emdash 0.10.0 → 0.11.0

package/src/cli/commands/export-seed.ts

@@ -32,6 +32,7 @@ import type {
 	SeedWidget,
 	SeedContentEntry,
 } from "../../seed/types.js";
+import { slugify } from "../../utils/slugify.js";
 
 const SETTINGS_PREFIX = "site:";
 
@@ -101,7 +102,7 @@ export const exportSeedCommand = defineCommand({
 /**
  * Export database to seed file format
  */
-async function exportSeed(db: Kysely<Database>, withContent?: string): Promise<SeedFile> {
+export async function exportSeed(db: Kysely<Database>, withContent?: string): Promise<SeedFile> {
 	const seed: SeedFile = {
 		$schema: "https://emdashcms.com/seed.schema.json",
 		version: "1",
@@ -317,6 +318,9 @@ async function exportMenus(db: Kysely<Database>): Promise<SeedMenu[]> {
 	const result: SeedMenu[] = [];
 	// translation_group -> seed-local id of the anchor menu in that group.
 	const groupToSeedId = new Map<string, string>();
+	// Shared across menus: translated items reference anchor items in sibling menus.
+	const itemGroupToSeedId = new Map<string, string>();
+	const usedItemSeedIds = new Set<string>();
 
 	for (const menu of menus) {
 		const seedId =
@@ -329,7 +333,13 @@ async function exportMenus(db: Kysely<Database>): Promise<SeedMenu[]> {
 			.orderBy("sort_order", "asc")
 			.execute();
 
-		const seedItems = buildMenuItemTree(items);
+		const seedItems = buildMenuItemTree(items, {
+			i18nEnabled,
+			menuName: menu.name,
+			menuLocale: menu.locale ?? null,
+			itemGroupToSeedId,
+			usedItemSeedIds,
+		});
 
 		const seedMenu: SeedMenu = {
 			id: seedId,
@@ -376,7 +386,17 @@ function buildMenuItemTree(
 		target: string | null;
 		title_attr: string | null;
 		css_classes: string | null;
+		locale?: string | null;
+		translation_group?: string | null;
 	}>,
+	i18nCtx: {
+		i18nEnabled: boolean;
+		menuName: string;
+		menuLocale: string | null;
+		// translation_group -> seed-local id of the anchor item in that group.
+		itemGroupToSeedId: Map<string, string>;
+		usedItemSeedIds: Set<string>;
+	},
 ): SeedMenuItem[] {
 	// Build parent -> children map
 	const childMap = new Map<string | null, typeof items>();
@@ -389,10 +409,28 @@ function buildMenuItemTree(
 		childMap.get(parentId)!.push(item);
 	}
 
+	function makeSeedId(item: (typeof items)[number]): string {
+		const base = slugify(item.label || "") || item.id;
+		const locale = i18nCtx.i18nEnabled ? (item.locale ?? i18nCtx.menuLocale) : null;
+		const candidate = locale
+			? `item:${i18nCtx.menuName}:${base}:${locale}`
+			: `item:${i18nCtx.menuName}:${base}`;
+		if (!i18nCtx.usedItemSeedIds.has(candidate)) {
+			i18nCtx.usedItemSeedIds.add(candidate);
+			return candidate;
+		}
+		// Collision fallback: append DB id to disambiguate duplicate labels.
+		const fallback = locale
+			? `item:${i18nCtx.menuName}:${base}:${item.id}:${locale}`
+			: `item:${i18nCtx.menuName}:${base}:${item.id}`;
+		i18nCtx.usedItemSeedIds.add(fallback);
+		return fallback;
+	}
+
 	// Recursively build tree
 	function buildLevel(parentId: string | null): SeedMenuItem[] {
 		const children = childMap.get(parentId) || [];
-		return children.map((item) => {
+		const result = children.map((item) => {
 			const seedItem: SeedMenuItem = {
 				type: item.type,
 				label: item.label || undefined,
@@ -415,6 +453,18 @@ function buildMenuItemTree(
 				seedItem.cssClasses = item.css_classes;
 			}
 
+			if (i18nCtx.i18nEnabled) {
+				const itemLocale = item.locale ?? i18nCtx.menuLocale;
+				const seedId = makeSeedId(item);
+				seedItem.id = seedId;
+				if (itemLocale) seedItem.locale = itemLocale;
+				if (item.translation_group) {
+					const anchor = i18nCtx.itemGroupToSeedId.get(item.translation_group);
+					if (anchor && anchor !== seedId) seedItem.translationOf = anchor;
+					else if (!anchor) i18nCtx.itemGroupToSeedId.set(item.translation_group, seedId);
+				}
+			}
+
 			// Add children
 			const itemChildren = buildLevel(item.id);
 			if (itemChildren.length > 0) {
@@ -423,6 +473,10 @@ function buildMenuItemTree(
 
 			return seedItem;
 		});
+
+		// Sibling order is preserved (maps to sort_order on import). Cross-menu
+		// `translationOf` already resolves because exportMenus sorts anchors first.
+		return result;
 	}
 
 	return buildLevel(null);

package/src/database/instrumentation.ts

@@ -83,16 +83,30 @@ export function isInstrumentationEnabled(): boolean {
 
 function kyselyLog(event: LogEvent): void {
 	if (event.level !== "query") return;
-	const rec = getRequestContext()?.queryRecorder;
-	if (!rec) return;
-	recordEvent(rec, event.query.sql, event.query.parameters, event.queryDurationMillis);
+	const ctx = getRequestContext();
+	if (!ctx) return;
+	const dur = event.queryDurationMillis;
+	if (ctx.metrics) {
+		const m = ctx.metrics;
+		m.dbCount += 1;
+		m.dbTotalMs += dur;
+		const finishedAt = performance.now() - m.start;
+		const startedAt = finishedAt - dur;
+		if (m.dbFirstOffset === null) m.dbFirstOffset = startedAt;
+		m.dbLastOffset = finishedAt;
+	}
+	if (ctx.queryRecorder) {
+		recordEvent(ctx.queryRecorder, event.query.sql, event.query.parameters, dur);
+	}
 }
 
 /**
- * Returns a Kysely `log` option when instrumentation is enabled, or undefined.
- * Pass as `new Kysely({ dialect, log: kyselyLogOption() })` so disabled mode
- * has zero overhead — Kysely skips query timing entirely when `log` is absent.
+ * Returns a Kysely `log` callback. Always returns a function so per-request
+ * counters (db.count, db.total, db.first, db.last) and the optional NDJSON
+ * recorder both get fed. The cost over the previous "undefined when off"
+ * behaviour is one `performance.now()` pair per query inside Kysely, which
+ * is in the noise compared to any real query.
  */
-export function kyselyLogOption(): Logger | undefined {
-	return isInstrumentationEnabled() ? kyselyLog : undefined;
+export function kyselyLogOption(): Logger {
+	return kyselyLog;
 }

package/src/database/migrations/016_api_tokens.ts

@@ -9,11 +9,20 @@ import { currentTimestamp } from "../dialect-helpers.js";
  * 1. _emdash_api_tokens — Personal Access Tokens (ec_pat_...)
  * 2. _emdash_oauth_tokens — OAuth access/refresh tokens (ec_oat_/ec_ort_...)
  * 3. _emdash_device_codes — OAuth Device Flow state (RFC 8628)
+ *
+ * Every CREATE is guarded with `.ifNotExists()` so the migration is safe to
+ * re-run against a partially-applied schema. See #954 for the failure mode:
+ * if `up()` crashes mid-way (D1 subrequest limit, isolate cancellation,
+ * transient connection error), the migration record never gets inserted
+ * into `_emdash_migrations`, and the next request retries `up()` from the
+ * top. Without these guards, the retry crashed with `table ... already
+ * exists` and blocked every subsequent boot of the Worker.
  */
 export async function up(db: Kysely<unknown>): Promise<void> {
 	// ── Personal Access Tokens ───────────────────────────────────────
 	await db.schema
 		.createTable("_emdash_api_tokens")
+		.ifNotExists()
 		.addColumn("id", "text", (col) => col.primaryKey())
 		.addColumn("name", "text", (col) => col.notNull())
 		.addColumn("token_hash", "text", (col) => col.notNull().unique())
@@ -30,12 +39,14 @@ export async function up(db: Kysely<unknown>): Promise<void> {
 
 	await db.schema
 		.createIndex("idx_api_tokens_token_hash")
+		.ifNotExists()
 		.on("_emdash_api_tokens")
 		.column("token_hash")
 		.execute();
 
 	await db.schema
 		.createIndex("idx_api_tokens_user_id")
+		.ifNotExists()
 		.on("_emdash_api_tokens")
 		.column("user_id")
 		.execute();
@@ -43,6 +54,7 @@ export async function up(db: Kysely<unknown>): Promise<void> {
 	// ── OAuth Tokens ─────────────────────────────────────────────────
 	await db.schema
 		.createTable("_emdash_oauth_tokens")
+		.ifNotExists()
 		.addColumn("token_hash", "text", (col) => col.primaryKey())
 		.addColumn("token_type", "text", (col) => col.notNull()) // 'access' | 'refresh'
 		.addColumn("user_id", "text", (col) => col.notNull())
@@ -58,12 +70,14 @@ export async function up(db: Kysely<unknown>): Promise<void> {
 
 	await db.schema
 		.createIndex("idx_oauth_tokens_user_id")
+		.ifNotExists()
 		.on("_emdash_oauth_tokens")
 		.column("user_id")
 		.execute();
 
 	await db.schema
 		.createIndex("idx_oauth_tokens_expires")
+		.ifNotExists()
 		.on("_emdash_oauth_tokens")
 		.column("expires_at")
 		.execute();
@@ -71,6 +85,7 @@ export async function up(db: Kysely<unknown>): Promise<void> {
 	// ── Device Codes (OAuth Device Flow, RFC 8628) ───────────────────
 	await db.schema
 		.createTable("_emdash_device_codes")
+		.ifNotExists()
 		.addColumn("device_code", "text", (col) => col.primaryKey())
 		.addColumn("user_code", "text", (col) => col.notNull().unique())
 		.addColumn("scopes", "text", (col) => col.notNull()) // JSON array
@@ -83,7 +98,7 @@ export async function up(db: Kysely<unknown>): Promise<void> {
 }
 
 export async function down(db: Kysely<unknown>): Promise<void> {
-	await db.schema.dropTable("_emdash_device_codes").execute();
-	await db.schema.dropTable("_emdash_oauth_tokens").execute();
-	await db.schema.dropTable("_emdash_api_tokens").execute();
+	await db.schema.dropTable("_emdash_device_codes").ifExists().execute();
+	await db.schema.dropTable("_emdash_oauth_tokens").ifExists().execute();
+	await db.schema.dropTable("_emdash_api_tokens").ifExists().execute();
 }

package/src/database/migrations/037_credential_algorithm.ts

@@ -0,0 +1,18 @@
+import { type Kysely } from "kysely";
+
+import { columnExists } from "../dialect-helpers.js";
+
+export async function up(db: Kysely<unknown>): Promise<void> {
+	if (!(await columnExists(db, "credentials", "algorithm"))) {
+		await db.schema
+			.alterTable("credentials")
+			.addColumn("algorithm", "integer", (col) => col.notNull().defaultTo(-7))
+			.execute();
+	}
+}
+
+export async function down(db: Kysely<unknown>): Promise<void> {
+	if (await columnExists(db, "credentials", "algorithm")) {
+		await db.schema.alterTable("credentials").dropColumn("algorithm").execute();
+	}
+}

package/src/database/migrations/runner.ts

@@ -37,6 +37,7 @@ import * as m033 from "./033_optimize_content_indexes.js";
 import * as m034 from "./034_published_at_index.js";
 import * as m035 from "./035_bounded_404_log.js";
 import * as m036 from "./036_i18n_menus_and_taxonomies.js";
+import * as m037 from "./037_credential_algorithm.js";
 
 const MIGRATIONS: Readonly<Record<string, Migration>> = Object.freeze({
 	"001_initial": m001,
@@ -74,6 +75,7 @@ const MIGRATIONS: Readonly<Record<string, Migration>> = Object.freeze({
 	"034_published_at_index": m034,
 	"035_bounded_404_log": m035,
 	"036_i18n_menus_and_taxonomies": m036,
+	"037_credential_algorithm": m037,
 });
 
 /** Total number of registered migrations. Exported for use in tests. */

package/src/database/repositories/media.ts

@@ -1,4 +1,4 @@
-import { sql, type Kysely, type SqlBool } from "kysely";
+import { sql, type ExpressionBuilder, type Kysely, type SqlBool } from "kysely";
 import { ulid } from "ulidx";
 
 import type { Database, MediaRow } from "../types.js";
@@ -10,6 +10,35 @@ function escapeLike(value: string): string {
 	return value.replaceAll("\\", "\\\\").replaceAll("%", "\\%").replaceAll("_", "\\_");
 }
 
+/**
+ * Normalize a mimeType filter (string or array) into a clean string[].
+ * Entries that are empty strings are dropped.
+ */
+function normalizeMimeFilter(input?: string | readonly string[]): string[] {
+	if (!input) return [];
+	const arr = Array.isArray(input) ? input : [input];
+	return arr
+		.filter((entry): entry is string => typeof entry === "string" && entry.length > 0)
+		.map((entry) =>
+			entry.endsWith("/") ? entry.toLowerCase() : entry.split(";")[0]!.trim().toLowerCase(),
+		);
+}
+
+/**
+ * Build a WHERE clause that matches `mime_type` against any of the given
+ * filter entries — exact equality for full MIMEs, LIKE prefix for entries
+ * ending in "/".
+ */
+function mimeMatchExpr(eb: ExpressionBuilder<Database, "media">, filters: string[]) {
+	return eb.or(
+		filters.map((entry) =>
+			entry.endsWith("/")
+				? sql<SqlBool>`mime_type LIKE ${`${escapeLike(entry)}%`} ESCAPE '\\'`
+				: eb("mime_type", "=", entry),
+		),
+	);
+}
+
 export type MediaStatus = "pending" | "ready" | "failed";
 
 export interface MediaItem {
@@ -49,7 +78,8 @@ export interface CreateMediaInput {
 export interface FindManyMediaOptions {
 	limit?: number;
 	cursor?: string;
-	mimeType?: string; // Filter by mime type prefix, e.g., "image/"
+	/** Filter by MIME type. Pass a string for a single prefix/exact, or an array to match any. Strings ending with "/" are treated as LIKE prefix matches; others are exact equality. */
+	mimeType?: string | readonly string[];
 	status?: MediaStatus | "all"; // Filter by status, defaults to "ready"
 }
 
@@ -215,9 +245,9 @@ export class MediaRepository {
 			);
 		}
 
-		if (options.mimeType) {
-			const pattern = `${escapeLike(options.mimeType)}%`;
-			query = query.where(sql<SqlBool>`mime_type LIKE ${pattern} ESCAPE '\\'`);
+		const mimeFilters = normalizeMimeFilter(options.mimeType);
+		if (mimeFilters.length > 0) {
+			query = query.where((eb) => mimeMatchExpr(eb, mimeFilters));
 		}
 
 		// Default to only showing ready items
@@ -276,12 +306,12 @@ export class MediaRepository {
 	/**
 	 * Count media items
 	 */
-	async count(mimeType?: string): Promise<number> {
-		let query = this.db.selectFrom("media").select((eb) => eb.fn.count("id").as("count"));
+	async count(mimeType?: string | readonly string[]): Promise<number> {
+		const filters = normalizeMimeFilter(mimeType);
+		let query = this.db.selectFrom("media").select((eb) => eb.fn.count<number>("id").as("count"));
 
-		if (mimeType) {
-			const pattern = `${escapeLike(mimeType)}%`;
-			query = query.where(sql<SqlBool>`mime_type LIKE ${pattern} ESCAPE '\\'`);
+		if (filters.length > 0) {
+			query = query.where((eb) => mimeMatchExpr(eb, filters));
 		}
 
 		const result = await query.executeTakeFirst();

package/src/database/types.ts

@@ -76,7 +76,8 @@ export interface UserTable {
 export interface CredentialTable {
 	id: string; // Base64url credential ID
 	user_id: string;
-	public_key: Uint8Array; // COSE public key
+	public_key: Uint8Array; // SEC1 or PKIX encoded public key
+	algorithm: number;
 	counter: number;
 	device_type: string; // 'singleDevice' | 'multiDevice'
 	backed_up: number; // 0 or 1

package/src/emdash-runtime.ts

@@ -1287,6 +1287,8 @@ export class EmDashRuntime {
 						// or arbitrary `Record<string, unknown>` for plugin field widgets that
 						// need per-field config (e.g. a checkbox grid receiving its column defs).
 						options?: Array<{ value: string; label: string }> | Record<string, unknown>;
+						id?: string;
+						validation?: Record<string, unknown>;
 					}
 				> = {};
 
@@ -1296,6 +1298,9 @@ export class EmDashRuntime {
 						label: field.label,
 						required: field.required,
 					};
+					// Always include the field's database ID so the admin can forward it
+					// to upload/media-list API calls for MIME allowlist widening.
+					entry.id = field.id;
 					if (field.widget) entry.widget = field.widget;
 					// Plugin field widgets read their per-field config from `field.options`,
 					// which the seed schema types as `Record<string, unknown>`. Pass it
@@ -1312,8 +1317,12 @@ export class EmDashRuntime {
 						}));
 					}
 					// Include full validation for repeater fields (subFields, minItems, maxItems)
-					if (field.type === "repeater" && field.validation) {
-						(entry as Record<string, unknown>).validation = field.validation;
+					// and for file/image fields (allowedMimeTypes).
+					if (
+						(field.type === "repeater" || field.type === "file" || field.type === "image") &&
+						field.validation
+					) {
+						entry.validation = { ...field.validation };
 					}
 					fields[field.slug] = entry;
 				}
@@ -1980,7 +1989,11 @@ export class EmDashRuntime {
 	// Media Handlers
 	// =========================================================================
 
-	async handleMediaList(params: { cursor?: string; limit?: number; mimeType?: string }) {
+	async handleMediaList(params: {
+		cursor?: string;
+		limit?: number;
+		mimeType?: string | readonly string[];
+	}) {
 		return handleMediaList(this.db, params);
 	}
 

package/src/fields/file.ts

@@ -5,13 +5,10 @@ import type { FieldDefinition, FieldUIHints, FileValue } from "./types.js";
 export interface FileOptions {
 	required?: boolean;
 	maxSize?: number; // In bytes
-	allowedTypes?: string[]; // MIME types
+	allowedTypes?: string[]; // MIME types — exact (image/png) or prefix (image/)
 	helpText?: string;
 }
 
-/**
- * File field - file upload
- */
 export function file(options: FileOptions = {}): FieldDefinition<FileValue> {
 	const fileObjSchema = z.object({
 		id: z.string(),
@@ -21,21 +18,25 @@ export function file(options: FileOptions = {}): FieldDefinition<FileValue> {
 		size: z.number(),
 	});
 
-	// Optional vs required
 	const schema: z.ZodTypeAny = options.required ? fileObjSchema : fileObjSchema.optional();
 
 	const ui: FieldUIHints = {
 		widget: "file",
 		helpText: options.helpText,
 		maxSize: options.maxSize,
-		allowedTypes: options.allowedTypes,
 	};
 
+	const validation =
+		options.allowedTypes && options.allowedTypes.length > 0
+			? { allowedMimeTypes: [...options.allowedTypes] }
+			: undefined;
+
 	return {
 		type: "file",
 		columnType: "TEXT",
 		schema,
 		options,
 		ui,
+		validation,
 	};
 }

package/src/fields/image.ts

@@ -2,9 +2,6 @@ import { z } from "astro/zod";
 
 import type { FieldDefinition, ImageValue } from "./types.js";
 
-/**
- * Image field schema
- */
 const imageSchema = z.object({
 	id: z.string(),
 	src: z.string(),
@@ -13,22 +10,26 @@ const imageSchema = z.object({
 	height: z.number().optional(),
 });
 
-/**
- * Image field
- * References media items from the media library
- */
-export function image(options?: {
+export interface ImageOptions {
 	required?: boolean;
 	maxSize?: number; // in bytes
-	allowedTypes?: string[]; // MIME types
-}): FieldDefinition<ImageValue | undefined> {
+	allowedTypes?: string[]; // MIME types — exact or prefix
+}
+
+export function image(options: ImageOptions = {}): FieldDefinition<ImageValue | undefined> {
+	const validation =
+		options.allowedTypes && options.allowedTypes.length > 0
+			? { allowedMimeTypes: [...options.allowedTypes] }
+			: undefined;
+
 	return {
 		type: "image",
 		columnType: "TEXT",
-		schema: options?.required === false ? imageSchema.optional() : imageSchema,
+		schema: options.required === false ? imageSchema.optional() : imageSchema,
 		options,
 		ui: {
 			widget: "image",
 		},
+		validation,
 	};
 }

package/src/fields/types.ts

@@ -1,5 +1,7 @@
 import type { z } from "astro/zod";
 
+import type { FieldValidation } from "../schema/types.js";
+
 /**
  * SQLite column types that map from field types
  */
@@ -19,6 +21,7 @@ export interface FieldDefinition<_T = unknown> {
 	schema: z.ZodTypeAny;
 	options?: unknown;
 	ui?: FieldUIHints;
+	validation?: FieldValidation;
 }
 
 /**

package/src/index.ts

@@ -27,7 +27,7 @@ export type {
 export type { MediaItem, CreateMediaInput } from "./database/repositories/media.js";
 
 // Fields
-export { portableText, image, reference } from "./fields/index.js";
+export { portableText, image, file, reference } from "./fields/index.js";
 export { normalizeMediaValue } from "./media/normalize.js";
 export { generatePlaceholder } from "./media/placeholder.js";
 export type { PlaceholderData } from "./media/placeholder.js";

package/src/mcp/server.ts

@@ -1993,13 +1993,23 @@ export function createMcpServer(): McpServer {
 			description:
 				"Create a new navigation menu. The `name` is the stable identifier used " +
 				"by site templates (e.g. 'main', 'footer'); `label` is the human-readable " +
-				"name shown in the admin. Add items afterwards with menu_set_items.",
+				"name shown in the admin. Menus are per-locale, so pass `locale` when " +
+				"the same menu name exists in multiple translations. Add items afterwards " +
+				"with menu_set_items. If `translationOf` is set, `locale` must also be set.",
+			// `locale`-when-`translationOf` is enforced inside handleMenuCreate
+			// so REST/SDK callers get the same guard. The description above
+			// documents the rule; the handler returns VALIDATION_ERROR.
 			inputSchema: z.object({
 				name: z
 					.string()
 					.regex(COLLECTION_SLUG_PATTERN)
 					.describe("Stable identifier (lowercase letters, numbers, underscores)"),
 				label: z.string().describe("Display name for the admin"),
+				locale: z.string().optional().describe("Locale for this menu (e.g. 'fr-fr')"),
+				translationOf: z
+					.string()
+					.optional()
+					.describe("Existing menu id to create this locale variant from"),
 			}),
 		},
 		async (args, extra) => {
@@ -2008,7 +2018,14 @@ export function createMcpServer(): McpServer {
 			const ec = getEmDash(extra);
 			try {
 				const { handleMenuCreate } = await import("../api/handlers/menus.js");
-				return unwrap(await handleMenuCreate(ec.db, { name: args.name, label: args.label }));
+				return unwrap(
+					await handleMenuCreate(ec.db, {
+						name: args.name,
+						label: args.label,
+						locale: args.locale,
+						translationOf: args.translationOf,
+					}),
+				);
 			} catch (error) {
 				return respondHandlerError(error, "MENU_CREATE_ERROR");
 			}
@@ -2019,10 +2036,13 @@ export function createMcpServer(): McpServer {
 		"menu_update",
 		{
 			title: "Update Menu",
-			description: "Update a menu's label. The `name` (stable identifier) cannot be changed.",
+			description:
+				"Update a menu's label. The `name` (stable identifier) cannot be changed. " +
+				"On multi-locale installs, pass `locale` so the correct translation is updated.",
 			inputSchema: z.object({
 				name: z.string().describe("Menu name to update"),
 				label: z.string().describe("New display label"),
+				locale: z.string().optional().describe("Locale of the menu to update"),
 			}),
 		},
 		async (args, extra) => {
@@ -2031,7 +2051,9 @@ export function createMcpServer(): McpServer {
 			const ec = getEmDash(extra);
 			try {
 				const { handleMenuUpdate } = await import("../api/handlers/menus.js");
-				return unwrap(await handleMenuUpdate(ec.db, args.name, { label: args.label }));
+				return unwrap(
+					await handleMenuUpdate(ec.db, args.name, { label: args.label, locale: args.locale }),
+				);
 			} catch (error) {
 				return respondHandlerError(error, "MENU_UPDATE_ERROR");
 			}
@@ -2042,9 +2064,12 @@ export function createMcpServer(): McpServer {
 		"menu_delete",
 		{
 			title: "Delete Menu",
-			description: "Delete a menu. Items are also removed. Cannot be undone.",
+			description:
+				"Delete a menu. Items are also removed. Cannot be undone. On multi-locale " +
+				"installs, pass `locale` so only the intended translation is removed.",
 			inputSchema: z.object({
 				name: z.string().describe("Menu name to delete"),
+				locale: z.string().optional().describe("Locale of the menu to delete"),
 			}),
 			annotations: { destructiveHint: true },
 		},
@@ -2054,7 +2079,7 @@ export function createMcpServer(): McpServer {
 			const ec = getEmDash(extra);
 			try {
 				const { handleMenuDelete } = await import("../api/handlers/menus.js");
-				return unwrap(await handleMenuDelete(ec.db, args.name));
+				return unwrap(await handleMenuDelete(ec.db, args.name, { locale: args.locale }));
 			} catch (error) {
 				return respondHandlerError(error, "MENU_DELETE_ERROR");
 			}
@@ -2069,9 +2094,11 @@ export function createMcpServer(): McpServer {
 				"Replace the entire item list of a menu in one call. This is atomic: the " +
 				"existing items are deleted and the new list is inserted in the order " +
 				"provided. Use this rather than per-item add/remove tools so the resulting " +
-				"order and parent links are unambiguous.",
+				"order and parent links are unambiguous. On multi-locale installs, pass " +
+				"`locale` so only the intended translation is rewritten.",
 			inputSchema: z.object({
 				name: z.string().describe("Menu name to update"),
+				locale: z.string().optional().describe("Locale of the menu to rewrite"),
 				items: z
 					.array(
 						z.object({
@@ -2115,7 +2142,9 @@ export function createMcpServer(): McpServer {
 			const ec = getEmDash(extra);
 			try {
 				const { handleMenuSetItems } = await import("../api/handlers/menus.js");
-				return unwrap(await handleMenuSetItems(ec.db, args.name, args.items));
+				return unwrap(
+					await handleMenuSetItems(ec.db, args.name, args.items, { locale: args.locale }),
+				);
 			} catch (error) {
 				return respondHandlerError(error, "MENU_SET_ITEMS_ERROR");
 			}