dineway 0.1.9 → 0.1.12

package/dist/{index-yvc6E_17.d.mts → runtime-Db4LbNVZ.d.mts}

@@ -1,18 +1,210 @@
-import { _ as MediaValue, m as MediaProviderDescriptor } from "./placeholder--wOi4TbO.mjs";
-import { t as Database } from "./types-DOrVigru.mjs";
-import { a as ContentSeoInput, c as FindManyOptions, l as FindManyResult, o as CreateContentInput, r as ContentItem, t as BylineSummary, u as UpdateContentInput } from "./types-BzcUjoqg.mjs";
-import { A as PageMetadataContribution, B as PluginDefinition, D as PageFragmentContribution, H as PluginManifest, J as RequestMeta, O as PageFragmentEvent, W as PluginStorageConfig, X as ResolvedPlugin, a as CommentAfterModerateEvent, g as EmailMessage, h as CronEvent, j as PageMetadataEvent, r as CommentAfterCreateEvent, s as CommentBeforeCreateEvent, tt as StandardPluginDefinition, w as MediaItem$1 } from "./types-Cj0KMIZV.mjs";
-import { a as Collection, b as UpdateFieldInput, c as CollectionWithFields, d as CreateFieldInput, i as SiteSettings, p as Field, r as SiteSettingKey, u as CreateCollectionInput, y as UpdateCollectionInput } from "./types-BuMDPy5C.mjs";
-import { d as Storage } from "./types-CWbdtiux.mjs";
-import { t as DatabaseDescriptor } from "./adapters-C2ypTrZZ.mjs";
+import { a as ContentSeoInput, c as FindManyOptions, l as FindManyResult, o as CreateContentInput, r as ContentItem, t as BylineSummary, u as UpdateContentInput } from "./types-DJlpx5Ay.mjs";
+import { t as Database } from "./types-DZPw8Rru.mjs";
+import { A as PageMetadataContribution, B as PluginDefinition, D as PageFragmentContribution, H as PluginManifest, J as RequestMeta, O as PageFragmentEvent, W as PluginStorageConfig, X as ResolvedPlugin, a as CommentAfterModerateEvent, g as EmailMessage, h as CronEvent, j as PageMetadataEvent, r as CommentAfterCreateEvent, s as CommentBeforeCreateEvent, tt as StandardPluginDefinition, w as MediaItem$1 } from "./types-Q616b2Hn.mjs";
+import { a as Collection, b as UpdateFieldInput, c as CollectionWithFields, d as CreateFieldInput, p as Field, u as CreateCollectionInput, y as UpdateCollectionInput } from "./types-C0mmVRJN.mjs";
+import { r as AuthProviderDescriptor, t as AuthDescriptor } from "./types-BFmjniC2.mjs";
+import { t as DatabaseDescriptor } from "./adapters-DuLQZhRY.mjs";
+import { d as MediaProviderDescriptor } from "./types-OPs5Q_sX.mjs";
+import { xt as PortableTextBlock$1 } from "./index-EUAWaIxW.mjs";
+import { S as ContentBylineInput } from "./index-CYfhYgXd.mjs";
+import { d as Storage } from "./types-B7kpsMJ3.mjs";
 import { Kysely } from "kysely";
-import { z } from "astro/zod";
-import { z as z$1 } from "zod";
-import { PortableTextBlock } from "@dineway-ai/gutenberg-to-portable-text";
-import { Readable } from "node:stream";
+import { z } from "zod";
 import { MiddlewareHandler } from "astro";
 import { LiveLoader } from "astro/loaders";
 
+//#region src/api/types.d.ts
+/**
+ * List response with cursor pagination
+ */
+interface ListResponse<T> {
+  items: T[];
+  nextCursor?: string;
+}
+/**
+ * Content API responses
+ */
+interface ContentListResponse extends ListResponse<ContentItem> {}
+interface ContentResponse {
+  item: ContentItem;
+  /** Opaque revision token for optimistic concurrency */
+  _rev?: string;
+}
+/**
+ * Manifest API response
+ */
+interface ManifestResponse {
+  version: string;
+  commit?: string;
+  hash: string;
+  features?: {
+    siteContextWorkflows: boolean;
+  };
+  collections: Record<string, {
+    label: string;
+    labelSingular: string;
+    supports: string[];
+    fields: Record<string, FieldDescriptor>;
+  }>;
+  plugins: Record<string, {
+    adminPages?: Array<{
+      path: string;
+      component: string;
+    }>;
+    widgets?: string[];
+  }>;
+}
+interface FieldDescriptor {
+  kind: string;
+  label?: string;
+  required?: boolean;
+  options?: Array<{
+    value: string;
+    label: string;
+  }> | Record<string, unknown>;
+}
+/**
+ * Discriminated union for handler results.
+ *
+ * Handlers return `ApiResult<T>` -- either `{ success: true, data: T }` or
+ * `{ success: false, error: { code, message } }`. The `success` literal
+ * enables TypeScript narrowing on `.data`.
+ *
+ * The generic `E` parameter defaults to `ErrorCode` but can be narrowed to
+ * `OAuthErrorCode` for OAuth token-endpoint handlers.
+ *
+ * Use `unwrapResult()` from `error.ts` to convert to an HTTP Response.
+ */
+type ApiResult<T, E extends string = string> = {
+  success: true;
+  data: T;
+} | {
+  success: false;
+  error: {
+    code: E;
+    message: string;
+    details?: Record<string, unknown>;
+  };
+};
+/**
+ * API request context
+ */
+interface ApiContext {
+  userId?: string;
+  userRole?: string;
+}
+//#endregion
+//#region src/api/error.d.ts
+/**
+ * Create a standardized error response.
+ *
+ * Always returns `{ error: { code, message, details? } }` with correct Content-Type.
+ * Use this for all error responses in API routes.
+ */
+declare function apiError(code: string, message: string, status: number, details?: Record<string, unknown>): Response;
+/**
+ * Create a standardized success response.
+ *
+ * Always returns `{ data: T }` with correct status code.
+ * Use this for all success responses in API routes.
+ */
+declare function apiSuccess<T>(data: T, status?: number): Response;
+/**
+ * Handle an unknown error in a catch block.
+ *
+ * - Logs the full error server-side
+ * - Returns a generic message to the client (never leaks error.message)
+ * - Use `fallbackMessage` for the public-facing message
+ * - Use `fallbackCode` for the error code
+ */
+declare function handleError(error: unknown, fallbackMessage: string, fallbackCode: string): Response;
+//#endregion
+//#region src/api/parse.d.ts
+/**
+ * Result of parsing: either the validated data or an error Response.
+ * Routes should check `if (result instanceof Response) return result;`
+ */
+type ParseResult<T> = T | Response;
+/**
+ * Parse and validate a JSON request body against a Zod schema.
+ *
+ * Returns the validated data on success, or a 400 Response on failure.
+ * Replaces all `(await request.json()) as T` casts.
+ */
+declare function parseBody<T extends z.ZodType>(request: Request, schema: T): Promise<ParseResult<z.infer<T>>>;
+/**
+ * Parse and validate URL search params against a Zod schema.
+ *
+ * Converts searchParams to a plain object before validation.
+ * Zod coercion handles string -> number/boolean conversion.
+ * Replaces manual `url.searchParams.get()` + `parseInt()` patterns.
+ */
+declare function parseQuery<T extends z.ZodType>(url: URL, schema: T): ParseResult<z.infer<T>>;
+/**
+ * Type guard to check if a ParseResult is an error Response.
+ * Usage: `if (isParseError(result)) return result;`
+ */
+declare function isParseError<T>(result: ParseResult<T>): result is Response;
+//#endregion
+//#region src/database/repositories/options.d.ts
+/**
+ * Options repository for key-value settings storage
+ *
+ * Used for site settings, plugin configuration, and other arbitrary key-value data.
+ * Values are stored as JSON for flexibility.
+ */
+declare class OptionsRepository {
+  private db;
+  constructor(db: Kysely<Database>);
+  /**
+   * Get an option value
+   */
+  get<T = unknown>(name: string): Promise<T | null>;
+  /**
+   * Get an option value with a default
+   */
+  getOrDefault<T>(name: string, defaultValue: T): Promise<T>;
+  /**
+   * Set an option value (creates or updates)
+   */
+  set<T = unknown>(name: string, value: T): Promise<void>;
+  /**
+   * Set an option value only if no row with that name exists.
+   *
+   * Returns true when the row was inserted, false when a row already existed,
+   * regardless of its value.
+   */
+  setIfAbsent<T = unknown>(name: string, value: T): Promise<boolean>;
+  /**
+   * Delete an option
+   */
+  delete(name: string): Promise<boolean>;
+  /**
+   * Check if an option exists
+   */
+  exists(name: string): Promise<boolean>;
+  /**
+   * Get multiple options at once
+   */
+  getMany<T = unknown>(names: string[]): Promise<Map<string, T>>;
+  /**
+   * Set multiple options at once
+   */
+  setMany<T = unknown>(options: Record<string, T>): Promise<void>;
+  /**
+   * Get all options (use sparingly)
+   */
+  getAll(): Promise<Map<string, unknown>>;
+  /**
+   * Get all options matching a prefix
+   */
+  getByPrefix<T = unknown>(prefix: string): Promise<Map<string, T>>;
+  /**
+   * Delete all options matching a prefix
+   */
+  deleteByPrefix(prefix: string): Promise<number>;
+}
+//#endregion
 //#region src/database/connection.d.ts
 interface DatabaseConfig {
   url: string;
@@ -158,8 +350,11 @@ declare class ContentRepository {
    * Syncs the draft revision's data into the content table columns so the
    * content table always reflects the published version.
    * If no draft revision exists, creates one from current data and publishes it.
+   *
+   * `publishedAt` overrides the publication timestamp. If omitted, an existing
+   * `published_at` is preserved and first publish falls back to the current time.
    */
-  publish(type: string, id: string): Promise<ContentItem>;
+  publish(type: string, id: string, publishedAt?: string): Promise<ContentItem>;
   /**
    * Stage an existing revision as the draft for a content item.
    *
@@ -336,300 +531,118 @@ interface Revision {
   createdAt: string;
 }
 //#endregion
-//#region src/database/repositories/comment.d.ts
-/** Public-facing comment shape — no private fields */
-interface PublicComment {
+//#region src/api/handlers/content.d.ts
+/**
+ * Trashed content item with deletion timestamp
+ */
+interface TrashedContentItem {
   id: string;
-  parentId: string | null;
-  authorName: string;
-  isRegisteredUser: boolean;
-  body: string;
+  type: string;
+  slug: string | null;
+  status: string;
+  data: Record<string, unknown>;
+  authorId: string | null;
   createdAt: string;
-  replies?: PublicComment[];
-}
-//#endregion
-//#region src/database/repositories/byline.d.ts
-interface ContentBylineInput {
-  bylineId: string;
-  roleLabel?: string | null;
+  updatedAt: string;
+  publishedAt: string | null;
+  deletedAt: string;
 }
-//#endregion
-//#region src/fields/types.d.ts
 /**
- * SQLite column types that map from field types
+ * Create content list handler
  */
-type ColumnType = "TEXT" | "REAL" | "INTEGER" | "JSON";
+declare function handleContentList(db: Kysely<Database>, collection: string, params: {
+  cursor?: string;
+  limit?: number;
+  status?: string;
+  orderBy?: string;
+  order?: "asc" | "desc";
+  locale?: string;
+}): Promise<ApiResult<ContentListResponse>>;
 /**
- * Base field definition
- *
- * Note: schema uses z.ZodTypeAny to accommodate optional/default wrappers
+ * Get single content item
  */
-interface FieldDefinition<_T = unknown> {
-  type: string;
-  /**
-   * The SQLite column type to use when storing this field
-   */
-  columnType: ColumnType;
-  schema: z.ZodTypeAny;
-  options?: unknown;
-  ui?: FieldUIHints;
-}
+declare function handleContentGet(db: Kysely<Database>, collection: string, id: string, locale?: string): Promise<ApiResult<ContentResponse>>;
 /**
- * UI hints for admin rendering
+ * Get a content item by id, including trashed items.
+ * Used by restore endpoint for ownership checks on soft-deleted items.
  */
-interface FieldUIHints {
-  widget?: string;
-  placeholder?: string;
-  helpText?: string;
-  rows?: number;
-  min?: number | string;
-  max?: number | string;
-  [key: string]: unknown;
-}
+declare function handleContentGetIncludingTrashed(db: Kysely<Database>, collection: string, id: string, locale?: string): Promise<ApiResult<ContentResponse>>;
 /**
- * Portable Text block structure
+ * Create content item.
+ *
+ * Content + SEO writes are wrapped in a transaction so either both succeed
+ * or neither does. If `body.seo` is provided for a non-SEO collection, the
+ * API returns a validation error rather than silently dropping it.
  */
-interface PortableTextBlock$2 {
-  _type: string;
-  _key: string;
-  [key: string]: unknown;
-}
+declare function handleContentCreate(db: Kysely<Database>, collection: string, body: {
+  data: Record<string, unknown>;
+  slug?: string;
+  status?: string;
+  authorId?: string;
+  bylines?: ContentBylineInput[];
+  locale?: string;
+  translationOf?: string;
+  seo?: ContentSeoInput;
+  createdAt?: string | null;
+  publishedAt?: string | null;
+}): Promise<ApiResult<ContentResponse>>;
 /**
- * @deprecated Use MediaValue instead. ImageValue is an alias for backwards compatibility.
+ * Update content item.
+ * If `_rev` is provided, validates it against the current version before writing.
+ * No `_rev` = blind write (backwards-compatible for admin UI).
+ *
+ * Content + SEO writes are wrapped in a transaction for atomicity.
  */
-type ImageValue = MediaValue;
+declare function handleContentUpdate(db: Kysely<Database>, collection: string, id: string, body: {
+  data?: Record<string, unknown>;
+  slug?: string;
+  status?: string;
+  authorId?: string | null;
+  bylines?: ContentBylineInput[];
+  _rev?: string;
+  seo?: ContentSeoInput;
+  publishedAt?: string | null;
+}): Promise<ApiResult<ContentResponse>>;
 /**
- * File field value
+ * Duplicate content item.
+ *
+ * Only copies SEO data if the collection has SEO enabled.
+ * Always returns consistent `seo` shape for SEO-enabled collections.
  */
-interface FileValue {
-  id: string;
-  url: string;
-  filename: string;
-  mimeType: string;
-  size: number;
-}
-//#endregion
-//#region src/fields/image.d.ts
+declare function handleContentDuplicate(db: Kysely<Database>, collection: string, id: string, authorId?: string): Promise<ApiResult<{
+  item: ContentItem;
+}>>;
 /**
- * Image field
- * References media items from the media library
+ * Delete content item (soft delete - moves to trash)
  */
-declare function image(options?: {
-  required?: boolean;
-  maxSize?: number;
-  allowedTypes?: string[];
-}): FieldDefinition<ImageValue | undefined>;
-//#endregion
-//#region src/fields/reference.d.ts
+declare function handleContentDelete(db: Kysely<Database>, collection: string, id: string): Promise<ApiResult<{
+  deleted: true;
+}>>;
 /**
- * Reference field
- * References another content item by ID
+ * Restore content item from trash
  */
-declare function reference(collection: string, options?: {
-  required?: boolean;
-}): FieldDefinition<string | undefined>;
-//#endregion
-//#region src/fields/portable-text.d.ts
+declare function handleContentRestore(db: Kysely<Database>, collection: string, id: string): Promise<ApiResult<{
+  restored: true;
+}>>;
 /**
- * Portable Text field
- * Stores structured content in Portable Text format
+ * Permanently delete content item (cannot be undone).
+ * Also cleans up associated SEO data.
  */
-declare function portableText(options?: {
-  required?: boolean;
-}): FieldDefinition<PortableTextBlock$2[] | undefined>;
-//#endregion
-//#region src/api/types.d.ts
+declare function handleContentPermanentDelete(db: Kysely<Database>, collection: string, id: string): Promise<ApiResult<{
+  deleted: true;
+}>>;
 /**
- * List response with cursor pagination
+ * List trashed content items
  */
-interface ListResponse<T> {
-  items: T[];
+declare function handleContentListTrashed(db: Kysely<Database>, collection: string, options?: {
+  limit?: number;
+  cursor?: string;
+}): Promise<ApiResult<{
+  items: TrashedContentItem[];
   nextCursor?: string;
-}
+}>>;
 /**
- * Content API responses
- */
-interface ContentListResponse extends ListResponse<ContentItem> {}
-interface ContentResponse {
-  item: ContentItem;
-  /** Opaque revision token for optimistic concurrency */
-  _rev?: string;
-}
-/**
- * Manifest API response
- */
-interface ManifestResponse {
-  version: string;
-  commit?: string;
-  hash: string;
-  features?: {
-    siteContextWorkflows: boolean;
-  };
-  collections: Record<string, {
-    label: string;
-    labelSingular: string;
-    supports: string[];
-    fields: Record<string, FieldDescriptor>;
-  }>;
-  plugins: Record<string, {
-    adminPages?: Array<{
-      path: string;
-      component: string;
-    }>;
-    widgets?: string[];
-  }>;
-}
-interface FieldDescriptor {
-  kind: string;
-  label?: string;
-  required?: boolean;
-  options?: Array<{
-    value: string;
-    label: string;
-  }>;
-}
-/**
- * Discriminated union for handler results.
- *
- * Handlers return `ApiResult<T>` -- either `{ success: true, data: T }` or
- * `{ success: false, error: { code, message } }`. The `success` literal
- * enables TypeScript narrowing on `.data`.
- *
- * The generic `E` parameter defaults to `ErrorCode` but can be narrowed to
- * `OAuthErrorCode` for OAuth token-endpoint handlers.
- *
- * Use `unwrapResult()` from `error.ts` to convert to an HTTP Response.
- */
-type ApiResult<T, E extends string = string> = {
-  success: true;
-  data: T;
-} | {
-  success: false;
-  error: {
-    code: E;
-    message: string;
-    details?: Record<string, unknown>;
-  };
-};
-/**
- * API request context
- */
-interface ApiContext {
-  userId?: string;
-  userRole?: string;
-}
-//#endregion
-//#region src/api/handlers/content.d.ts
-/**
- * Trashed content item with deletion timestamp
- */
-interface TrashedContentItem {
-  id: string;
-  type: string;
-  slug: string | null;
-  status: string;
-  data: Record<string, unknown>;
-  authorId: string | null;
-  createdAt: string;
-  updatedAt: string;
-  publishedAt: string | null;
-  deletedAt: string;
-}
-/**
- * Create content list handler
- */
-declare function handleContentList(db: Kysely<Database>, collection: string, params: {
-  cursor?: string;
-  limit?: number;
-  status?: string;
-  orderBy?: string;
-  order?: "asc" | "desc";
-  locale?: string;
-}): Promise<ApiResult<ContentListResponse>>;
-/**
- * Get single content item
- */
-declare function handleContentGet(db: Kysely<Database>, collection: string, id: string, locale?: string): Promise<ApiResult<ContentResponse>>;
-/**
- * Get a content item by id, including trashed items.
- * Used by restore endpoint for ownership checks on soft-deleted items.
- */
-declare function handleContentGetIncludingTrashed(db: Kysely<Database>, collection: string, id: string, locale?: string): Promise<ApiResult<ContentResponse>>;
-/**
- * Create content item.
- *
- * Content + SEO writes are wrapped in a transaction so either both succeed
- * or neither does. If `body.seo` is provided for a non-SEO collection, the
- * API returns a validation error rather than silently dropping it.
- */
-declare function handleContentCreate(db: Kysely<Database>, collection: string, body: {
-  data: Record<string, unknown>;
-  slug?: string;
-  status?: string;
-  authorId?: string;
-  bylines?: ContentBylineInput[];
-  locale?: string;
-  translationOf?: string;
-  seo?: ContentSeoInput;
-  createdAt?: string | null;
-  publishedAt?: string | null;
-}): Promise<ApiResult<ContentResponse>>;
-/**
- * Update content item.
- * If `_rev` is provided, validates it against the current version before writing.
- * No `_rev` = blind write (backwards-compatible for admin UI).
- *
- * Content + SEO writes are wrapped in a transaction for atomicity.
- */
-declare function handleContentUpdate(db: Kysely<Database>, collection: string, id: string, body: {
-  data?: Record<string, unknown>;
-  slug?: string;
-  status?: string;
-  authorId?: string | null;
-  bylines?: ContentBylineInput[];
-  _rev?: string;
-  seo?: ContentSeoInput;
-}): Promise<ApiResult<ContentResponse>>;
-/**
- * Duplicate content item.
- *
- * Only copies SEO data if the collection has SEO enabled.
- * Always returns consistent `seo` shape for SEO-enabled collections.
- */
-declare function handleContentDuplicate(db: Kysely<Database>, collection: string, id: string, authorId?: string): Promise<ApiResult<{
-  item: ContentItem;
-}>>;
-/**
- * Delete content item (soft delete - moves to trash)
- */
-declare function handleContentDelete(db: Kysely<Database>, collection: string, id: string): Promise<ApiResult<{
-  deleted: true;
-}>>;
-/**
- * Restore content item from trash
- */
-declare function handleContentRestore(db: Kysely<Database>, collection: string, id: string): Promise<ApiResult<{
-  restored: true;
-}>>;
-/**
- * Permanently delete content item (cannot be undone).
- * Also cleans up associated SEO data.
- */
-declare function handleContentPermanentDelete(db: Kysely<Database>, collection: string, id: string): Promise<ApiResult<{
-  deleted: true;
-}>>;
-/**
- * List trashed content items
- */
-declare function handleContentListTrashed(db: Kysely<Database>, collection: string, options?: {
-  limit?: number;
-  cursor?: string;
-}): Promise<ApiResult<{
-  items: TrashedContentItem[];
-  nextCursor?: string;
-}>>;
-/**
- * Count trashed content items
+ * Count trashed content items
  */
 declare function handleContentCountTrashed(db: Kysely<Database>, collection: string): Promise<ApiResult<{
   count: number;
@@ -649,7 +662,9 @@ declare function handleContentUnschedule(db: Kysely<Database>, collection: strin
  * (syncDataColumns, slug sync, status/revision update) that must
  * be atomic to prevent FTS shadow table corruption on crash.
  */
-declare function handleContentPublish(db: Kysely<Database>, collection: string, id: string): Promise<ApiResult<ContentResponse>>;
+declare function handleContentPublish(db: Kysely<Database>, collection: string, id: string, options?: {
+  publishedAt?: string;
+}): Promise<ApiResult<ContentResponse>>;
 /**
  * Unpublish content (revert to draft).
  *
@@ -813,6 +828,10 @@ declare class SchemaRegistry {
    * List all collections
    */
   listCollections(): Promise<Collection[]>;
+  /**
+   * List all collections with their fields using bounded query shapes.
+   */
+  listCollectionsWithFields(): Promise<CollectionWithFields[]>;
   /**
    * Get a collection by slug
    */
@@ -952,22 +971,6 @@ declare class SchemaRegistry {
   private slugToLabel;
 }
 //#endregion
-//#region src/schema/query.d.ts
-/**
- * Get collection metadata by slug.
- *
- * @example
- * ```ts
- * import { getCollectionInfo } from "dineway";
- *
- * const info = await getCollectionInfo("posts");
- * if (info?.commentsEnabled) {
- *   // render comment UI
- * }
- * ```
- */
-declare function getCollectionInfo(slug: string): Promise<Collection | null>;
-//#endregion
 //#region src/sections/types.d.ts
 /**
  * Section source types
@@ -982,7 +985,7 @@ interface Section {
   title: string;
   description?: string;
   keywords: string[];
-  content: PortableTextBlock$2[];
+  content: PortableTextBlock$1[];
   previewUrl?: string;
   source: SectionSource;
   themeId?: string;
@@ -997,7 +1000,7 @@ interface CreateSectionInput {
   title: string;
   description?: string;
   keywords?: string[];
-  content: PortableTextBlock$2[];
+  content: PortableTextBlock$1[];
   previewMediaId?: string;
   source?: SectionSource;
   themeId?: string;
@@ -1010,7 +1013,7 @@ interface UpdateSectionInput {
   title?: string;
   description?: string;
   keywords?: string[];
-  content?: PortableTextBlock$2[];
+  content?: PortableTextBlock$1[];
   previewMediaId?: string | null;
 }
 /**
@@ -1292,7 +1295,7 @@ interface PortableTextUnknownBlock {
 /**
  * Any Portable Text block
  */
-type PortableTextBlock$1 = PortableTextTextBlock | PortableTextImageBlock | PortableTextCodeBlock | PortableTextUnknownBlock;
+type PortableTextBlock = PortableTextTextBlock | PortableTextImageBlock | PortableTextCodeBlock | PortableTextUnknownBlock;
 /**
  * ProseMirror JSON types (simplified for TipTap)
  */
@@ -1316,13 +1319,13 @@ interface ProseMirrorDocument {
 /**
  * Convert ProseMirror document to Portable Text
  */
-declare function prosemirrorToPortableText(doc: ProseMirrorDocument): PortableTextBlock$1[];
+declare function prosemirrorToPortableText(doc: ProseMirrorDocument): PortableTextBlock[];
 //#endregion
 //#region src/content/converters/portable-text-to-prosemirror.d.ts
 /**
  * Convert Portable Text to ProseMirror document
  */
-declare function portableTextToProsemirror(blocks: PortableTextBlock$1[]): ProseMirrorDocument;
+declare function portableTextToProsemirror(blocks: PortableTextBlock[]): ProseMirrorDocument;
 //#endregion
 //#region src/utils/hash.d.ts
 /**
@@ -1341,392 +1344,54 @@ declare function hashString(content: string): Promise<string>;
  */
 declare function computeContentHash(content: Uint8Array | ArrayBuffer): Promise<string>;
 //#endregion
-//#region src/utils/slugify.d.ts
-/**
- * Decode a URI-encoded slug route parameter before database lookup.
- */
-declare function decodeSlug(raw: string | undefined): string | undefined;
-//#endregion
-//#region src/utils/url.d.ts
-/**
- * URL scheme validation utilities
- *
- * Prevents XSS via dangerous URL schemes (javascript:, data:, vbscript:, etc.)
- * by allowlisting known-safe schemes before rendering into href attributes.
- */
+//#region src/after.d.ts
 /**
- * Returns the URL unchanged if it uses a safe scheme, otherwise returns "#".
- *
- * Use this at the render layer as the primary defense against XSS via
- * dangerous URL schemes like `javascript:`, `data:`, or `vbscript:`.
+ * Defer work past the current synchronous path.
  *
- * @example
- * ```ts
- * sanitizeHref("https://example.com")        // "https://example.com"
- * sanitizeHref("/about")                      // "/about"
- * sanitizeHref("#section")                    // "#section"
- * sanitizeHref("mailto:a@b.com")              // "mailto:a@b.com"
- * sanitizeHref("javascript:alert(1)")         // "#"
- * sanitizeHref("data:text/html,<script>")     // "#"
- * sanitizeHref("")                            // "#"
- * ```
- */
-declare function sanitizeHref(url: string | undefined | null): string;
-/**
- * Returns true if the URL uses a safe scheme for rendering in href attributes.
+ * Use this for best-effort bookkeeping that should not block runtime
+ * initialization or response handling. Node keeps the process alive for
+ * pending work; callers that need stronger durability should await their own
+ * operation instead of using this helper.
  */
-declare function isSafeHref(url: string): boolean;
+type AfterCallback = () => void | Promise<void>;
+declare function after(fn: AfterCallback): void;
 //#endregion
-//#region src/visual-editing/editable.d.ts
+//#region src/i18n/config.d.ts
 /**
- * Visual editing annotation system
+ * Dineway i18n Configuration
  *
- * Creates Proxy objects that emit data-dineway-ref attributes when spread onto elements.
+ * Reads locale configuration from the virtual module (sourced from Astro config).
+ * Initialized during runtime startup, then available via getI18nConfig().
  */
-interface CMSAnnotation {
-  collection: string;
-  id: string;
-  field?: string;
-  /** Entry status — only present on entry-level annotations (not field-level) */
-  status?: string;
-  /** Whether the entry has unpublished draft changes */
-  hasDraft?: boolean;
-}
-/** The shape returned when spreading an edit annotation onto an element */
-interface FieldAnnotation {
-  "data-dineway-ref": string;
-}
-interface EditableOptions {
-  /** Entry status: "draft", "published", "scheduled" */
-  status?: string;
-  /** true when draftRevisionId exists and differs from liveRevisionId */
-  hasDraft?: boolean;
+interface I18nConfig {
+  defaultLocale: string;
+  locales: string[];
+  fallback?: Record<string, string>;
+  prefixDefaultLocale?: boolean;
 }
 /**
- * Create an editable proxy for an entry.
- *
- * Usage:
- * - `{...entry.edit}` - entry-level annotation (includes status/hasDraft)
- * - `{...entry.edit.title}` - field-level annotation
- * - `{...entry.edit['nested.field']}` - nested field (bracket notation)
+ * Get the current i18n config.
+ * Returns null if i18n is not configured.
  */
-declare function createEditable(collection: string, id: string, options?: EditableOptions): EditProxy;
+declare function getI18nConfig(): I18nConfig | null;
 /**
- * Create a noop proxy for production mode.
- * Spreading this produces no attributes.
+ * Check if i18n is enabled.
+ * Returns true when multiple locales are configured.
  */
-declare function createNoop(): EditProxy;
+declare function isI18nEnabled(): boolean;
 /**
- * Visual editing proxy type.
- *
- * Spread directly onto elements for entry-level annotations: `{...entry.edit}`
- * Access a field for field-level annotations: `{...entry.edit.title}`
- *
- * In production, spreading produces no attributes (noop).
+ * Resolve fallback locale chain for a given locale.
+ * Returns array of locales to try, from most preferred to least.
+ * Always ends with defaultLocale.
  */
-type EditProxy = {
-  readonly [field: string]: Partial<FieldAnnotation>;
-};
+declare function getFallbackChain(locale: string): string[];
 //#endregion
-//#region src/query.d.ts
+//#region src/preview/sidecar-client.d.ts
 /**
- * Collection type registry for type-safe queries.
- *
- * This interface is extended by the generated dineway-env.d.ts file
- * to provide type inference for collection names and their data shapes.
- *
- * @example
- * ```ts
- * // In dineway-env.d.ts (generated):
- * declare module "dineway" {
- *   interface DinewayCollections {
- *     posts: { title: string; content: PortableTextBlock[]; };
- *     pages: { title: string; body: PortableTextBlock[]; };
- *   }
- * }
+ * Preview sidecar protocol helpers.
  *
- * // Then in your code:
- * const { entries } = await getDinewayCollection("posts");
- * // entries[0].data.title is typed as string
- * ```
- */
-interface DinewayCollections {}
-/**
- * Helper type to infer the data type for a collection.
- * Returns the registered type if known, otherwise falls back to Record<string, unknown>.
- */
-type InferCollectionData<T extends string> = T extends keyof DinewayCollections ? DinewayCollections[T] : Record<string, unknown>;
-/**
- * Sort direction
- */
-type SortDirection$1 = "asc" | "desc";
-/**
- * Order by specification - field name to direction
- * @example { created_at: "desc" } - Sort by created_at descending
- * @example { title: "asc" } - Sort by title ascending
- * @example { published_at: "desc", title: "asc" } - Multi-field sort
- */
-type OrderBySpec$1 = Record<string, SortDirection$1>;
-interface CollectionFilter$1 {
-  status?: "draft" | "published" | "archived";
-  limit?: number;
-  /**
-   * Opaque cursor for keyset pagination.
-   * Pass the `nextCursor` value from a previous result to fetch the next page.
-   * @example
-   * ```ts
-   * const cursor = Astro.url.searchParams.get("cursor") ?? undefined;
-   * const { entries, nextCursor } = await getDinewayCollection("posts", {
-   *   limit: 10,
-   *   cursor,
-   * });
-   * ```
-   */
-  cursor?: string;
-  /**
-   * Filter by field values or taxonomy terms
-   * @example { category: 'news' } - Filter by taxonomy term
-   * @example { category: ['news', 'featured'] } - Filter by multiple terms (OR)
-   */
-  where?: Record<string, string | string[]>;
-  /**
-   * Order results by field(s)
-   * @default { created_at: "desc" }
-   * @example { created_at: "desc" } - Sort by created_at descending (default)
-   * @example { title: "asc" } - Sort by title ascending
-   * @example { published_at: "desc", title: "asc" } - Multi-field sort
-   */
-  orderBy?: OrderBySpec$1;
-  /**
-   * Filter by locale. When set, only returns entries in this locale.
-   * Only relevant when i18n is configured.
-   * @example "en" — English entries only
-   * @example "fr" — French entries only
-   */
-  locale?: string;
-}
-interface ContentEntry<T = Record<string, unknown>> {
-  id: string;
-  data: T;
-  /** Visual editing annotations. Spread onto elements: {...entry.edit.title} */
-  edit: EditProxy;
-}
-/** Cache hint returned by the content loader for route caching */
-interface CacheHint {
-  tags?: string[];
-  lastModified?: Date;
-}
-/**
- * Result from getDinewayCollection
- */
-interface CollectionResult<T> {
-  /** The entries (empty array if error or none found) */
-  entries: ContentEntry<T>[];
-  /** Error if the query failed */
-  error?: Error;
-  /** Cache hint for route caching (pass to Astro.cache.set()) */
-  cacheHint: CacheHint;
-  /**
-   * Opaque cursor for the next page.
-   * Undefined when there are no more results.
-   * Pass this as `cursor` in the next query to get the next page.
-   */
-  nextCursor?: string;
-}
-/**
- * Result from getDinewayEntry
- */
-interface EntryResult<T> {
-  /** The entry, or null if not found */
-  entry: ContentEntry<T> | null;
-  /** Error if the query failed (not set for "not found", only for actual errors) */
-  error?: Error;
-  /** Whether we're in preview mode (valid token was provided) */
-  isPreview: boolean;
-  /** Set when a fallback locale was used instead of the requested locale */
-  fallbackLocale?: string;
-  /** Cache hint for route caching (pass to Astro.cache.set()) */
-  cacheHint: CacheHint;
-}
-/** Edit metadata attached to PT arrays in edit mode */
-interface EditFieldMeta {
-  collection: string;
-  id: string;
-  field: string;
-}
-/**
- * Read edit metadata from a value (returns undefined if not tagged).
- * Uses Object.getOwnPropertyDescriptor to access Symbol-keyed property
- * without an unsafe type assertion.
- */
-declare function getEditMeta(value: unknown): EditFieldMeta | undefined;
-/**
- * Get all entries of a content type
- *
- * Returns { entries, error } for graceful error handling.
- *
- * When dineway-env.d.ts is generated, the collection name will be
- * type-checked and the return type will be inferred automatically.
- *
- * @example
- * ```ts
- * import { getDinewayCollection } from "dineway";
- *
- * const { entries: posts, error } = await getDinewayCollection("posts");
- * if (error) {
- *   console.error("Failed to load posts:", error);
- *   return;
- * }
- * // posts[0].data.title is typed (if dineway-env.d.ts exists)
- *
- * // With filters
- * const { entries: drafts } = await getDinewayCollection("posts", { status: "draft" });
- * ```
- */
-declare function getDinewayCollection<T extends string, D = InferCollectionData<T>>(type: T, filter?: CollectionFilter$1): Promise<CollectionResult<D>>;
-/**
- * Get a single entry by type and ID/slug
- *
- * Returns { entry, error, isPreview } for graceful error handling.
- * - entry is null if not found (not an error)
- * - error is set only for actual errors (db issues, etc.)
- *
- * Preview mode is detected automatically from request context (ALS).
- * When the URL has a valid `_preview` token, the middleware sets preview
- * context and this function serves draft revision data if available.
- *
- * @example
- * ```ts
- * import { getDinewayEntry } from "dineway";
- *
- * // Simple usage — preview just works via middleware
- * const { entry: post, isPreview, error } = await getDinewayEntry("posts", "my-slug");
- * if (!post) return Astro.redirect("/404");
- * ```
- */
-declare function getDinewayEntry<T extends string, D = InferCollectionData<T>>(type: T, id: string, options?: {
-  locale?: string;
-}): Promise<EntryResult<D>>;
-/**
- * Translation summary for a single locale variant
- */
-interface TranslationSummary {
-  /** Content item ID */
-  id: string;
-  /** Locale code (e.g. "en", "fr") */
-  locale: string;
-  /** URL slug */
-  slug: string | null;
-  /** Current status */
-  status: string;
-}
-/**
- * Result from getTranslations
- */
-interface TranslationsResult {
-  /** The translation group ID (shared across locales) */
-  translationGroup: string;
-  /** All locale variants in this group */
-  translations: TranslationSummary[];
-  /** Error if the query failed */
-  error?: Error;
-}
-/**
- * Get all translations of a content item.
- *
- * Given a content entry, returns all locale variants that share the same
- * translation group. This is useful for building language switcher UI.
- *
- * @example
- * ```ts
- * import { getDinewayEntry, getTranslations } from "dineway";
- *
- * const { entry: post } = await getDinewayEntry("posts", "hello-world", { locale: "en" });
- * const { translations } = await getTranslations("posts", post.data.id);
- * // translations = [{ id: "...", locale: "en", slug: "hello-world", status: "published" }, ...]
- * ```
- */
-declare function getTranslations(type: string, id: string): Promise<TranslationsResult>;
-/**
- * Result from resolveDinewayPath
- */
-interface ResolvePathResult<T = Record<string, unknown>> {
-  /** The matched entry */
-  entry: ContentEntry<T>;
-  /** The collection slug that matched */
-  collection: string;
-  /** Extracted parameters from the URL pattern (e.g. { slug: "my-post" }) */
-  params: Record<string, string>;
-}
-/**
- * Resolve a URL path to a content entry by matching against collection URL patterns.
- *
- * Loads all collections with a `urlPattern` set, converts each pattern to a regex,
- * and tests the given path. On match, extracts the slug and fetches the entry.
- *
- * @example
- * ```ts
- * import { resolveDinewayPath } from "dineway";
- *
- * // Given pages with urlPattern "/{slug}" and posts with "/blog/{slug}":
- * const result = await resolveDinewayPath("/blog/hello-world");
- * if (result) {
- *   console.log(result.collection); // "posts"
- *   console.log(result.params.slug); // "hello-world"
- *   console.log(result.entry.data); // post data
- * }
- * ```
- */
-declare function resolveDinewayPath<T = Record<string, unknown>>(path: string): Promise<ResolvePathResult<T> | null>;
-//#endregion
-//#region src/after.d.ts
-/**
- * Defer work past the current synchronous path.
- *
- * Use this for best-effort bookkeeping that should not block runtime
- * initialization or response handling. Node keeps the process alive for
- * pending work; callers that need stronger durability should await their own
- * operation instead of using this helper.
- */
-type AfterCallback = () => void | Promise<void>;
-declare function after(fn: AfterCallback): void;
-//#endregion
-//#region src/i18n/config.d.ts
-/**
- * Dineway i18n Configuration
- *
- * Reads locale configuration from the virtual module (sourced from Astro config).
- * Initialized during runtime startup, then available via getI18nConfig().
- */
-interface I18nConfig {
-  defaultLocale: string;
-  locales: string[];
-  fallback?: Record<string, string>;
-  prefixDefaultLocale?: boolean;
-}
-/**
- * Get the current i18n config.
- * Returns null if i18n is not configured.
- */
-declare function getI18nConfig(): I18nConfig | null;
-/**
- * Check if i18n is enabled.
- * Returns true when multiple locales are configured.
- */
-declare function isI18nEnabled(): boolean;
-/**
- * Resolve fallback locale chain for a given locale.
- * Returns array of locales to try, from most preferred to least.
- * Always ends with defaultLocale.
- */
-declare function getFallbackChain(locale: string): string[];
-//#endregion
-//#region src/preview/sidecar-client.d.ts
-/**
- * Preview sidecar protocol helpers.
- *
- * These utilities define the signed URL and snapshot-auth contract shared
- * by preview sidecars and the source site serving snapshot exports.
+ * These utilities define the signed URL and snapshot-auth contract shared
+ * by preview sidecars and the source site serving snapshot exports.
  */
 interface PreviewSidecarSignature {
   source: string;
@@ -1913,143 +1578,6 @@ declare function getDb(): Promise<Kysely<Database>>;
  */
 declare function dinewayLoader(): LiveLoader<EntryData, EntryFilter, CollectionFilter>;
 //#endregion
-//#region src/cli/wxr/parser.d.ts
-/**
- * Parsed WordPress export data
- */
-interface WxrData {
-  /** Site metadata */
-  site: WxrSite;
-  /** Posts (including custom post types) */
-  posts: WxrPost[];
-  /** Media attachments */
-  attachments: WxrAttachment[];
-  /** Categories */
-  categories: WxrCategory[];
-  /** Tags */
-  tags: WxrTag[];
-  /** Authors */
-  authors: WxrAuthor[];
-  /** All taxonomy terms (including custom taxonomies and nav_menu) */
-  terms: WxrTerm[];
-  /** Parsed navigation menus */
-  navMenus: WxrNavMenu[];
-}
-interface WxrSite {
-  title?: string;
-  link?: string;
-  description?: string;
-  language?: string;
-  baseSiteUrl?: string;
-  baseBlogUrl?: string;
-}
-interface WxrPost {
-  id?: number;
-  title?: string;
-  link?: string;
-  pubDate?: string;
-  creator?: string;
-  guid?: string;
-  description?: string;
-  content?: string;
-  excerpt?: string;
-  postDate?: string;
-  postDateGmt?: string;
-  postModified?: string;
-  postModifiedGmt?: string;
-  commentStatus?: string;
-  pingStatus?: string;
-  status?: string;
-  postType?: string;
-  postName?: string;
-  postPassword?: string;
-  isSticky?: boolean;
-  /** Parent post ID for hierarchical content (pages) */
-  postParent?: number;
-  /** Menu order for sorting */
-  menuOrder?: number;
-  categories: string[];
-  tags: string[];
-  /** Custom taxonomy assignments beyond categories/tags */
-  customTaxonomies?: Map<string, string[]>;
-  meta: Map<string, string>;
-}
-interface WxrAttachment {
-  id?: number;
-  title?: string;
-  url?: string;
-  postDate?: string;
-  meta: Map<string, string>;
-}
-interface WxrCategory {
-  id?: number;
-  nicename?: string;
-  name?: string;
-  parent?: string;
-  description?: string;
-}
-interface WxrTag {
-  id?: number;
-  slug?: string;
-  name?: string;
-  description?: string;
-}
-/**
- * Generic taxonomy term (categories, tags, nav_menu, custom taxonomies)
- */
-interface WxrTerm {
-  id: number;
-  taxonomy: string;
-  slug: string;
-  name: string;
-  parent?: string;
-  description?: string;
-}
-/**
- * Navigation menu structure
- */
-interface WxrNavMenu {
-  id: number;
-  name: string;
-  label: string;
-  items: WxrNavMenuItem[];
-}
-/**
- * Navigation menu item
- */
-interface WxrNavMenuItem {
-  id: number;
-  menuId: number;
-  parentId?: number;
-  sortOrder: number;
-  type: "custom" | "post_type" | "taxonomy";
-  objectType?: string;
-  objectId?: number;
-  url?: string;
-  title: string;
-  target?: string;
-  classes?: string;
-}
-interface WxrAuthor {
-  id?: number;
-  login?: string;
-  email?: string;
-  displayName?: string;
-  firstName?: string;
-  lastName?: string;
-}
-/**
- * Parse a WordPress WXR export file
- */
-declare function parseWxr(stream: Readable): Promise<WxrData>;
-/**
- * Parse a WordPress WXR export from a string
- *
- * Uses the non-streaming SAX parser API for compatibility with
- * environments that don't expose Node.js streams.
- */
-declare function parseWxrString(xml: string): Promise<WxrData>;
-//#endregion
 //#region src/plugins/define-plugin.d.ts
 /**
  * Define a Dineway plugin.
@@ -2087,7 +1615,7 @@ declare function parseWxrString(xml: string): Promise<WxrData>;
  * export default definePlugin({
  *   id: "my-plugin",
  *   version: "1.0.0",
- *   capabilities: ["read:content"],
+ *   capabilities: ["content:read"],
  *   hooks: {
  *     "content:beforeSave": async (event, ctx) => {
  *       ctx.log.info("Saving content", { collection: event.collection });
@@ -2107,960 +1635,446 @@ declare function parseWxrString(xml: string): Promise<WxrData>;
 declare function definePlugin<TStorage extends PluginStorageConfig>(definition: PluginDefinition<TStorage>): ResolvedPlugin<TStorage>;
 declare function definePlugin(definition: StandardPluginDefinition): StandardPluginDefinition;
 //#endregion
-//#region src/auth/types.d.ts
-/**
- * Auth Provider Types
- *
- * Defines the interfaces for pluggable authentication providers.
- * External auth adapters implement these interfaces.
- */
-/**
- * Result of authenticating a request via an external auth provider
- */
-interface AuthResult {
-  /** User's email address */
-  email: string;
-  /** User's display name */
-  name: string;
-  /** Resolved role level (e.g., 50 for Admin, 30 for Editor) */
-  role: number;
-  /** Provider-specific subject ID */
-  subject?: string;
-  /** Additional provider-specific data */
-  metadata?: Record<string, unknown>;
-}
-/**
- * Auth descriptor - returned by auth adapter functions (e.g., access())
- *
- * Similar to DatabaseDescriptor and StorageDescriptor, this allows
- * auth providers to be configured at build time and loaded at runtime.
- */
-interface AuthDescriptor {
-  /**
-   * Auth provider type identifier
-   * @example "header-auth", "okta", "auth0"
-   */
-  type: string;
-  /**
-   * Module specifier to import at runtime
-   * The module must export an `authenticate` function.
-   * @example "@acme/dineway-header-auth"
-   */
-  entrypoint: string;
-  /**
-   * Provider-specific configuration (JSON-serializable)
-   */
-  config: unknown;
-}
+//#region src/plugins/manifest-schema.d.ts
 /**
- * Auth provider module interface
+ * Zod schema matching the PluginManifest interface from types.ts.
  *
- * Modules specified by AuthDescriptor.entrypoint must export
- * an `authenticate` function matching this signature.
- */
-interface AuthProviderModule {
-  /**
-   * Authenticate a request using the provider
-   *
-   * @param request - The incoming HTTP request
-   * @param config - Provider-specific configuration from AuthDescriptor
-   * @returns Authentication result if valid, throws if invalid
-   */
-  authenticate(request: Request, config: unknown): Promise<AuthResult>;
-}
-/**
- * Configuration options common to external auth providers
- */
-interface ExternalAuthConfig {
-  /**
-   * Automatically create Dineway users on first login
-   * @default true
-   */
-  autoProvision?: boolean;
-  /**
-   * Role level for users not matching any group in roleMapping
-   * @default 30 (Editor)
-   */
-  defaultRole?: number;
-  /**
-   * Update user's role on each login based on current IdP groups
-   * When false, role is only set on first provisioning
-   * @default false
-   */
-  syncRoles?: boolean;
-  /**
-   * Map IdP group names to Dineway role levels
-   * First match wins if user is in multiple groups
-   *
-   * @example
-   * ```ts
-   * roleMapping: {
-   *   "Admins": 50,        // Admin
-   *   "Developers": 40,    // Developer
-   *   "Content Team": 30,  // Editor
-   * }
-   * ```
-   */
-  roleMapping?: Record<string, number>;
-}
-//#endregion
-//#region src/astro/storage/types.d.ts
-/**
- * Serializable storage configuration descriptor
- */
-interface StorageDescriptor {
-  /** Module path exporting createStorage function */
-  entrypoint: string;
-  /** Serializable config passed to createStorage at runtime */
-  config: unknown;
-}
-/**
- * S3-compatible storage configuration
+ * Every JSON.parse of a manifest.json should validate through this.
  */
-interface S3StorageConfig {
-  /** S3 endpoint URL */
-  endpoint: string;
-  /** Bucket name */
-  bucket: string;
-  /**
-   * Access key ID.
-   * May be resolved from `S3_ACCESS_KEY_ID` at runtime on Node.
-   * Must be provided together with `secretAccessKey`, or both omitted.
-   */
-  accessKeyId?: string;
-  /**
-   * Secret access key.
-   * May be resolved from `S3_SECRET_ACCESS_KEY` at runtime on Node.
-   * Must be provided together with `accessKeyId`, or both omitted.
-   */
-  secretAccessKey?: string;
-  /** Optional region (defaults to "auto") */
-  region?: string;
-  /** Optional public URL prefix for CDN */
-  publicUrl?: string;
-}
-/**
- * Local filesystem storage configuration
- */
-interface LocalStorageConfig {
-  /** Directory path for storing files */
-  directory: string;
-  /** Base URL for serving files */
-  baseUrl: string;
-}
+declare const pluginManifestSchema: z.ZodObject<{
+  id: z.ZodString;
+  version: z.ZodString;
+  capabilities: z.ZodArray<z.ZodEnum<{
+    "network:request": "network:request";
+    "network:request:unrestricted": "network:request:unrestricted";
+    "content:read": "content:read";
+    "content:write": "content:write";
+    "media:read": "media:read";
+    "media:write": "media:write";
+    "users:read": "users:read";
+    "email:send": "email:send";
+    "hooks.email-transport:register": "hooks.email-transport:register";
+    "hooks.email-events:register": "hooks.email-events:register";
+    "hooks.page-fragments:register": "hooks.page-fragments:register";
+  }>>;
+  allowedHosts: z.ZodArray<z.ZodString>;
+  storage: z.ZodRecord<z.ZodString, z.ZodObject<{
+    indexes: z.ZodArray<z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>>;
+    uniqueIndexes: z.ZodOptional<z.ZodArray<z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>>>;
+  }, z.core.$strip>>;
+  hooks: z.ZodArray<z.ZodUnion<readonly [z.ZodEnum<{
+    "plugin:install": "plugin:install";
+    "plugin:activate": "plugin:activate";
+    "plugin:deactivate": "plugin:deactivate";
+    "plugin:uninstall": "plugin:uninstall";
+    "content:beforeSave": "content:beforeSave";
+    "content:afterSave": "content:afterSave";
+    "content:beforeDelete": "content:beforeDelete";
+    "content:afterDelete": "content:afterDelete";
+    "content:afterPublish": "content:afterPublish";
+    "content:afterUnpublish": "content:afterUnpublish";
+    "media:beforeUpload": "media:beforeUpload";
+    "media:afterUpload": "media:afterUpload";
+    cron: "cron";
+    "email:beforeSend": "email:beforeSend";
+    "email:deliver": "email:deliver";
+    "email:afterSend": "email:afterSend";
+    "comment:beforeCreate": "comment:beforeCreate";
+    "comment:moderate": "comment:moderate";
+    "comment:afterCreate": "comment:afterCreate";
+    "comment:afterModerate": "comment:afterModerate";
+    "page:metadata": "page:metadata";
+    "page:fragments": "page:fragments";
+  }>, z.ZodObject<{
+    name: z.ZodEnum<{
+      "plugin:install": "plugin:install";
+      "plugin:activate": "plugin:activate";
+      "plugin:deactivate": "plugin:deactivate";
+      "plugin:uninstall": "plugin:uninstall";
+      "content:beforeSave": "content:beforeSave";
+      "content:afterSave": "content:afterSave";
+      "content:beforeDelete": "content:beforeDelete";
+      "content:afterDelete": "content:afterDelete";
+      "content:afterPublish": "content:afterPublish";
+      "content:afterUnpublish": "content:afterUnpublish";
+      "media:beforeUpload": "media:beforeUpload";
+      "media:afterUpload": "media:afterUpload";
+      cron: "cron";
+      "email:beforeSend": "email:beforeSend";
+      "email:deliver": "email:deliver";
+      "email:afterSend": "email:afterSend";
+      "comment:beforeCreate": "comment:beforeCreate";
+      "comment:moderate": "comment:moderate";
+      "comment:afterCreate": "comment:afterCreate";
+      "comment:afterModerate": "comment:afterModerate";
+      "page:metadata": "page:metadata";
+      "page:fragments": "page:fragments";
+    }>;
+    exclusive: z.ZodOptional<z.ZodBoolean>;
+    priority: z.ZodOptional<z.ZodNumber>;
+    timeout: z.ZodOptional<z.ZodNumber>;
+  }, z.core.$strip>]>>;
+  routes: z.ZodArray<z.ZodUnion<readonly [z.ZodString, z.ZodObject<{
+    name: z.ZodString;
+    public: z.ZodOptional<z.ZodBoolean>;
+  }, z.core.$strip>]>>;
+  admin: z.ZodObject<{
+    entry: z.ZodOptional<z.ZodString>;
+    settingsSchema: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodDiscriminatedUnion<[z.ZodObject<{
+      type: z.ZodLiteral<"string">;
+      default: z.ZodOptional<z.ZodString>;
+      multiline: z.ZodOptional<z.ZodBoolean>;
+      label: z.ZodString;
+      description: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>, z.ZodObject<{
+      type: z.ZodLiteral<"number">;
+      default: z.ZodOptional<z.ZodNumber>;
+      min: z.ZodOptional<z.ZodNumber>;
+      max: z.ZodOptional<z.ZodNumber>;
+      label: z.ZodString;
+      description: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>, z.ZodObject<{
+      type: z.ZodLiteral<"boolean">;
+      default: z.ZodOptional<z.ZodBoolean>;
+      label: z.ZodString;
+      description: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>, z.ZodObject<{
+      type: z.ZodLiteral<"select">;
+      options: z.ZodArray<z.ZodObject<{
+        value: z.ZodString;
+        label: z.ZodString;
+      }, z.core.$strip>>;
+      default: z.ZodOptional<z.ZodString>;
+      label: z.ZodString;
+      description: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>, z.ZodObject<{
+      type: z.ZodLiteral<"secret">;
+      label: z.ZodString;
+      description: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>, z.ZodObject<{
+      type: z.ZodLiteral<"url">;
+      default: z.ZodOptional<z.ZodString>;
+      placeholder: z.ZodOptional<z.ZodString>;
+      label: z.ZodString;
+      description: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>, z.ZodObject<{
+      type: z.ZodLiteral<"email">;
+      default: z.ZodOptional<z.ZodString>;
+      placeholder: z.ZodOptional<z.ZodString>;
+      label: z.ZodString;
+      description: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>], "type">>>;
+    pages: z.ZodOptional<z.ZodArray<z.ZodObject<{
+      path: z.ZodString;
+      label: z.ZodString;
+      icon: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>>>;
+    widgets: z.ZodOptional<z.ZodArray<z.ZodObject<{
+      id: z.ZodString;
+      size: z.ZodOptional<z.ZodEnum<{
+        full: "full";
+        half: "half";
+        third: "third";
+      }>>;
+      title: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>>>;
+    fieldWidgets: z.ZodOptional<z.ZodArray<z.ZodObject<{
+      name: z.ZodString;
+      label: z.ZodString;
+      fieldTypes: z.ZodArray<z.ZodEnum<{
+        string: "string";
+        number: "number";
+        boolean: "boolean";
+        file: "file";
+        slug: "slug";
+        datetime: "datetime";
+        image: "image";
+        text: "text";
+        integer: "integer";
+        select: "select";
+        multiSelect: "multiSelect";
+        portableText: "portableText";
+        reference: "reference";
+        json: "json";
+        repeater: "repeater";
+      }>>;
+      elements: z.ZodOptional<z.ZodArray<z.ZodObject<{
+        type: z.ZodString;
+        action_id: z.ZodString;
+        label: z.ZodOptional<z.ZodString>;
+      }, z.core.$loose>>>;
+    }, z.core.$strip>>>;
+  }, z.core.$strip>;
+}, z.core.$strip>;
+type ValidatedPluginManifest = z.infer<typeof pluginManifestSchema>;
 //#endregion
-//#region src/astro/integration/runtime.d.ts
-/**
- * Admin page definition (copied from plugins/types to avoid circular deps)
- */
-interface PluginAdminPage {
-  path: string;
-  label: string;
-  icon?: string;
-}
+//#region src/plugins/hooks.d.ts
+type HookNameV2 = "plugin:install" | "plugin:activate" | "plugin:deactivate" | "plugin:uninstall" | "content:beforeSave" | "content:afterSave" | "content:beforeDelete" | "content:afterDelete" | "content:afterPublish" | "content:afterUnpublish" | "media:beforeUpload" | "media:afterUpload" | "cron" | "email:beforeSend" | "email:deliver" | "email:afterSend" | "comment:beforeCreate" | "comment:moderate" | "comment:afterCreate" | "comment:afterModerate" | "page:metadata" | "page:fragments";
 /**
- * Dashboard widget definition (copied from plugins/types to avoid circular deps)
+ * Hook execution result
  */
-interface PluginDashboardWidget {
-  id: string;
-  size?: "full" | "half" | "third";
-  title?: string;
+interface HookResult<T> {
+  success: boolean;
+  value?: T;
+  error?: Error;
+  pluginId: string;
+  duration: number;
 }
 /**
- * Plugin descriptor - returned by plugin factory functions
- *
- * Contains all static metadata needed for manifest and admin UI,
- * plus the entrypoint for runtime instantiation.
- *
- * @example
- * ```ts
- * export function myPlugin(options?: MyPluginOptions): PluginDescriptor {
- *   return {
- *     id: "my-plugin",
- *     version: "1.0.0",
- *     entrypoint: "@my-org/dineway-plugin-foo",
- *     options: options ?? {},
- *     adminEntry: "@my-org/dineway-plugin-foo/admin",
- *     adminPages: [{ path: "/settings", label: "Settings" }],
- *   };
- * }
- * ```
- */
-/**
- * Storage collection declaration for sandboxed plugins
+ * Hook pipeline for executing hooks in order
  */
-interface StorageCollectionDeclaration {
-  indexes?: string[];
-  uniqueIndexes?: string[];
-}
-interface PluginDescriptor<TOptions = Record<string, unknown>> {
-  /** Unique plugin identifier */
-  id: string;
-  /** Plugin version (semver) */
-  version: string;
-  /** Module specifier to import (e.g., "@dineway-ai/plugin-api-test") */
-  entrypoint: string;
+declare class HookPipeline {
+  private hooks;
+  private pluginMap;
+  private contextFactory;
+  /** Stored so setContextFactory can merge incrementally. */
+  private contextFactoryOptions;
+  /** Hook names where at least one handler declared exclusive: true */
+  private exclusiveHookNames;
   /**
-   * Options to pass to createPlugin(). Native format only.
-   * Standard-format plugins configure themselves via KV settings
-   * and Block Kit admin pages -- not constructor options.
+   * Selected provider plugin ID for each exclusive hook.
+   * Set by the PluginManager after resolution.
    */
-  options?: TOptions;
+  private exclusiveSelections;
+  constructor(plugins: ResolvedPlugin[], factoryOptions?: PluginContextFactoryOptions);
   /**
-   * Plugin format. Determines how the entrypoint is loaded:
-   * - `"standard"` -- exports `definePlugin({ hooks, routes })` as default.
-   *   Wrapped with `adaptSandboxEntry` for in-process execution. Can run in both
-   *   `plugins: []` (in-process) and `sandboxed: []` (isolate).
-   * - `"native"` -- exports `createPlugin(options)` returning a `ResolvedPlugin`.
-   *   Can only run in `plugins: []`. Cannot be sandboxed or published to marketplace.
-   *
-   * Defaults to `"native"` when unset.
+   * Set or update the context factory options.
    *
+   * When called on a pipeline that already has a factory, the new options
+   * are merged on top of the existing ones so that callers don't need to
+   * repeat every field (e.g. adding `cronReschedule` without losing
+   * `storage` / `getUploadUrl`).
    */
-  format?: "standard" | "native";
-  /** Admin UI module specifier (e.g., "@dineway-ai/plugin-audit-log/admin") */
-  adminEntry?: string;
-  /** Module specifier for site-side Astro rendering components (must export `blockComponents`) */
-  componentsEntry?: string;
-  /** Admin pages for navigation */
-  adminPages?: PluginAdminPage[];
-  /** Dashboard widgets */
-  adminWidgets?: PluginDashboardWidget[];
+  setContextFactory(options: Partial<PluginContextFactoryOptions>): void;
   /**
-   * Capabilities the plugin requests.
-   * For standard-format plugins, capabilities are enforced in both trusted and
-   * sandboxed modes via the PluginContextFactory.
+   * Get context for a plugin
    */
-  capabilities?: string[];
+  private getContext;
   /**
-   * Allowed hosts for network:fetch capability
-   * Supports wildcards like "*.example.com"
+   * Get typed hooks for a specific hook name.
+   * The internal map stores ResolvedHook<unknown>, but we know each name
+   * maps to a specific handler type via HookHandlerMap.
+   *
+   * Exclusive hooks that have a selected provider are filtered out — they
+   * should only run via invokeExclusiveHook(), not in the regular pipeline.
    */
-  allowedHosts?: string[];
+  private getTypedHooks;
   /**
-   * Storage collections the plugin declares
-   * Sandboxed plugins can only access declared collections.
+   * Register all hooks from plugins.
+   *
+   * Registers each hook name individually to preserve type safety. The
+   * internal map stores ResolvedHook<unknown> since it's keyed by string,
+   * but getTypedHooks() restores the correct handler type on retrieval.
    */
-  storage?: Record<string, StorageCollectionDeclaration>;
-}
-/**
- * Sandboxed plugin descriptor - same format as PluginDescriptor
- *
- * These run in isolated environments provided by the configured sandbox runner.
- * The `entrypoint` is resolved to a file and bundled at build time.
- */
-type SandboxedPluginDescriptor<TOptions = Record<string, unknown>> = PluginDescriptor<TOptions>;
-interface DinewayFontsConfig {
+  private registerPlugins;
   /**
-   * Additional Noto Sans or compatible script families to include in the admin UI.
+   * Maps hook names to the capability required to register them.
    *
-   * Use script names like "arabic", "farsi", "japanese", or "chinese-simplified".
+   * Hooks not listed here have no capability requirement (e.g. lifecycle
+   * hooks, cron). Any plugin declaring a listed hook without the required
+   * capability will have that hook silently skipped at registration time.
    */
-  scripts?: string[];
-}
-interface DinewayConfig {
+  private static readonly HOOK_REQUIRED_CAPABILITY;
   /**
-   * Database configuration
-   *
-   * Use one of the adapter functions:
-   * - `libsql({ url: process.env.DINEWAY_DATABASE_URL || "file:./data.db" })` - Default Node/libSQL path
-   * - `sqlite({ url: "file:./data.db" })` - Local SQLite only
-   * - `postgres({ connectionString: process.env.DATABASE_URL! })` - PostgreSQL deployments
-   *
-   * @example
-   * ```ts
-   * import { libsql } from "dineway/db";
-   *
-   * dineway({
-   *   database: libsql({ url: process.env.DINEWAY_DATABASE_URL || "file:./data.db" }),
-   * })
-   * ```
+   * Register a single plugin's hook by name
    */
-  database?: DatabaseDescriptor;
+  private registerPluginHook;
   /**
-   * Storage configuration (for media)
+   * Register a single hook
    */
-  storage?: StorageDescriptor;
+  private registerHook;
   /**
-   * Trusted plugins to load (run in main isolate)
-   *
-   * @example
-   * ```ts
-   * import { auditLogPlugin } from "@dineway-ai/plugin-audit-log";
-   * import { webhookNotifierPlugin } from "@dineway-ai/plugin-webhook-notifier";
-   *
-   * dineway({
-   *   plugins: [
-   *     auditLogPlugin(),
-   *     webhookNotifierPlugin({ url: "https://example.com/webhook" }),
-   *   ],
-   * })
-   * ```
+   * Sort hooks by priority and dependencies
    */
-  plugins?: PluginDescriptor[];
+  private sortHooks;
   /**
-   * Sandboxed plugins to load (run behind the configured `SandboxRunner`)
-   *
-   * Uses the same format as `plugins`; the configured sandbox runner decides
-   * how isolation is enforced for the current runtime.
-   *
-   * @example
-   * ```ts
-   * import { untrustedPlugin } from "some-third-party-plugin";
-   *
-   * dineway({
-   *   plugins: [trustedPlugin()],     // runs in host
-   *   sandboxed: [untrustedPlugin()], // runs in the default Node sandbox
-   * })
-   * ```
+   * Execute a hook with timeout
    */
-  sandboxed?: SandboxedPluginDescriptor[];
+  private executeWithTimeout;
   /**
-   * Optional module that exports a custom sandbox runner factory.
-   * When omitted, Dineway uses its built-in Node sandbox runner.
-   *
-   * @example
-   * ```ts
-   * import { createNodeSandboxRunner } from "dineway";
-   *
-   * export const createSandboxRunner = createNodeSandboxRunner;
-   * ```
-   *
-   * @example
-   * ```ts
-   * dineway({
-   *   sandboxRunner: "./src/sandbox-runner.ts",
-   * })
-   * ```
+   * Run plugin:install hooks
    */
-  sandboxRunner?: string;
+  runPluginInstall(pluginId: string): Promise<HookResult<void>[]>;
   /**
-   * Authentication configuration
-   *
-   * Use an auth descriptor or an adapter function from a provider package.
-   *
-   * When an external auth provider is configured, passkey auth is disabled.
-   *
-   * @example
-   * ```ts
-   * dineway({
-   *   auth: {
-   *     type: "header-auth",
-   *     entrypoint: "./src/header-auth.ts",
-   *     config: {
-   *       userHeader: "x-forwarded-user-email",
-   *       roleHeader: "x-forwarded-user-role",
-   *     },
-   *   },
-   * })
-   * ```
+   * Run plugin:activate hooks
    */
-  auth?: AuthDescriptor;
+  runPluginActivate(pluginId: string): Promise<HookResult<void>[]>;
   /**
-   * MCP (Model Context Protocol) server endpoint.
-   *
-   * Exposes an MCP Streamable HTTP server at `/_dineway/api/mcp`
-   * that allows AI agents and tools to interact with the CMS using
-   * the standardized MCP protocol.
-   *
-   * Enabled by default. The endpoint requires bearer token auth, so
-   * it has no practical effect unless the user creates an API token
-   * or configures an OAuth client. Set to `false` to disable.
-   *
-   * @default true
-   *
-   * @example
-   * ```ts
-   * dineway({
-   *   mcp: false,
-   * })
-   * ```
+   * Run plugin:deactivate hooks
    */
-  mcp?: boolean;
+  runPluginDeactivate(pluginId: string): Promise<HookResult<void>[]>;
   /**
-   * Plugin marketplace URL
-   *
-   * When set, enables the marketplace features: browse, install, update,
-   * and uninstall plugins from a remote marketplace.
-   *
-   * Must be an HTTPS URL in production, or localhost/127.0.0.1 in dev.
-   * Marketplace plugins run in the built-in Node sandbox runner unless
-   * `sandboxRunner` is set to override it.
-   *
-   * @example
-   * ```ts
-   * dineway({
-   *   marketplace: "https://marketplace.example.com",
-   * })
-   * ```
+   * Run plugin:uninstall hooks
    */
-  marketplace?: string;
+  runPluginUninstall(pluginId: string, deleteData: boolean): Promise<HookResult<void>[]>;
+  private runLifecycleHook;
   /**
-   * Maximum allowed media file upload size in bytes.
-   *
-   * Applies to both direct multipart uploads and signed-URL uploads.
-   * When omitted, Dineway defaults to 52_428_800 (50 MB).
-   *
-   * @example
-   * ```ts
-   * dineway({ maxUploadSize: 100 * 1024 * 1024 }) // 100 MB
-   * ```
+   * Run content:beforeSave hooks
+   * Returns modified content from the pipeline
    */
-  maxUploadSize?: number;
+  runContentBeforeSave(content: Record<string, unknown>, collection: string, isNew: boolean): Promise<{
+    content: Record<string, unknown>;
+    results: HookResult<Record<string, unknown>>[];
+  }>;
   /**
-   * Admin UI branding.
-   *
-   * Use this to customize the logo, name, and favicon shown in the
-   * Dineway admin panel without changing public site identity settings.
-   *
-   * @example
-   * ```ts
-   * dineway({
-   *   admin: {
-   *     logo: "/images/agency-logo.svg",
-   *     siteName: "Agency Console",
-   *     favicon: "/agency-favicon.ico",
-   *   },
-   * })
-   * ```
+   * Run content:afterSave hooks
    */
-  admin?: {
-    /** URL or path to a custom logo image for the admin UI. */logo?: string; /** Custom name displayed in the admin sidebar and browser tab. */
-    siteName?: string; /** URL or path to a custom favicon for the admin panel. */
-    favicon?: string;
-  };
+  runContentAfterSave(content: Record<string, unknown>, collection: string, isNew: boolean): Promise<HookResult<void>[]>;
   /**
-   * Admin UI font configuration.
-   *
-   * By default, Dineway uses the Astro Font API to load Noto Sans at
-   * build time and self-host the generated font files. Set to false to
-   * disable Dineway-managed fonts and use system fonts.
-   *
-   * @example
-   * ```ts
-   * dineway({
-   *   fonts: {
-   *     scripts: ["arabic", "farsi", "japanese"],
-   *   },
-   * })
-   * ```
+   * Run content:beforeDelete hooks
+   * Returns whether deletion is allowed
    */
-  fonts?: false | DinewayFontsConfig;
+  runContentBeforeDelete(id: string, collection: string): Promise<{
+    allowed: boolean;
+    results: HookResult<boolean>[];
+  }>;
   /**
-   * Public browser-facing origin for the site.
-   *
-   * Use when `Astro.url` / `request.url` do not match what users open — common with a
-   * **TLS-terminating reverse proxy**: the app often sees `http://` on the internal hop
-   * while the browser uses `https://`, which breaks WebAuthn, CSRF, OAuth, and redirect URLs.
+   * Run content:afterDelete hooks
+   */
+  runContentAfterDelete(id: string, collection: string, permanent: boolean): Promise<HookResult<void>[]>;
+  /**
+   * Run content:afterPublish hooks (fire-and-forget).
+   */
+  runContentAfterPublish(content: Record<string, unknown>, collection: string): Promise<HookResult<void>[]>;
+  /**
+   * Run content:afterUnpublish hooks (fire-and-forget).
+   */
+  runContentAfterUnpublish(content: Record<string, unknown>, collection: string): Promise<HookResult<void>[]>;
+  /**
+   * Run media:beforeUpload hooks
+   */
+  runMediaBeforeUpload(file: {
+    name: string;
+    type: string;
+    size: number;
+  }): Promise<{
+    file: {
+      name: string;
+      type: string;
+      size: number;
+    };
+    results: HookResult<{
+      name: string;
+      type: string;
+      size: number;
+    }>[];
+  }>;
+  /**
+   * Run media:afterUpload hooks
+   */
+  runMediaAfterUpload(media: {
+    id: string;
+    filename: string;
+    mimeType: string;
+    size: number | null;
+    url: string;
+    createdAt: string;
+  }): Promise<HookResult<void>[]>;
+  /**
+   * Invoke the cron hook for a specific plugin.
    *
-   * Set to the full origin users type in the address bar (no path), e.g.
-   * `https://mysite.example.com`. When not set, falls back to environment variables
-   * `DINEWAY_SITE_URL` > `SITE_URL`, then to the request URL's origin.
+   * Unlike other hooks which broadcast to all plugins, the cron hook is
+   * dispatched only to the target plugin — the one that owns the task.
+   */
+  invokeCronHook(pluginId: string, event: CronEvent): Promise<HookResult<void>>;
+  /**
+   * Run email:beforeSend hooks (middleware pipeline).
    *
-   * Replaces `passkeyPublicOrigin` (which only fixed passkeys).
+   * Each handler receives the message and returns a modified message or
+   * `false` to cancel delivery. The pipeline chains message transformations —
+   * each handler receives the output of the previous one.
    */
-  siteUrl?: string;
+  runEmailBeforeSend(message: EmailMessage, source: string): Promise<{
+    message: EmailMessage | false;
+    results: HookResult<EmailMessage | false>[];
+  }>;
   /**
-   * Reverse-proxy headers that Dineway may trust for client IP resolution.
+   * Run email:afterSend hooks (fire-and-forget).
    *
-   * Defaults to no trusted headers. Set this only when Dineway is deployed
-   * behind a reverse proxy you control and that proxy strips or overwrites
-   * incoming client-supplied copies of these headers.
+   * Errors are logged but don't propagate — they don't affect the caller.
+   */
+  runEmailAfterSend(message: EmailMessage, source: string): Promise<HookResult<void>[]>;
+  /**
+   * Run comment:beforeCreate hooks (middleware pipeline).
    *
-   * When omitted, Dineway falls back to `DINEWAY_TRUSTED_PROXY_HEADERS`.
+   * Each handler receives the event and returns a modified event or
+   * `false` to reject the comment. The pipeline chains transformations —
+   * each handler receives the output of the previous one.
+   */
+  runCommentBeforeCreate(event: CommentBeforeCreateEvent): Promise<CommentBeforeCreateEvent | false>;
+  /**
+   * Run comment:afterCreate hooks (fire-and-forget).
    *
-   * @example
-   * ```ts
-   * dineway({
-   *   trustedProxyHeaders: ["x-real-ip", "x-forwarded-for"],
-   * })
-   * ```
+   * Errors are logged but don't propagate — they don't affect the caller.
    */
-  trustedProxyHeaders?: string[];
+  runCommentAfterCreate(event: CommentAfterCreateEvent): Promise<void>;
   /**
-   * Enable playground mode for ephemeral "try Dineway" sites.
+   * Run comment:afterModerate hooks (fire-and-forget).
    *
-   * When set, the integration injects a playground middleware (order: "pre")
-   * that runs BEFORE the normal Dineway middleware chain. It creates an
-   * isolated session database per visitor, runs migrations, applies the
-   * seed, creates an anonymous admin user, and stashes the request-scoped
-   * database on locals so the runtime and request-context middleware can
-   * pick it up.
-   *
-   * Setup and auth middleware are skipped because the playground middleware
-   * handles bootstrap and user injection.
-   *
-   * For the first portable release, playground sidecars are explicitly
-   * single-instance only.
-   *
-   * @example
-   * ```ts
-   * import { fileURLToPath } from "node:url";
-   * import { libsql } from "dineway/db";
-   *
-   * dineway({
-   *   database: libsql({ url: process.env.DINEWAY_DATABASE_URL || "file:./playground.db" }),
-   *   playground: {
-   *     middlewareEntrypoint: fileURLToPath(
-   *       new URL("./src/playground-middleware.ts", import.meta.url)
-   *     ),
-   *   },
-   * })
-   * ```
+   * Errors are logged but don't propagate — they don't affect the caller.
    */
-  playground?: {
-    /** Module path for the playground middleware. */middlewareEntrypoint: string;
-  };
+  runCommentAfterModerate(event: CommentAfterModerateEvent): Promise<void>;
   /**
-   * Media providers for browsing and uploading media
-   *
-   * The local media provider (using storage adapter) is available by default.
-   * Additional providers can be added for external services like Unsplash,
-   * Cloudinary, Mux, and other provider packages.
-   *
-   * @example
-   * ```ts
-   * import { unsplash } from "@dineway-ai/provider-unsplash";
-   *
-   * dineway({
-   *   mediaProviders: [
-   *     unsplash({ accessKey: "..." }),
-   *   ],
-   * })
-   * ```
+   * Run page:metadata hooks. Each handler returns contributions that are
+   * merged by the metadata collector. Errors are logged but don't propagate.
    */
-  mediaProviders?: MediaProviderDescriptor[];
-}
-/**
- * Get stored config from global
- * This is set by the virtual module at build time
- */
-declare function getStoredConfig(): DinewayConfig | null;
-declare global {
-  var __dinewayConfig: DinewayConfig | undefined;
-}
-//#endregion
-//#region src/plugins/manifest-schema.d.ts
-/**
- * Zod schema matching the PluginManifest interface from types.ts.
- *
- * Every JSON.parse of a manifest.json should validate through this.
- */
-declare const pluginManifestSchema: z$1.ZodObject<{
-  id: z$1.ZodString;
-  version: z$1.ZodString;
-  capabilities: z$1.ZodArray<z$1.ZodEnum<{
-    "network:fetch": "network:fetch";
-    "network:fetch:any": "network:fetch:any";
-    "read:content": "read:content";
-    "write:content": "write:content";
-    "read:media": "read:media";
-    "write:media": "write:media";
-    "read:users": "read:users";
-    "email:send": "email:send";
-    "email:provide": "email:provide";
-    "email:intercept": "email:intercept";
-    "page:inject": "page:inject";
+  runPageMetadata(event: PageMetadataEvent): Promise<Array<{
+    pluginId: string;
+    contributions: PageMetadataContribution[];
   }>>;
-  allowedHosts: z$1.ZodArray<z$1.ZodString>;
-  storage: z$1.ZodRecord<z$1.ZodString, z$1.ZodObject<{
-    indexes: z$1.ZodArray<z$1.ZodUnion<readonly [z$1.ZodString, z$1.ZodArray<z$1.ZodString>]>>;
-    uniqueIndexes: z$1.ZodOptional<z$1.ZodArray<z$1.ZodUnion<readonly [z$1.ZodString, z$1.ZodArray<z$1.ZodString>]>>>;
-  }, z$1.core.$strip>>;
-  hooks: z$1.ZodArray<z$1.ZodUnion<readonly [z$1.ZodEnum<{
-    "plugin:install": "plugin:install";
-    "plugin:activate": "plugin:activate";
-    "plugin:deactivate": "plugin:deactivate";
-    "plugin:uninstall": "plugin:uninstall";
-    "content:beforeSave": "content:beforeSave";
-    "content:afterSave": "content:afterSave";
-    "content:beforeDelete": "content:beforeDelete";
-    "content:afterDelete": "content:afterDelete";
-    "content:afterPublish": "content:afterPublish";
-    "content:afterUnpublish": "content:afterUnpublish";
-    "media:beforeUpload": "media:beforeUpload";
-    "media:afterUpload": "media:afterUpload";
-    cron: "cron";
-    "email:beforeSend": "email:beforeSend";
-    "email:deliver": "email:deliver";
-    "email:afterSend": "email:afterSend";
-    "comment:beforeCreate": "comment:beforeCreate";
-    "comment:moderate": "comment:moderate";
-    "comment:afterCreate": "comment:afterCreate";
-    "comment:afterModerate": "comment:afterModerate";
-    "page:metadata": "page:metadata";
-    "page:fragments": "page:fragments";
-  }>, z$1.ZodObject<{
-    name: z$1.ZodEnum<{
-      "plugin:install": "plugin:install";
-      "plugin:activate": "plugin:activate";
-      "plugin:deactivate": "plugin:deactivate";
-      "plugin:uninstall": "plugin:uninstall";
-      "content:beforeSave": "content:beforeSave";
-      "content:afterSave": "content:afterSave";
-      "content:beforeDelete": "content:beforeDelete";
-      "content:afterDelete": "content:afterDelete";
-      "content:afterPublish": "content:afterPublish";
-      "content:afterUnpublish": "content:afterUnpublish";
-      "media:beforeUpload": "media:beforeUpload";
-      "media:afterUpload": "media:afterUpload";
-      cron: "cron";
-      "email:beforeSend": "email:beforeSend";
-      "email:deliver": "email:deliver";
-      "email:afterSend": "email:afterSend";
-      "comment:beforeCreate": "comment:beforeCreate";
-      "comment:moderate": "comment:moderate";
-      "comment:afterCreate": "comment:afterCreate";
-      "comment:afterModerate": "comment:afterModerate";
-      "page:metadata": "page:metadata";
-      "page:fragments": "page:fragments";
-    }>;
-    exclusive: z$1.ZodOptional<z$1.ZodBoolean>;
-    priority: z$1.ZodOptional<z$1.ZodNumber>;
-    timeout: z$1.ZodOptional<z$1.ZodNumber>;
-  }, z$1.core.$strip>]>>;
-  routes: z$1.ZodArray<z$1.ZodUnion<readonly [z$1.ZodString, z$1.ZodObject<{
-    name: z$1.ZodString;
-    public: z$1.ZodOptional<z$1.ZodBoolean>;
-  }, z$1.core.$strip>]>>;
-  admin: z$1.ZodObject<{
-    entry: z$1.ZodOptional<z$1.ZodString>;
-    settingsSchema: z$1.ZodOptional<z$1.ZodRecord<z$1.ZodString, z$1.ZodDiscriminatedUnion<[z$1.ZodObject<{
-      type: z$1.ZodLiteral<"string">;
-      default: z$1.ZodOptional<z$1.ZodString>;
-      multiline: z$1.ZodOptional<z$1.ZodBoolean>;
-      label: z$1.ZodString;
-      description: z$1.ZodOptional<z$1.ZodString>;
-    }, z$1.core.$strip>, z$1.ZodObject<{
-      type: z$1.ZodLiteral<"number">;
-      default: z$1.ZodOptional<z$1.ZodNumber>;
-      min: z$1.ZodOptional<z$1.ZodNumber>;
-      max: z$1.ZodOptional<z$1.ZodNumber>;
-      label: z$1.ZodString;
-      description: z$1.ZodOptional<z$1.ZodString>;
-    }, z$1.core.$strip>, z$1.ZodObject<{
-      type: z$1.ZodLiteral<"boolean">;
-      default: z$1.ZodOptional<z$1.ZodBoolean>;
-      label: z$1.ZodString;
-      description: z$1.ZodOptional<z$1.ZodString>;
-    }, z$1.core.$strip>, z$1.ZodObject<{
-      type: z$1.ZodLiteral<"select">;
-      options: z$1.ZodArray<z$1.ZodObject<{
-        value: z$1.ZodString;
-        label: z$1.ZodString;
-      }, z$1.core.$strip>>;
-      default: z$1.ZodOptional<z$1.ZodString>;
-      label: z$1.ZodString;
-      description: z$1.ZodOptional<z$1.ZodString>;
-    }, z$1.core.$strip>, z$1.ZodObject<{
-      type: z$1.ZodLiteral<"secret">;
-      label: z$1.ZodString;
-      description: z$1.ZodOptional<z$1.ZodString>;
-    }, z$1.core.$strip>], "type">>>;
-    pages: z$1.ZodOptional<z$1.ZodArray<z$1.ZodObject<{
-      path: z$1.ZodString;
-      label: z$1.ZodString;
-      icon: z$1.ZodOptional<z$1.ZodString>;
-    }, z$1.core.$strip>>>;
-    widgets: z$1.ZodOptional<z$1.ZodArray<z$1.ZodObject<{
-      id: z$1.ZodString;
-      size: z$1.ZodOptional<z$1.ZodEnum<{
-        full: "full";
-        half: "half";
-        third: "third";
-      }>>;
-      title: z$1.ZodOptional<z$1.ZodString>;
-    }, z$1.core.$strip>>>;
-    fieldWidgets: z$1.ZodOptional<z$1.ZodArray<z$1.ZodObject<{
-      name: z$1.ZodString;
-      label: z$1.ZodString;
-      fieldTypes: z$1.ZodArray<z$1.ZodEnum<{
-        string: "string";
-        number: "number";
-        boolean: "boolean";
-        text: "text";
-        integer: "integer";
-        datetime: "datetime";
-        select: "select";
-        multiSelect: "multiSelect";
-        portableText: "portableText";
-        image: "image";
-        file: "file";
-        reference: "reference";
-        json: "json";
-        slug: "slug";
-        repeater: "repeater";
-      }>>;
-      elements: z$1.ZodOptional<z$1.ZodArray<z$1.ZodObject<{
-        type: z$1.ZodString;
-        action_id: z$1.ZodString;
-        label: z$1.ZodOptional<z$1.ZodString>;
-      }, z$1.core.$loose>>>;
-    }, z$1.core.$strip>>>;
-  }, z$1.core.$strip>;
-}, z$1.core.$strip>;
-type ValidatedPluginManifest = z$1.infer<typeof pluginManifestSchema>;
-//#endregion
-//#region src/plugins/hooks.d.ts
-type HookNameV2 = "plugin:install" | "plugin:activate" | "plugin:deactivate" | "plugin:uninstall" | "content:beforeSave" | "content:afterSave" | "content:beforeDelete" | "content:afterDelete" | "content:afterPublish" | "content:afterUnpublish" | "media:beforeUpload" | "media:afterUpload" | "cron" | "email:beforeSend" | "email:deliver" | "email:afterSend" | "comment:beforeCreate" | "comment:moderate" | "comment:afterCreate" | "comment:afterModerate" | "page:metadata" | "page:fragments";
-/**
- * Hook execution result
- */
-interface HookResult<T> {
-  success: boolean;
-  value?: T;
-  error?: Error;
-  pluginId: string;
-  duration: number;
-}
-/**
- * Hook pipeline for executing hooks in order
- */
-declare class HookPipeline {
-  private hooks;
-  private pluginMap;
-  private contextFactory;
-  /** Stored so setContextFactory can merge incrementally. */
-  private contextFactoryOptions;
-  /** Hook names where at least one handler declared exclusive: true */
-  private exclusiveHookNames;
-  /**
-   * Selected provider plugin ID for each exclusive hook.
-   * Set by the PluginManager after resolution.
-   */
-  private exclusiveSelections;
-  constructor(plugins: ResolvedPlugin[], factoryOptions?: PluginContextFactoryOptions);
-  /**
-   * Set or update the context factory options.
-   *
-   * When called on a pipeline that already has a factory, the new options
-   * are merged on top of the existing ones so that callers don't need to
-   * repeat every field (e.g. adding `cronReschedule` without losing
-   * `storage` / `getUploadUrl`).
-   */
-  setContextFactory(options: Partial<PluginContextFactoryOptions>): void;
-  /**
-   * Get context for a plugin
-   */
-  private getContext;
-  /**
-   * Get typed hooks for a specific hook name.
-   * The internal map stores ResolvedHook<unknown>, but we know each name
-   * maps to a specific handler type via HookHandlerMap.
-   *
-   * Exclusive hooks that have a selected provider are filtered out — they
-   * should only run via invokeExclusiveHook(), not in the regular pipeline.
-   */
-  private getTypedHooks;
-  /**
-   * Register all hooks from plugins.
-   *
-   * Registers each hook name individually to preserve type safety. The
-   * internal map stores ResolvedHook<unknown> since it's keyed by string,
-   * but getTypedHooks() restores the correct handler type on retrieval.
-   */
-  private registerPlugins;
   /**
-   * Maps hook names to the capability required to register them.
-   *
-   * Hooks not listed here have no capability requirement (e.g. lifecycle
-   * hooks, cron). Any plugin declaring a listed hook without the required
-   * capability will have that hook silently skipped at registration time.
+   * Run page:fragments hooks. Only trusted plugins should be registered
+   * for this hook. Errors are logged but don't propagate.
    */
-  private static readonly HOOK_REQUIRED_CAPABILITY;
+  runPageFragments(event: PageFragmentEvent): Promise<Array<{
+    pluginId: string;
+    contributions: PageFragmentContribution[];
+  }>>;
   /**
-   * Register a single plugin's hook by name
+   * Check if any hooks are registered for a given name
    */
-  private registerPluginHook;
+  hasHooks(name: HookNameV2): boolean;
   /**
-   * Register a single hook
+   * Get hook count for debugging
    */
-  private registerHook;
+  getHookCount(name: HookNameV2): number;
   /**
-   * Sort hooks by priority and dependencies
+   * Get all registered hook names
    */
-  private sortHooks;
+  getRegisteredHooks(): HookNameV2[];
   /**
-   * Execute a hook with timeout
+   * Returns hook names where at least one handler declared exclusive: true
    */
-  private executeWithTimeout;
+  getRegisteredExclusiveHooks(): string[];
   /**
-   * Run plugin:install hooks
+   * Check if a hook is exclusive
    */
-  runPluginInstall(pluginId: string): Promise<HookResult<void>[]>;
+  isExclusiveHook(name: string): boolean;
   /**
-   * Run plugin:activate hooks
+   * Set the selected provider for an exclusive hook.
+   * Called by PluginManager after resolution.
    */
-  runPluginActivate(pluginId: string): Promise<HookResult<void>[]>;
+  setExclusiveSelection(hookName: string, pluginId: string): void;
   /**
-   * Run plugin:deactivate hooks
+   * Clear the selected provider for an exclusive hook.
    */
-  runPluginDeactivate(pluginId: string): Promise<HookResult<void>[]>;
+  clearExclusiveSelection(hookName: string): void;
   /**
-   * Run plugin:uninstall hooks
+   * Get the selected provider for an exclusive hook (if any).
    */
-  runPluginUninstall(pluginId: string, deleteData: boolean): Promise<HookResult<void>[]>;
-  private runLifecycleHook;
+  getExclusiveSelection(hookName: string): string | undefined;
   /**
-   * Run content:beforeSave hooks
-   * Returns modified content from the pipeline
+   * Get all plugins that registered a handler for a given exclusive hook.
    */
-  runContentBeforeSave(content: Record<string, unknown>, collection: string, isNew: boolean): Promise<{
-    content: Record<string, unknown>;
-    results: HookResult<Record<string, unknown>>[];
+  getExclusiveHookProviders(hookName: string): Array<{
+    pluginId: string;
   }>;
   /**
-   * Run content:afterSave hooks
-   */
-  runContentAfterSave(content: Record<string, unknown>, collection: string, isNew: boolean): Promise<HookResult<void>[]>;
-  /**
-   * Run content:beforeDelete hooks
-   * Returns whether deletion is allowed
+   * Get all plugins that registered a non-exclusive handler for a given hook,
+   * preserving priority order. This partitions with getExclusiveHookProviders().
    */
-  runContentBeforeDelete(id: string, collection: string): Promise<{
-    allowed: boolean;
-    results: HookResult<boolean>[];
-  }>;
-  /**
-   * Run content:afterDelete hooks
-   */
-  runContentAfterDelete(id: string, collection: string, permanent: boolean): Promise<HookResult<void>[]>;
-  /**
-   * Run content:afterPublish hooks (fire-and-forget).
-   */
-  runContentAfterPublish(content: Record<string, unknown>, collection: string): Promise<HookResult<void>[]>;
-  /**
-   * Run content:afterUnpublish hooks (fire-and-forget).
-   */
-  runContentAfterUnpublish(content: Record<string, unknown>, collection: string): Promise<HookResult<void>[]>;
-  /**
-   * Run media:beforeUpload hooks
-   */
-  runMediaBeforeUpload(file: {
-    name: string;
-    type: string;
-    size: number;
-  }): Promise<{
-    file: {
-      name: string;
-      type: string;
-      size: number;
-    };
-    results: HookResult<{
-      name: string;
-      type: string;
-      size: number;
-    }>[];
-  }>;
-  /**
-   * Run media:afterUpload hooks
-   */
-  runMediaAfterUpload(media: {
-    id: string;
-    filename: string;
-    mimeType: string;
-    size: number | null;
-    url: string;
-    createdAt: string;
-  }): Promise<HookResult<void>[]>;
-  /**
-   * Invoke the cron hook for a specific plugin.
-   *
-   * Unlike other hooks which broadcast to all plugins, the cron hook is
-   * dispatched only to the target plugin — the one that owns the task.
-   */
-  invokeCronHook(pluginId: string, event: CronEvent): Promise<HookResult<void>>;
-  /**
-   * Run email:beforeSend hooks (middleware pipeline).
-   *
-   * Each handler receives the message and returns a modified message or
-   * `false` to cancel delivery. The pipeline chains message transformations —
-   * each handler receives the output of the previous one.
-   */
-  runEmailBeforeSend(message: EmailMessage, source: string): Promise<{
-    message: EmailMessage | false;
-    results: HookResult<EmailMessage | false>[];
-  }>;
-  /**
-   * Run email:afterSend hooks (fire-and-forget).
-   *
-   * Errors are logged but don't propagate — they don't affect the caller.
-   */
-  runEmailAfterSend(message: EmailMessage, source: string): Promise<HookResult<void>[]>;
-  /**
-   * Run comment:beforeCreate hooks (middleware pipeline).
-   *
-   * Each handler receives the event and returns a modified event or
-   * `false` to reject the comment. The pipeline chains transformations —
-   * each handler receives the output of the previous one.
-   */
-  runCommentBeforeCreate(event: CommentBeforeCreateEvent): Promise<CommentBeforeCreateEvent | false>;
-  /**
-   * Run comment:afterCreate hooks (fire-and-forget).
-   *
-   * Errors are logged but don't propagate — they don't affect the caller.
-   */
-  runCommentAfterCreate(event: CommentAfterCreateEvent): Promise<void>;
-  /**
-   * Run comment:afterModerate hooks (fire-and-forget).
-   *
-   * Errors are logged but don't propagate — they don't affect the caller.
-   */
-  runCommentAfterModerate(event: CommentAfterModerateEvent): Promise<void>;
-  /**
-   * Run page:metadata hooks. Each handler returns contributions that are
-   * merged by the metadata collector. Errors are logged but don't propagate.
-   */
-  runPageMetadata(event: PageMetadataEvent): Promise<Array<{
-    pluginId: string;
-    contributions: PageMetadataContribution[];
-  }>>;
-  /**
-   * Run page:fragments hooks. Only trusted plugins should be registered
-   * for this hook. Errors are logged but don't propagate.
-   */
-  runPageFragments(event: PageFragmentEvent): Promise<Array<{
-    pluginId: string;
-    contributions: PageFragmentContribution[];
-  }>>;
-  /**
-   * Check if any hooks are registered for a given name
-   */
-  hasHooks(name: HookNameV2): boolean;
-  /**
-   * Get hook count for debugging
-   */
-  getHookCount(name: HookNameV2): number;
-  /**
-   * Get all registered hook names
-   */
-  getRegisteredHooks(): HookNameV2[];
-  /**
-   * Returns hook names where at least one handler declared exclusive: true
-   */
-  getRegisteredExclusiveHooks(): string[];
-  /**
-   * Check if a hook is exclusive
-   */
-  isExclusiveHook(name: string): boolean;
-  /**
-   * Set the selected provider for an exclusive hook.
-   * Called by PluginManager after resolution.
-   */
-  setExclusiveSelection(hookName: string, pluginId: string): void;
-  /**
-   * Clear the selected provider for an exclusive hook.
-   */
-  clearExclusiveSelection(hookName: string): void;
-  /**
-   * Get the selected provider for an exclusive hook (if any).
-   */
-  getExclusiveSelection(hookName: string): string | undefined;
-  /**
-   * Get all plugins that registered a handler for a given exclusive hook.
-   */
-  getExclusiveHookProviders(hookName: string): Array<{
-    pluginId: string;
+  getHookProviders(hookName: string): Array<{
+    pluginId: string;
   }>;
   /**
    * Invoke an exclusive hook — dispatch only to the selected provider.
@@ -3511,419 +2525,6 @@ declare class NodeSandboxRunner implements SandboxRunner {
 }
 declare function createNodeSandboxRunner(options: SandboxRunnerRuntimeOptions): SandboxRunner;
 //#endregion
-//#region src/import/types.d.ts
-/** Author info from WordPress */
-interface WpAuthorInfo {
-  id?: number;
-  login?: string;
-  email?: string;
-  displayName?: string;
-  postCount: number;
-}
-/** File-based input (WXR upload) */
-interface FileInput {
-  type: "file";
-  file: File;
-}
-/** URL-based input (REST API probe) */
-interface UrlInput {
-  type: "url";
-  url: string;
-  /** Optional auth token for authenticated requests */
-  token?: string;
-}
-/** OAuth-based input (WordPress.com) */
-interface OAuthInput {
-  type: "oauth";
-  url: string;
-  accessToken: string;
-  /** Site ID for WordPress.com */
-  siteId?: string;
-}
-type SourceInput = FileInput | UrlInput | OAuthInput;
-/** Auth requirements for an import source */
-interface SourceAuth {
-  type: "oauth" | "token" | "password" | "none";
-  /** OAuth provider identifier */
-  provider?: string;
-  /** OAuth authorization URL */
-  oauthUrl?: string;
-  /** Human-readable instructions */
-  instructions?: string;
-}
-/** What the source can provide */
-interface SourceCapabilities {
-  /** Can fetch published content without auth */
-  publicContent: boolean;
-  /** Can fetch drafts/private (may need auth) */
-  privateContent: boolean;
-  /** Can fetch all custom post types */
-  customPostTypes: boolean;
-  /** Can fetch all meta fields */
-  allMeta: boolean;
-  /** Can stream media directly */
-  mediaStream: boolean;
-}
-/** Suggested next action after probe */
-type SuggestedAction = {
-  type: "proceed";
-} | {
-  type: "oauth";
-  url: string;
-  provider: string;
-} | {
-  type: "upload";
-  instructions: string;
-} | {
-  type: "install-plugin";
-  instructions: string;
-};
-/** Detected i18n/multilingual plugin info */
-interface I18nDetection {
-  /** Multilingual plugin name (e.g. "wpml", "polylang") */
-  plugin: string;
-  /** BCP 47 default locale */
-  defaultLocale: string;
-  /** All configured locales */
-  locales: string[];
-}
-/** Result of probing a URL for a specific source */
-interface SourceProbeResult {
-  /** Which source can handle this */
-  sourceId: string;
-  /** Confidence level */
-  confidence: "definite" | "likely" | "possible";
-  /** What we detected */
-  detected: {
-    platform: string;
-    version?: string;
-    siteTitle?: string;
-    siteUrl?: string;
-  };
-  /** What capabilities are available */
-  capabilities: SourceCapabilities;
-  /** What auth is needed, if any */
-  auth?: SourceAuth;
-  /** Suggested next step */
-  suggestedAction: SuggestedAction;
-  /** Preview data if available (e.g., post counts from REST API) */
-  preview?: {
-    posts?: number;
-    pages?: number;
-    media?: number;
-  };
-  /** Detected multilingual plugin. Absent when none detected. */
-  i18n?: I18nDetection;
-}
-/** Combined probe result from all sources */
-interface ProbeResult {
-  url: string;
-  isWordPress: boolean;
-  /** Best matching source (highest confidence) */
-  bestMatch: SourceProbeResult | null;
-  /** All matching sources */
-  allMatches: SourceProbeResult[];
-}
-/** Field definition for import */
-interface ImportFieldDef {
-  slug: string;
-  label: string;
-  type: string;
-  required: boolean;
-  searchable?: boolean;
-}
-/** Field compatibility with existing schema */
-type FieldCompatibility = "compatible" | "type_mismatch" | "missing";
-/** Schema status for a collection */
-interface CollectionSchemaStatus {
-  exists: boolean;
-  fieldStatus: Record<string, {
-    status: FieldCompatibility;
-    existingType?: string;
-    requiredType: string;
-  }>;
-  canImport: boolean;
-  reason?: string;
-}
-/** Analysis of a single post type */
-interface PostTypeAnalysis {
-  name: string;
-  count: number;
-  suggestedCollection: string;
-  requiredFields: ImportFieldDef[];
-  schemaStatus: CollectionSchemaStatus;
-}
-/** Attachment/media info */
-interface AttachmentInfo {
-  id?: number;
-  title?: string;
-  url?: string;
-  filename?: string;
-  mimeType?: string;
-  alt?: string;
-  caption?: string;
-  width?: number;
-  height?: number;
-}
-/** Navigation menu analysis */
-interface NavMenuAnalysis {
-  /** Menu name/slug */
-  name: string;
-  /** Menu display label */
-  label: string;
-  /** Number of items in this menu */
-  itemCount: number;
-}
-/** Custom taxonomy analysis */
-interface TaxonomyAnalysis {
-  /** Taxonomy slug (e.g., 'genre', 'portfolio_category') */
-  slug: string;
-  /** Number of terms in this taxonomy */
-  termCount: number;
-  /** Sample term names */
-  sampleTerms: string[];
-}
-/** Reusable block analysis (wp_block post type) */
-interface ReusableBlockAnalysis {
-  /** Original WP ID */
-  id: number;
-  /** Block title */
-  title: string;
-  /** Block slug */
-  slug: string;
-}
-/** Normalized analysis result - same format for all sources */
-interface ImportAnalysis {
-  /** Source that produced this analysis */
-  sourceId: string;
-  site: {
-    title: string;
-    url: string;
-  };
-  postTypes: PostTypeAnalysis[];
-  attachments: {
-    count: number;
-    items: AttachmentInfo[];
-  };
-  categories: number;
-  tags: number;
-  authors: WpAuthorInfo[];
-  /** Navigation menus found in the export */
-  navMenus?: NavMenuAnalysis[];
-  /** Custom taxonomies (beyond categories/tags) */
-  customTaxonomies?: TaxonomyAnalysis[];
-  /** Reusable blocks (wp_block post type) - will be imported as sections */
-  reusableBlocks?: ReusableBlockAnalysis[];
-  /** Source-specific custom fields analysis */
-  customFields?: Array<{
-    key: string;
-    count: number;
-    samples: string[];
-    suggestedField: string;
-    suggestedType: "string" | "number" | "boolean" | "date" | "json";
-    isInternal: boolean;
-  }>;
-  /** Detected multilingual plugin. Absent when none detected. */
-  i18n?: I18nDetection;
-}
-/** Normalized content item - produced by all sources */
-interface NormalizedItem {
-  /** Original ID from source */
-  sourceId: string | number;
-  /** WordPress post type */
-  postType: string;
-  /** Content status */
-  status: "publish" | "draft" | "pending" | "private" | "future";
-  /** URL slug */
-  slug: string;
-  /** Title */
-  title: string;
-  /** Content as Portable Text (already converted) */
-  content: PortableTextBlock[];
-  /** Excerpt/summary */
-  excerpt?: string;
-  /** Publication date */
-  date: Date;
-  /** Last modified date */
-  modified?: Date;
-  /** Author identifier */
-  author?: string;
-  /** Category slugs */
-  categories?: string[];
-  /** Tag slugs */
-  tags?: string[];
-  /** Custom meta fields */
-  meta?: Record<string, unknown>;
-  /** Featured image URL */
-  featuredImage?: string;
-  /** Parent post ID (for hierarchical content like pages) */
-  parentId?: string | number;
-  /** Menu order for sorting */
-  menuOrder?: number;
-  /** Custom taxonomy assignments beyond categories/tags */
-  customTaxonomies?: Record<string, string[]>;
-  /** BCP 47 locale code. When omitted, defaults to defaultLocale. */
-  locale?: string;
-  /**
-   * Source-side translation group ID (opaque string from the origin system).
-   * Items sharing the same translationGroup are linked as translations.
-   * Resolved to a Dineway translation_group ULID during execute.
-   */
-  translationGroup?: string;
-}
-/** Post type mapping configuration */
-interface PostTypeMapping {
-  enabled: boolean;
-  collection: string;
-}
-/** Import configuration */
-interface ImportConfig {
-  postTypeMappings: Record<string, PostTypeMapping>;
-  skipExisting?: boolean;
-}
-/** Options for fetching content */
-interface FetchOptions {
-  /** Post types to fetch */
-  postTypes: string[];
-  /** Whether to include drafts */
-  includeDrafts?: boolean;
-  /** Limit number of items (for testing) */
-  limit?: number;
-}
-/** Import result */
-interface ImportResult {
-  success: boolean;
-  imported: number;
-  skipped: number;
-  errors: Array<{
-    title: string;
-    error: string;
-  }>;
-  byCollection: Record<string, number>;
-}
-/**
- * An import source provides content from an external system.
- * All sources produce the same normalized analysis and content format.
- */
-interface ImportSource {
-  /** Unique identifier */
-  id: string;
-  /** Display name */
-  name: string;
-  /** Description for UI */
-  description: string;
-  /** Icon identifier */
-  icon: "upload" | "globe" | "wordpress" | "plug";
-  /** Whether this source requires a file upload */
-  requiresFile?: boolean;
-  /** Whether this source can probe URLs */
-  canProbe?: boolean;
-  /**
-   * Probe a URL to see if this source can handle it.
-   * Returns null if not applicable.
-   */
-  probe?(url: string): Promise<SourceProbeResult | null>;
-  /**
-   * Analyze content from this source.
-   * Returns normalized ImportAnalysis.
-   */
-  analyze(input: SourceInput, context: ImportContext): Promise<ImportAnalysis>;
-  /**
-   * Stream content items for import.
-   * Yields normalized content items.
-   */
-  fetchContent(input: SourceInput, options: FetchOptions): AsyncGenerator<NormalizedItem>;
-  /**
-   * Fetch a media item's data.
-   * Used for media import.
-   */
-  fetchMedia?(url: string, input: SourceInput): Promise<Blob>;
-}
-/** Context passed to import sources */
-interface ImportContext {
-  /** Database connection for schema checks */
-  db?: unknown;
-  /** Function to check existing collections */
-  getExistingCollections?: () => Promise<Map<string, {
-    slug: string;
-    fields: Map<string, {
-      type: string;
-    }>;
-  }>>;
-}
-//#endregion
-//#region src/import/sections.d.ts
-/**
- * Result of sections import operation
- */
-interface SectionsImportResult {
-  /** Number of sections created */
-  sectionsCreated: number;
-  /** Number of sections skipped (already exist) */
-  sectionsSkipped: number;
-  /** Errors encountered during import */
-  errors: Array<{
-    title: string;
-    error: string;
-  }>;
-}
-/**
- * Import reusable blocks (wp_block post type) from WXR as sections
- *
- * @param posts - All posts from WXR (will filter to wp_block)
- * @param db - Database connection
- * @returns Import result with counts
- */
-declare function importReusableBlocksAsSections(posts: WxrPost[], db: Kysely<Database>): Promise<SectionsImportResult>;
-//#endregion
-//#region src/import/registry.d.ts
-/**
- * Register an import source
- */
-declare function registerSource(source: ImportSource): void;
-/**
- * Get a source by ID
- */
-declare function getSource(id: string): ImportSource | undefined;
-/**
- * Get all registered sources
- */
-declare function getAllSources(): ImportSource[];
-/**
- * Get sources that can handle file uploads
- */
-declare function getFileSources(): ImportSource[];
-/**
- * Get sources that can probe URLs
- */
-declare function getUrlSources(): ImportSource[];
-/**
- * Probe a URL against all registered sources
- *
- * Returns probe results sorted by confidence (definite > likely > possible)
- */
-declare function probeUrl(url: string): Promise<ProbeResult>;
-/**
- * Clear all registered sources (useful for testing)
- */
-declare function clearSources(): void;
-//#endregion
-//#region src/import/sources/wxr.d.ts
-declare const wxrSource: ImportSource;
-/**
- * Parse a WXR date with the correct fallback chain:
- * 1. GMT date (always UTC, most reliable)
- * 2. pubDate (RFC 2822, includes timezone offset)
- * 3. Site-local date (MySQL datetime without timezone, imprecise but best available)
- *
- * Returns undefined when none of the inputs yield a valid date.
- * Callers that need a guaranteed Date should use `?? new Date()`.
- */
-declare function parseWxrDate(gmtDate: string | undefined, pubDate: string | undefined, localDate: string | undefined): Date | undefined;
-//#endregion
-//#region src/import/sources/wordpress-rest.d.ts
-declare const wordpressRestSource: ImportSource;
-//#endregion
 //#region src/preview/tokens.d.ts
 /**
  * Preview token generation and verification
@@ -4039,8 +2640,16 @@ interface GetPreviewUrlOptions {
   expiresIn?: string | number;
   /** Base URL of the site. If not provided, returns a relative URL. */
   baseUrl?: string;
-  /** Custom path pattern. Use {collection} and {id} as placeholders. Default: "/{collection}/{id}" */
+  /**
+   * Custom path pattern. Supports `{collection}`, `{id}`, and `{locale}` placeholders.
+   * Default: "/{collection}/{id}".
+   */
   pathPattern?: string;
+  /**
+   * Locale segment substituted for `{locale}`. Use an empty string to omit the
+   * locale segment; adjacent slashes are collapsed.
+   */
+  locale?: string;
 }
 /**
  * Generate a preview URL for content
@@ -4166,227 +2775,7 @@ interface PreviewToolbarConfig {
 }
 declare function renderPreviewToolbar(config: PreviewToolbarConfig): string;
 //#endregion
-//#region src/settings/index.d.ts
-/**
- * Get a single site setting by key
- *
- * Returns `undefined` if the setting has not been configured.
- * For media settings (logo, favicon), the URL is resolved automatically.
- *
- * @param key - The setting key (e.g., "title", "logo", "social")
- * @returns The setting value, or undefined if not set
- *
- * @example
- * ```ts
- * import { getSiteSetting } from "dineway";
- *
- * const title = await getSiteSetting("title");
- * const logo = await getSiteSetting("logo");
- * console.log(logo?.url); // Resolved URL
- * ```
- */
-declare function getSiteSetting<K extends SiteSettingKey>(key: K): Promise<SiteSettings[K] | undefined>;
-/**
- * Get all site settings
- *
- * Returns all configured settings. Unset values are undefined.
- * Media references (logo/favicon) are resolved to include URLs.
- *
- * @example
- * ```ts
- * import { getSiteSettings } from "dineway";
- *
- * const settings = await getSiteSettings();
- * console.log(settings.title); // "My Site"
- * console.log(settings.logo?.url); // "/_dineway/api/media/file/abc123"
- * ```
- */
-declare function getSiteSettings(): Promise<Partial<SiteSettings>>;
-/**
- * Set site settings (internal function used by admin API)
- *
- * Merges provided settings with existing ones. Only provided fields are updated.
- * Media references should include just the mediaId; URLs are resolved on read.
- *
- * @param settings - Partial settings object with values to update
- * @param db - Kysely database instance
- * @returns Promise that resolves when settings are saved
- *
- * @internal
- *
- * @example
- * ```ts
- * // Update multiple settings at once
- * await setSiteSettings({
- *   title: "My Site",
- *   tagline: "Welcome",
- *   logo: { mediaId: "med_123", alt: "Logo" }
- * }, db);
- * ```
- */
-declare function setSiteSettings(settings: Partial<SiteSettings>, db: Kysely<Database>): Promise<void>;
-/**
- * Get a single plugin setting by key.
- *
- * Plugin settings are stored in the options table under
- * `plugin:<pluginId>:settings:<key>`.
- */
-declare function getPluginSetting<T = unknown>(pluginId: string, key: string): Promise<T | undefined>;
-/**
- * Get all persisted plugin settings for a plugin.
- *
- * Defaults declared in `admin.settingsSchema` are not materialized
- * automatically; callers should apply their own fallback defaults.
- */
-declare function getPluginSettings(pluginId: string): Promise<Record<string, unknown>>;
-//#endregion
-//#region src/comments/query.d.ts
-interface GetCommentsOptions {
-  collection: string;
-  contentId: string;
-  threaded?: boolean;
-}
-interface GetCommentsResult {
-  items: PublicComment[];
-  total: number;
-}
-/**
- * Get approved comments for a content item.
- *
- * @example
- * ```ts
- * import { getComments } from "dineway";
- *
- * const { items, total } = await getComments({
- *   collection: "posts",
- *   contentId: post.id,
- *   threaded: true,
- * });
- * ```
- */
-declare function getComments(options: GetCommentsOptions): Promise<GetCommentsResult>;
-/**
- * Get the count of approved comments for a content item.
- *
- * @example
- * ```ts
- * import { getCommentCount } from "dineway";
- *
- * const count = await getCommentCount("posts", post.id);
- * ```
- */
-declare function getCommentCount(collection: string, contentId: string): Promise<number>;
-//#endregion
-//#region src/menus/types.d.ts
-/**
- * Menu item types
- */
-type MenuItemType = string;
-/**
- * Menu item as returned to templates (with resolved URL)
- */
-interface MenuItem {
-  id: string;
-  label: string;
-  url: string;
-  target?: string;
-  titleAttr?: string;
-  cssClasses?: string;
-  children: MenuItem[];
-}
-/**
- * Menu as returned to templates
- */
-interface Menu {
-  id: string;
-  name: string;
-  label: string;
-  items: MenuItem[];
-}
-/**
- * Input for creating a menu item
- */
-interface CreateMenuItemInput {
-  type: MenuItemType;
-  label: string;
-  referenceCollection?: string;
-  referenceId?: string;
-  customUrl?: string;
-  target?: string;
-  titleAttr?: string;
-  cssClasses?: string;
-  parentId?: string;
-  sortOrder?: number;
-}
-/**
- * Input for updating a menu item
- */
-interface UpdateMenuItemInput {
-  label?: string;
-  customUrl?: string;
-  target?: string;
-  titleAttr?: string;
-  cssClasses?: string;
-  parentId?: string | null;
-  sortOrder?: number;
-}
-/**
- * Input for creating a menu
- */
-interface CreateMenuInput {
-  name: string;
-  label: string;
-}
-/**
- * Input for updating a menu
- */
-interface UpdateMenuInput {
-  label?: string;
-}
-/**
- * Input for reordering menu items
- */
-interface ReorderMenuItemsInput {
-  items: Array<{
-    id: string;
-    parentId: string | null;
-    sortOrder: number;
-  }>;
-}
-//#endregion
-//#region src/menus/index.d.ts
-/**
- * Get menu by name with resolved URLs
- *
- * @example
- * ```ts
- * import { getMenu } from "dineway";
- *
- * const menu = await getMenu("primary");
- * if (menu) {
- *   console.log(menu.items); // Array of MenuItem with resolved URLs
- * }
- * ```
- */
-declare function getMenu(name: string): Promise<Menu | null>;
-/**
- * Get all menus (without items - for admin list)
- *
- * @example
- * ```ts
- * import { getMenus } from "dineway";
- *
- * const menus = await getMenus();
- * console.log(menus); // [{ id, name, label }]
- * ```
- */
-declare function getMenus(): Promise<Array<{
-  id: string;
-  name: string;
-  label: string;
-}>>;
-//#endregion
-//#region src/bylines/index.d.ts
+//#region src/bylines/index.d.ts
 /**
  * Get a byline by ID.
  *
@@ -4416,170 +2805,6 @@ declare function getByline(id: string): Promise<BylineSummary | null>;
  */
 declare function getBylineBySlug(slug: string): Promise<BylineSummary | null>;
 //#endregion
-//#region src/taxonomies/types.d.ts
-/**
- * Taxonomy types for Dineway Agentic Web builder
- */
-/**
- * Taxonomy definition - describes a taxonomy like "category" or "tag"
- */
-interface TaxonomyDef {
-  id: string;
-  name: string;
-  label: string;
-  labelSingular?: string;
-  hierarchical: boolean;
-  collections: string[];
-}
-/**
- * Taxonomy term - a specific term within a taxonomy (e.g., "News" in "category")
- */
-interface TaxonomyTerm {
-  id: string;
-  name: string;
-  slug: string;
-  label: string;
-  parentId?: string;
-  description?: string;
-  children: TaxonomyTerm[];
-  count?: number;
-}
-/**
- * Flat version for DB row
- */
-interface TaxonomyTermRow {
-  id: string;
-  name: string;
-  slug: string;
-  label: string;
-  parent_id: string | null;
-  data: string | null;
-}
-/**
- * Input for creating a term
- */
-interface CreateTermInput {
-  slug: string;
-  label: string;
-  parentId?: string;
-  description?: string;
-}
-/**
- * Input for updating a term
- */
-interface UpdateTermInput {
-  slug?: string;
-  label?: string;
-  parentId?: string | null;
-  description?: string;
-}
-//#endregion
-//#region src/taxonomies/index.d.ts
-/**
- * Get all taxonomy definitions
- */
-declare function getTaxonomyDefs(): Promise<TaxonomyDef[]>;
-/**
- * Get a single taxonomy definition by name
- */
-declare function getTaxonomyDef(name: string): Promise<TaxonomyDef | null>;
-/**
- * Get all terms for a taxonomy (as tree for hierarchical, flat for tags)
- */
-declare function getTaxonomyTerms(taxonomyName: string): Promise<TaxonomyTerm[]>;
-/**
- * Get a single term by taxonomy and slug
- */
-declare function getTerm(taxonomyName: string, slug: string): Promise<TaxonomyTerm | null>;
-/**
- * Get terms assigned to an entry
- */
-declare function getEntryTerms(collection: string, entryId: string, taxonomyName?: string): Promise<TaxonomyTerm[]>;
-/**
- * Get terms for multiple entries in a single query (batched API)
- *
- * This is more efficient than calling getEntryTerms for each entry
- * when you need terms for a list of entries.
- *
- * @param collection - The collection type (e.g., "posts")
- * @param entryIds - Array of entry IDs
- * @param taxonomyName - The taxonomy name (e.g., "categories")
- * @returns Map from entry ID to array of terms
- */
-declare function getTermsForEntries(collection: string, entryIds: string[], taxonomyName: string): Promise<Map<string, TaxonomyTerm[]>>;
-/**
- * Get entries by term (wraps getDinewayCollection)
- */
-declare function getEntriesByTerm(collection: string, taxonomyName: string, termSlug: string): Promise<Array<{
-  id: string;
-  data: Record<string, unknown>;
-}>>;
-//#endregion
-//#region src/widgets/types.d.ts
-type WidgetType = "content" | "menu" | "component";
-interface Widget {
-  id: string;
-  type: WidgetType;
-  title?: string;
-  content?: PortableTextBlock$2[];
-  menuName?: string;
-  componentId?: string;
-  componentProps?: Record<string, unknown>;
-}
-interface WidgetArea {
-  id: string;
-  name: string;
-  label: string;
-  description?: string;
-  widgets: Widget[];
-}
-interface WidgetComponentDef {
-  id: string;
-  label: string;
-  description?: string;
-  props: Record<string, PropDef>;
-}
-interface PropDef {
-  type: "string" | "number" | "boolean" | "select";
-  label: string;
-  default?: unknown;
-  options?: Array<{
-    value: string;
-    label: string;
-  }>;
-}
-interface CreateWidgetAreaInput {
-  name: string;
-  label: string;
-  description?: string;
-}
-interface CreateWidgetInput {
-  type: WidgetType;
-  title?: string;
-  content?: PortableTextBlock$2[];
-  menuName?: string;
-  componentId?: string;
-  componentProps?: Record<string, unknown>;
-}
-interface UpdateWidgetInput extends Partial<CreateWidgetInput> {}
-interface ReorderWidgetsInput {
-  widgetIds: string[];
-}
-//#endregion
-//#region src/widgets/index.d.ts
-/**
- * Get a widget area by name, with all its widgets
- */
-declare function getWidgetArea(name: string): Promise<WidgetArea | null>;
-/**
- * Get all widget areas with their widgets
- */
-declare function getWidgetAreas(): Promise<WidgetArea[]>;
-/**
- * Get available widget components (for admin UI)
- */
-declare function getWidgetComponents(): WidgetComponentDef[];
-//#endregion
 //#region src/search/types.d.ts
 /**
  * Search Types
@@ -4637,7 +2862,12 @@ interface SearchResult {
   locale: string;
   /** Entry title (if available) */
   title?: string;
-  /** Highlighted snippet showing match context */
+  /**
+   * Highlighted snippet showing match context.
+   *
+   * Safe to render as HTML: source text is escaped, and matched terms
+   * are wrapped in literal `<mark>...</mark>` tags.
+   */
   snippet?: string;
   /** Relevance score (higher = more relevant) */
   score: number;
@@ -4883,7 +3113,7 @@ declare function getSearchStats(db: Kysely<Database>): Promise<SearchStats>;
  * // Returns: "Hello World"
  * ```
  */
-declare function extractPlainText(blocks: PortableTextBlock$1[] | string | null | undefined): string;
+declare function extractPlainText(blocks: PortableTextBlock[] | string | null | undefined): string;
 /**
  * Extract searchable text from a content entry
  *
@@ -4895,4 +3125,478 @@ declare function extractPlainText(blocks: PortableTextBlock$1[] | string | null
  */
 declare function extractSearchableFields(entry: Record<string, unknown>, fields: string[]): Record<string, string>;
 //#endregion
-export { GetCommentsOptions as $, ContentResponse as $i, SessionDatabaseFactory as $n, ProseMirrorDocument as $r, OAuthInput as $t, getEntryTerms as A, handleRevisionRestore as Ai, AuthProviderModule as An, getDinewayEntry as Ar, wordpressRestSource as At, UpdateTermInput as B, handleContentGetIncludingTrashed as Bi, WxrTag as Bn, sanitizeHref as Br, importReusableBlocksAsSections as Bt, ReorderWidgetsInput as C, handleMediaGet as Ci, DinewayConfig as Cn, EditFieldMeta as Cr, GeneratePreviewTokenOptions as Ct, WidgetComponentDef as D, RevisionResponse as Di, S3StorageConfig as Dn, TranslationSummary as Dr, generatePreviewToken as Dt, WidgetArea as E, RevisionListResponse as Ei, LocalStorageConfig as En, ResolvePathResult as Er, VerifyPreviewTokenResult as Et, getTermsForEntries as F, handleContentCreate as Fi, WxrAuthor as Fn, EditProxy as Fr, getFileSources as Ft, CreateMenuInput as G, handleContentRestore as Gi, EntryFilter as Gn, prosemirrorToPortableText as Gr, FileInput as Gt, getBylineBySlug as H, handleContentListTrashed as Hi, parseWxrString as Hn, computeContentHash as Hr, CollectionSchemaStatus as Ht, CreateTermInput as I, handleContentDelete as Ii, WxrCategory as In, FieldAnnotation as Ir, getSource as It, MenuItem as J, handleContentUnpublish as Ji, FilePreviewMiddlewareConfig as Jn, PortableTextLinkMark as Jr, ImportContext as Jt, CreateMenuItemInput as K, handleContentSchedule as Ki, dinewayLoader as Kn, PortableTextCodeBlock as Kr, ImportAnalysis as Kt, TaxonomyDef as L, handleContentDiscardDraft as Li, WxrData as Ln, createEditable as Lr, getUrlSources as Lt, getTaxonomyDefs as M, handleContentCompare as Mi, ExternalAuthConfig as Mn, getTranslations as Mr, wxrSource as Mt, getTaxonomyTerms as N, handleContentCountScheduled as Ni, definePlugin as Nn, resolveDinewayPath as Nr, clearSources as Nt, WidgetType as O, handleRevisionGet as Oi, StorageDescriptor as On, TranslationsResult as Or, parseContentId as Ot, getTerm as P, handleContentCountTrashed as Pi, WxrAttachment as Pn, CMSAnnotation as Pr, getAllSources as Pt, UpdateMenuItemInput as Q, ContentListResponse as Qi, SessionCleanupResult as Qn, PortableTextUnknownBlock as Qr, NormalizedItem as Qt, TaxonomyTerm as R, handleContentDuplicate as Ri, WxrPost as Rn, createNoop as Rr, probeUrl as Rt, PropDef as S, handleMediaDelete as Si, pluginManifestSchema as Sn, DinewayCollections as Sr, getPreviewUrl as St, Widget as T, handleMediaUpdate as Ti, getStoredConfig as Tn, InferCollectionData as Tr, VerifyPreviewTokenOptions as Tt, getMenu as U, handleContentPermanentDelete as Ui, CollectionFilter as Un, hashString as Ur, FetchOptions as Ut, getByline as V, handleContentList as Vi, parseWxr as Vn, decodeSlug as Vr, AttachmentInfo as Vt, getMenus as W, handleContentPublish as Wi, EntryData as Wn, portableTextToProsemirror as Wr, FieldCompatibility as Wt, ReorderMenuItemsInput as X, handleContentUpdate as Xi, FileSessionDatabaseFactory as Xn, PortableTextSpan as Xr, ImportResult as Xt, MenuItemType as Y, handleContentUnschedule as Yi, createFilePreviewMiddleware as Yn, PortableTextMarkDef as Yr, ImportFieldDef as Yt, UpdateMenuInput as Z, ApiContext as Zi, FileSessionDatabaseFactoryOptions as Zn, PortableTextTextBlock as Zr, ImportSource as Zt, getWidgetArea as _, SchemaError as _i, EmailPipeline as _n, after as _r, isBlockedInPreview as _t, search as a, image as aa, SandboxRunner as ai, SourceInput as an, PreviewSidecarClient as ar, getSiteSetting as at, CreateWidgetAreaInput as b, MediaResponse as bi, createHookPipeline as bn, CollectionResult as br, GetPreviewUrlOptions as bt, FTSManager as c, FileValue as ca, SerializedRequest as ci, UrlInput as cn, defaultPreviewSidecarClient as cr, PreviewToolbarConfig as ct, SearchOptions as d, CreateMediaInput as da, CreateSectionInput as di, NoopSandboxRunner as dn, verifyPreviewSignature as dr, ApplySnapshotToDatabaseOptions as dt, FieldDescriptor as ea, ProseMirrorMark as ei, PostTypeAnalysis as en, SessionDatabaseHandle as er, GetCommentsResult as et, SearchResponse as f, MediaItem as fa, GetSectionsOptions as fi, SandboxNotAvailableError as fn, I18nConfig as fr, applySnapshotToDatabase as ft, Suggestion as g, DinewayDatabaseError as ga, getCollectionInfo as gi, PluginRouteError as gn, AfterCallback as gr, renderPreviewLoadingPage as gt, SuggestOptions as h, DatabaseConfig as ha, UpdateSectionInput as hi, createPluginManager as hn, isI18nEnabled as hr, Snapshot as ht, getSuggestions as i, reference as ia, SandboxOptions as ii, SourceCapabilities as in, SessionOpenOrCreateOptions as ir, getPluginSettings as it, getTaxonomyDef as j, generateManifest as ji, AuthResult as jn, getEditMeta as jr, parseWxrDate as jt, getEntriesByTerm as k, handleRevisionList as ki, AuthDescriptor as kn, getDinewayCollection as kr, verifyPreviewToken as kt, CollectionSearchOptions as l, ImageValue as la, getSection as li, NodeSandboxRunner as ln, parsePreviewSignatureHeader as lr, renderPreviewToolbar as lt, SearchStats as m, ContentRepository as ma, SectionSource as mi, PluginManager as mn, getI18nConfig as mr, getAppliedSnapshotMeta as mt, extractSearchableFields as n, ManifestResponse as na, SandboxEmailMessage as ni, ProbeResult as nn, SessionDatabaseLimitError as nr, getComments as nt, searchCollection as o, FieldDefinition as oa, SandboxRunnerFactory as oi, SourceProbeResult as on, PreviewSidecarSignature as or, getSiteSettings as ot, SearchResult as p, MediaRepository as pa, Section as pi, createNoopSandboxRunner as pn, getFallbackChain as pr, dropSessionDatabaseTables as pt, Menu as q, handleContentTranslations as qi, getDb as qn, PortableTextImageBlock as qr, ImportConfig as qt, getSearchStats as r, portableText as ra, SandboxEmailSendCallback as ri, SourceAuth as rn, SessionOpenOptions as rr, getPluginSetting as rt, searchWithDb as s, FieldUIHints as sa, SandboxedPlugin as si, SuggestedAction as sn, buildPreviewSignatureHeader as sr, setSiteSettings as st, extractPlainText as t, ListResponse as ta, ProseMirrorNode as ti, PostTypeMapping as tn, SessionDatabaseInfo as tr, getCommentCount as tt, SearchConfig as u, PortableTextBlock$2 as ua, getSections as ui, createNodeSandboxRunner as un, signPreviewUrl as ur, AppliedSnapshotMeta as ut, getWidgetAreas as v, SchemaRegistry as vi, HookPipeline as vn, CacheHint as vr, getPreviewToken as vt, UpdateWidgetInput as w, handleMediaList as wi, PluginDescriptor as wn, EntryResult as wr, PreviewTokenPayload as wt, CreateWidgetInput as x, handleMediaCreate as xi, ValidatedPluginManifest as xn, ContentEntry as xr, buildPreviewUrl as xt, getWidgetComponents as y, MediaListResponse as yi, HookResult as yn, CollectionFilter$1 as yr, isPreviewRequest as yt, TaxonomyTermRow as z, handleContentGet as zi, WxrSite as zn, isSafeHref as zr, registerSource as zt };
+//#region src/astro/storage/types.d.ts
+/**
+ * Serializable storage configuration descriptor
+ */
+interface StorageDescriptor {
+  /** Module path exporting createStorage function */
+  entrypoint: string;
+  /** Serializable config passed to createStorage at runtime */
+  config: unknown;
+}
+/**
+ * S3-compatible storage configuration
+ */
+interface S3StorageConfig {
+  /** S3 endpoint URL */
+  endpoint: string;
+  /** Bucket name */
+  bucket: string;
+  /**
+   * Access key ID.
+   * May be resolved from `S3_ACCESS_KEY_ID` at runtime on Node.
+   * Must be provided together with `secretAccessKey`, or both omitted.
+   */
+  accessKeyId?: string;
+  /**
+   * Secret access key.
+   * May be resolved from `S3_SECRET_ACCESS_KEY` at runtime on Node.
+   * Must be provided together with `accessKeyId`, or both omitted.
+   */
+  secretAccessKey?: string;
+  /** Optional region (defaults to "auto") */
+  region?: string;
+  /** Optional public URL prefix for CDN */
+  publicUrl?: string;
+}
+/**
+ * Local filesystem storage configuration
+ */
+interface LocalStorageConfig {
+  /** Directory path for storing files */
+  directory: string;
+  /** Base URL for serving files */
+  baseUrl: string;
+}
+//#endregion
+//#region src/astro/integration/runtime.d.ts
+/**
+ * Admin page definition (copied from plugins/types to avoid circular deps)
+ */
+interface PluginAdminPage {
+  path: string;
+  label: string;
+  icon?: string;
+}
+/**
+ * Dashboard widget definition (copied from plugins/types to avoid circular deps)
+ */
+interface PluginDashboardWidget {
+  id: string;
+  size?: "full" | "half" | "third";
+  title?: string;
+}
+/**
+ * Plugin descriptor - returned by plugin factory functions
+ *
+ * Contains all static metadata needed for manifest and admin UI,
+ * plus the entrypoint for runtime instantiation.
+ *
+ * @example
+ * ```ts
+ * export function myPlugin(options?: MyPluginOptions): PluginDescriptor {
+ *   return {
+ *     id: "my-plugin",
+ *     version: "1.0.0",
+ *     entrypoint: "@my-org/dineway-plugin-foo",
+ *     options: options ?? {},
+ *     adminEntry: "@my-org/dineway-plugin-foo/admin",
+ *     adminPages: [{ path: "/settings", label: "Settings" }],
+ *   };
+ * }
+ * ```
+ */
+/**
+ * Storage collection declaration for sandboxed plugins
+ */
+interface StorageCollectionDeclaration {
+  indexes?: string[];
+  uniqueIndexes?: string[];
+}
+interface PluginDescriptor<TOptions = Record<string, unknown>> {
+  /** Unique plugin identifier */
+  id: string;
+  /** Plugin version (semver) */
+  version: string;
+  /** Module specifier to import (e.g., "@dineway-ai/plugin-api-test") */
+  entrypoint: string;
+  /**
+   * Options to pass to createPlugin(). Native format only.
+   * Standard-format plugins configure themselves via KV settings
+   * and Block Kit admin pages -- not constructor options.
+   */
+  options?: TOptions;
+  /**
+   * Plugin format. Determines how the entrypoint is loaded:
+   * - `"standard"` -- exports `definePlugin({ hooks, routes })` as default.
+   *   Wrapped with `adaptSandboxEntry` for in-process execution. Can run in both
+   *   `plugins: []` (in-process) and `sandboxed: []` (isolate).
+   * - `"native"` -- exports `createPlugin(options)` returning a `ResolvedPlugin`.
+   *   Can only run in `plugins: []`. Cannot be sandboxed or published to marketplace.
+   *
+   * Defaults to `"native"` when unset.
+   *
+   */
+  format?: "standard" | "native";
+  /** Admin UI module specifier (e.g., "@dineway-ai/plugin-audit-log/admin") */
+  adminEntry?: string;
+  /** Module specifier for site-side Astro rendering components (must export `blockComponents`) */
+  componentsEntry?: string;
+  /** Admin pages for navigation */
+  adminPages?: PluginAdminPage[];
+  /** Dashboard widgets */
+  adminWidgets?: PluginDashboardWidget[];
+  /**
+   * Capabilities the plugin requests.
+   * For standard-format plugins, capabilities are enforced in both trusted and
+   * sandboxed modes via the PluginContextFactory.
+   */
+  capabilities?: string[];
+  /**
+   * Allowed hosts for network:request capability
+   * Supports wildcards like "*.example.com"
+   */
+  allowedHosts?: string[];
+  /**
+   * Storage collections the plugin declares
+   * Sandboxed plugins can only access declared collections.
+   */
+  storage?: Record<string, StorageCollectionDeclaration>;
+}
+/**
+ * Sandboxed plugin descriptor - same format as PluginDescriptor
+ *
+ * These run in isolated environments provided by the configured sandbox runner.
+ * The `entrypoint` is resolved to a file and bundled at build time.
+ */
+type SandboxedPluginDescriptor<TOptions = Record<string, unknown>> = PluginDescriptor<TOptions>;
+interface DinewayFontsConfig {
+  /**
+   * Additional Noto Sans or compatible script families to include in the admin UI.
+   *
+   * Use script names like "arabic", "farsi", "japanese", or "chinese-simplified".
+   */
+  scripts?: string[];
+}
+interface DinewayConfig {
+  /**
+   * Database configuration
+   *
+   * Use one of the adapter functions:
+   * - `libsql({ url: process.env.DINEWAY_DATABASE_URL || "file:./data.db" })` - Default Node/libSQL path
+   * - `sqlite({ url: "file:./data.db" })` - Local SQLite only
+   * - `postgres({ connectionString: process.env.DATABASE_URL! })` - PostgreSQL deployments
+   *
+   * @example
+   * ```ts
+   * import { libsql } from "dineway/db";
+   *
+   * dineway({
+   *   database: libsql({ url: process.env.DINEWAY_DATABASE_URL || "file:./data.db" }),
+   * })
+   * ```
+   */
+  database?: DatabaseDescriptor;
+  /**
+   * Storage configuration (for media)
+   */
+  storage?: StorageDescriptor;
+  /**
+   * Trusted plugins to load (run in main isolate)
+   *
+   * @example
+   * ```ts
+   * import { auditLogPlugin } from "@dineway-ai/plugin-audit-log";
+   * import { webhookNotifierPlugin } from "@dineway-ai/plugin-webhook-notifier";
+   *
+   * dineway({
+   *   plugins: [
+   *     auditLogPlugin(),
+   *     webhookNotifierPlugin({ url: "https://example.com/webhook" }),
+   *   ],
+   * })
+   * ```
+   */
+  plugins?: PluginDescriptor[];
+  /**
+   * Sandboxed plugins to load (run behind the configured `SandboxRunner`)
+   *
+   * Uses the same format as `plugins`; the configured sandbox runner decides
+   * how isolation is enforced for the current runtime.
+   *
+   * @example
+   * ```ts
+   * import { untrustedPlugin } from "some-third-party-plugin";
+   *
+   * dineway({
+   *   plugins: [trustedPlugin()],     // runs in host
+   *   sandboxed: [untrustedPlugin()], // runs in the default Node sandbox
+   * })
+   * ```
+   */
+  sandboxed?: SandboxedPluginDescriptor[];
+  /**
+   * Optional module that exports a custom sandbox runner factory.
+   * When omitted, Dineway uses its built-in Node sandbox runner.
+   *
+   * @example
+   * ```ts
+   * import { createNodeSandboxRunner } from "dineway";
+   *
+   * export const createSandboxRunner = createNodeSandboxRunner;
+   * ```
+   *
+   * @example
+   * ```ts
+   * dineway({
+   *   sandboxRunner: "./src/sandbox-runner.ts",
+   * })
+   * ```
+   */
+  sandboxRunner?: string;
+  /**
+   * Authentication configuration
+   *
+   * Use an auth descriptor or an adapter function from a provider package.
+   *
+   * When an external auth provider is configured, passkey auth is disabled.
+   *
+   * @example
+   * ```ts
+   * dineway({
+   *   auth: {
+   *     type: "header-auth",
+   *     entrypoint: "./src/header-auth.ts",
+   *     config: {
+   *       userHeader: "x-forwarded-user-email",
+   *       roleHeader: "x-forwarded-user-role",
+   *     },
+   *   },
+   * })
+   * ```
+   */
+  auth?: AuthDescriptor;
+  /**
+   * Interactive login providers shown on the admin login page and setup wizard.
+   *
+   * These are additive to built-in passkey auth. Transparent request auth still
+   * uses `auth`; when `auth` is configured, the external provider owns login.
+   */
+  authProviders?: AuthProviderDescriptor[];
+  /**
+   * MCP (Model Context Protocol) server endpoint.
+   *
+   * Exposes an MCP Streamable HTTP server at `/_dineway/api/mcp`
+   * that allows AI agents and tools to interact with the CMS using
+   * the standardized MCP protocol.
+   *
+   * Enabled by default. The endpoint requires bearer token auth, so
+   * it has no practical effect unless the user creates an API token
+   * or configures an OAuth client. Set to `false` to disable.
+   *
+   * @default true
+   *
+   * @example
+   * ```ts
+   * dineway({
+   *   mcp: false,
+   * })
+   * ```
+   */
+  mcp?: boolean;
+  /**
+   * Plugin marketplace URL
+   *
+   * When set, enables the marketplace features: browse, install, update,
+   * and uninstall plugins from a remote marketplace.
+   *
+   * Must be an HTTPS URL in production, or localhost/127.0.0.1 in dev.
+   * Marketplace plugins run in the built-in Node sandbox runner unless
+   * `sandboxRunner` is set to override it.
+   *
+   * @example
+   * ```ts
+   * dineway({
+   *   marketplace: "https://marketplace.example.com",
+   * })
+   * ```
+   */
+  marketplace?: string;
+  /**
+   * Maximum allowed media file upload size in bytes.
+   *
+   * Applies to both direct multipart uploads and signed-URL uploads.
+   * When omitted, Dineway defaults to 52_428_800 (50 MB).
+   *
+   * @example
+   * ```ts
+   * dineway({ maxUploadSize: 100 * 1024 * 1024 }) // 100 MB
+   * ```
+   */
+  maxUploadSize?: number;
+  /**
+   * Admin UI branding.
+   *
+   * Use this to customize the logo, name, and favicon shown in the
+   * Dineway admin panel without changing public site identity settings.
+   *
+   * @example
+   * ```ts
+   * dineway({
+   *   admin: {
+   *     logo: "/images/agency-logo.svg",
+   *     siteName: "Agency Console",
+   *     favicon: "/agency-favicon.ico",
+   *   },
+   * })
+   * ```
+   */
+  admin?: {
+    /** URL or path to a custom logo image for the admin UI. */logo?: string; /** Custom name displayed in the admin sidebar and browser tab. */
+    siteName?: string; /** URL or path to a custom favicon for the admin panel. */
+    favicon?: string;
+  };
+  /**
+   * Admin UI font configuration.
+   *
+   * By default, Dineway uses the Astro Font API to load Noto Sans at
+   * build time and self-host the generated font files. Set to false to
+   * disable Dineway-managed fonts and use system fonts.
+   *
+   * @example
+   * ```ts
+   * dineway({
+   *   fonts: {
+   *     scripts: ["arabic", "farsi", "japanese"],
+   *   },
+   * })
+   * ```
+   */
+  fonts?: false | DinewayFontsConfig;
+  /**
+   * Public browser-facing origin for the site.
+   *
+   * Use when `Astro.url` / `request.url` do not match what users open — common with a
+   * **TLS-terminating reverse proxy**: the app often sees `http://` on the internal hop
+   * while the browser uses `https://`, which breaks WebAuthn, CSRF, OAuth, and redirect URLs.
+   *
+   * Set to the full origin users type in the address bar (no path), e.g.
+   * `https://mysite.example.com`. When not set, falls back to environment variables
+   * `DINEWAY_SITE_URL` > `SITE_URL`, then to the request URL's origin.
+   *
+   * Replaces `passkeyPublicOrigin` (which only fixed passkeys).
+   */
+  siteUrl?: string;
+  /**
+   * Additional origins accepted by passkey verification.
+   *
+   * When the same Dineway deployment is reachable under several hostnames
+   * sharing a registrable parent (e.g. `https://example.com` plus
+   * `https://preview.example.com`), the canonical `siteUrl` defines the
+   * `rpId` and the entries here are the additional origins from which
+   * assertions are accepted. Each entry must be the same hostname as
+   * `siteUrl` or a subdomain of it; WebAuthn requires `rpId` to be a
+   * registrable suffix of every origin.
+   *
+   * Merged at runtime with the `DINEWAY_ALLOWED_ORIGINS` env var
+   * (comma-separated), falling back to `ALLOWED_ORIGINS` when the prefixed
+   * variable is absent. Validation:
+   *   - Config-declared entries are shape-checked at Astro startup.
+   *   - Subdomain relationship to `siteUrl` is checked at startup when
+   *     `siteUrl` is also config-declared, otherwise at first passkey
+   *     verification because `siteUrl` may come from `DINEWAY_SITE_URL`.
+   *
+   * Mismatches throw with a source-attributed message naming
+   * `config.allowedOrigins`, `DINEWAY_ALLOWED_ORIGINS`, or `ALLOWED_ORIGINS`.
+   *
+   * @example
+   * ```ts
+   * dineway({
+   *   siteUrl: "https://example.com",
+   *   allowedOrigins: ["https://preview.example.com"],
+   * })
+   * ```
+   */
+  allowedOrigins?: string[];
+  /**
+   * Reverse-proxy headers that Dineway may trust for client IP resolution.
+   *
+   * Defaults to no trusted headers. Set this only when Dineway is deployed
+   * behind a reverse proxy you control and that proxy strips or overwrites
+   * incoming client-supplied copies of these headers.
+   *
+   * When omitted, Dineway falls back to `DINEWAY_TRUSTED_PROXY_HEADERS`.
+   *
+   * @example
+   * ```ts
+   * dineway({
+   *   trustedProxyHeaders: ["x-real-ip", "x-forwarded-for"],
+   * })
+   * ```
+   */
+  trustedProxyHeaders?: string[];
+  /**
+   * Enable playground mode for ephemeral "try Dineway" sites.
+   *
+   * When set, the integration injects a playground middleware (order: "pre")
+   * that runs BEFORE the normal Dineway middleware chain. It creates an
+   * isolated session database per visitor, runs migrations, applies the
+   * seed, creates an anonymous admin user, and stashes the request-scoped
+   * database on locals so the runtime and request-context middleware can
+   * pick it up.
+   *
+   * Setup and auth middleware are skipped because the playground middleware
+   * handles bootstrap and user injection.
+   *
+   * For the first portable release, playground sidecars are explicitly
+   * single-instance only.
+   *
+   * @example
+   * ```ts
+   * import { fileURLToPath } from "node:url";
+   * import { libsql } from "dineway/db";
+   *
+   * dineway({
+   *   database: libsql({ url: process.env.DINEWAY_DATABASE_URL || "file:./playground.db" }),
+   *   playground: {
+   *     middlewareEntrypoint: fileURLToPath(
+   *       new URL("./src/playground-middleware.ts", import.meta.url)
+   *     ),
+   *   },
+   * })
+   * ```
+   */
+  playground?: {
+    /** Module path for the playground middleware. */middlewareEntrypoint: string;
+  };
+  /**
+   * Media providers for browsing and uploading media
+   *
+   * The local media provider (using storage adapter) is available by default.
+   * Additional providers can be added for external services like Unsplash,
+   * Cloudinary, Mux, and other provider packages.
+   *
+   * @example
+   * ```ts
+   * import { unsplash } from "@dineway-ai/provider-unsplash";
+   *
+   * dineway({
+   *   mediaProviders: [
+   *     unsplash({ accessKey: "..." }),
+   *   ],
+   * })
+   * ```
+   */
+  mediaProviders?: MediaProviderDescriptor[];
+}
+/**
+ * Get stored config from global
+ * This is set by the virtual module at build time
+ */
+declare function getStoredConfig(): DinewayConfig | null;
+declare global {
+  var __dinewayConfig: DinewayConfig | undefined;
+}
+//#endregion
+export { createPluginManager as $, isParseError as $n, SandboxOptions as $t, dropSessionDatabaseTables as A, handleContentDelete as An, verifyPreviewSignature as At, GeneratePreviewTokenOptions as B, handleContentSchedule as Bn, prosemirrorToPortableText as Bt, getByline as C, handleRevisionList as Cn, SessionOpenOrCreateOptions as Ct, AppliedSnapshotMeta as D, handleContentCountScheduled as Dn, defaultPreviewSidecarClient as Dt, renderPreviewToolbar as E, handleContentCompare as En, buildPreviewSignatureHeader as Et, getPreviewToken as F, handleContentList as Fn, AfterCallback as Ft, parseContentId as G, CreateMediaInput as Gn, PortableTextSpan as Gt, VerifyPreviewTokenOptions as H, handleContentUnpublish as Hn, PortableTextImageBlock as Ht, isPreviewRequest as I, handleContentListTrashed as In, after as It, createNodeSandboxRunner as J, ContentRepository as Jn, ProseMirrorDocument as Jt, verifyPreviewToken as K, MediaItem as Kn, PortableTextTextBlock as Kt, GetPreviewUrlOptions as L, handleContentPermanentDelete as Ln, computeContentHash as Lt, Snapshot as M, handleContentDuplicate as Mn, getFallbackChain as Mt, renderPreviewLoadingPage as N, handleContentGet as Nn, getI18nConfig as Nt, ApplySnapshotToDatabaseOptions as O, handleContentCountTrashed as On, parsePreviewSignatureHeader as Ot, isBlockedInPreview as P, handleContentGetIncludingTrashed as Pn, isI18nEnabled as Pt, PluginManager as Q, ParseResult as Qn, SandboxEmailSendCallback as Qt, buildPreviewUrl as R, handleContentPublish as Rn, hashString as Rt, Suggestion as S, handleRevisionGet as Sn, SessionOpenOptions as St, PreviewToolbarConfig as T, generateManifest as Tn, PreviewSidecarSignature as Tt, VerifyPreviewTokenResult as U, handleContentUnschedule as Un, PortableTextLinkMark as Ut, PreviewTokenPayload as V, handleContentTranslations as Vn, PortableTextCodeBlock as Vt, generatePreviewToken as W, handleContentUpdate as Wn, PortableTextMarkDef as Wt, SandboxNotAvailableError as X, DinewayDatabaseError as Xn, ProseMirrorNode as Xt, NoopSandboxRunner as Y, DatabaseConfig as Yn, ProseMirrorMark as Yt, createNoopSandboxRunner as Z, OptionsRepository as Zn, SandboxEmailMessage as Zt, SearchOptions as _, handleMediaGet as _n, SessionCleanupResult as _t, S3StorageConfig as a, getSections as an, ApiContext as ar, ValidatedPluginManifest as at, SearchStats as b, RevisionListResponse as bn, SessionDatabaseInfo as bt, extractSearchableFields as c, Section as cn, FieldDescriptor as cr, CollectionFilter as ct, search as d, SchemaError as dn, dinewayLoader as dt, SandboxRunner as en, parseBody as er, PluginRouteError as et, searchCollection as f, SchemaRegistry as fn, getDb as ft, SearchConfig as g, handleMediaDelete as gn, FileSessionDatabaseFactoryOptions as gt, CollectionSearchOptions as h, handleMediaCreate as hn, FileSessionDatabaseFactory as ht, LocalStorageConfig as i, getSection as in, handleError as ir, createHookPipeline as it, getAppliedSnapshotMeta as j, handleContentDiscardDraft as jn, I18nConfig as jt, applySnapshotToDatabase as k, handleContentCreate as kn, signPreviewUrl as kt, getSearchStats as l, SectionSource as ln, ListResponse as lr, EntryData as lt, FTSManager as m, MediaResponse as mn, createFilePreviewMiddleware as mt, PluginDescriptor as n, SandboxedPlugin as nn, apiError as nr, HookPipeline as nt, StorageDescriptor as o, CreateSectionInput as on, ContentListResponse as or, pluginManifestSchema as ot, searchWithDb as p, MediaListResponse as pn, FilePreviewMiddlewareConfig as pt, NodeSandboxRunner as q, MediaRepository as qn, PortableTextUnknownBlock as qt, getStoredConfig as r, SerializedRequest as rn, apiSuccess as rr, HookResult as rt, extractPlainText as s, GetSectionsOptions as sn, ContentResponse as sr, definePlugin as st, DinewayConfig as t, SandboxRunnerFactory as tn, parseQuery as tr, EmailPipeline as tt, getSuggestions as u, UpdateSectionInput as un, ManifestResponse as ur, EntryFilter as ut, SearchResponse as v, handleMediaList as vn, SessionDatabaseFactory as vt, getBylineBySlug as w, handleRevisionRestore as wn, PreviewSidecarClient as wt, SuggestOptions as x, RevisionResponse as xn, SessionDatabaseLimitError as xt, SearchResult as y, handleMediaUpdate as yn, SessionDatabaseHandle as yt, getPreviewUrl as z, handleContentRestore as zn, portableTextToProsemirror as zt };