@striae-org/striae 7.0.1 → 7.1.1

package/scripts/deploy-config/modules/prompt.sh

@@ -23,7 +23,7 @@ prompt_for_secrets() {
     is_auto_generated_secret_var() {
         local var_name=$1
         case "$var_name" in
-            IMAGE_SIGNED_URL_SECRET)
+            IMAGE_SIGNED_URL_SECRET|LISTS_ADMIN_SECRET)
                 return 0
                 ;;
             *)
@@ -39,6 +39,9 @@ prompt_for_secrets() {
             IMAGE_SIGNED_URL_SECRET)
                 [ "$value" = "your_image_signed_url_secret_here" ]
                 ;;
+            LISTS_ADMIN_SECRET)
+                [ "$value" = "your_lists_admin_secret_here" ]
+                ;;
             *)
                 return 1
                 ;;
@@ -223,13 +226,44 @@ prompt_for_secrets() {
 
     echo -e "${BLUE}🔑 WORKER NAMES${NC}"
     echo "==============="
-    echo -e "${YELLOW}Worker names are lowercased automatically and must use only letters, numbers, and dashes.${NC}"
+    echo -e "${YELLOW}Worker names are auto-generated and lowercased. Press Enter to keep the generated value or type a custom name.${NC}"
+
+    # Auto-generate each worker name if not yet set or still a placeholder.
+    _gen_worker_name() {
+        local var_name=$1
+        local current="${!var_name:-}"
+        if is_placeholder "$current" || [ -z "$current" ]; then
+            local suffix
+            suffix=$(openssl rand -base64 16 2>/dev/null | tr -dc 'a-z0-9' | head -c 10 || true)
+            if [ -n "$suffix" ]; then
+                printf '%s' "striae-dev-${suffix}"
+            fi
+        fi
+    }
+
+    _new=$(  _gen_worker_name "USER_WORKER_NAME")
+    [ -n "$_new" ] && { USER_WORKER_NAME="$_new"; export USER_WORKER_NAME; }
+    prompt_for_var "USER_WORKER_NAME" "User worker name (auto-generated; change only if using an existing worker)"
+
+    _new=$(_gen_worker_name "DATA_WORKER_NAME")
+    [ -n "$_new" ] && { DATA_WORKER_NAME="$_new"; export DATA_WORKER_NAME; }
+    prompt_for_var "DATA_WORKER_NAME" "Data worker name (auto-generated; change only if using an existing worker)"
+
+    _new=$(_gen_worker_name "AUDIT_WORKER_NAME")
+    [ -n "$_new" ] && { AUDIT_WORKER_NAME="$_new"; export AUDIT_WORKER_NAME; }
+    prompt_for_var "AUDIT_WORKER_NAME" "Audit worker name (auto-generated; change only if using an existing worker)"
+
+    _new=$(_gen_worker_name "IMAGES_WORKER_NAME")
+    [ -n "$_new" ] && { IMAGES_WORKER_NAME="$_new"; export IMAGES_WORKER_NAME; }
+    prompt_for_var "IMAGES_WORKER_NAME" "Images worker name (auto-generated; change only if using an existing worker)"
+
+    _new=$(_gen_worker_name "PDF_WORKER_NAME")
+    [ -n "$_new" ] && { PDF_WORKER_NAME="$_new"; export PDF_WORKER_NAME; }
+    prompt_for_var "PDF_WORKER_NAME" "PDF worker name (auto-generated; change only if using an existing worker)"
 
-    prompt_for_var "USER_WORKER_NAME" "User worker name"
-    prompt_for_var "DATA_WORKER_NAME" "Data worker name"
-    prompt_for_var "AUDIT_WORKER_NAME" "Audit worker name"
-    prompt_for_var "IMAGES_WORKER_NAME" "Images worker name"
-    prompt_for_var "PDF_WORKER_NAME" "PDF worker name"
+    _new=$(_gen_worker_name "LISTS_WORKER_NAME")
+    [ -n "$_new" ] && { LISTS_WORKER_NAME="$_new"; export LISTS_WORKER_NAME; }
+    prompt_for_var "LISTS_WORKER_NAME" "Lists worker name (auto-generated; change only if using an existing worker)"
     echo ""
 
     echo -e "${BLUE}🗄️ STORAGE CONFIGURATION${NC}"
@@ -238,6 +272,7 @@ prompt_for_secrets() {
     prompt_for_var "AUDIT_BUCKET_NAME" "Your R2 bucket name for audit logs (separate from data bucket)"
     prompt_for_var "FILES_BUCKET_NAME" "Your R2 bucket name for encrypted files storage"
     prompt_for_var "KV_STORE_ID" "Your KV namespace ID (UUID format)"
+    prompt_for_var "STRIAE_LISTS_KV_ID" "KV namespace ID for the lists-worker (UUID format; backs registration and primershear allowlists)"
 
     echo -e "${BLUE}🔐 SERVICE-SPECIFIC SECRETS${NC}"
     echo "============================"
@@ -255,6 +290,7 @@ prompt_for_secrets() {
     prompt_for_var "IMAGE_SIGNED_URL_BASE_URL" "Signed URL delivery base URL — routes signed image delivery through the Pages proxy (leave as-is unless using a non-standard domain)"
 
     prompt_for_var "BROWSER_API_TOKEN" "Cloudflare Browser Rendering API token (for PDF Worker)"
+    prompt_for_var "LISTS_ADMIN_SECRET" "Lists worker admin secret — guards write endpoints (auto-generated; guards POST/DELETE on the lists-worker)"
 
     configure_manifest_signing_credentials
     configure_export_encryption_credentials

package/scripts/deploy-config/modules/scaffolding.sh

@@ -106,6 +106,14 @@ copy_example_configs() {
         echo -e "${YELLOW}    ⚠️  pdf-worker: wrangler.jsonc already exists, skipping copy${NC}"
     fi
 
+    cd ../lists-worker
+    if [ -f "wrangler.jsonc.example" ] && { [ "$update_env" = "true" ] || [ ! -f "wrangler.jsonc" ]; }; then
+        cp wrangler.jsonc.example wrangler.jsonc
+        echo -e "${GREEN}    ✅ lists-worker: wrangler.jsonc created from example${NC}"
+    elif [ -f "wrangler.jsonc" ]; then
+        echo -e "${YELLOW}    ⚠️  lists-worker: wrangler.jsonc already exists, skipping copy${NC}"
+    fi
+
     # Return to project root
     cd ../..
 
@@ -172,6 +180,16 @@ update_wrangler_configs() {
         echo -e "${GREEN}    ✅ pdf-worker configuration updated${NC}"
     fi
 
+    if [ -f "workers/lists-worker/wrangler.jsonc" ]; then
+        echo -e "${YELLOW}  Updating lists-worker/wrangler.jsonc...${NC}"
+        local escaped_striae_lists_kv_id
+        escaped_striae_lists_kv_id=$(escape_for_sed_replacement "$STRIAE_LISTS_KV_ID")
+        sed -i "s/\"LISTS_WORKER_NAME\"/\"$LISTS_WORKER_NAME\"/g" workers/lists-worker/wrangler.jsonc
+        sed -i "s/\"ACCOUNT_ID\"/\"$escaped_account_id\"/g" workers/lists-worker/wrangler.jsonc
+        sed -i "s/\"STRIAE_LISTS_KV_ID\"/\"$escaped_striae_lists_kv_id\"/g" workers/lists-worker/wrangler.jsonc
+        echo -e "${GREEN}    ✅ lists-worker configuration updated${NC}"
+    fi
+
     if [ -f "workers/user-worker/wrangler.jsonc" ]; then
         echo -e "${YELLOW}  Updating user-worker/wrangler.jsonc...${NC}"
         sed -i "s/\"USER_WORKER_NAME\"/\"$USER_WORKER_NAME\"/g" workers/user-worker/wrangler.jsonc
@@ -190,6 +208,7 @@ update_wrangler_configs() {
         sed -i "s/AUDIT_WORKER_NAME/$AUDIT_WORKER_NAME/g" wrangler.toml
         sed -i "s/IMAGES_WORKER_NAME/$IMAGES_WORKER_NAME/g" wrangler.toml
         sed -i "s/PDF_WORKER_NAME/$PDF_WORKER_NAME/g" wrangler.toml
+        sed -i "s/LISTS_WORKER_NAME/$LISTS_WORKER_NAME/g" wrangler.toml
         echo -e "${GREEN}    ✅ main wrangler.toml configuration updated${NC}"
     fi
 

package/scripts/deploy-config/modules/validation.sh

@@ -96,12 +96,14 @@ required_vars=(
     "AUDIT_WORKER_NAME"
     "IMAGES_WORKER_NAME"
     "PDF_WORKER_NAME"
+    "LISTS_WORKER_NAME"
 
     # Storage Configuration (required for config replacement)
     "DATA_BUCKET_NAME"
     "AUDIT_BUCKET_NAME"
     "FILES_BUCKET_NAME"
     "KV_STORE_ID"
+    "STRIAE_LISTS_KV_ID"
 
     # Worker-Specific Secrets (required for deployment)
     "IMAGE_SIGNED_URL_SECRET"
@@ -112,6 +114,7 @@ required_vars=(
     "EXPORT_ENCRYPTION_PRIVATE_KEY"
     "EXPORT_ENCRYPTION_KEY_ID"
     "EXPORT_ENCRYPTION_PUBLIC_KEY"
+    "LISTS_ADMIN_SECRET"
 )
 
 validate_required_vars() {

package/scripts/deploy-config.sh

@@ -200,36 +200,6 @@ source "$DEPLOY_CONFIG_VALIDATION_MODULE"
 source "$DEPLOY_CONFIG_SCAFFOLDING_MODULE"
 source "$DEPLOY_CONFIG_PROMPT_MODULE"
 
-EMAIL_LIST_CONFIG_DIR="app/config"
-MEMBERS_EMAILS_FILE="$EMAIL_LIST_CONFIG_DIR/members.emails"
-PRIMERSHEAR_EMAILS_FILE="$EMAIL_LIST_CONFIG_DIR/primershear.emails"
-
-sync_env_var_from_email_list_file() {
-    local env_var_name=$1
-    local file_path=$2
-    local loaded_values=""
-
-    if [ ! -f "$file_path" ]; then
-        echo -e "${YELLOW}⚠️  $file_path not found; keeping existing $env_var_name value in .env${NC}"
-        return 0
-    fi
-
-    loaded_values=$(grep -v '^[[:space:]]*#' "$file_path" | grep -v '^[[:space:]]*$' | sed -e 's/\r$//' -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//' | paste -sd ',' - || true)
-
-    write_env_var "$env_var_name" "$loaded_values"
-    export "$env_var_name=$loaded_values"
-
-    local loaded_count
-    loaded_count=$(echo "$loaded_values" | tr ',' '\n' | grep -c '[^[:space:]]' || true)
-    echo -e "${GREEN}✅ Synced $env_var_name from $file_path ($loaded_count entry/entries)${NC}"
-}
-
-sync_email_list_env_vars_from_config() {
-    echo -e "${YELLOW}📧 Syncing optional email list env vars from app/config...${NC}"
-    sync_env_var_from_email_list_file "REGISTRATION_EMAILS" "$MEMBERS_EMAILS_FILE"
-    sync_env_var_from_email_list_file "PRIMERSHEAR_EMAILS" "$PRIMERSHEAR_EMAILS_FILE"
-}
-
 if [ "$validate_only" = "true" ]; then
     echo -e "\n${BLUE}🧪 Validate-only mode enabled${NC}"
     run_validation_checkpoint
@@ -247,9 +217,6 @@ load_admin_service_credentials
 # Always prompt for secrets to ensure configuration
 prompt_for_secrets
 
-# Keep optional email list env vars aligned with app/config source files.
-sync_email_list_env_vars_from_config
-
 # Validate after secrets have been configured
 validate_required_vars
 

package/scripts/deploy-pages-secrets.sh

@@ -117,16 +117,6 @@ deploy_pages_secrets() {
         printf '%s' "$secret_value" | wrangler pages secret put "$secret" --project-name "$PAGES_PROJECT_NAME"
     done
 
-    local optional_primershear_emails
-    optional_primershear_emails=$(get_optional_value "PRIMERSHEAR_EMAILS")
-    echo -e "${YELLOW}  Setting PRIMERSHEAR_EMAILS...${NC}"
-    printf '%s' "$optional_primershear_emails" | wrangler pages secret put "PRIMERSHEAR_EMAILS" --project-name "$PAGES_PROJECT_NAME"
-
-    local optional_registration_emails
-    optional_registration_emails=$(get_optional_value "REGISTRATION_EMAILS")
-    echo -e "${YELLOW}  Setting REGISTRATION_EMAILS...${NC}"
-    printf '%s' "$optional_registration_emails" | wrangler pages secret put "REGISTRATION_EMAILS" --project-name "$PAGES_PROJECT_NAME"
-
     echo -e "${GREEN}✅ Pages secrets deployed to production${NC}"
 }
 
@@ -152,6 +142,7 @@ fi
 
 required_pages_secrets=(
     "PROJECT_ID"
+    "LISTS_ADMIN_SECRET"
 )
 
 echo -e "${YELLOW}🔍 Validating required Pages secret values...${NC}"

package/scripts/deploy-worker-secrets.sh

@@ -267,6 +267,13 @@ build_data_worker_secret_list() {
     printf '%s\n' "${secrets[@]}"
 }
 
+build_lists_worker_secret_list() {
+    local secrets=(
+        "LISTS_ADMIN_SECRET"
+    )
+    printf '%s\n' "${secrets[@]}"
+}
+
 build_images_worker_secret_list() {
     local secrets=(
         "DATA_AT_REST_ENCRYPTION_PUBLIC_KEY"
@@ -299,7 +306,7 @@ echo -e "\n${BLUE}🔐 Deploying secrets to workers...${NC}"
 # Check if workers are configured
 echo -e "${YELLOW}🔍 Checking worker configurations...${NC}"
 workers_configured=0
-total_workers=5
+total_workers=6
 
 for worker_dir in workers/*/; do
     if [ -f "$worker_dir/wrangler.jsonc" ] || [ -f "$worker_dir/wrangler.toml" ]; then
@@ -363,6 +370,16 @@ if ! set_worker_secrets "PDF Worker" "workers/pdf-worker" \
     echo -e "${YELLOW}⚠️  Skipping PDF Worker (not configured)${NC}"
 fi
 
+# Lists Worker
+lists_worker_secrets=()
+while IFS= read -r secret; do
+    lists_worker_secrets+=("$secret")
+done < <(build_lists_worker_secret_list)
+
+if ! set_worker_secrets "Lists Worker" "workers/lists-worker" "${lists_worker_secrets[@]}"; then
+    echo -e "${YELLOW}⚠️  Skipping Lists Worker (not configured)${NC}"
+fi
+
 echo -e "\n${GREEN}🎉 Worker secrets deployment completed!${NC}"
 
 echo -e "\n${YELLOW}⚠️  WORKER CONFIGURATION REMINDERS:${NC}"
@@ -371,6 +388,7 @@ echo "   - Configure KV namespace ID in workers/user-worker/wrangler.jsonc"
 echo "   - Configure R2 bucket name in workers/data-worker/wrangler.jsonc"
 echo "   - Configure R2 bucket name in workers/audit-worker/wrangler.jsonc"
 echo "   - Configure R2 bucket name in workers/image-worker/wrangler.jsonc"
+echo "   - Configure KV namespace ID in workers/lists-worker/wrangler.jsonc"
 echo "   - Update ACCOUNT_ID and custom domains in all worker configurations"
 
 echo -e "\n${BLUE}📝 For manual deployment, use these commands:${NC}"

package/scripts/install-workers.sh

@@ -7,8 +7,9 @@
 # 1. audit-worker
 # 2. data-worker
 # 3. image-worker
-# 4. pdf-worker
-# 5. user-worker
+# 4. lists-worker
+# 5. pdf-worker
+# 6. user-worker
 
 # Colors for output
 RED='\033[0;31m'
@@ -34,7 +35,7 @@ if [ ! -d "$WORKERS_DIR" ]; then
 fi
 
 # List of workers
-WORKERS=("audit-worker" "data-worker" "image-worker" "pdf-worker" "user-worker")
+WORKERS=("audit-worker" "data-worker" "image-worker" "lists-worker" "pdf-worker" "user-worker")
 
 echo -e "${PURPLE}Installing npm dependencies for all workers...${NC}"
 echo ""

package/scripts/update-markdown-versions.cjs

@@ -11,6 +11,7 @@ const workerDirs = [
   'workers/audit-worker',
   'workers/data-worker',
   'workers/image-worker',
+  'workers/lists-worker',
   'workers/pdf-worker',
   'workers/user-worker',
 ];

package/workers/audit-worker/package.json

@@ -1,6 +1,6 @@
 {
   "name": "audit-worker",
-  "version": "7.0.1",
+  "version": "7.1.1",
   "private": true,
   "scripts": {
     "deploy": "wrangler deploy",
@@ -8,6 +8,6 @@
     "start": "wrangler dev"
   },
   "devDependencies": {
-    "wrangler": "^4.84.1"
+    "wrangler": "^4.85.0"
   }
 }

package/workers/audit-worker/wrangler.jsonc.example

@@ -3,7 +3,7 @@
   "account_id": "ACCOUNT_ID",
   "main": "src/audit-worker.ts",
   "workers_dev": false,
-  "compatibility_date": "2026-04-22",
+  "compatibility_date": "2026-04-27",
   "compatibility_flags": [
     "nodejs_compat"
   ], 

package/workers/data-worker/package.json

@@ -1,6 +1,6 @@
 {
   "name": "data-worker",
-  "version": "7.0.1",
+  "version": "7.1.1",
   "private": true,
   "scripts": {
     "deploy": "wrangler deploy",
@@ -9,6 +9,6 @@
   },
   "devDependencies": {
     "@cloudflare/vitest-pool-workers": "^0.14.9",
-    "wrangler": "^4.84.1"
+    "wrangler": "^4.85.0"
   }
 }

package/workers/data-worker/wrangler.jsonc.example

@@ -3,7 +3,7 @@
   "account_id": "ACCOUNT_ID",
   "main": "src/data-worker.ts",
   "workers_dev": false,
-  "compatibility_date": "2026-04-22",
+  "compatibility_date": "2026-04-27",
   "compatibility_flags": [
     "nodejs_compat"
   ], 

package/workers/image-worker/package.json

@@ -1,6 +1,6 @@
 {
   "name": "image-worker",
-  "version": "7.0.1",
+  "version": "7.1.1",
   "private": true,
   "scripts": {
     "deploy": "wrangler deploy",
@@ -8,6 +8,6 @@
     "start": "wrangler dev"
   },
   "devDependencies": {
-    "wrangler": "^4.84.1"
+    "wrangler": "^4.85.0"
   }
 }

package/workers/image-worker/wrangler.jsonc.example

@@ -3,7 +3,7 @@
   "account_id": "ACCOUNT_ID",
   "main": "src/image-worker.ts",
   "workers_dev": false,
-  "compatibility_date": "2026-04-22",
+  "compatibility_date": "2026-04-27",
   "compatibility_flags": [
     "nodejs_compat"
   ], 

package/workers/lists-worker/package.json

@@ -0,0 +1,13 @@
+{
+  "name": "lists-worker",
+  "version": "7.1.1",
+  "private": true,
+  "scripts": {
+    "deploy": "wrangler deploy",
+    "dev": "wrangler dev",
+    "start": "wrangler dev"
+  },
+  "devDependencies": {
+    "wrangler": "^4.85.0"
+  }
+}

package/workers/lists-worker/src/lists-worker.ts

@@ -0,0 +1,97 @@
+import type { Env } from './types';
+
+const JSON_HEADERS: HeadersInit = {
+  'Content-Type': 'application/json',
+  'Cache-Control': 'no-store',
+  'Pragma': 'no-cache',
+};
+
+/** Routes map URL path segment to the KV key used in STRIAE_LISTS. */
+const ROUTE_TO_KV_KEY: Record<string, string> = {
+  members: 'allow',
+  primershear: 'primershear',
+};
+
+function jsonResponse(data: Record<string, unknown>, status = 200): Response {
+  return new Response(JSON.stringify(data), { status, headers: JSON_HEADERS });
+}
+
+/**
+ * Constant-time string comparison to mitigate timing side-channels on auth checks.
+ * Both strings are encoded to bytes and compared with a full XOR pass.
+ */
+function timingSafeEqual(a: string, b: string): boolean {
+  const encoder = new TextEncoder();
+  const aBytes = encoder.encode(a);
+  const bBytes = encoder.encode(b);
+  if (aBytes.length !== bBytes.length) return false;
+  let diff = 0;
+  for (let i = 0; i < aBytes.length; i++) {
+    diff |= aBytes[i] ^ bBytes[i];
+  }
+  return diff === 0;
+}
+
+function isAuthorized(request: Request, secret: string): boolean {
+  if (!secret) return false;
+  const auth = request.headers.get('Authorization');
+  if (!auth || !auth.startsWith('Bearer ')) return false;
+  return timingSafeEqual(auth.slice(7), secret);
+}
+
+export default {
+  async fetch(request: Request, env: Env): Promise<Response> {
+    const url = new URL(request.url);
+    const segment = url.pathname.replace(/^\/+|\/+$/g, '');
+    const kvKey = ROUTE_TO_KV_KEY[segment];
+
+    if (!kvKey) {
+      return jsonResponse({ error: 'Not found' }, 404);
+    }
+
+    if (request.method === 'GET') {
+      if (!isAuthorized(request, env.LISTS_ADMIN_SECRET)) {
+        return jsonResponse({ error: 'Unauthorized' }, 401);
+      }
+      const raw = (await env.STRIAE_LISTS.get(kvKey)) ?? '';
+      const list = raw ? raw.split(',').map(e => e.trim().toLowerCase()).filter(Boolean).join(',') : '';
+      return jsonResponse({ list });
+    }
+
+    if (request.method === 'POST' || request.method === 'DELETE') {
+      if (!isAuthorized(request, env.LISTS_ADMIN_SECRET)) {
+        return jsonResponse({ error: 'Unauthorized' }, 401);
+      }
+
+      let body: { entry?: unknown };
+      try {
+        body = await request.json() as { entry?: unknown };
+      } catch {
+        return jsonResponse({ error: 'Invalid JSON body' }, 400);
+      }
+
+      const entry = typeof body.entry === 'string' ? body.entry.trim().toLowerCase() : '';
+      if (!entry) {
+        return jsonResponse({ error: 'Missing or empty entry' }, 400);
+      }
+
+      const current = (await env.STRIAE_LISTS.get(kvKey)) ?? '';
+      const entries = current ? current.split(',').map(e => e.trim().toLowerCase()).filter(Boolean) : [];
+
+      if (request.method === 'POST') {
+        if (!entries.includes(entry)) {
+          entries.push(entry);
+        }
+        await env.STRIAE_LISTS.put(kvKey, entries.join(','));
+        return jsonResponse({ ok: true });
+      }
+
+      // DELETE
+      const filtered = entries.filter(e => e !== entry);
+      await env.STRIAE_LISTS.put(kvKey, filtered.join(','));
+      return jsonResponse({ ok: true });
+    }
+
+    return jsonResponse({ error: 'Method not allowed' }, 405);
+  },
+};

package/workers/lists-worker/src/types.ts

@@ -0,0 +1,4 @@
+export interface Env {
+  STRIAE_LISTS: KVNamespace;
+  LISTS_ADMIN_SECRET: string;
+}

package/workers/lists-worker/wrangler.jsonc.example

@@ -0,0 +1,23 @@
+{
+  "name": "LISTS_WORKER_NAME",
+  "account_id": "ACCOUNT_ID",
+  "main": "src/lists-worker.ts",
+  "workers_dev": false,
+  "compatibility_date": "2026-04-27",
+  "compatibility_flags": [
+    "nodejs_compat"
+  ],
+
+  "observability": {
+    "enabled": true
+  },
+
+  "kv_namespaces": [
+    {
+      "binding": "STRIAE_LISTS",
+      "id": "STRIAE_LISTS_KV_ID"
+    }
+  ],
+  
+  "placement": { "mode": "smart" }
+}

package/workers/pdf-worker/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pdf-worker",
-  "version": "7.0.1",
+  "version": "7.1.1",
   "private": true,
   "scripts": {
     "generate:assets": "node scripts/generate-assets.js",
@@ -9,6 +9,6 @@
     "start": "wrangler dev"
   },
   "devDependencies": {
-    "wrangler": "^4.84.1"
+    "wrangler": "^4.85.0"
   }
 }

package/workers/pdf-worker/wrangler.jsonc.example

@@ -3,7 +3,7 @@
   "account_id": "ACCOUNT_ID",
   "main": "src/pdf-worker.ts",
   "workers_dev": false,
-  "compatibility_date": "2026-04-22",
+  "compatibility_date": "2026-04-27",
   "compatibility_flags": [
     "nodejs_compat"
   ],

package/workers/user-worker/package.json

@@ -1,6 +1,6 @@
 {
   "name": "user-worker",
-  "version": "7.0.1",
+  "version": "7.1.1",
   "private": true,
   "scripts": {
     "deploy": "wrangler deploy",
@@ -8,6 +8,6 @@
     "start": "wrangler dev"
   },
   "devDependencies": {
-    "wrangler": "^4.84.1"
+    "wrangler": "^4.85.0"
   }
 }

package/workers/user-worker/wrangler.jsonc.example

@@ -3,7 +3,7 @@
   "account_id": "ACCOUNT_ID",
   "main": "src/user-worker.ts",
   "workers_dev": false,
-  "compatibility_date": "2026-04-22",
+  "compatibility_date": "2026-04-27",
   "compatibility_flags": [
     "nodejs_compat"
   ], 

package/wrangler.toml.example

@@ -1,6 +1,6 @@
 #:schema node_modules/wrangler/config-schema.json
 name = "PAGES_PROJECT_NAME"
-compatibility_date = "2026-04-22"
+compatibility_date = "2026-04-27"
 compatibility_flags = ["nodejs_compat"]
 pages_build_output_dir = "./build/client"
 
@@ -25,4 +25,8 @@ service = "IMAGES_WORKER_NAME"
 
 [[services]]
 binding = "PDF_WORKER"
-service = "PDF_WORKER_NAME"
+service = "PDF_WORKER_NAME"
+
+[[services]]
+binding = "LISTS_WORKER"
+service = "LISTS_WORKER_NAME"

package/app/config-example/members.emails

@@ -1,11 +0,0 @@
-# Registration gateway - authorized email addresses
-# One entry per line. Lines starting with # are ignored.
-# This file is untracked. Run: npm run deploy-members to push changes.
-#
-# Supported formats:
-#   Exact email:   analyst@organization.com
-#   Domain wildcard: @organization.com  (allows all emails from that domain)
-#
-# Examples:
-# analyst@organization.com
-# @striae.org

package/app/config-example/primershear.emails

@@ -1,6 +0,0 @@
-# PrimerShear PDF format - authorized email addresses
-# One email per line. Lines starting with # are ignored.
-# This file is untracked. Run: npm run deploy-primershear to push changes.
-#
-# Example:
-# analyst@organization.com