npm - emdash - Versions diffs - 0.14.0 → 0.16.0 - Mend

emdash 0.14.0 → 0.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (650) hide show

package/src/astro/routes/api/content/[collection]/[id]/unpublish.ts CHANGED Viewed

@@ -32,12 +32,12 @@ export const POST: APIRoute = async ({ params, locals, cache }) => {
 	const existingData =
 		existing.data && typeof existing.data === "object"
-			? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- handler returns unknown data; narrowed by typeof check above
+			? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- handler returns unknown data; narrowed by typeof check above
 				(existing.data as Record<string, unknown>)
 			: undefined;
 	const existingItem =
 		existingData?.item && typeof existingData.item === "object"
-			? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- narrowed by typeof check above
+			? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- narrowed by typeof check above
 				(existingData.item as Record<string, unknown>)
 			: existingData;
 	const authorId = typeof existingItem?.authorId === "string" ? existingItem.authorId : "";

package/src/astro/routes/api/content/[collection]/[id].ts CHANGED Viewed

@@ -35,12 +35,12 @@ export const GET: APIRoute = async ({ params, url, locals }) => {
 	if (result.success && !hasPermission(user, "content:read_drafts")) {
 		const data =
 			result.data && typeof result.data === "object"
-				? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- handler returns unknown data; narrowed by typeof check
+				? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- handler returns unknown data; narrowed by typeof check
 					(result.data as Record<string, unknown>)
 				: undefined;
 		const item =
 			data?.item && typeof data.item === "object"
-				? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- narrowed by typeof check
+				? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- narrowed by typeof check
 					(data.item as Record<string, unknown>)
 				: undefined;
 		const status = typeof item?.status === "string" ? item.status : null;
@@ -87,13 +87,13 @@ export const PUT: APIRoute = async ({ params, request, locals, cache }) => {
 	const existingData =
 		existing.data && typeof existing.data === "object"
-			? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- handler returns unknown data; narrowed by typeof check above
+			? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- handler returns unknown data; narrowed by typeof check above
 				(existing.data as Record<string, unknown>)
 			: undefined;
 	// Handler returns { item, _rev } — extract the item for ownership and ID resolution
 	const existingItem =
 		existingData?.item && typeof existingData.item === "object"
-			? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- narrowed by typeof check above
+			? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- narrowed by typeof check above
 				(existingData.item as Record<string, unknown>)
 			: existingData;
 	const authorId = typeof existingItem?.authorId === "string" ? existingItem.authorId : "";
@@ -151,13 +151,13 @@ export const DELETE: APIRoute = async ({ params, locals, cache }) => {
 	const deleteData =
 		existing.data && typeof existing.data === "object"
-			? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- handler returns unknown data; narrowed by typeof check above
+			? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- handler returns unknown data; narrowed by typeof check above
 				(existing.data as Record<string, unknown>)
 			: undefined;
 	// Handler returns { item, _rev } — extract the item for ownership and ID resolution
 	const deleteItem =
 		deleteData?.item && typeof deleteData.item === "object"
-			? // eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- narrowed by typeof check above
+			? // eslint-disable-next-line typescript/no-unsafe-type-assertion -- narrowed by typeof check above
 				(deleteData.item as Record<string, unknown>)
 			: deleteData;
 	const authorId = typeof deleteItem?.authorId === "string" ? deleteItem.authorId : "";

package/src/astro/routes/api/import/wordpress/execute.ts CHANGED Viewed

@@ -376,7 +376,7 @@ export async function importContent(
 				// `api/handlers/content.ts`). `HandlerResponse.data` is
 				// typed as `unknown` to avoid coupling the route surface to
 				// internal handler types, so we narrow here.
-				// eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- handler contract documented at handleContentCreate
+				// eslint-disable-next-line typescript/no-unsafe-type-assertion -- handler contract documented at handleContentCreate
 				const createdItem = (createResult.data as { item: { id: string } } | undefined)?.item;
 				// Track translation group: the first imported post in a group

package/src/astro/routes/api/import/wordpress/prepare.ts CHANGED Viewed

@@ -20,7 +20,7 @@ import { capitalize, sanitizeSlug, singularize, type ImportFieldDef } from "./an
 /** Validate that a string is a known FieldType, returning undefined if not */
 function asFieldType(value: string): FieldType | undefined {
-	// eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- validated by includes check
+	// eslint-disable-next-line typescript/no-unsafe-type-assertion -- validated by includes check
 	return (FIELD_TYPES as readonly string[]).includes(value) ? (value as FieldType) : undefined;
 }
@@ -55,7 +55,7 @@ export const POST: APIRoute = async ({ request, locals }) => {
 		const body = await parseBody(request, wpPrepareBody);
 		if (isParseError(body)) return body;
-		// eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- Zod schema output narrowed to PrepareRequest
+		// eslint-disable-next-line typescript/no-unsafe-type-assertion -- Zod schema output narrowed to PrepareRequest
 		const result = await prepareImport(emdash.db, body as PrepareRequest);
 		// Invalidate the URL pattern cache when prepare adds new collections so

package/src/astro/routes/api/import/wordpress/rewrite-url-helpers.ts CHANGED Viewed

@@ -27,6 +27,28 @@ export function buildBaseUrlMap(urlMap: Record<string, string>): Map<string, str
 	return baseMap;
 }
+/**
+ * Extract the URL to match from a stored media field value.
+ *
+ * Image/file columns hold a JSON-stringified MediaValue
+ * (e.g. `{"provider":"external","id":"","src":"https://.../hero.jpg"}`), but legacy
+ * rows may hold a bare URL string. Returns the inner `src` for a MediaValue, otherwise
+ * the value unchanged. Without this, the whole JSON blob is passed to findMatchingUrl()
+ * and the embedded URL is never matched.
+ */
+export function extractMediaUrl(value: string): string {
+	try {
+		// eslint-disable-next-line typescript/no-unsafe-type-assertion -- shape validated below
+		const parsed = JSON.parse(value) as { src?: unknown };
+		if (parsed && typeof parsed.src === "string") {
+			return parsed.src;
+		}
+	} catch {
+		// Not JSON — treat the column value as a bare URL.
+	}
+	return value;
+}
 /**
  * Find matching new URL for a given URL, checking exact, base, and WordPress image-size matches
  */

package/src/astro/routes/api/import/wordpress/rewrite-urls.ts CHANGED Viewed

@@ -24,6 +24,7 @@ import type { EmDashHandlers } from "#types";
 import {
 	buildBaseUrlMap,
+	extractMediaUrl,
 	findMatchingUrl,
 	rewritePortableTextUrls,
 	rewriteStringUrls,
@@ -134,7 +135,7 @@ async function rewriteUrls(
 					if (!value || typeof value !== "string") continue;
 					try {
-						// eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- JSON.parse returns unknown; validated by Array.isArray below
+						// eslint-disable-next-line typescript/no-unsafe-type-assertion -- JSON.parse returns unknown; validated by Array.isArray below
 						const blocks = JSON.parse(value) as PortableTextBlock[];
 						if (!Array.isArray(blocks)) continue;
@@ -174,8 +175,10 @@ async function rewriteUrls(
 					const value = row[field.slug];
 					if (!value || typeof value !== "string") continue;
-					// Try to find a matching rewritten URL
-					const newUrl = findMatchingUrl(value, urlMap, baseMap);
+					// Values are stored as JSON MediaValue objects (e.g. featured_image from
+					// import normalizes to {"provider":"external","src":"<wp url>"}). Match on the
+					// inner `src`, falling back to the raw value for legacy bare-URL rows.
+					const newUrl = findMatchingUrl(extractMediaUrl(value), urlMap, baseMap);
 					if (newUrl) {
 						// Normalize into a proper MediaValue instead of storing a bare URL
 						try {
@@ -192,11 +195,11 @@ async function rewriteUrls(
 				if (rowUpdated) {
 					try {
 						// Build update query dynamically
-						// eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- Kysely dynamic table requires type assertion
+						// eslint-disable-next-line typescript/no-unsafe-type-assertion -- Kysely dynamic table requires type assertion
 						let query = db.updateTable(tableName as any).where("id", "=", row.id);
 						for (const [key, value] of Object.entries(updates)) {
-							// eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- Kysely dynamic column update requires type assertion
+							// eslint-disable-next-line typescript/no-unsafe-type-assertion -- Kysely dynamic column update requires type assertion
 							query = query.set({ [key]: value } as any);
 						}

package/src/astro/routes/api/import/wordpress-plugin/execute.ts CHANGED Viewed

@@ -60,7 +60,7 @@ export const POST: APIRoute = async ({ request, locals }) => {
 			return apiError("SSRF_BLOCKED", msg, 400);
 		}
-		// eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- Zod schema output narrowed to WpPluginImportConfig
+		// eslint-disable-next-line typescript/no-unsafe-type-assertion -- Zod schema output narrowed to WpPluginImportConfig
 		const config = body.config as unknown as WpPluginImportConfig;
 		// Get the WordPress plugin source
@@ -316,7 +316,7 @@ async function importContent(
 				// Track translation group: first item in a group establishes the mapping
 				if (item.translationGroup && !translationGroupMap.has(item.translationGroup)) {
-					// eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- handler success data includes id
+					// eslint-disable-next-line typescript/no-unsafe-type-assertion -- handler success data includes id
 					const createdData = createResult.data as { id?: string } | undefined;
 					if (createdData?.id) {
 						translationGroupMap.set(item.translationGroup, createdData.id);

package/src/astro/routes/api/media/upload-url.ts CHANGED Viewed

@@ -136,7 +136,7 @@ export const POST: APIRoute = async ({ request, locals }) => {
 		if (
 			error instanceof Error &&
 			"code" in error &&
-			// eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- narrowing error to check custom code property after "code" in error guard
+			// eslint-disable-next-line typescript/no-unsafe-type-assertion -- narrowing error to check custom code property after "code" in error guard
 			(error as { code: string }).code === "NOT_SUPPORTED"
 		) {
 			return apiError(

package/src/astro/routes/api/redirects/404s/index.ts CHANGED Viewed

@@ -24,7 +24,7 @@ export const GET: APIRoute = async ({ url, locals }) => {
 	const { emdash, user } = locals;
 	const dbErr = requireDb(emdash?.db);
 	if (dbErr) return dbErr;
-	const db = emdash!.db;
+	const db = emdash.db;
 	const denied = requirePerm(user, "redirects:read");
 	if (denied) return denied;
@@ -44,7 +44,7 @@ export const DELETE: APIRoute = async ({ locals }) => {
 	const { emdash, user } = locals;
 	const dbErr = requireDb(emdash?.db);
 	if (dbErr) return dbErr;
-	const db = emdash!.db;
+	const db = emdash.db;
 	const denied = requirePerm(user, "redirects:manage");
 	if (denied) return denied;
@@ -61,7 +61,7 @@ export const POST: APIRoute = async ({ request, locals }) => {
 	const { emdash, user } = locals;
 	const dbErr = requireDb(emdash?.db);
 	if (dbErr) return dbErr;
-	const db = emdash!.db;
+	const db = emdash.db;
 	const denied = requirePerm(user, "redirects:manage");
 	if (denied) return denied;

package/src/astro/routes/api/redirects/404s/summary.ts CHANGED Viewed

@@ -18,7 +18,7 @@ export const GET: APIRoute = async ({ url, locals }) => {
 	const { emdash, user } = locals;
 	const dbErr = requireDb(emdash?.db);
 	if (dbErr) return dbErr;
-	const db = emdash!.db;
+	const db = emdash.db;
 	const denied = requirePerm(user, "redirects:read");
 	if (denied) return denied;

package/src/astro/routes/api/redirects/[id].ts CHANGED Viewed

@@ -25,7 +25,7 @@ export const GET: APIRoute = async ({ params, locals }) => {
 	const { emdash, user } = locals;
 	const dbErr = requireDb(emdash?.db);
 	if (dbErr) return dbErr;
-	const db = emdash!.db;
+	const db = emdash.db;
 	const { id } = params;
 	const denied = requirePerm(user, "redirects:read");
@@ -47,7 +47,7 @@ export const PUT: APIRoute = async ({ params, request, locals }) => {
 	const { emdash, user } = locals;
 	const dbErr = requireDb(emdash?.db);
 	if (dbErr) return dbErr;
-	const db = emdash!.db;
+	const db = emdash.db;
 	const { id } = params;
 	const denied = requirePerm(user, "redirects:manage");
@@ -73,7 +73,7 @@ export const DELETE: APIRoute = async ({ params, locals }) => {
 	const { emdash, user } = locals;
 	const dbErr = requireDb(emdash?.db);
 	if (dbErr) return dbErr;
-	const db = emdash!.db;
+	const db = emdash.db;
 	const { id } = params;
 	const denied = requirePerm(user, "redirects:manage");

package/src/astro/routes/api/redirects/index.ts CHANGED Viewed

@@ -20,7 +20,7 @@ export const GET: APIRoute = async ({ url, locals }) => {
 	const { emdash, user } = locals;
 	const dbErr = requireDb(emdash?.db);
 	if (dbErr) return dbErr;
-	const db = emdash!.db;
+	const db = emdash.db;
 	const denied = requirePerm(user, "redirects:read");
 	if (denied) return denied;
@@ -40,7 +40,7 @@ export const POST: APIRoute = async ({ request, locals }) => {
 	const { emdash, user } = locals;
 	const dbErr = requireDb(emdash?.db);
 	if (dbErr) return dbErr;
-	const db = emdash!.db;
+	const db = emdash.db;
 	const denied = requirePerm(user, "redirects:manage");
 	if (denied) return denied;

package/src/astro/routes/api/schema/collections/[slug]/fields/[fieldSlug].ts CHANGED Viewed

@@ -32,7 +32,7 @@ export const GET: APIRoute = async ({ params, locals }) => {
 	const denied = requirePerm(user, "schema:read");
 	if (denied) return denied;
-	const result = await handleSchemaFieldGet(emdash!.db, collectionSlug, fieldSlug);
+	const result = await handleSchemaFieldGet(emdash.db, collectionSlug, fieldSlug);
 	return unwrapResult(result);
 };
@@ -50,9 +50,9 @@ export const PUT: APIRoute = async ({ params, request, locals }) => {
 	const body = await parseBody(request, updateFieldBody);
 	if (isParseError(body)) return body;
-	// eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- body is Zod-validated via parseBody(request, updateFieldBody) above
+	// eslint-disable-next-line typescript/no-unsafe-type-assertion -- body is Zod-validated via parseBody(request, updateFieldBody) above
 	const result = await handleSchemaFieldUpdate(
-		emdash!.db,
+		emdash.db,
 		collectionSlug,
 		fieldSlug,
 		body as UpdateFieldInput,
@@ -71,6 +71,6 @@ export const DELETE: APIRoute = async ({ params, locals }) => {
 	const denied = requirePerm(user, "schema:manage");
 	if (denied) return denied;
-	const result = await handleSchemaFieldDelete(emdash!.db, collectionSlug, fieldSlug);
+	const result = await handleSchemaFieldDelete(emdash.db, collectionSlug, fieldSlug);
 	return unwrapResult(result);
 };

package/src/astro/routes/api/schema/collections/[slug]/fields/index.ts CHANGED Viewed

@@ -26,7 +26,7 @@ export const GET: APIRoute = async ({ params, locals }) => {
 	const denied = requirePerm(user, "schema:read");
 	if (denied) return denied;
-	const result = await handleSchemaFieldList(emdash!.db, collectionSlug);
+	const result = await handleSchemaFieldList(emdash.db, collectionSlug);
 	return unwrapResult(result);
 };
@@ -43,10 +43,6 @@ export const POST: APIRoute = async ({ params, request, locals }) => {
 	const body = await parseBody(request, createFieldBody);
 	if (isParseError(body)) return body;
-	const result = await handleSchemaFieldCreate(
-		emdash!.db,
-		collectionSlug,
-		body as CreateFieldInput,
-	);
+	const result = await handleSchemaFieldCreate(emdash.db, collectionSlug, body as CreateFieldInput);
 	return unwrapResult(result, 201);
 };

package/src/astro/routes/api/schema/collections/[slug]/fields/reorder.ts CHANGED Viewed

@@ -27,6 +27,6 @@ export const POST: APIRoute = async ({ params, request, locals }) => {
 	const body = await parseBody(request, fieldReorderBody);
 	if (isParseError(body)) return body;
-	const result = await handleSchemaFieldReorder(emdash!.db, collectionSlug, body.fieldSlugs);
+	const result = await handleSchemaFieldReorder(emdash.db, collectionSlug, body.fieldSlugs);
 	return unwrapResult(result);
 };

package/src/astro/routes/api/schema/collections/[slug]/index.ts CHANGED Viewed

@@ -34,7 +34,7 @@ export const GET: APIRoute = async ({ params, url, locals }) => {
 	const query = parseQuery(url, collectionGetQuery);
 	if (isParseError(query)) return query;
-	const result = await handleSchemaCollectionGet(emdash!.db, slug, {
+	const result = await handleSchemaCollectionGet(emdash.db, slug, {
 		includeFields: query.includeFields ?? false,
 	});
 	return unwrapResult(result);
@@ -54,12 +54,12 @@ export const PUT: APIRoute = async ({ params, request, locals }) => {
 	if (isParseError(body)) return body;
 	const result = await handleSchemaCollectionUpdate(
-		emdash!.db,
+		emdash.db,
 		slug,
-		// eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- parseBody validates via Zod
+		// eslint-disable-next-line typescript/no-unsafe-type-assertion -- parseBody validates via Zod
 		body as UpdateCollectionInput,
 	);
-	emdash!.invalidateUrlPatternCache();
+	emdash.invalidateUrlPatternCache();
 	return unwrapResult(result);
 };
@@ -74,9 +74,9 @@ export const DELETE: APIRoute = async ({ params, url, locals }) => {
 	const denied = requirePerm(user, "schema:manage");
 	if (denied) return denied;
-	const result = await handleSchemaCollectionDelete(emdash!.db, slug, {
+	const result = await handleSchemaCollectionDelete(emdash.db, slug, {
 		force,
 	});
-	emdash!.invalidateUrlPatternCache();
+	emdash.invalidateUrlPatternCache();
 	return unwrapResult(result);
 };

package/src/astro/routes/api/schema/collections/index.ts CHANGED Viewed

@@ -25,7 +25,7 @@ export const GET: APIRoute = async ({ locals }) => {
 	const denied = requirePerm(user, "schema:read");
 	if (denied) return denied;
-	const result = await handleSchemaCollectionList(emdash!.db);
+	const result = await handleSchemaCollectionList(emdash.db);
 	return unwrapResult(result);
 };
@@ -41,8 +41,8 @@ export const POST: APIRoute = async ({ request, locals }) => {
 	const body = await parseBody(request, createCollectionBody);
 	if (isParseError(body)) return body;
-	// eslint-disable-next-line typescript-eslint(no-unsafe-type-assertion) -- Zod schema output narrowed to CreateCollectionInput
-	const result = await handleSchemaCollectionCreate(emdash!.db, body as CreateCollectionInput);
-	emdash!.invalidateUrlPatternCache();
+	// eslint-disable-next-line typescript/no-unsafe-type-assertion -- Zod schema output narrowed to CreateCollectionInput
+	const result = await handleSchemaCollectionCreate(emdash.db, body as CreateCollectionInput);
+	emdash.invalidateUrlPatternCache();
 	return unwrapResult(result, 201);
 };

package/src/astro/routes/api/schema/index.ts CHANGED Viewed

@@ -29,7 +29,7 @@ export const GET: APIRoute = async ({ request, locals }) => {
 	if (denied) return denied;
 	try {
-		const registry = new SchemaRegistry(emdash!.db);
+		const registry = new SchemaRegistry(emdash.db);
 		// Get all collections with their fields
 		const collections = await registry.listCollections();

package/src/astro/routes/api/schema/orphans/[slug].ts CHANGED Viewed

@@ -31,6 +31,6 @@ export const POST: APIRoute = async ({ params, request, locals }) => {
 	const options = await parseOptionalBody(request, orphanRegisterBody, {});
 	if (isParseError(options)) return options;
-	const result = await handleOrphanedTableRegister(emdash!.db, slug, options);
+	const result = await handleOrphanedTableRegister(emdash.db, slug, options);
 	return unwrapResult(result, 201);
 };

package/src/astro/routes/api/schema/orphans/index.ts CHANGED Viewed

@@ -21,6 +21,6 @@ export const GET: APIRoute = async ({ locals }) => {
 	const denied = requirePerm(user, "schema:manage");
 	if (denied) return denied;
-	const result = await handleOrphanedTableList(emdash!.db);
+	const result = await handleOrphanedTableList(emdash.db);
 	return unwrapResult(result);
 };

package/src/astro/routes/api/sections/[slug].ts CHANGED Viewed

@@ -24,7 +24,7 @@ export const GET: APIRoute = async ({ params, locals }) => {
 	const { emdash, user } = locals;
 	const dbErr = requireDb(emdash?.db);
 	if (dbErr) return dbErr;
-	const db = emdash!.db;
+	const db = emdash.db;
 	const { slug } = params;
 	const denied = requirePerm(user, "sections:read");
@@ -46,7 +46,7 @@ export const PUT: APIRoute = async ({ params, request, locals }) => {
 	const { emdash, user } = locals;
 	const dbErr = requireDb(emdash?.db);
 	if (dbErr) return dbErr;
-	const db = emdash!.db;
+	const db = emdash.db;
 	const { slug } = params;
 	const denied = requirePerm(user, "sections:manage");
@@ -71,7 +71,7 @@ export const DELETE: APIRoute = async ({ params, locals }) => {
 	const { emdash, user } = locals;
 	const dbErr = requireDb(emdash?.db);
 	if (dbErr) return dbErr;
-	const db = emdash!.db;
+	const db = emdash.db;
 	const { slug } = params;
 	const denied = requirePerm(user, "sections:manage");

package/src/astro/routes/api/sections/index.ts CHANGED Viewed

@@ -19,7 +19,7 @@ export const GET: APIRoute = async ({ url, locals }) => {
 	const { emdash, user } = locals;
 	const dbErr = requireDb(emdash?.db);
 	if (dbErr) return dbErr;
-	const db = emdash!.db;
+	const db = emdash.db;
 	const denied = requirePerm(user, "sections:read");
 	if (denied) return denied;
@@ -39,7 +39,7 @@ export const POST: APIRoute = async ({ request, locals }) => {
 	const { emdash, user } = locals;
 	const dbErr = requireDb(emdash?.db);
 	if (dbErr) return dbErr;
-	const db = emdash!.db;
+	const db = emdash.db;
 	const denied = requirePerm(user, "sections:manage");
 	if (denied) return denied;

package/src/astro/routes/sitemap-[collection].xml.ts CHANGED Viewed

@@ -5,13 +5,25 @@
  *
  * Uses the collection's url_pattern to build URLs. Falls back to
  * /{collection}/{slug} when no pattern is configured.
+ *
+ * i18n behaviour: when Astro i18n is enabled, the locale prefix is
+ * applied via Astro's own `getRelativeLocaleUrl` (which honours
+ * `prefixDefaultLocale`, custom `path` mappings, and other `routing`
+ * config). Each translation row is emitted as its own `<url>` with
+ * `<xhtml:link rel="alternate" hreflang="...">` entries pointing to
+ * its siblings (grouped by `translation_group`). The default-locale
+ * variant is also linked as `hreflang="x-default"`.
  */
 import type { APIRoute } from "astro";
 import { handleSitemapData } from "#api/handlers/seo.js";
+import { getPublicOrigin } from "#api/public-url.js";
 import { getSiteSettingsWithDb } from "#settings/index.js";
+import { getI18nConfig, isI18nEnabled } from "../../i18n/config.js";
+import { interpolateUrlPattern, localizePath } from "../../i18n/resolve.js";
 export const prerender = false;
 const TRAILING_SLASH_RE = /\/$/;
@@ -20,8 +32,6 @@ const LT_RE = /</g;
 const GT_RE = />/g;
 const QUOT_RE = /"/g;
 const APOS_RE = /'/g;
-const SLUG_PLACEHOLDER = "{slug}";
-const ID_PLACEHOLDER = "{id}";
 export const GET: APIRoute = async ({ params, locals, url }) => {
 	const { emdash } = locals;
@@ -36,7 +46,10 @@ export const GET: APIRoute = async ({ params, locals, url }) => {
 	try {
 		const settings = await getSiteSettingsWithDb(emdash.db);
-		const siteUrl = (settings.url || url.origin).replace(TRAILING_SLASH_RE, "");
+		const siteUrl = (settings.url || getPublicOrigin(url, emdash?.config)).replace(
+			TRAILING_SLASH_RE,
+			"",
+		);
 		const result = await handleSitemapData(emdash.db, collectionSlug);
@@ -55,25 +68,112 @@ export const GET: APIRoute = async ({ params, locals, url }) => {
 			});
 		}
-		const lines: string[] = [
-			'<?xml version="1.0" encoding="UTF-8"?>',
-			'<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">',
-		];
+		const i18nEnabled = isI18nEnabled();
+		const i18nConfig = getI18nConfig();
+		// Group entries by `translation_group` so each <url> can advertise
+		// its sibling translations via xhtml:link. Rows without a group
+		// (legacy/single-locale data) are emitted individually.
+		type Entry = (typeof col.entries)[number];
+		const groups = new Map<string, Entry[]>();
+		const ungrouped: Entry[] = [];
 		for (const entry of col.entries) {
-			const slug = entry.slug || entry.id;
-			const path = col.urlPattern
-				? col.urlPattern
-						.replace(SLUG_PLACEHOLDER, encodeURIComponent(slug))
-						.replace(ID_PLACEHOLDER, encodeURIComponent(entry.id))
-				: `/${encodeURIComponent(col.collection)}/${encodeURIComponent(slug)}`;
+			if (i18nEnabled && entry.translationGroup) {
+				const list = groups.get(entry.translationGroup);
+				if (list) list.push(entry);
+				else groups.set(entry.translationGroup, [entry]);
+			} else {
+				ungrouped.push(entry);
+			}
+		}
-			const loc = `${siteUrl}${path}`;
+		// Resolve every URL up-front so we can reference sibling URLs
+		// while emitting hreflang alternates without re-resolving.
+		// `localizePath` returns `null` when the row's locale isn't in
+		// the configured `i18n.locales` list -- the site can't serve a
+		// route for it, so the entry is dropped from the sitemap and
+		// omitted from sibling alternates.
+		const urlByEntry = new Map<string, string | null>();
+		const resolveEntryUrl = async (entry: Entry): Promise<string | null> => {
+			if (urlByEntry.has(entry.id)) return urlByEntry.get(entry.id) ?? null;
+			const path = interpolateUrlPattern({
+				pattern: col.urlPattern,
+				collection: col.collection,
+				slug: entry.slug || entry.id,
+				id: entry.id,
+			});
+			const localized = await localizePath(path, entry.locale);
+			const absolute = localized === null ? null : `${siteUrl}${localized}`;
+			urlByEntry.set(entry.id, absolute);
+			return absolute;
+		};
+		const useXhtml = i18nEnabled;
+		const lines: string[] = ['<?xml version="1.0" encoding="UTF-8"?>'];
+		lines.push(
+			useXhtml
+				? '<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:xhtml="http://www.w3.org/1999/xhtml">'
+				: '<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">',
+		);
+		const writeUrl = async (entry: Entry, siblings: Entry[] | null) => {
+			const loc = await resolveEntryUrl(entry);
+			// Skip rows whose locale isn't in the configured `i18n.locales`
+			// list. Linking to a route the site can't serve is worse than
+			// no link at all (search engines hit a 404 and downrank).
+			if (loc === null) return;
 			lines.push("  <url>");
 			lines.push(`    <loc>${escapeXml(loc)}</loc>`);
 			lines.push(`    <lastmod>${escapeXml(entry.updatedAt)}</lastmod>`);
+			if (useXhtml && siblings && siblings.length > 1) {
+				// Emit one xhtml:link per sibling (including self -- Google
+				// recommends including the page's own hreflang annotation).
+				// Siblings with unroutable locales are skipped here too.
+				for (const sib of siblings) {
+					const sibLoc = await resolveEntryUrl(sib);
+					if (sibLoc === null) continue;
+					lines.push(
+						`    <xhtml:link rel="alternate" hreflang="${escapeXml(sib.locale)}" href="${escapeXml(sibLoc)}" />`,
+					);
+				}
+				// x-default: prefer the default-locale sibling, otherwise
+				// the first sibling with a routable URL. Stable order:
+				// rows arrive sorted by updated_at DESC from the handler.
+				const defaultSibling =
+					i18nConfig && siblings.find((s) => s.locale === i18nConfig.defaultLocale);
+				let xDefaultLoc: string | null = null;
+				if (defaultSibling) {
+					xDefaultLoc = await resolveEntryUrl(defaultSibling);
+				}
+				if (xDefaultLoc === null) {
+					for (const sib of siblings) {
+						const sibLoc = await resolveEntryUrl(sib);
+						if (sibLoc !== null) {
+							xDefaultLoc = sibLoc;
+							break;
+						}
+					}
+				}
+				if (xDefaultLoc !== null) {
+					lines.push(
+						`    <xhtml:link rel="alternate" hreflang="x-default" href="${escapeXml(xDefaultLoc)}" />`,
+					);
+				}
+			}
 			lines.push("  </url>");
+		};
+		for (const siblings of groups.values()) {
+			for (const entry of siblings) {
+				await writeUrl(entry, siblings);
+			}
+		}
+		for (const entry of ungrouped) {
+			await writeUrl(entry, null);
 		}
 		lines.push("</urlset>");