dineway 0.1.4 → 0.1.5

package/README.md

@@ -1,6 +1,6 @@
 # dineway
 
-The core Dineway Agentic Web builder package - an agentic website builder for your restaurants or local businesses.
+The core Dineway package — the Agentic Website builder for restaurants and local businesses. Combines structured content modeling with the Model Context Protocol (MCP) to create intelligent, AI-powered sites.
 
 ## Installation
 
@@ -10,7 +10,11 @@ npm install dineway
 
 ## Features
 
-- **Content Management** - Collections, fields, Live Collections integration
+- **MCP Server** - AI agents interact with your site's content, schema, and context through the open Model Context Protocol
+- **Site Context Engine** - Versioned operational knowledge (brand voice, seasonal strategy, policies) that agents consult before acting
+- **Content Management** - Structured collections, fields, Live Collections integration
+- **Entity Resolution** - Natural-language references resolve to exact content items
+- **Review Requests** - Human-in-the-loop approval for AI-generated changes
 - **Media Library** - Upload via signed URLs, S3-compatible storage
 - **Full-Text Search** - FTS5 with Porter stemming, per-collection config
 - **Navigation Menus** - Hierarchical menus with URL resolution
@@ -18,7 +22,6 @@ npm install dineway
 - **Widget Areas** - Content, menu, and component widgets
 - **Sections** - Reusable content blocks
 - **Plugin System** - Hooks, storage, settings, admin pages
-- **WordPress Import** - WXR, REST API, WordPress.com
 
 ## Quick Start
 

package/dist/{apply-CAPvMfoU.mjs → apply-iVSqz2qs.mjs}

@@ -1,14 +1,17 @@
 import { t as __exportAll } from "./chunk-ClPoSABd.mjs";
-import { t as ContentRepository } from "./content-zSgdNmnt.mjs";
+import { r as RevisionRepository, t as ContentRepository } from "./content-DWi4d0rT.mjs";
 import { t as MediaRepository } from "./media-DMTr80Gv.mjs";
-import { i as FTSManager, n as SchemaRegistry } from "./registry-DSd1GWB8.mjs";
-import { t as RedirectRepository } from "./redirect-JPqLAbxa.mjs";
-import { t as BylineRepository } from "./byline-DeWCMU_i.mjs";
-import { n as getDb } from "./loader-qKmo0wAY.mjs";
-import { t as validateSeed } from "./validate-CXnRKfJK.mjs";
+import { t as withTransaction } from "./transaction-Cn2rjY78.mjs";
+import { t as RedirectRepository } from "./redirect-DnEWAkVg.mjs";
+import { t as BylineRepository } from "./byline-OhH2dlRu.mjs";
+import { i as FTSManager, n as SchemaRegistry } from "./registry-C0zjeB9P.mjs";
+import { n as getDb } from "./loader-sMG4TZ-u.mjs";
+import { n as requestCached, t as peekRequestCache } from "./request-cache-Dk5qPSOx.mjs";
+import { t as validateSeed } from "./validate-BZ5wnLLp.mjs";
 import { sql } from "kysely";
 import { ulid } from "ulidx";
 import { imageSize } from "image-size";
+import { lookup } from "node:dns/promises";
 import mime from "mime/lite";
 
 //#region src/database/repositories/taxonomy.ts
@@ -199,6 +202,19 @@ var OptionsRepository = class {
 		await this.db.insertInto("options").values(row).onConflict((oc) => oc.column("name").doUpdateSet({ value: row.value })).execute();
 	}
 	/**
+	* Set an option value only if no row with that name exists.
+	*
+	* Returns true when the row was inserted, false when a row already existed,
+	* regardless of its value.
+	*/
+	async setIfAbsent(name, value) {
+		const row = {
+			name,
+			value: JSON.stringify(value)
+		};
+		return ((await this.db.insertInto("options").values(row).onConflict((oc) => oc.column("name").doNothing()).executeTakeFirst()).numInsertedOrUpdatedRows ?? 0n) > 0n;
+	}
+	/**
 	* Delete an option
 	*/
 	async delete(name) {
@@ -300,7 +316,11 @@ async function resolveMediaReference(mediaRef, db, _storage) {
 * ```
 */
 async function getSiteSetting(key) {
-	return getSiteSettingWithDb(key, await getDb());
+	const primed = peekRequestCache("siteSettings");
+	if (primed) return (await primed)[key];
+	return requestCached(`siteSetting:${key}`, async () => {
+		return getSiteSettingWithDb(key, await getDb());
+	});
 }
 /**
 * Get a single site setting by key (with explicit db)
@@ -330,7 +350,9 @@ async function getSiteSettingWithDb(key, db, storage = null) {
 * ```
 */
 async function getSiteSettings() {
-	return getSiteSettingsWithDb(await getDb());
+	return requestCached("siteSettings", async () => {
+		return getSiteSettingsWithDb(await getDb());
+	});
 }
 /**
 * Get all site settings (with explicit db)
@@ -432,6 +454,9 @@ const IPV4_MAPPED_IPV6_DOTTED_PATTERN = /^::ffff:(\d+\.\d+\.\d+\.\d+)$/i;
 const IPV4_MAPPED_IPV6_HEX_PATTERN = /^::ffff:([0-9a-f]{1,4}):([0-9a-f]{1,4})$/i;
 const IPV4_TRANSLATED_HEX_PATTERN = /^::ffff:0:([0-9a-f]{1,4}):([0-9a-f]{1,4})$/i;
 const IPV6_EXPANDED_MAPPED_PATTERN = /^0{0,4}:0{0,4}:0{0,4}:0{0,4}:0{0,4}:ffff:([0-9a-f]{1,4}):([0-9a-f]{1,4})$/i;
+const IPV6_ULA_FC_PATTERN = /^fc[0-9a-f]{2}:/;
+const IPV6_ULA_FD_PATTERN = /^fd[0-9a-f]{2}:/;
+const TRAILING_DOT_PATTERN = /\.+$/;
 /**
 * IPv4-compatible (deprecated) addresses: ::XXXX:XXXX
 *
@@ -487,10 +512,19 @@ const BLOCKED_HOSTNAMES = new Set([
 	"localhost",
 	"metadata.google.internal",
 	"metadata.google",
-	"[::1]"
+	"::1"
 ]);
+const BLOCKED_HOSTNAME_SUFFIXES = [
+	"nip.io",
+	"sslip.io",
+	"xip.io",
+	"traefik.me",
+	"lvh.me",
+	"localtest.me"
+];
 /** Blocked URL schemes */
 const ALLOWED_SCHEMES = new Set(["http:", "https:"]);
+let defaultDnsResolver = null;
 function ip4ToNum(a, b, c, d) {
 	return (a << 24 | b << 16 | c << 8 | d) >>> 0;
 }
@@ -501,6 +535,9 @@ function parseIpv4(ip) {
 	if (nums.some((n) => isNaN(n) || n < 0 || n > 255)) return null;
 	return ip4ToNum(nums[0], nums[1], nums[2], nums[3]);
 }
+function getNormalizedHostname(parsed) {
+	return parsed.hostname.replace(IPV6_BRACKET_PATTERN, "").toLowerCase().replace(TRAILING_DOT_PATTERN, "");
+}
 /**
 * Convert IPv4-mapped/translated IPv6 addresses from hex form back to IPv4.
 *
@@ -524,14 +561,18 @@ function normalizeIPv6MappedToIPv4(ip) {
 	return null;
 }
 function isPrivateIp(ip) {
-	if (ip === "::1" || ip === "::ffff:127.0.0.1") return true;
-	const hexIpv4 = normalizeIPv6MappedToIPv4(ip);
+	const normalized = ip.toLowerCase();
+	if (normalized === "::1" || normalized === "::ffff:127.0.0.1") return true;
+	const hexIpv4 = normalizeIPv6MappedToIPv4(normalized);
 	if (hexIpv4) return isPrivateIp(hexIpv4);
-	const v4Match = ip.match(IPV4_MAPPED_IPV6_DOTTED_PATTERN);
-	const num = parseIpv4(v4Match ? v4Match[1] : ip);
-	if (num === null) return ip.startsWith("fe80:") || ip.startsWith("fc") || ip.startsWith("fd");
+	const v4Match = normalized.match(IPV4_MAPPED_IPV6_DOTTED_PATTERN);
+	const num = parseIpv4(v4Match ? v4Match[1] : normalized);
+	if (num === null) return normalized.startsWith("fe80:") || IPV6_ULA_FC_PATTERN.test(normalized) || IPV6_ULA_FD_PATTERN.test(normalized);
 	return BLOCKED_PATTERNS.some((range) => num >= range.start && num <= range.end);
 }
+function isIpLiteral(hostname) {
+	return parseIpv4(hostname) !== null || hostname.includes(":");
+}
 /**
 * Error thrown when SSRF protection blocks a URL.
 */
@@ -550,10 +591,8 @@ var SsrfError = class extends Error {
 * 2. Hostname is not a known internal name (localhost, metadata endpoints)
 * 3. If hostname is an IP literal, it's not in a private range
 *
-* Note: DNS rebinding attacks are not fully mitigated (hostname could resolve
-* to a private IP). Full protection requires resolving DNS and checking the IP
-* before connecting, which needs a custom fetch implementation. This covers
-* the most common SSRF vectors.
+* Use resolveAndValidateExternalUrl() or ssrfSafeFetch() before network I/O so
+* hostnames are also checked after DNS resolution.
 *
 * @throws SsrfError if the URL targets an internal address
 */
@@ -567,11 +606,40 @@ function validateExternalUrl(url) {
 		throw new SsrfError("Invalid URL");
 	}
 	if (!ALLOWED_SCHEMES.has(parsed.protocol)) throw new SsrfError(`Scheme '${parsed.protocol}' is not allowed`);
-	const hostname = parsed.hostname.replace(IPV6_BRACKET_PATTERN, "");
-	if (BLOCKED_HOSTNAMES.has(hostname.toLowerCase())) throw new SsrfError("URLs targeting internal hosts are not allowed");
+	const hostname = getNormalizedHostname(parsed);
+	if (BLOCKED_HOSTNAMES.has(hostname)) throw new SsrfError("URLs targeting internal hosts are not allowed");
+	for (const suffix of BLOCKED_HOSTNAME_SUFFIXES) if (hostname === suffix || hostname.endsWith(`.${suffix}`)) throw new SsrfError("URLs targeting wildcard DNS services are not allowed");
 	if (isPrivateIp(hostname)) throw new SsrfError("URLs targeting private IP addresses are not allowed");
 	return parsed;
 }
+const nodeDnsResolver = async (hostname) => {
+	return (await lookup(hostname, { all: true })).map((entry) => entry.address);
+};
+/**
+* Validate a URL and resolve hostnames before network I/O.
+*
+* Fails closed if DNS resolution fails, returns no addresses, or any resolved
+* address targets a private/internal range.
+*/
+async function resolveAndValidateExternalUrl(url, options = {}) {
+	const parsed = validateExternalUrl(url);
+	const hostname = getNormalizedHostname(parsed);
+	if (isIpLiteral(hostname)) return parsed;
+	const resolver = options.resolver ?? defaultDnsResolver ?? nodeDnsResolver;
+	let addresses;
+	try {
+		addresses = await resolver(hostname);
+	} catch {
+		throw new SsrfError(`Could not resolve hostname: ${hostname}`);
+	}
+	if (addresses.length === 0) throw new SsrfError("Hostname resolved to no addresses");
+	for (const address of addresses) {
+		const normalizedAddress = address.replace(IPV6_BRACKET_PATTERN, "").toLowerCase();
+		if (!isIpLiteral(normalizedAddress)) throw new SsrfError("Hostname resolved to an invalid address");
+		if (isPrivateIp(normalizedAddress)) throw new SsrfError("Hostname resolves to a private IP address");
+	}
+	return parsed;
+}
 /**
 * Fetch a URL with SSRF protection on redirects.
 *
@@ -588,11 +656,11 @@ const CREDENTIAL_HEADERS = [
 	"cookie",
 	"proxy-authorization"
 ];
-async function ssrfSafeFetch(url, init) {
+async function ssrfSafeFetch(url, init, options = {}) {
 	let currentUrl = url;
 	let currentInit = init;
 	for (let i = 0; i <= MAX_REDIRECTS; i++) {
-		validateExternalUrl(currentUrl);
+		await resolveAndValidateExternalUrl(currentUrl, options);
 		const response = await globalThis.fetch(currentUrl, {
 			...currentInit,
 			redirect: "manual"
@@ -871,7 +939,6 @@ async function applySeed(db, seed, options = {}) {
 	}
 	if (includeContent && seed.content) {
 		const contentRepo = new ContentRepository(db);
-		const bylineRepo = new BylineRepository(db);
 		for (const [collectionSlug, entries] of Object.entries(seed.content)) for (const entry of entries) {
 			const existing = await contentRepo.findBySlug(collectionSlug, entry.slug, entry.locale);
 			if (existing) {
@@ -879,14 +946,28 @@ async function applySeed(db, seed, options = {}) {
 				if (onConflict === "update") {
 					const resolvedData = await resolveReferences(entry.data, seedIdMap, mediaContext, result);
 					const status = entry.status || "published";
-					await contentRepo.update(collectionSlug, existing.id, {
-						status,
-						data: resolvedData
+					await withTransaction(db, async (trx) => {
+						const trxContentRepo = new ContentRepository(trx);
+						const trxBylineRepo = new BylineRepository(trx);
+						const trxRevisionRepo = new RevisionRepository(trx);
+						await trxContentRepo.update(collectionSlug, existing.id, {
+							status,
+							data: resolvedData
+						});
+						await applyContentBylines(trxBylineRepo, collectionSlug, existing.id, entry, seedBylineIdMap, true);
+						await applyContentTaxonomies(trx, collectionSlug, existing.id, entry, true);
+						if (status === "published") {
+							const draft = await trxRevisionRepo.create({
+								collection: collectionSlug,
+								entryId: existing.id,
+								data: resolvedData
+							});
+							await trxContentRepo.setDraftRevision(collectionSlug, existing.id, draft.id);
+							await trxContentRepo.publish(collectionSlug, existing.id);
+						}
 					});
 					seedIdMap.set(entry.id, existing.id);
 					result.content.updated++;
-					await applyContentBylines(bylineRepo, collectionSlug, existing.id, entry, seedBylineIdMap, true);
-					await applyContentTaxonomies(db, collectionSlug, existing.id, entry, true);
 					continue;
 				}
 				result.content.skipped++;
@@ -901,19 +982,25 @@ async function applySeed(db, seed, options = {}) {
 				else translationOf = sourceId;
 			}
 			const status = entry.status || "published";
-			const created = await contentRepo.create({
-				type: collectionSlug,
-				slug: entry.slug,
-				status,
-				data: resolvedData,
-				locale: entry.locale,
-				translationOf,
-				publishedAt: status === "published" ? (/* @__PURE__ */ new Date()).toISOString() : null
+			const created = await withTransaction(db, async (trx) => {
+				const trxContentRepo = new ContentRepository(trx);
+				const trxBylineRepo = new BylineRepository(trx);
+				const item = await trxContentRepo.create({
+					type: collectionSlug,
+					slug: entry.slug,
+					status,
+					data: resolvedData,
+					locale: entry.locale,
+					translationOf,
+					publishedAt: status === "published" ? (/* @__PURE__ */ new Date()).toISOString() : null
+				});
+				await applyContentBylines(trxBylineRepo, collectionSlug, item.id, entry, seedBylineIdMap);
+				await applyContentTaxonomies(trx, collectionSlug, item.id, entry, false);
+				if (status === "published") await trxContentRepo.publish(collectionSlug, item.id);
+				return item;
 			});
 			seedIdMap.set(entry.id, created.id);
 			result.content.created++;
-			await applyContentBylines(bylineRepo, collectionSlug, created.id, entry, seedBylineIdMap);
-			await applyContentTaxonomies(db, collectionSlug, created.id, entry, false);
 		}
 	}
 	if (seed.menus) for (const menu of seed.menus) {
@@ -1033,6 +1120,12 @@ async function applySeed(db, seed, options = {}) {
 			}
 		}
 	}
+	const { invalidateBylineCache } = await import("./bylines-BGpD9_hy.mjs").then((n) => n.t);
+	const { invalidateUrlPatternCache } = await import("./query-kDmwCsHh.mjs").then((n) => n.o);
+	const { invalidateRedirectCache } = await import("./cache-BdSY-gQN.mjs").then((n) => n.t);
+	invalidateBylineCache();
+	invalidateUrlPatternCache();
+	invalidateRedirectCache();
 	return result;
 }
 /**
@@ -1336,4 +1429,4 @@ function getImageDimensions(buffer) {
 }
 
 //#endregion
-export { stripCredentialHeaders as a, getPluginSettings as c, setSiteSettings as d, OptionsRepository as f, ssrfSafeFetch as i, getSiteSetting as l, apply_exports as n, validateExternalUrl as o, TaxonomyRepository as p, SsrfError as r, getPluginSetting as s, applySeed as t, getSiteSettings as u };
+export { ssrfSafeFetch as a, getPluginSetting as c, getSiteSettings as d, setSiteSettings as f, resolveAndValidateExternalUrl as i, getPluginSettings as l, TaxonomyRepository as m, apply_exports as n, stripCredentialHeaders as o, OptionsRepository as p, SsrfError as r, validateExternalUrl as s, applySeed as t, getSiteSetting as u };

package/dist/astro/index.d.mts

@@ -1,9 +1,9 @@
-import "../types-DkvMXalq.mjs";
-import { Cn as DinewayConfig, Dn as S3StorageConfig, En as LocalStorageConfig, On as StorageDescriptor, Tn as getStoredConfig, la as MediaItem } from "../index-C-jx21qs.mjs";
-import "../runner-B5l1JfOj.mjs";
-import { r as ContentItem } from "../types-CLLdsG3g.mjs";
-import { J as ResolvedPlugin } from "../types-D38djUXv.mjs";
-import "../validate-DVKJJ-M_.mjs";
+import "../types-DOrVigru.mjs";
+import { Cn as DinewayConfig, Dn as S3StorageConfig, En as LocalStorageConfig, On as StorageDescriptor, Tn as getStoredConfig, fa as MediaItem } from "../index-yvc6E_17.mjs";
+import "../runner-CFI6B6J2.mjs";
+import { r as ContentItem } from "../types-BzcUjoqg.mjs";
+import { X as ResolvedPlugin } from "../types-Cj0KMIZV.mjs";
+import "../validate-IPf8n4Fj.mjs";
 import { DinewayHandlers, DinewayManifest, ManifestCollection } from "./types.mjs";
 import { AstroIntegration } from "astro";
 
@@ -12,19 +12,28 @@ import { AstroIntegration } from "astro";
  * S3-compatible storage adapter
  *
  * Works with AWS S3, MinIO, and other S3-compatible object stores.
+ * Any omitted field is resolved from the matching `S3_*` environment
+ * variable when the Node process starts. Explicit values take precedence.
  *
  * @example
  * ```ts
+ * // All fields from runtime env
+ * storage: s3()
+ *
+ * // Mix explicit CDN config with endpoint/bucket/credentials from env
+ * storage: s3({ publicUrl: "https://cdn.example.com" })
+ *
+ * // All explicit values
  * storage: s3({
  *   endpoint: process.env.S3_ENDPOINT!,
  *   bucket: "media",
- *   accessKeyId: process.env.S3_ACCESS_KEY_ID!,
- *   secretAccessKey: process.env.S3_SECRET_ACCESS_KEY!,
+ *   accessKeyId: process.env.S3_ACCESS_KEY_ID,
+ *   secretAccessKey: process.env.S3_SECRET_ACCESS_KEY,
  *   publicUrl: "https://cdn.example.com", // optional CDN
  * })
  * ```
  */
-declare function s3(config: S3StorageConfig): StorageDescriptor;
+declare function s3(config?: Partial<S3StorageConfig>): StorageDescriptor;
 /**
  * Local filesystem storage adapter
  *