) {
+    return false;
+  }
+  return FRONTMATTER_PUBLISH_FALSE.test(frontmatter);
+}
+
+export function formatSanitizeWarnings(warnings: SanitizeWarning[]): string[] {
+  const grouped = new Map<SanitizeWarning["kind"], Set<string>>();
+  for (const warning of warnings) {
+    const bucket = grouped.get(warning.kind) ?? new Set<string>();
+    bucket.add(warning.detail);
+    grouped.set(warning.kind, bucket);
+  }
+
+  const labels: Record<SanitizeWarning["kind"], string> = {
+    "image-embed-dropped": "Image embeds dropped (attachments not bundled yet)",
+    "internal-reference-stripped": "Private `_internal/` references stripped",
+    "nav-sidebar-dropped": "Navigation sidebar lines dropped",
+    "wikilink-unresolved":
+      "Wikilinks converted to plain text (no in-space target)",
+  };
+
+  return Array.from(grouped.entries()).flatMap(([kind, details]) => {
+    const lines = [`- ${labels[kind]}:`];
+    for (const detail of Array.from(details).sort()) {
+      lines.push(`    • ${detail}`);
+    }
+    return lines;
+  });
+}

package/src/serve/routes/api.ts

@@ -783,7 +783,7 @@ export async function handlePublishExport(
   }
 
   try {
-    const artifact = await exportPublishArtifact({
+    const { artifact, warnings } = await exportPublishArtifact({
       collections: config.collections,
       options: {
         encryptionPassphrase: body.encryptionPassphrase,
@@ -800,6 +800,7 @@ export async function handlePublishExport(
       artifact,
       fileName: derivePublishArtifactFilename(artifact),
       uploadUrl: "https://gno.sh/studio",
+      warnings,
     });
   } catch (error) {
     return errorResponse(