npm - emdash - Versions diffs - 0.0.0-a → 0.0.1 - Mend

emdash 0.0.0-a → 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (661) hide show

package/README.md +87 -1
package/dist/adapters-BLMa4JGD.d.mts +106 -0
package/dist/adapters-BLMa4JGD.d.mts.map +1 -0
package/dist/apply-Bjfq_b4-.mjs +1293 -0
package/dist/apply-Bjfq_b4-.mjs.map +1 -0
package/dist/astro/index.d.mts +51 -0
package/dist/astro/index.d.mts.map +1 -0
package/dist/astro/index.mjs +1333 -0
package/dist/astro/index.mjs.map +1 -0
package/dist/astro/middleware/auth.d.mts +31 -0
package/dist/astro/middleware/auth.d.mts.map +1 -0
package/dist/astro/middleware/auth.mjs +654 -0
package/dist/astro/middleware/auth.mjs.map +1 -0
package/dist/astro/middleware/redirect.d.mts +22 -0
package/dist/astro/middleware/redirect.d.mts.map +1 -0
package/dist/astro/middleware/redirect.mjs +63 -0
package/dist/astro/middleware/redirect.mjs.map +1 -0
package/dist/astro/middleware/request-context.d.mts +18 -0
package/dist/astro/middleware/request-context.d.mts.map +1 -0
package/dist/astro/middleware/request-context.mjs +1310 -0
package/dist/astro/middleware/request-context.mjs.map +1 -0
package/dist/astro/middleware/setup.d.mts +20 -0
package/dist/astro/middleware/setup.d.mts.map +1 -0
package/dist/astro/middleware/setup.mjs +47 -0
package/dist/astro/middleware/setup.mjs.map +1 -0
package/dist/astro/middleware.d.mts +13 -0
package/dist/astro/middleware.d.mts.map +1 -0
package/dist/astro/middleware.mjs +1613 -0
package/dist/astro/middleware.mjs.map +1 -0
package/dist/astro/types.d.mts +250 -0
package/dist/astro/types.d.mts.map +1 -0
package/dist/astro/types.mjs +1 -0
package/dist/base64-MBPo9ozB.mjs +59 -0
package/dist/base64-MBPo9ozB.mjs.map +1 -0
package/dist/byline-CL847F26.mjs +213 -0
package/dist/byline-CL847F26.mjs.map +1 -0
package/dist/bylines-C2a-2TGt.mjs +136 -0
package/dist/bylines-C2a-2TGt.mjs.map +1 -0
package/dist/chunk-ClPoSABd.mjs +21 -0
package/dist/cli/index.d.mts +1 -0
package/dist/cli/index.mjs +3909 -0
package/dist/cli/index.mjs.map +1 -0
package/dist/client/cf-access.d.mts +60 -0
package/dist/client/cf-access.d.mts.map +1 -0
package/dist/client/cf-access.mjs +179 -0
package/dist/client/cf-access.mjs.map +1 -0
package/dist/client/index.d.mts +398 -0
package/dist/client/index.d.mts.map +1 -0
package/dist/client/index.mjs +346 -0
package/dist/client/index.mjs.map +1 -0
package/dist/config-CKE8p9xM.mjs +55 -0
package/dist/config-CKE8p9xM.mjs.map +1 -0
package/dist/connection-B4zVnQIa.mjs +40 -0
package/dist/connection-B4zVnQIa.mjs.map +1 -0
package/dist/content-D6C2WsZC.mjs +824 -0
package/dist/content-D6C2WsZC.mjs.map +1 -0
package/dist/db/index.d.mts +4 -0
package/dist/db/index.mjs +62 -0
package/dist/db/index.mjs.map +1 -0
package/dist/db/libsql.d.mts +11 -0
package/dist/db/libsql.d.mts.map +1 -0
package/dist/db/libsql.mjs +17 -0
package/dist/db/libsql.mjs.map +1 -0
package/dist/db/postgres.d.mts +11 -0
package/dist/db/postgres.d.mts.map +1 -0
package/dist/db/postgres.mjs +30 -0
package/dist/db/postgres.mjs.map +1 -0
package/dist/db/sqlite.d.mts +11 -0
package/dist/db/sqlite.d.mts.map +1 -0
package/dist/db/sqlite.mjs +16 -0
package/dist/db/sqlite.mjs.map +1 -0
package/dist/default-Cyi4aAxu.mjs +81 -0
package/dist/default-Cyi4aAxu.mjs.map +1 -0
package/dist/dialect-helpers-B9uSp2GJ.mjs +90 -0
package/dist/dialect-helpers-B9uSp2GJ.mjs.map +1 -0
package/dist/error-Cxz0tQeO.mjs +27 -0
package/dist/error-Cxz0tQeO.mjs.map +1 -0
package/dist/index-C1xF3OGh.d.mts +4527 -0
package/dist/index-C1xF3OGh.d.mts.map +1 -0
package/dist/index.d.mts +16 -0
package/dist/index.mjs +30 -0
package/dist/load-yOOlckBj.mjs +28 -0
package/dist/load-yOOlckBj.mjs.map +1 -0
package/dist/loader-fz8Q_3EO.mjs +447 -0
package/dist/loader-fz8Q_3EO.mjs.map +1 -0
package/dist/manifest-schema-Dcl0R6nM.mjs +184 -0
package/dist/manifest-schema-Dcl0R6nM.mjs.map +1 -0
package/dist/media/index.d.mts +26 -0
package/dist/media/index.d.mts.map +1 -0
package/dist/media/index.mjs +55 -0
package/dist/media/index.mjs.map +1 -0
package/dist/media/local-runtime.d.mts +39 -0
package/dist/media/local-runtime.d.mts.map +1 -0
package/dist/media/local-runtime.mjs +133 -0
package/dist/media/local-runtime.mjs.map +1 -0
package/dist/media-DqHVh136.mjs +200 -0
package/dist/media-DqHVh136.mjs.map +1 -0
package/dist/mode-C2EzN1uE.mjs +23 -0
package/dist/mode-C2EzN1uE.mjs.map +1 -0
package/dist/page/index.d.mts +140 -0
package/dist/page/index.d.mts.map +1 -0
package/dist/page/index.mjs +416 -0
package/dist/page/index.mjs.map +1 -0
package/dist/placeholder-CmGAmqeO.d.mts +276 -0
package/dist/placeholder-CmGAmqeO.d.mts.map +1 -0
package/dist/placeholder-SmpOx-_v.mjs +243 -0
package/dist/placeholder-SmpOx-_v.mjs.map +1 -0
package/dist/plugin-utils.d.mts +58 -0
package/dist/plugin-utils.d.mts.map +1 -0
package/dist/plugin-utils.mjs +78 -0
package/dist/plugin-utils.mjs.map +1 -0
package/dist/plugins/adapt-sandbox-entry.d.mts +22 -0
package/dist/plugins/adapt-sandbox-entry.d.mts.map +1 -0
package/dist/plugins/adapt-sandbox-entry.mjs +113 -0
package/dist/plugins/adapt-sandbox-entry.mjs.map +1 -0
package/dist/query-CS_iSj34.mjs +460 -0
package/dist/query-CS_iSj34.mjs.map +1 -0
package/dist/redirect-DIfIni3r.mjs +329 -0
package/dist/redirect-DIfIni3r.mjs.map +1 -0
package/dist/registry-D_w5HW4G.mjs +863 -0
package/dist/registry-D_w5HW4G.mjs.map +1 -0
package/dist/request-context.d.mts +49 -0
package/dist/request-context.d.mts.map +1 -0
package/dist/request-context.mjs +43 -0
package/dist/request-context.mjs.map +1 -0
package/dist/runner-B-u2F2b6.mjs +1412 -0
package/dist/runner-B-u2F2b6.mjs.map +1 -0
package/dist/runner-EAtf0ZIe.d.mts +27 -0
package/dist/runner-EAtf0ZIe.d.mts.map +1 -0
package/dist/runtime.d.mts +26 -0
package/dist/runtime.d.mts.map +1 -0
package/dist/runtime.mjs +42 -0
package/dist/runtime.mjs.map +1 -0
package/dist/search-DG603UrT.mjs +9211 -0
package/dist/search-DG603UrT.mjs.map +1 -0
package/dist/seed/index.d.mts +3 -0
package/dist/seed/index.mjs +15 -0
package/dist/seo/index.d.mts +70 -0
package/dist/seo/index.d.mts.map +1 -0
package/dist/seo/index.mjs +70 -0
package/dist/seo/index.mjs.map +1 -0
package/dist/storage/local.d.mts +39 -0
package/dist/storage/local.d.mts.map +1 -0
package/dist/storage/local.mjs +166 -0
package/dist/storage/local.mjs.map +1 -0
package/dist/storage/s3.d.mts +32 -0
package/dist/storage/s3.d.mts.map +1 -0
package/dist/storage/s3.mjs +175 -0
package/dist/storage/s3.mjs.map +1 -0
package/dist/tokens-DpgrkrXK.mjs +171 -0
package/dist/tokens-DpgrkrXK.mjs.map +1 -0
package/dist/transport-BFGblqwG.d.mts +42 -0
package/dist/transport-BFGblqwG.d.mts.map +1 -0
package/dist/transport-yxiQsi8I.mjs +418 -0
package/dist/transport-yxiQsi8I.mjs.map +1 -0
package/dist/types-BRuPJGdV.d.mts +102 -0
package/dist/types-BRuPJGdV.d.mts.map +1 -0
package/dist/types-C4-fAxN3.d.mts +182 -0
package/dist/types-C4-fAxN3.d.mts.map +1 -0
package/dist/types-CMMN0pNg.mjs +31 -0
package/dist/types-CMMN0pNg.mjs.map +1 -0
package/dist/types-CUBbjgmP.mjs +16 -0
package/dist/types-CUBbjgmP.mjs.map +1 -0
package/dist/types-DRjfYOEv.d.mts +426 -0
package/dist/types-DRjfYOEv.d.mts.map +1 -0
package/dist/types-DY5zk5HN.mjs +73 -0
package/dist/types-DY5zk5HN.mjs.map +1 -0
package/dist/types-DaNLHo_T.d.mts +184 -0
package/dist/types-DaNLHo_T.d.mts.map +1 -0
package/dist/types-DvhsUmSJ.d.mts +1111 -0
package/dist/types-DvhsUmSJ.d.mts.map +1 -0
package/dist/validate-CpBtVMsD.d.mts +378 -0
package/dist/validate-CpBtVMsD.d.mts.map +1 -0
package/dist/validate-CqRJb_xU.mjs +97 -0
package/dist/validate-CqRJb_xU.mjs.map +1 -0
package/dist/validate-O7PWmlnq.mjs +328 -0
package/dist/validate-O7PWmlnq.mjs.map +1 -0
package/locals.d.ts +46 -0
package/package.json +233 -19
package/src/api/authorize.ts +63 -0
package/src/api/csrf.ts +48 -0
package/src/api/error.ts +99 -0
package/src/api/errors.ts +445 -0
package/src/api/escape.ts +9 -0
package/src/api/handlers/api-tokens.ts +240 -0
package/src/api/handlers/comments.ts +314 -0
package/src/api/handlers/content.ts +1315 -0
package/src/api/handlers/dashboard.ts +205 -0
package/src/api/handlers/device-flow.ts +687 -0
package/src/api/handlers/index.ts +163 -0
package/src/api/handlers/manifest.ts +158 -0
package/src/api/handlers/marketplace.ts +930 -0
package/src/api/handlers/media.ts +207 -0
package/src/api/handlers/menus.ts +493 -0
package/src/api/handlers/oauth-authorization.ts +429 -0
package/src/api/handlers/oauth-clients.ts +353 -0
package/src/api/handlers/oauth-user-lookup.ts +39 -0
package/src/api/handlers/plugins.ts +254 -0
package/src/api/handlers/redirects.ts +360 -0
package/src/api/handlers/revision.ts +145 -0
package/src/api/handlers/schema.ts +534 -0
package/src/api/handlers/sections.ts +289 -0
package/src/api/handlers/seo.ts +115 -0
package/src/api/handlers/settings.ts +49 -0
package/src/api/handlers/snapshot.ts +350 -0
package/src/api/handlers/taxonomies.ts +523 -0
package/src/api/index.ts +6 -0
package/src/api/openapi/document.ts +2368 -0
package/src/api/openapi/index.ts +1 -0
package/src/api/parse.ts +139 -0
package/src/api/redirect.ts +14 -0
package/src/api/rev.ts +67 -0
package/src/api/schemas/auth.ts +112 -0
package/src/api/schemas/bylines.ts +85 -0
package/src/api/schemas/comments.ts +117 -0
package/src/api/schemas/common.ts +89 -0
package/src/api/schemas/content.ts +191 -0
package/src/api/schemas/import.ts +52 -0
package/src/api/schemas/index.ts +17 -0
package/src/api/schemas/media.ts +116 -0
package/src/api/schemas/menus.ts +111 -0
package/src/api/schemas/redirects.ts +155 -0
package/src/api/schemas/schema.ts +203 -0
package/src/api/schemas/search.ts +63 -0
package/src/api/schemas/sections.ts +67 -0
package/src/api/schemas/settings.ts +63 -0
package/src/api/schemas/setup.ts +37 -0
package/src/api/schemas/taxonomies.ts +113 -0
package/src/api/schemas/users.ts +96 -0
package/src/api/schemas/widgets.ts +80 -0
package/src/api/site-url.ts +25 -0
package/src/api/types.ts +82 -0
package/src/astro/index.ts +27 -0
package/src/astro/integration/index.ts +303 -0
package/src/astro/integration/routes.ts +834 -0
package/src/astro/integration/runtime.ts +338 -0
package/src/astro/integration/virtual-modules.ts +469 -0
package/src/astro/integration/vite-config.ts +328 -0
package/src/astro/middleware/auth.ts +743 -0
package/src/astro/middleware/redirect.ts +89 -0
package/src/astro/middleware/request-context.ts +129 -0
package/src/astro/middleware/setup.ts +89 -0
package/src/astro/middleware.ts +398 -0
package/src/astro/routes/PluginRegistry.tsx +15 -0
package/src/astro/routes/admin.astro +81 -0
package/src/astro/routes/api/admin/allowed-domains/[domain].ts +112 -0
package/src/astro/routes/api/admin/allowed-domains/index.ts +108 -0
package/src/astro/routes/api/admin/api-tokens/[id].ts +40 -0
package/src/astro/routes/api/admin/api-tokens/index.ts +68 -0
package/src/astro/routes/api/admin/bylines/[id]/index.ts +87 -0
package/src/astro/routes/api/admin/bylines/index.ts +72 -0
package/src/astro/routes/api/admin/comments/[id]/status.ts +120 -0
package/src/astro/routes/api/admin/comments/[id].ts +64 -0
package/src/astro/routes/api/admin/comments/bulk.ts +42 -0
package/src/astro/routes/api/admin/comments/counts.ts +30 -0
package/src/astro/routes/api/admin/comments/index.ts +46 -0
package/src/astro/routes/api/admin/hooks/exclusive/[hookName].ts +91 -0
package/src/astro/routes/api/admin/hooks/exclusive/index.ts +51 -0
package/src/astro/routes/api/admin/oauth-clients/[id].ts +110 -0
package/src/astro/routes/api/admin/oauth-clients/index.ts +71 -0
package/src/astro/routes/api/admin/plugins/[id]/disable.ts +39 -0
package/src/astro/routes/api/admin/plugins/[id]/enable.ts +39 -0
package/src/astro/routes/api/admin/plugins/[id]/index.ts +38 -0
package/src/astro/routes/api/admin/plugins/[id]/uninstall.ts +48 -0
package/src/astro/routes/api/admin/plugins/[id]/update.ts +59 -0
package/src/astro/routes/api/admin/plugins/index.ts +32 -0
package/src/astro/routes/api/admin/plugins/marketplace/[id]/icon.ts +61 -0
package/src/astro/routes/api/admin/plugins/marketplace/[id]/index.ts +33 -0
package/src/astro/routes/api/admin/plugins/marketplace/[id]/install.ts +62 -0
package/src/astro/routes/api/admin/plugins/marketplace/index.ts +38 -0
package/src/astro/routes/api/admin/plugins/updates.ts +28 -0
package/src/astro/routes/api/admin/themes/marketplace/[id]/index.ts +33 -0
package/src/astro/routes/api/admin/themes/marketplace/[id]/thumbnail.ts +61 -0
package/src/astro/routes/api/admin/themes/marketplace/index.ts +45 -0
package/src/astro/routes/api/admin/users/[id]/disable.ts +69 -0
package/src/astro/routes/api/admin/users/[id]/enable.ts +48 -0
package/src/astro/routes/api/admin/users/[id]/index.ts +146 -0
package/src/astro/routes/api/admin/users/[id]/send-recovery.ts +72 -0
package/src/astro/routes/api/admin/users/index.ts +66 -0
package/src/astro/routes/api/auth/dev-bypass.ts +139 -0
package/src/astro/routes/api/auth/invite/accept.ts +52 -0
package/src/astro/routes/api/auth/invite/complete.ts +84 -0
package/src/astro/routes/api/auth/invite/index.ts +99 -0
package/src/astro/routes/api/auth/logout.ts +40 -0
package/src/astro/routes/api/auth/magic-link/send.ts +89 -0
package/src/astro/routes/api/auth/magic-link/verify.ts +71 -0
package/src/astro/routes/api/auth/me.ts +60 -0
package/src/astro/routes/api/auth/oauth/[provider]/callback.ts +219 -0
package/src/astro/routes/api/auth/oauth/[provider].ts +119 -0
package/src/astro/routes/api/auth/passkey/[id].ts +124 -0
package/src/astro/routes/api/auth/passkey/index.ts +54 -0
package/src/astro/routes/api/auth/passkey/options.ts +82 -0
package/src/astro/routes/api/auth/passkey/register/options.ts +86 -0
package/src/astro/routes/api/auth/passkey/register/verify.ts +117 -0
package/src/astro/routes/api/auth/passkey/verify.ts +66 -0
package/src/astro/routes/api/auth/signup/complete.ts +85 -0
package/src/astro/routes/api/auth/signup/request.ts +77 -0
package/src/astro/routes/api/auth/signup/verify.ts +53 -0
package/src/astro/routes/api/comments/[collection]/[contentId]/index.ts +312 -0
package/src/astro/routes/api/content/[collection]/[id]/compare.ts +28 -0
package/src/astro/routes/api/content/[collection]/[id]/discard-draft.ts +54 -0
package/src/astro/routes/api/content/[collection]/[id]/duplicate.ts +61 -0
package/src/astro/routes/api/content/[collection]/[id]/permanent.ts +33 -0
package/src/astro/routes/api/content/[collection]/[id]/preview-url.ts +107 -0
package/src/astro/routes/api/content/[collection]/[id]/publish.ts +56 -0
package/src/astro/routes/api/content/[collection]/[id]/restore.ts +54 -0
package/src/astro/routes/api/content/[collection]/[id]/revisions.ts +31 -0
package/src/astro/routes/api/content/[collection]/[id]/schedule.ts +105 -0
package/src/astro/routes/api/content/[collection]/[id]/terms/[taxonomy].ts +140 -0
package/src/astro/routes/api/content/[collection]/[id]/translations.ts +30 -0
package/src/astro/routes/api/content/[collection]/[id]/unpublish.ts +56 -0
package/src/astro/routes/api/content/[collection]/[id].ts +137 -0
package/src/astro/routes/api/content/[collection]/index.ts +59 -0
package/src/astro/routes/api/content/[collection]/trash.ts +33 -0
package/src/astro/routes/api/dashboard.ts +32 -0
package/src/astro/routes/api/dev/emails.ts +36 -0
package/src/astro/routes/api/import/probe.ts +47 -0
package/src/astro/routes/api/import/wordpress/analyze.ts +510 -0
package/src/astro/routes/api/import/wordpress/execute.ts +283 -0
package/src/astro/routes/api/import/wordpress/media.ts +338 -0
package/src/astro/routes/api/import/wordpress/prepare.ts +181 -0
package/src/astro/routes/api/import/wordpress/rewrite-urls.ts +393 -0
package/src/astro/routes/api/import/wordpress-plugin/analyze.ts +111 -0
package/src/astro/routes/api/import/wordpress-plugin/callback.ts +58 -0
package/src/astro/routes/api/import/wordpress-plugin/execute.ts +347 -0
package/src/astro/routes/api/manifest.ts +62 -0
package/src/astro/routes/api/mcp.ts +124 -0
package/src/astro/routes/api/media/[id]/confirm.ts +93 -0
package/src/astro/routes/api/media/[id].ts +145 -0
package/src/astro/routes/api/media/file/[key].ts +79 -0
package/src/astro/routes/api/media/providers/[providerId]/[itemId].ts +86 -0
package/src/astro/routes/api/media/providers/[providerId]/index.ts +111 -0
package/src/astro/routes/api/media/providers/index.ts +30 -0
package/src/astro/routes/api/media/upload-url.ts +137 -0
package/src/astro/routes/api/media.ts +190 -0
package/src/astro/routes/api/menus/[name]/items.ts +87 -0
package/src/astro/routes/api/menus/[name]/reorder.ts +33 -0
package/src/astro/routes/api/menus/[name].ts +65 -0
package/src/astro/routes/api/menus/index.ts +47 -0
package/src/astro/routes/api/oauth/authorize.ts +412 -0
package/src/astro/routes/api/oauth/device/authorize.ts +45 -0
package/src/astro/routes/api/oauth/device/code.ts +51 -0
package/src/astro/routes/api/oauth/device/token.ts +69 -0
package/src/astro/routes/api/oauth/token/refresh.ts +38 -0
package/src/astro/routes/api/oauth/token/revoke.ts +38 -0
package/src/astro/routes/api/oauth/token.ts +184 -0
package/src/astro/routes/api/openapi.json.ts +32 -0
package/src/astro/routes/api/plugins/[pluginId]/[...path].ts +92 -0
package/src/astro/routes/api/redirects/404s/index.ts +72 -0
package/src/astro/routes/api/redirects/404s/summary.ts +33 -0
package/src/astro/routes/api/redirects/[id].ts +84 -0
package/src/astro/routes/api/redirects/index.ts +52 -0
package/src/astro/routes/api/revisions/[revisionId]/index.ts +29 -0
package/src/astro/routes/api/revisions/[revisionId]/restore.ts +62 -0
package/src/astro/routes/api/schema/collections/[slug]/fields/[fieldSlug].ts +76 -0
package/src/astro/routes/api/schema/collections/[slug]/fields/index.ts +52 -0
package/src/astro/routes/api/schema/collections/[slug]/fields/reorder.ts +32 -0
package/src/astro/routes/api/schema/collections/[slug]/index.ts +80 -0
package/src/astro/routes/api/schema/collections/index.ts +47 -0
package/src/astro/routes/api/schema/index.ts +109 -0
package/src/astro/routes/api/schema/orphans/[slug].ts +36 -0
package/src/astro/routes/api/schema/orphans/index.ts +26 -0
package/src/astro/routes/api/search/enable.ts +64 -0
package/src/astro/routes/api/search/index.ts +55 -0
package/src/astro/routes/api/search/rebuild.ts +72 -0
package/src/astro/routes/api/search/stats.ts +35 -0
package/src/astro/routes/api/search/suggest.ts +53 -0
package/src/astro/routes/api/sections/[slug].ts +84 -0
package/src/astro/routes/api/sections/index.ts +52 -0
package/src/astro/routes/api/settings/email.ts +150 -0
package/src/astro/routes/api/settings.ts +67 -0
package/src/astro/routes/api/setup/admin-verify.ts +100 -0
package/src/astro/routes/api/setup/admin.ts +94 -0
package/src/astro/routes/api/setup/dev-bypass.ts +199 -0
package/src/astro/routes/api/setup/dev-reset.ts +40 -0
package/src/astro/routes/api/setup/index.ts +126 -0
package/src/astro/routes/api/setup/status.ts +122 -0
package/src/astro/routes/api/snapshot.ts +75 -0
package/src/astro/routes/api/taxonomies/[name]/terms/[slug].ts +95 -0
package/src/astro/routes/api/taxonomies/[name]/terms/index.ts +69 -0
package/src/astro/routes/api/taxonomies/index.ts +59 -0
package/src/astro/routes/api/themes/preview.ts +77 -0
package/src/astro/routes/api/typegen.ts +114 -0
package/src/astro/routes/api/well-known/auth.ts +68 -0
package/src/astro/routes/api/well-known/oauth-authorization-server.ts +44 -0
package/src/astro/routes/api/well-known/oauth-protected-resource.ts +37 -0
package/src/astro/routes/api/widget-areas/[name]/reorder.ts +72 -0
package/src/astro/routes/api/widget-areas/[name]/widgets/[id].ts +127 -0
package/src/astro/routes/api/widget-areas/[name]/widgets.ts +80 -0
package/src/astro/routes/api/widget-areas/[name].ts +87 -0
package/src/astro/routes/api/widget-areas/index.ts +99 -0
package/src/astro/routes/api/widget-components.ts +22 -0
package/src/astro/routes/robots.txt.ts +77 -0
package/src/astro/routes/sitemap.xml.ts +97 -0
package/src/astro/storage/adapters.ts +74 -0
package/src/astro/storage/index.ts +19 -0
package/src/astro/storage/types.ts +60 -0
package/src/astro/types.ts +346 -0
package/src/auth/api-tokens.ts +25 -0
package/src/auth/challenge-store.ts +80 -0
package/src/auth/mode.ts +96 -0
package/src/auth/oauth-state-store.ts +96 -0
package/src/auth/passkey-config.ts +27 -0
package/src/auth/rate-limit.ts +158 -0
package/src/auth/scopes.ts +33 -0
package/src/auth/types.ts +104 -0
package/src/aws-sdk.d.ts +100 -0
package/src/bylines/index.ts +237 -0
package/src/cleanup.ts +153 -0
package/src/cli/client-factory.ts +100 -0
package/src/cli/commands/auth.ts +46 -0
package/src/cli/commands/bundle-utils.ts +247 -0
package/src/cli/commands/bundle.ts +609 -0
package/src/cli/commands/content.ts +442 -0
package/src/cli/commands/dev.ts +191 -0
package/src/cli/commands/doctor.ts +211 -0
package/src/cli/commands/export-seed.ts +630 -0
package/src/cli/commands/import/wordpress.ts +1056 -0
package/src/cli/commands/init.ts +192 -0
package/src/cli/commands/login.ts +547 -0
package/src/cli/commands/media.ts +165 -0
package/src/cli/commands/menu.ts +67 -0
package/src/cli/commands/plugin-init.ts +291 -0
package/src/cli/commands/plugin-validate.ts +31 -0
package/src/cli/commands/plugin.ts +33 -0
package/src/cli/commands/publish.ts +699 -0
package/src/cli/commands/schema.ts +233 -0
package/src/cli/commands/search-cmd.ts +54 -0
package/src/cli/commands/seed.ts +288 -0
package/src/cli/commands/taxonomy.ts +128 -0
package/src/cli/commands/types.ts +68 -0
package/src/cli/credentials.ts +236 -0
package/src/cli/index.ts +70 -0
package/src/cli/output.ts +75 -0
package/src/cli/wxr/parser.ts +969 -0
package/src/client/cf-access.ts +193 -0
package/src/client/index.ts +854 -0
package/src/client/portable-text.ts +413 -0
package/src/client/transport.ts +200 -0
package/src/comments/moderator.ts +46 -0
package/src/comments/notifications.ts +144 -0
package/src/comments/query.ts +105 -0
package/src/comments/service.ts +213 -0
package/src/components/Break.astro +45 -0
package/src/components/Button.astro +71 -0
package/src/components/Buttons.astro +49 -0
package/src/components/Code.astro +59 -0
package/src/components/Columns.astro +59 -0
package/src/components/CommentForm.astro +315 -0
package/src/components/Comments.astro +232 -0
package/src/components/Cover.astro +128 -0
package/src/components/EmDashBodyEnd.astro +32 -0
package/src/components/EmDashBodyStart.astro +32 -0
package/src/components/EmDashHead.astro +53 -0
package/src/components/EmDashImage.astro +178 -0
package/src/components/EmDashMedia.astro +167 -0
package/src/components/Embed.astro +128 -0
package/src/components/File.astro +122 -0
package/src/components/Gallery.astro +93 -0
package/src/components/HtmlBlock.astro +33 -0
package/src/components/Image.astro +178 -0
package/src/components/InlineEditor.astro +27 -0
package/src/components/InlinePortableTextEditor.tsx +1905 -0
package/src/components/LiveSearch.astro +614 -0
package/src/components/PortableText.astro +51 -0
package/src/components/Pullquote.astro +51 -0
package/src/components/Table.astro +108 -0
package/src/components/WidgetArea.astro +22 -0
package/src/components/WidgetRenderer.astro +72 -0
package/src/components/index.ts +116 -0
package/src/components/marks/Link.astro +31 -0
package/src/components/marks/StrikeThrough.astro +7 -0
package/src/components/marks/Subscript.astro +7 -0
package/src/components/marks/Superscript.astro +7 -0
package/src/components/marks/Underline.astro +7 -0
package/src/components/widgets/Archives.astro +65 -0
package/src/components/widgets/Categories.astro +35 -0
package/src/components/widgets/RecentPosts.astro +51 -0
package/src/components/widgets/Search.astro +18 -0
package/src/components/widgets/Tags.astro +38 -0
package/src/content/converters/index.ts +9 -0
package/src/content/converters/portable-text-to-prosemirror.ts +385 -0
package/src/content/converters/prosemirror-to-portable-text.ts +413 -0
package/src/content/converters/types.ts +120 -0
package/src/content/index.ts +5 -0
package/src/database/connection.ts +67 -0
package/src/database/dialect-helpers.ts +138 -0
package/src/database/index.ts +5 -0
package/src/database/migrations/001_initial.ts +136 -0
package/src/database/migrations/002_media_status.ts +26 -0
package/src/database/migrations/003_schema_registry.ts +79 -0
package/src/database/migrations/004_plugins.ts +62 -0
package/src/database/migrations/005_menus.ts +67 -0
package/src/database/migrations/006_taxonomy_defs.ts +51 -0
package/src/database/migrations/007_widgets.ts +42 -0
package/src/database/migrations/008_auth.ts +194 -0
package/src/database/migrations/009_user_disabled.ts +27 -0
package/src/database/migrations/011_sections.ts +65 -0
package/src/database/migrations/012_search.ts +25 -0
package/src/database/migrations/013_scheduled_publishing.ts +51 -0
package/src/database/migrations/014_draft_revisions.ts +72 -0
package/src/database/migrations/015_indexes.ts +82 -0
package/src/database/migrations/016_api_tokens.ts +89 -0
package/src/database/migrations/017_authorization_codes.ts +45 -0
package/src/database/migrations/018_seo.ts +56 -0
package/src/database/migrations/019_i18n.ts +618 -0
package/src/database/migrations/020_collection_url_pattern.ts +23 -0
package/src/database/migrations/021_remove_section_categories.ts +43 -0
package/src/database/migrations/022_marketplace_plugin_state.ts +46 -0
package/src/database/migrations/023_plugin_metadata.ts +33 -0
package/src/database/migrations/024_media_placeholders.ts +32 -0
package/src/database/migrations/025_oauth_clients.ts +28 -0
package/src/database/migrations/026_cron_tasks.ts +49 -0
package/src/database/migrations/027_comments.ts +87 -0
package/src/database/migrations/028_drop_author_url.ts +9 -0
package/src/database/migrations/029_redirects.ts +67 -0
package/src/database/migrations/030_widen_scheduled_index.ts +48 -0
package/src/database/migrations/031_bylines.ts +90 -0
package/src/database/migrations/032_rate_limits.ts +42 -0
package/src/database/migrations/runner.ts +170 -0
package/src/database/repositories/audit.ts +294 -0
package/src/database/repositories/byline.ts +387 -0
package/src/database/repositories/comment.ts +458 -0
package/src/database/repositories/content.ts +1144 -0
package/src/database/repositories/index.ts +30 -0
package/src/database/repositories/media.ts +347 -0
package/src/database/repositories/options.ts +150 -0
package/src/database/repositories/plugin-storage.ts +373 -0
package/src/database/repositories/redirect.ts +480 -0
package/src/database/repositories/revision.ts +200 -0
package/src/database/repositories/seo.ts +176 -0
package/src/database/repositories/taxonomy.ts +294 -0
package/src/database/repositories/types.ts +132 -0
package/src/database/repositories/user.ts +258 -0
package/src/database/transaction.ts +54 -0
package/src/database/types.ts +501 -0
package/src/database/validate.ts +138 -0
package/src/db/adapters.ts +125 -0
package/src/db/index.ts +37 -0
package/src/db/libsql.ts +23 -0
package/src/db/postgres.ts +30 -0
package/src/db/sqlite.ts +27 -0
package/src/emdash-runtime.ts +2096 -0
package/src/fields/boolean.ts +34 -0
package/src/fields/datetime.ts +44 -0
package/src/fields/file.ts +41 -0
package/src/fields/image.ts +34 -0
package/src/fields/index.ts +42 -0
package/src/fields/integer.ts +50 -0
package/src/fields/json.ts +37 -0
package/src/fields/multiselect.ts +48 -0
package/src/fields/number.ts +52 -0
package/src/fields/portable-text.ts +33 -0
package/src/fields/reference.ts +29 -0
package/src/fields/richtext.ts +31 -0
package/src/fields/select.ts +46 -0
package/src/fields/slug.ts +38 -0
package/src/fields/text.ts +55 -0
package/src/fields/textarea.ts +52 -0
package/src/fields/types.ts +64 -0
package/src/i18n/config.ts +68 -0
package/src/import/index.ts +90 -0
package/src/import/menus.ts +436 -0
package/src/import/registry.ts +111 -0
package/src/import/sections.ts +103 -0
package/src/import/settings.ts +281 -0
package/src/import/sources/wordpress-plugin.ts +641 -0
package/src/import/sources/wordpress-rest.ts +191 -0
package/src/import/sources/wxr.ts +330 -0
package/src/import/ssrf.ts +260 -0
package/src/import/types.ts +418 -0
package/src/import/utils.ts +412 -0
package/src/index.ts +481 -0
package/src/loader.ts +770 -0
package/src/mcp/server.ts +1463 -0
package/src/media/index.ts +32 -0
package/src/media/local-runtime.ts +213 -0
package/src/media/local.ts +46 -0
package/src/media/normalize.ts +190 -0
package/src/media/placeholder.ts +150 -0
package/src/media/provider-loader.ts +78 -0
package/src/media/types.ts +279 -0
package/src/menus/index.ts +324 -0
package/src/menus/types.ts +112 -0
package/src/page/context.ts +93 -0
package/src/page/fragments.ts +89 -0
package/src/page/index.ts +58 -0
package/src/page/jsonld.ts +94 -0
package/src/page/metadata.ts +185 -0
package/src/page/seo-contributions.ts +136 -0
package/src/plugin-utils.ts +80 -0
package/src/plugins/adapt-sandbox-entry.ts +207 -0
package/src/plugins/context.ts +833 -0
package/src/plugins/cron.ts +361 -0
package/src/plugins/define-plugin.ts +259 -0
package/src/plugins/email-console.ts +73 -0
package/src/plugins/email.ts +209 -0
package/src/plugins/hooks.ts +1273 -0
package/src/plugins/index.ts +193 -0
package/src/plugins/manager.ts +595 -0
package/src/plugins/manifest-schema.ts +230 -0
package/src/plugins/marketplace.ts +460 -0
package/src/plugins/request-meta.ts +139 -0
package/src/plugins/routes.ts +302 -0
package/src/plugins/sandbox/index.ts +18 -0
package/src/plugins/sandbox/noop.ts +76 -0
package/src/plugins/sandbox/types.ts +173 -0
package/src/plugins/scheduler/node.ts +122 -0
package/src/plugins/scheduler/piggyback.ts +71 -0
package/src/plugins/scheduler/types.ts +27 -0
package/src/plugins/state.ts +208 -0
package/src/plugins/storage-indexes.ts +326 -0
package/src/plugins/storage-query.ts +240 -0
package/src/plugins/types.ts +1284 -0
package/src/preview/helpers.ts +27 -0
package/src/preview/index.ts +40 -0
package/src/preview/tokens.ts +279 -0
package/src/preview/urls.ts +118 -0
package/src/query.ts +674 -0
package/src/redirects/patterns.ts +224 -0
package/src/request-context.ts +67 -0
package/src/runtime.ts +21 -0
package/src/schema/index.ts +29 -0
package/src/schema/query.ts +44 -0
package/src/schema/registry.ts +965 -0
package/src/schema/types.ts +276 -0
package/src/schema/zod-generator.ts +413 -0
package/src/search/fts-manager.ts +452 -0
package/src/search/index.ts +26 -0
package/src/search/query.ts +396 -0
package/src/search/text-extraction.ts +162 -0
package/src/search/types.ts +114 -0
package/src/sections/index.ts +226 -0
package/src/sections/types.ts +86 -0
package/src/seed/apply.ts +1141 -0
package/src/seed/default.ts +86 -0
package/src/seed/index.ts +28 -0
package/src/seed/load.ts +35 -0
package/src/seed/types.ts +341 -0
package/src/seed/validate.ts +642 -0
package/src/seo/index.ts +179 -0
package/src/settings/index.ts +203 -0
package/src/settings/types.ts +58 -0
package/src/storage/index.ts +28 -0
package/src/storage/local.ts +253 -0
package/src/storage/s3.ts +271 -0
package/src/storage/types.ts +204 -0
package/src/taxonomies/index.ts +309 -0
package/src/taxonomies/types.ts +61 -0
package/src/ui.ts +75 -0
package/src/utils/base64.ts +73 -0
package/src/utils/hash.ts +36 -0
package/src/utils/sanitize.ts +20 -0
package/src/utils/slugify.ts +29 -0
package/src/utils/url.ts +48 -0
package/src/virtual-modules.d.ts +111 -0
package/src/visual-editing/editable.ts +108 -0
package/src/visual-editing/toolbar.ts +1229 -0
package/src/widgets/components.ts +105 -0
package/src/widgets/index.ts +131 -0
package/src/widgets/types.ts +81 -0

package/src/api/openapi/index.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { generateOpenApiDocument } from "./document.js";

package/src/api/parse.ts ADDED Viewed

@@ -0,0 +1,139 @@
+/**
+ * Request body and query parameter parsing with Zod validation.
+ *
+ * All API routes should use these utilities instead of `request.json() as T`
+ * or raw `url.searchParams.get()` with manual coercion.
+ */
+import { z } from "zod";
+import { apiError } from "./error.js";
+/** Maximum allowed JSON request body size (10 MB). */
+const MAX_BODY_SIZE = 10 * 1024 * 1024;
+/**
+ * Result of parsing: either the validated data or an error Response.
+ * Routes should check `if (result instanceof Response) return result;`
+ */
+export type ParseResult<T> = T | Response;
+/**
+ * Parse and validate a JSON request body against a Zod schema.
+ *
+ * Returns the validated data on success, or a 400 Response on failure.
+ * Replaces all `(await request.json()) as T` casts.
+ */
+export async function parseBody<T extends z.ZodType>(
+	request: Request,
+	schema: T,
+): Promise<ParseResult<z.infer<T>>> {
+	// Best-effort size check via Content-Length (can be absent with chunked encoding)
+	const contentLength = request.headers.get("Content-Length");
+	if (contentLength && parseInt(contentLength, 10) > MAX_BODY_SIZE) {
+		return apiError("PAYLOAD_TOO_LARGE", "Request body too large", 413);
+	}
+	let raw: unknown;
+	try {
+		raw = await request.json();
+	} catch {
+		return apiError("INVALID_JSON", "Request body must be valid JSON", 400);
+	}
+	return validate(schema, raw);
+}
+/**
+ * Parse and validate an optional JSON request body.
+ *
+ * Returns `defaultValue` if the body is empty, or the validated data if present.
+ * For endpoints where the body is optional (e.g., preview-url, confirm).
+ */
+export async function parseOptionalBody<T extends z.ZodType>(
+	request: Request,
+	schema: T,
+	defaultValue: z.infer<T>,
+): Promise<ParseResult<z.infer<T>>> {
+	// Best-effort size check via Content-Length (can be absent with chunked encoding)
+	const contentLength = request.headers.get("Content-Length");
+	if (contentLength && parseInt(contentLength, 10) > MAX_BODY_SIZE) {
+		return apiError("PAYLOAD_TOO_LARGE", "Request body too large", 413);
+	}
+	let text: string;
+	try {
+		text = await request.text();
+	} catch {
+		return defaultValue;
+	}
+	if (!text.trim()) {
+		return defaultValue;
+	}
+	let raw: unknown;
+	try {
+		raw = JSON.parse(text);
+	} catch {
+		return apiError("INVALID_JSON", "Request body must be valid JSON", 400);
+	}
+	return validate(schema, raw);
+}
+/**
+ * Parse and validate URL search params against a Zod schema.
+ *
+ * Converts searchParams to a plain object before validation.
+ * Zod coercion handles string -> number/boolean conversion.
+ * Replaces manual `url.searchParams.get()` + `parseInt()` patterns.
+ */
+export function parseQuery<T extends z.ZodType>(url: URL, schema: T): ParseResult<z.infer<T>> {
+	const raw: Record<string, string> = {};
+	for (const [key, value] of url.searchParams) {
+		raw[key] = value;
+	}
+	return validate(schema, raw);
+}
+/**
+ * Validate raw data against a schema. Returns data or error Response.
+ */
+function validate<T extends z.ZodType>(schema: T, data: unknown): ParseResult<z.infer<T>> {
+	const result = schema.safeParse(data);
+	if (result.success) {
+		return result.data as z.infer<T>;
+	}
+	// Format Zod errors into a readable structure
+	const issues = result.error.issues.map((issue: z.ZodIssue) => ({
+		path: issue.path.join("."),
+		message: issue.message,
+	}));
+	return Response.json(
+		{
+			error: {
+				code: "VALIDATION_ERROR",
+				message: "Invalid request data",
+				details: { issues },
+			},
+		},
+		{
+			status: 400,
+			headers: {
+				"Cache-Control": "private, no-store",
+			},
+		},
+	);
+}
+/**
+ * Type guard to check if a ParseResult is an error Response.
+ * Usage: `if (isParseError(result)) return result;`
+ */
+export function isParseError<T>(result: ParseResult<T>): result is Response {
+	return result instanceof Response;
+}

package/src/api/redirect.ts ADDED Viewed

@@ -0,0 +1,14 @@
+/**
+ * Validate that a redirect URL is a safe local path.
+ *
+ * Rejects:
+ * - Protocol-relative URLs (`//evil.com`)
+ * - Backslash bypass (`/\evil.com` — browsers normalize `\` to `/` in Location headers)
+ * - Absolute URLs (`https://evil.com`)
+ * - Empty / nullish values
+ */
+export function isSafeRedirect(url: string | null | undefined): url is string {
+	return (
+		typeof url === "string" && url.startsWith("/") && !url.startsWith("//") && !url.includes("\\")
+	);
+}

package/src/api/rev.ts ADDED Viewed

@@ -0,0 +1,67 @@
+/**
+ * Opaque _rev token generation and validation.
+ *
+ * Format: base64("version:updated_at")
+ * Stateless — server decodes and checks both components.
+ *
+ * Rules:
+ * - No _rev sent → blind write (backwards-compatible)
+ * - _rev matches → write proceeds, new _rev returned
+ * - _rev mismatch → 409 Conflict
+ */
+import type { ContentItem } from "../database/repositories/types.js";
+import { encodeBase64, decodeBase64 } from "../utils/base64.js";
+/**
+ * Generate a _rev token from a content item's version and updatedAt.
+ */
+export function encodeRev(item: ContentItem): string {
+	return encodeBase64(`${item.version}:${item.updatedAt}`);
+}
+/**
+ * Decode a _rev token into its components.
+ * Returns null if the token is malformed.
+ */
+export function decodeRev(rev: string): { version: number; updatedAt: string } | null {
+	try {
+		const decoded = decodeBase64(rev);
+		const colonIdx = decoded.indexOf(":");
+		if (colonIdx === -1) return null;
+		const version = parseInt(decoded.slice(0, colonIdx), 10);
+		const updatedAt = decoded.slice(colonIdx + 1);
+		if (isNaN(version) || !updatedAt) return null;
+		return { version, updatedAt };
+	} catch {
+		return null;
+	}
+}
+/**
+ * Validate a _rev token against a content item.
+ * Returns null if valid (or if no _rev provided), or an error message if invalid.
+ */
+export function validateRev(
+	rev: string | undefined,
+	item: ContentItem,
+): { valid: true } | { valid: false; message: string } {
+	// No _rev = blind write (backwards-compatible)
+	if (!rev) return { valid: true };
+	const decoded = decodeRev(rev);
+	if (!decoded) {
+		return { valid: false, message: "Malformed _rev token" };
+	}
+	if (decoded.version !== item.version || decoded.updatedAt !== item.updatedAt) {
+		return {
+			valid: false,
+			message: "Content has been modified since last read (version conflict)",
+		};
+	}
+	return { valid: true };
+}

package/src/api/schemas/auth.ts ADDED Viewed

@@ -0,0 +1,112 @@
+import { z } from "zod";
+import { roleLevel } from "./common.js";
+// ---------------------------------------------------------------------------
+// WebAuthn credential schemas (matching @emdash-cms/auth/passkey types)
+// ---------------------------------------------------------------------------
+const authenticatorTransport = z.enum(["usb", "nfc", "ble", "internal", "hybrid"]);
+/** RegistrationResponse — sent by the browser after navigator.credentials.create() */
+const registrationCredential = z.object({
+	id: z.string(),
+	rawId: z.string(),
+	type: z.literal("public-key"),
+	response: z.object({
+		clientDataJSON: z.string(),
+		attestationObject: z.string(),
+		transports: z.array(authenticatorTransport).optional(),
+	}),
+	authenticatorAttachment: z.enum(["platform", "cross-platform"]).optional(),
+});
+/** AuthenticationResponse — sent by the browser after navigator.credentials.get() */
+const authenticationCredential = z.object({
+	id: z.string(),
+	rawId: z.string(),
+	type: z.literal("public-key"),
+	response: z.object({
+		clientDataJSON: z.string(),
+		authenticatorData: z.string(),
+		signature: z.string(),
+		userHandle: z.string().optional(),
+	}),
+	authenticatorAttachment: z.enum(["platform", "cross-platform"]).optional(),
+});
+// ---------------------------------------------------------------------------
+// Auth: Input schemas
+// ---------------------------------------------------------------------------
+export const signupRequestBody = z
+	.object({
+		email: z.string().email(),
+	})
+	.meta({ id: "SignupRequestBody" });
+export const signupCompleteBody = z
+	.object({
+		token: z.string().min(1),
+		credential: registrationCredential,
+		name: z.string().optional(),
+	})
+	.meta({ id: "SignupCompleteBody" });
+export const inviteCreateBody = z
+	.object({
+		email: z.string().email(),
+		role: roleLevel.optional(),
+	})
+	.meta({ id: "InviteCreateBody" });
+export const inviteCompleteBody = z
+	.object({
+		token: z.string().min(1),
+		credential: registrationCredential,
+		name: z.string().optional(),
+	})
+	.meta({ id: "InviteCompleteBody" });
+export const magicLinkSendBody = z
+	.object({
+		email: z.string().email(),
+	})
+	.meta({ id: "MagicLinkSendBody" });
+export const passkeyOptionsBody = z
+	.object({
+		email: z.string().email().optional(),
+	})
+	.meta({ id: "PasskeyOptionsBody" });
+export const passkeyVerifyBody = z
+	.object({
+		credential: authenticationCredential,
+	})
+	.meta({ id: "PasskeyVerifyBody" });
+export const passkeyRegisterOptionsBody = z
+	.object({
+		name: z.string().optional(),
+	})
+	.meta({ id: "PasskeyRegisterOptionsBody" });
+export const passkeyRegisterVerifyBody = z
+	.object({
+		credential: registrationCredential,
+		name: z.string().optional(),
+	})
+	.meta({ id: "PasskeyRegisterVerifyBody" });
+export const passkeyRenameBody = z
+	.object({
+		name: z.string().min(1),
+	})
+	.meta({ id: "PasskeyRenameBody" });
+export const authMeActionBody = z
+	.object({
+		action: z.string().min(1),
+	})
+	.meta({ id: "AuthMeActionBody" });

package/src/api/schemas/bylines.ts ADDED Viewed

@@ -0,0 +1,85 @@
+import { z } from "zod";
+import { cursorPaginationQuery, httpUrl } from "./common.js";
+/** Slug pattern: lowercase letters, digits, and hyphens; must start with a letter */
+const bylineSlugPattern = /^[a-z][a-z0-9-]*$/;
+export const bylineSummarySchema = z
+	.object({
+		id: z.string(),
+		slug: z.string(),
+		displayName: z.string(),
+		bio: z.string().nullable(),
+		avatarMediaId: z.string().nullable(),
+		websiteUrl: z.string().nullable(),
+		userId: z.string().nullable(),
+		isGuest: z.boolean(),
+		createdAt: z.string(),
+		updatedAt: z.string(),
+	})
+	.meta({ id: "BylineSummary" });
+export const bylineCreditSchema = z
+	.object({
+		byline: bylineSummarySchema,
+		sortOrder: z.number().int(),
+		roleLabel: z.string().nullable(),
+		source: z.enum(["explicit", "inferred"]).optional().meta({
+			description: "Whether this credit was explicitly assigned or inferred from authorId",
+		}),
+	})
+	.meta({ id: "BylineCredit" });
+export const contentBylineInputSchema = z
+	.object({
+		bylineId: z.string().min(1),
+		roleLabel: z.string().nullish(),
+	})
+	.meta({ id: "ContentBylineInput" });
+export const bylinesListQuery = cursorPaginationQuery
+	.extend({
+		search: z.string().optional(),
+		isGuest: z.coerce.boolean().optional(),
+		userId: z.string().optional(),
+	})
+	.meta({ id: "BylinesListQuery" });
+export const bylineCreateBody = z
+	.object({
+		slug: z
+			.string()
+			.min(1)
+			.regex(bylineSlugPattern, "Slug must contain only lowercase letters, digits, and hyphens"),
+		displayName: z.string().min(1),
+		bio: z.string().nullish(),
+		avatarMediaId: z.string().nullish(),
+		websiteUrl: httpUrl.nullish(),
+		userId: z.string().nullish(),
+		isGuest: z.boolean().optional(),
+	})
+	.meta({ id: "BylineCreateBody" });
+export const bylineUpdateBody = z
+	.object({
+		slug: z
+			.string()
+			.min(1)
+			.regex(bylineSlugPattern, "Slug must contain only lowercase letters, digits, and hyphens")
+			.optional(),
+		displayName: z.string().min(1).optional(),
+		bio: z.string().nullish(),
+		avatarMediaId: z.string().nullish(),
+		websiteUrl: httpUrl.nullish(),
+		userId: z.string().nullish(),
+		isGuest: z.boolean().optional(),
+	})
+	.meta({ id: "BylineUpdateBody" });
+export const bylineListResponseSchema = z
+	.object({
+		items: z.array(bylineSummarySchema),
+		nextCursor: z.string().optional(),
+	})
+	.meta({ id: "BylineListResponse" });

package/src/api/schemas/comments.ts ADDED Viewed

@@ -0,0 +1,117 @@
+import { z } from "zod";
+// ---------------------------------------------------------------------------
+// Comments: Input schemas
+// ---------------------------------------------------------------------------
+export const createCommentBody = z
+	.object({
+		authorName: z.string().min(1).max(100),
+		authorEmail: z.string().email(),
+		body: z.string().min(1).max(5000),
+		parentId: z.string().optional(),
+		/** Honeypot field — hidden in the form, filled only by bots */
+		website_url: z.string().optional(),
+	})
+	.meta({ id: "CreateCommentBody" });
+export const commentStatusBody = z
+	.object({
+		status: z.enum(["approved", "pending", "spam", "trash"]),
+	})
+	.meta({ id: "CommentStatusBody" });
+export const commentBulkBody = z
+	.object({
+		ids: z.array(z.string().min(1)).min(1).max(100),
+		action: z.enum(["approve", "spam", "trash", "delete"]),
+	})
+	.meta({ id: "CommentBulkBody" });
+export const commentListQuery = z
+	.object({
+		status: z.enum(["pending", "approved", "spam", "trash"]).optional(),
+		collection: z.string().optional(),
+		search: z.string().optional(),
+		limit: z.coerce.number().int().min(1).max(100).optional(),
+		cursor: z.string().optional(),
+	})
+	.meta({ id: "CommentListQuery" });
+// ---------------------------------------------------------------------------
+// Comments: Response schemas
+// ---------------------------------------------------------------------------
+const commentStatusValues = z.enum(["pending", "approved", "spam", "trash"]);
+/**
+ * Public-facing comment (no email/IP).
+ *
+ * `replies` is recursive in practice (each reply can have replies), but we
+ * model it as a single level here to avoid circular type inference issues
+ * with tsgo. OpenAPI consumers should treat replies as the same shape.
+ */
+export const publicCommentSchema: z.ZodObject<{
+	id: z.ZodString;
+	authorName: z.ZodString;
+	isRegisteredUser: z.ZodBoolean;
+	body: z.ZodString;
+	parentId: z.ZodNullable<z.ZodString>;
+	createdAt: z.ZodString;
+	replies: z.ZodOptional<z.ZodArray<z.ZodAny>>;
+}> = z
+	.object({
+		id: z.string(),
+		authorName: z.string(),
+		isRegisteredUser: z.boolean(),
+		body: z.string(),
+		parentId: z.string().nullable(),
+		createdAt: z.string(),
+		replies: z.array(z.any()).optional(),
+	})
+	.meta({ id: "PublicComment" });
+/** Admin comment with full details */
+export const commentSchema = z
+	.object({
+		id: z.string(),
+		collection: z.string(),
+		contentId: z.string(),
+		authorName: z.string(),
+		authorEmail: z.string(),
+		body: z.string(),
+		status: commentStatusValues,
+		parentId: z.string().nullable(),
+		ipHash: z.string().nullable(),
+		createdAt: z.string(),
+		updatedAt: z.string(),
+	})
+	.meta({ id: "Comment" });
+export const publicCommentListResponseSchema = z
+	.object({
+		items: z.array(publicCommentSchema),
+		nextCursor: z.string().optional(),
+		total: z.number().int(),
+	})
+	.meta({ id: "PublicCommentListResponse" });
+export const adminCommentListResponseSchema = z
+	.object({
+		items: z.array(commentSchema),
+		nextCursor: z.string().optional(),
+	})
+	.meta({ id: "AdminCommentListResponse" });
+export const commentCountsResponseSchema = z
+	.object({
+		pending: z.number().int(),
+		approved: z.number().int(),
+		spam: z.number().int(),
+		trash: z.number().int(),
+	})
+	.meta({ id: "CommentCountsResponse" });
+export const commentBulkResponseSchema = z
+	.object({ affected: z.number().int() })
+	.meta({ id: "CommentBulkResponse" });

package/src/api/schemas/common.ts ADDED Viewed

@@ -0,0 +1,89 @@
+import { z } from "zod";
+// ---------------------------------------------------------------------------
+// Role level
+// ---------------------------------------------------------------------------
+/** Valid role level values */
+export const VALID_ROLE_LEVELS = new Set([10, 20, 30, 40, 50]);
+/** Role level — coerces string/number to valid RoleLevel (10|20|30|40|50) */
+export const roleLevel = z.coerce
+	.number()
+	.int()
+	.refine((n): n is 10 | 20 | 30 | 40 | 50 => VALID_ROLE_LEVELS.has(n), {
+		message: "Invalid role level. Must be 10, 20, 30, 40, or 50",
+	});
+// ---------------------------------------------------------------------------
+// Pagination
+// ---------------------------------------------------------------------------
+/** Pagination query params — cursor-based */
+export const cursorPaginationQuery = z
+	.object({
+		cursor: z.string().optional().meta({ description: "Opaque cursor for pagination" }),
+		limit: z.coerce.number().int().min(1).max(100).optional().default(50).meta({
+			description: "Maximum number of items to return (1-100, default 50)",
+		}),
+	})
+	.meta({ id: "CursorPaginationQuery" });
+/** Pagination query params — offset-based */
+export const offsetPaginationQuery = z
+	.object({
+		limit: z.coerce.number().int().min(1).max(100).optional().default(50),
+		offset: z.coerce.number().int().min(0).optional().default(0),
+	})
+	.meta({ id: "OffsetPaginationQuery" });
+// ---------------------------------------------------------------------------
+// Shared primitives
+// ---------------------------------------------------------------------------
+/** Slug pattern: lowercase letters, digits, underscores; starts with letter */
+export const slugPattern = /^[a-z][a-z0-9_]*$/;
+/** Matches http(s) scheme at start of URL */
+const HTTP_SCHEME_RE = /^https?:\/\//i;
+/** Validates that a URL string uses http or https scheme. Rejects javascript:/data: URI XSS vectors. */
+export const httpUrl = z
+	.string()
+	.url()
+	.refine((url) => HTTP_SCHEME_RE.test(url), "URL must use http or https");
+/** BCP 47 locale code — language with optional script/region subtags (e.g. en, en-US, pt-BR, es-419, zh-Hant) */
+export const localeCode = z
+	.string()
+	.regex(/^[a-z]{2,3}(-[a-z0-9]{2,8})*$/i, "Invalid locale code")
+	.transform((v) => v.toLowerCase());
+// ---------------------------------------------------------------------------
+// OpenAPI: Shared response schemas
+// ---------------------------------------------------------------------------
+/** Standard API error response */
+export const apiErrorSchema = z
+	.object({
+		error: z.object({
+			code: z.string().meta({ description: "Machine-readable error code", example: "NOT_FOUND" }),
+			message: z.string().meta({ description: "Human-readable error message" }),
+		}),
+	})
+	.meta({ id: "ApiError" });
+/** Wrap a data schema in the standard success envelope: { data: T } */
+export function successEnvelope<T extends z.ZodType>(dataSchema: T) {
+	return z.object({ data: dataSchema });
+}
+/** Standard delete response */
+export const deleteResponseSchema = z.object({ deleted: z.literal(true) }).meta({
+	id: "DeleteResponse",
+});
+/** Standard count response */
+export const countResponseSchema = z
+	.object({ count: z.number().int().min(0) })
+	.meta({ id: "CountResponse" });