headroom-cms 0.1.6 → 0.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (75) hide show
  1. package/README.md +9 -82
  2. package/admin/assets/{AdminsPage-BqfhR4Zc.js → AdminsPage-Bt_ekZen.js} +1 -1
  3. package/admin/assets/AllContentPage-CFqEMAl9.js +1 -0
  4. package/admin/assets/{ApiKeysPage-DJjOSLoR.js → ApiKeysPage-BfWCxGhC.js} +1 -1
  5. package/admin/assets/AuditPage-BE0XIUl2.js +1 -0
  6. package/admin/assets/{BlockEditor-DDsml97y.js → BlockEditor-6wqsThJ7.js} +40 -40
  7. package/admin/assets/{BlockTypeEditPage-Cg7BifaZ.js → BlockTypeEditPage-CuNJfZw0.js} +1 -1
  8. package/admin/assets/{BlockTypesPage-BDFj8TSL.js → BlockTypesPage-BIMBVxBs.js} +1 -1
  9. package/admin/assets/{BulkActionBar-CastJGEP.js → BulkActionBar-TRiXXLQd.js} +1 -1
  10. package/admin/assets/{CollectionEditPage-DGW4iMfo.js → CollectionEditPage-BqX_0cC2.js} +1 -1
  11. package/admin/assets/{CollectionsPage-C8XNxRda.js → CollectionsPage-ClplrxNn.js} +1 -1
  12. package/admin/assets/{ContentCreatePage-CX4aOzTR.js → ContentCreatePage-DfYcEH1u.js} +1 -1
  13. package/admin/assets/ContentEditPage-D3Rvlktk.js +2 -0
  14. package/admin/assets/ContentListPage-zmO8Is4d.js +1 -0
  15. package/admin/assets/{CustomBlockPreview-DfDOcbmR.js → CustomBlockPreview-C6HqS4xv.js} +1 -1
  16. package/admin/assets/{FieldBuilder-8VVLG_j0.js → FieldBuilder-36tfpSyM.js} +1 -1
  17. package/admin/assets/{FilterBar-JCp03kkK.js → FilterBar-DhRwTqFv.js} +1 -1
  18. package/admin/assets/{LoginPage-gPNC9XRN.js → LoginPage-DutieANA.js} +1 -1
  19. package/admin/assets/MediaField-J2TLG_fu.js +1 -0
  20. package/admin/assets/{MediaPage-D9763lEk.js → MediaPage-DZZKMGF4.js} +1 -1
  21. package/admin/assets/{RelationshipPicker-D7dFI43Q.js → RelationshipPicker-CDFs4TMW.js} +1 -1
  22. package/admin/assets/SiteSettingsPage-BtCC3RKc.js +1 -0
  23. package/admin/assets/SiteUserEditPage-ClHmp0T-.js +1 -0
  24. package/admin/assets/SiteUsersPage-AyJvcVM7.js +1 -0
  25. package/admin/assets/{SitesPage-BFIZ3Y5K.js → SitesPage-Bw_WBN6v.js} +1 -1
  26. package/admin/assets/SubmissionDetailPage-DS08LGxd.js +1 -0
  27. package/admin/assets/{SubmissionEditPage-PgowJuvq.js → SubmissionEditPage-Brf-DK2X.js} +1 -1
  28. package/admin/assets/{SubmissionListPage-HFDQxPhn.js → SubmissionListPage-DNMzQZHS.js} +1 -1
  29. package/admin/assets/{TagInput-CDkKZboX.js → TagInput-BILCaC9b.js} +1 -1
  30. package/admin/assets/{TagsPage-BW15-W4H.js → TagsPage-DdeZokow.js} +1 -1
  31. package/admin/assets/{UsersPage-C-zlDeTy.js → UsersPage-B0vLxjrg.js} +1 -1
  32. package/admin/assets/{WebhookEditPage-cPPALIbH.js → WebhookEditPage-SlJE4d3z.js} +1 -1
  33. package/admin/assets/{WebhooksPage-vkPC4m9a.js → WebhooksPage-C6lGZLpr.js} +1 -1
  34. package/admin/assets/{card-10FqkZPA.js → card-hXVtlM0q.js} +1 -1
  35. package/admin/assets/{checkbox-fC1QPb_4.js → checkbox-WGrS3sUr.js} +1 -1
  36. package/admin/assets/{command-BeacdV75.js → command-fvBFHye4.js} +1 -1
  37. package/admin/assets/{index-wYNPRVrc.js → index-Cir9tY_P.js} +5 -5
  38. package/admin/assets/index-DACBYsKM.css +1 -0
  39. package/admin/assets/{popover-BJDj8C6y.js → popover-D5_HjjUC.js} +1 -1
  40. package/admin/assets/{select-BV3jemT6.js → select-_uJYxzeZ.js} +1 -1
  41. package/admin/assets/serializeToText-DR_WnxiI.js +2 -0
  42. package/admin/assets/{table-WkEcC9MH.js → table-DLoIbCQ5.js} +1 -1
  43. package/admin/assets/{textarea-CHQ9tT69.js → textarea-vSXNxwTe.js} +1 -1
  44. package/admin/assets/useAdminResolver-D-LlmquD.js +1 -0
  45. package/admin/assets/useContent-e8beBIuq.js +1 -0
  46. package/admin/assets/{useContentSearch-B-_p0_QX.js → useContentSearch-DOjveB9t.js} +1 -1
  47. package/admin/assets/{useMedia-m6zKB__r.js → useMedia-e3sqWm_t.js} +1 -1
  48. package/admin/assets/{usePageTitle-Bwf-MpTD.js → usePageTitle-BNSba9_L.js} +1 -1
  49. package/admin/assets/useSiteUsers-BdnvuM2E.js +1 -0
  50. package/admin/assets/{useTags-CLPWVUB3.js → useTags-f7AVSLuj.js} +1 -1
  51. package/admin/assets/{useWebhooks-no0l3-mF.js → useWebhooks-BH_r8-Mo.js} +1 -1
  52. package/admin/index.html +2 -2
  53. package/admin/sw.js +1 -1
  54. package/dist/cdn.d.ts.map +1 -1
  55. package/dist/cdn.js +179 -19
  56. package/dist/cdn.js.map +1 -1
  57. package/lambda/api/bootstrap +0 -0
  58. package/lambda/image-lambda/node_modules/@img/sharp-linux-arm64/lib/sharp-linux-arm64.node +0 -0
  59. package/lambda/image-lambda/node_modules/semver/bin/semver.js +0 -0
  60. package/lambda/webhook-worker/bootstrap +0 -0
  61. package/package.json +10 -10
  62. package/src/cdn.ts +184 -19
  63. package/admin/assets/AllContentPage-C11eeRMt.js +0 -1
  64. package/admin/assets/AuditPage-DJNk7IaW.js +0 -1
  65. package/admin/assets/ContentEditPage-Dj3RK2BF.js +0 -2
  66. package/admin/assets/ContentListPage-CoDanHrR.js +0 -1
  67. package/admin/assets/MediaField-Du7_gRse.js +0 -1
  68. package/admin/assets/SiteSettingsPage-Tfiex2yn.js +0 -1
  69. package/admin/assets/SiteUsersPage-CSV8syR3.js +0 -1
  70. package/admin/assets/SubmissionDetailPage-8vtUQsLd.js +0 -1
  71. package/admin/assets/index-Do_SK4Zl.css +0 -1
  72. package/admin/assets/serializeToText-BJy0Ms5I.js +0 -2
  73. package/admin/assets/useAdminResolver-CpZj93vH.js +0 -1
  74. package/admin/assets/useContent-D8yDRTTy.js +0 -1
  75. package/admin/assets/useSiteUsers-QbiItSH1.js +0 -1
package/dist/cdn.js CHANGED
@@ -71,14 +71,8 @@ export function createCdn(name, args) {
71
71
  var keyHash = crypto.createHash('sha256').update(apiKeyHeader.value).digest('hex');
72
72
  var hashPrefix = keyHash.substring(0, 8);
73
73
 
74
- // Fetch API key hash and version in parallel
75
- var results = await Promise.all([
76
- kvsHandle.get('site:' + site + ':key:' + hashPrefix).catch(function() { return null; }),
77
- kvsHandle.get('site:' + site + ':version').catch(function() { return '0'; }),
78
- ]);
79
-
80
- var storedHash = results[0];
81
- var versionResult = results[1];
74
+ // Fetch the stored API key hash from KVS
75
+ var storedHash = await kvsHandle.get('site:' + site + ':key:' + hashPrefix).catch(function() { return null; });
82
76
 
83
77
  // Validate API key - compare full hash
84
78
  if (!storedHash || storedHash !== keyHash) {
@@ -90,9 +84,6 @@ export function createCdn(name, args) {
90
84
  };
91
85
  }
92
86
 
93
- // Add version header for cache key discrimination
94
- request.headers['x-site-version'] = { value: versionResult || '0' };
95
-
96
87
  return request;
97
88
  }
98
89
  `,
@@ -136,12 +127,17 @@ export function createCdn(name, args) {
136
127
  cookiesConfig: { cookieBehavior: "none" },
137
128
  headersConfig: {
138
129
  headerBehavior: "whitelist",
139
- headers: { items: ["x-site-version"] },
130
+ headers: { items: ["x-headroom-version"] },
140
131
  },
141
132
  queryStringsConfig: {
142
133
  queryStringBehavior: "whitelist",
143
134
  queryStrings: {
144
- items: ["collection", "limit", "cursor", "before", "after", "tag", "relatedTo", "relField", "sort"],
135
+ // `select` MUST be in the cache key — without it, CloudFront
136
+ // will serve whichever variant (meta / full / title,cover)
137
+ // populated the cache entry first for every subsequent
138
+ // variant on the same URL, silently corrupting SDK consumers.
139
+ // See the single-item GET fix in handler/content.go.
140
+ items: ["collection", "limit", "cursor", "before", "after", "tag", "relatedTo", "relField", "sort", "select"],
145
141
  },
146
142
  },
147
143
  enableAcceptEncodingBrotli: true,
@@ -181,6 +177,20 @@ export function createCdn(name, args) {
181
177
  enableAcceptEncodingGzip: true,
182
178
  },
183
179
  });
180
+ const versionCachePolicy = new aws.cloudfront.CachePolicy(`${name}VersionCachePolicy`, {
181
+ name: $interpolate `${$app.name}-${$app.stage}-version-cache`,
182
+ comment: "Short-TTL cache for /version to absorb client polling",
183
+ minTtl: 0,
184
+ defaultTtl: 2,
185
+ maxTtl: 2,
186
+ parametersInCacheKeyAndForwardedToOrigin: {
187
+ cookiesConfig: { cookieBehavior: "none" },
188
+ headersConfig: { headerBehavior: "none" },
189
+ queryStringsConfig: { queryStringBehavior: "none" },
190
+ enableAcceptEncodingBrotli: true,
191
+ enableAcceptEncodingGzip: true,
192
+ },
193
+ });
184
194
  // =========================================================================
185
195
  // Origin Request Policy
186
196
  // =========================================================================
@@ -193,16 +203,27 @@ export function createCdn(name, args) {
193
203
  headers: {
194
204
  items: [
195
205
  "x-headroom-key",
206
+ "x-headroom-session",
196
207
  "content-type",
197
208
  "accept",
198
- "x-site-version",
209
+ "x-headroom-version",
199
210
  ],
200
211
  },
201
212
  },
202
213
  queryStringsConfig: { queryStringBehavior: "all" },
203
214
  });
204
- // Managed AllViewerExceptHostHeader policy for admin paths
205
- const adminOriginRequestPolicyId = "b689b0a8-53d0-40ab-baf2-68738e2966ac";
215
+ // Managed AllViewerExceptHostHeader policy forwards every viewer header
216
+ // except Host, including `Authorization`. CloudFront reserves certain
217
+ // headers (notably `Authorization`) and refuses to include them in a
218
+ // *custom* origin request policy, so paths that need bearer tokens at the
219
+ // origin must use this managed policy. It's used by `/v1/admin/*` as well
220
+ // as the site-user authenticated `/v1/*/auth/*` and `/v1/*/users/*`
221
+ // behaviors below. Safe to pair with the CachingDisabled policy — no cache
222
+ // key means no cross-user response leakage.
223
+ const allViewerExceptHostOriginRequestPolicyId = "b689b0a8-53d0-40ab-baf2-68738e2966ac";
224
+ // Managed CachingDisabled policy ID — used by admin and the site-user
225
+ // authenticated behaviors below.
226
+ const cachingDisabledPolicyId = "4135ea2d-6df8-44a3-9df3-4b5a84be39ad";
206
227
  // =========================================================================
207
228
  // Origin Access Controls (OAC)
208
229
  // =========================================================================
@@ -321,8 +342,147 @@ export function createCdn(name, args) {
321
342
  ],
322
343
  cachedMethods: ["GET", "HEAD", "OPTIONS"],
323
344
  compress: true,
324
- cachePolicyId: "4135ea2d-6df8-44a3-9df3-4b5a84be39ad",
325
- originRequestPolicyId: adminOriginRequestPolicyId,
345
+ cachePolicyId: cachingDisabledPolicyId,
346
+ originRequestPolicyId: allViewerExceptHostOriginRequestPolicyId,
347
+ },
348
+ // Site-user authenticated paths: no caching, forwards Authorization.
349
+ // Covers OTP request/verify, GET/refresh session, and PATCH
350
+ // /v1/{site}/users/me. Caching is disabled because the cache key
351
+ // does not include user identity — caching authenticated responses
352
+ // here would leak data between users. The edge function still runs
353
+ // for API key validation.
354
+ {
355
+ pathPattern: "/v1/*/auth/*",
356
+ targetOriginId: "api",
357
+ viewerProtocolPolicy: "redirect-to-https",
358
+ allowedMethods: [
359
+ "GET",
360
+ "HEAD",
361
+ "OPTIONS",
362
+ "PUT",
363
+ "POST",
364
+ "PATCH",
365
+ "DELETE",
366
+ ],
367
+ cachedMethods: ["GET", "HEAD", "OPTIONS"],
368
+ compress: true,
369
+ cachePolicyId: cachingDisabledPolicyId,
370
+ originRequestPolicyId: allViewerExceptHostOriginRequestPolicyId,
371
+ functionAssociations: [
372
+ {
373
+ eventType: "viewer-request",
374
+ functionArn: edgeFunction.arn,
375
+ },
376
+ ],
377
+ },
378
+ // Version endpoint: short-TTL cache (2s) shared across all consumers
379
+ // for a given site. The edge function still runs for API key
380
+ // validation. Placed before /v1/*/users/* and the default behavior
381
+ // because CloudFront evaluates path patterns in order, first match wins.
382
+ //
383
+ // NOTE: pathPattern "/v1/*/version" matches exact "/version" only.
384
+ // CloudFront's `*` wildcard does not span path segments, so any
385
+ // future /version/* sub-routes need their own behavior.
386
+ {
387
+ pathPattern: "/v1/*/version",
388
+ targetOriginId: "api",
389
+ viewerProtocolPolicy: "redirect-to-https",
390
+ allowedMethods: ["GET", "HEAD", "OPTIONS"],
391
+ cachedMethods: ["GET", "HEAD", "OPTIONS"],
392
+ compress: true,
393
+ cachePolicyId: versionCachePolicy.id,
394
+ originRequestPolicyId: originRequestPolicy.id,
395
+ functionAssociations: [
396
+ {
397
+ eventType: "viewer-request",
398
+ functionArn: edgeFunction.arn,
399
+ },
400
+ ],
401
+ },
402
+ {
403
+ pathPattern: "/v1/*/users/*",
404
+ targetOriginId: "api",
405
+ viewerProtocolPolicy: "redirect-to-https",
406
+ allowedMethods: [
407
+ "GET",
408
+ "HEAD",
409
+ "OPTIONS",
410
+ "PUT",
411
+ "POST",
412
+ "PATCH",
413
+ "DELETE",
414
+ ],
415
+ cachedMethods: ["GET", "HEAD", "OPTIONS"],
416
+ compress: true,
417
+ cachePolicyId: cachingDisabledPolicyId,
418
+ originRequestPolicyId: allViewerExceptHostOriginRequestPolicyId,
419
+ functionAssociations: [
420
+ {
421
+ eventType: "viewer-request",
422
+ functionArn: edgeFunction.arn,
423
+ },
424
+ ],
425
+ },
426
+ // Submissions: never cached. The full lifecycle lives here
427
+ // (GET list/get/mine/batch, POST create/batch, PUT update), so the
428
+ // allowedMethods list is full. Writes go through CloudFront now that
429
+ // Phase 2 moved create/update off the old /submit/* verb routes.
430
+ // Uses the custom originRequestPolicy (not AllViewerExceptHost)
431
+ // because x-headroom-key and x-headroom-session are the trust
432
+ // boundary here — no Authorization header is involved.
433
+ //
434
+ // Two path patterns are registered because CloudFront pattern matching
435
+ // does not treat `/v1/*/submissions/*` as matching the bare
436
+ // `/v1/{site}/submissions` (no trailing slash) — which is where POST
437
+ // create and GET list land. Both entries share the same policies and
438
+ // edge function association.
439
+ {
440
+ pathPattern: "/v1/*/submissions",
441
+ targetOriginId: "api",
442
+ viewerProtocolPolicy: "redirect-to-https",
443
+ allowedMethods: [
444
+ "GET",
445
+ "HEAD",
446
+ "OPTIONS",
447
+ "PUT",
448
+ "POST",
449
+ "PATCH",
450
+ "DELETE",
451
+ ],
452
+ cachedMethods: ["GET", "HEAD", "OPTIONS"],
453
+ compress: true,
454
+ cachePolicyId: cachingDisabledPolicyId,
455
+ originRequestPolicyId: originRequestPolicy.id,
456
+ functionAssociations: [
457
+ {
458
+ eventType: "viewer-request",
459
+ functionArn: edgeFunction.arn,
460
+ },
461
+ ],
462
+ },
463
+ {
464
+ pathPattern: "/v1/*/submissions/*",
465
+ targetOriginId: "api",
466
+ viewerProtocolPolicy: "redirect-to-https",
467
+ allowedMethods: [
468
+ "GET",
469
+ "HEAD",
470
+ "OPTIONS",
471
+ "PUT",
472
+ "POST",
473
+ "PATCH",
474
+ "DELETE",
475
+ ],
476
+ cachedMethods: ["GET", "HEAD", "OPTIONS"],
477
+ compress: true,
478
+ cachePolicyId: cachingDisabledPolicyId,
479
+ originRequestPolicyId: originRequestPolicy.id,
480
+ functionAssociations: [
481
+ {
482
+ eventType: "viewer-request",
483
+ functionArn: edgeFunction.arn,
484
+ },
485
+ ],
326
486
  },
327
487
  // Media originals: served directly from S3 via OAC
328
488
  {
@@ -358,7 +518,7 @@ export function createCdn(name, args) {
358
518
  allowedMethods: ["GET", "HEAD"],
359
519
  cachedMethods: ["GET", "HEAD"],
360
520
  compress: true,
361
- cachePolicyId: "4135ea2d-6df8-44a3-9df3-4b5a84be39ad",
521
+ cachePolicyId: cachingDisabledPolicyId,
362
522
  originRequestPolicyId: originRequestPolicy.id,
363
523
  },
364
524
  ],
package/dist/cdn.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"cdn.js","sourceRoot":"","sources":["../src/cdn.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAmBH,MAAM,UAAU,SAAS,CAAC,IAAY,EAAE,IAAa;IACnD,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,aAAa,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IAChD,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC;IAE7C,oEAAoE;IACpE,MAAM,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAW,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAG,CAAC,CAAC;IAEtE,4EAA4E;IAC5E,iCAAiC;IACjC,4EAA4E;IAC5E,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,UAAU,EAAE;QAClE,IAAI,EAAE,YAAY,CAAA,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,YAAY;QACxD,OAAO,EAAE,mBAAmB;QAC5B,OAAO,EAAE,IAAI;QACb,yBAAyB,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC;QACpC,IAAI,EAAE,YAAY,CAAA;;;;qBAID,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA0EzB;KACA,CAAC,CAAC;IAEH,4EAA4E;IAC5E,qCAAqC;IACrC,4EAA4E;IAC5E,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,QAAQ,CACtD,GAAG,IAAI,cAAc,EACrB;QACE,IAAI,EAAE,YAAY,CAAA,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,gBAAgB;QAC5D,OAAO,EAAE,mBAAmB;QAC5B,OAAO,EAAE,IAAI;QACb,IAAI,EAAE;;;;;;;;;;;;;;;;;GAiBT;KACE,CACF,CAAC;IAEF,4EAA4E;IAC5E,iBAAiB;IACjB,4EAA4E;IAE5E,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,WAAW,CACnD,GAAG,IAAI,gBAAgB,EACvB;QACE,IAAI,EAAE,YAAY,CAAA,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,YAAY;QACxD,OAAO,EACL,gEAAgE;QAClE,UAAU,EAAE,WAAW;QACvB,MAAM,EAAE,KAAK;QACb,MAAM,EAAE,CAAC;QACT,wCAAwC,EAAE;YACxC,aAAa,EAAE,EAAE,cAAc,EAAE,MAAM,EAAE;YACzC,aAAa,EAAE;gBACb,cAAc,EAAE,WAAW;gBAC3B,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,gBAAgB,CAAC,EAAE;aACvC;YACD,kBAAkB,EAAE;gBAClB,mBAAmB,EAAE,WAAW;gBAChC,YAAY,EAAE;oBACZ,KAAK,EAAE,CAAC,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,CAAC;iBACpG;aACF;YACD,0BAA0B,EAAE,IAAI;YAChC,wBAAwB,EAAE,IAAI;SAC/B;KACF,CACF,CAAC;IAEF,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,WAAW,CACrD,GAAG,IAAI,kBAAkB,EACzB;QACE,IAAI,EAAE,YAAY,CAAA,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,cAAc;QAC1D,OAAO,EAAE,iDAAiD;QAC1D,UAAU,EAAE,QAAQ;QACpB,MAAM,EAAE,QAAQ;QAChB,MAAM,EAAE,QAAQ;QAChB,wCAAwC,EAAE;YACxC,aAAa,EAAE,EAAE,cAAc,EAAE,MAAM,EAAE;YACzC,aAAa,EAAE,EAAE,cAAc,EAAE,MAAM,EAAE;YACzC,kBAAkB,EAAE;gBAClB,mBAAmB,EAAE,WAAW;gBAChC,YAAY,EAAE;oBACZ,KAAK,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,EAAE,KAAK,CAAC;iBAC/C;aACF;YACD,0BAA0B,EAAE,IAAI;YAChC,wBAAwB,EAAE,IAAI;SAC/B;KACF,CACF,CAAC;IAEF,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,WAAW,CACrD,GAAG,IAAI,kBAAkB,EACzB;QACE,IAAI,EAAE,YAAY,CAAA,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,cAAc;QAC1D,OAAO,EAAE,mDAAmD;QAC5D,UAAU,EAAE,QAAQ;QACpB,MAAM,EAAE,QAAQ;QAChB,MAAM,EAAE,QAAQ;QAChB,wCAAwC,EAAE;YACxC,aAAa,EAAE,EAAE,cAAc,EAAE,MAAM,EAAE;YACzC,aAAa,EAAE,EAAE,cAAc,EAAE,MAAM,EAAE;YACzC,kBAAkB,EAAE,EAAE,mBAAmB,EAAE,MAAM,EAAE;YACnD,0BAA0B,EAAE,IAAI;YAChC,wBAAwB,EAAE,IAAI;SAC/B;KACF,CACF,CAAC;IAEF,4EAA4E;IAC5E,wBAAwB;IACxB,4EAA4E;IAE5E,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAChE,GAAG,IAAI,qBAAqB,EAC5B;QACE,IAAI,EAAE,YAAY,CAAA,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,iBAAiB;QAC7D,OAAO,EAAE,4CAA4C;QACrD,aAAa,EAAE,EAAE,cAAc,EAAE,MAAM,EAAE;QACzC,aAAa,EAAE;YACb,cAAc,EAAE,WAAW;YAC3B,OAAO,EAAE;gBACP,KAAK,EAAE;oBACL,gBAAgB;oBAChB,cAAc;oBACd,QAAQ;oBACR,gBAAgB;iBACjB;aACF;SACF;QACD,kBAAkB,EAAE,EAAE,mBAAmB,EAAE,KAAK,EAAE;KACnD,CACF,CAAC;IAEF,2DAA2D;IAC3D,MAAM,0BAA0B,GAC9B,sCAAsC,CAAC;IAEzC,4EAA4E;IAC5E,+BAA+B;IAC/B,4EAA4E;IAE5E,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC,GAAG,IAAI,UAAU,EAAE;QACzE,IAAI,EAAE,YAAY,CAAA,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,YAAY;QACxD,WAAW,EAAE,yBAAyB;QACtC,6BAA6B,EAAE,IAAI;QACnC,eAAe,EAAE,QAAQ;QACzB,eAAe,EAAE,OAAO;KACzB,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC,GAAG,IAAI,UAAU,EAAE;QACzE,IAAI,EAAE,YAAY,CAAA,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,YAAY;QACxD,WAAW,EAAE,uCAAuC;QACpD,6BAA6B,EAAE,QAAQ;QACvC,eAAe,EAAE,QAAQ;QACzB,eAAe,EAAE,OAAO;KACzB,CAAC,CAAC;IAEH,4EAA4E;IAC5E,0BAA0B;IAC1B,4EAA4E;IAE5E,MAAM,YAAY,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAW,EAAE,EAAE;QACrD,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,OAAO,MAAM,CAAC,QAAQ,CAAC;IACzB,CAAC,CAAC,CAAC;IAEH,MAAM,iBAAiB,GAAG,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAW,EAAE,EAAE;QACpE,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,OAAO,MAAM,CAAC,QAAQ,CAAC;IACzB,CAAC,CAAC,CAAC;IAEH,MAAM,gBAAgB,GAAG,YAAY,CAAA,GAAG,aAAa,CAAC,IAAI,OAAO,GAAG,CAAC,eAAe,EAAE,CAAC,IAAI,gBAAgB,CAAC;IAE5G,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,gBAAgB,CAAC;IAEvD,yDAAyD;IACzD,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAC7D,MAAM,iBAAiB,GAAG,IAAI,CAAC,MAAM;QACnC,CAAC,CAAC;YACE,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc;YAC7C,gBAAgB,EAAE,UAAmB;YACrC,sBAAsB,EAAE,cAAuB;SAChD;QACH,CAAC,CAAC;YACE,4BAA4B,EAAE,IAAI;SACnC,CAAC;IAEN,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,YAAY,CAClD,GAAG,IAAI,cAAc,EACrB;QACE,OAAO,EAAE,IAAI;QACb,OAAO,EAAE,YAAY,CAAA,sBAAsB,IAAI,CAAC,KAAK,EAAE;QACvD,WAAW,EAAE,WAAW;QACxB,UAAU;QACV,OAAO;QAEP,OAAO,EAAE;YACP;gBACE,QAAQ,EAAE,KAAK;gBACf,UAAU,EAAE,YAAY;gBACxB,kBAAkB,EAAE;oBAClB,QAAQ,EAAE,EAAE;oBACZ,SAAS,EAAE,GAAG;oBACd,oBAAoB,EAAE,YAAY;oBAClC,kBAAkB,EAAE,CAAC,SAAS,CAAC;iBAChC;aACF;YACD;gBACE,QAAQ,EAAE,UAAU;gBACpB,UAAU,EAAE,gBAAgB;gBAC5B,qBAAqB,EAAE,QAAQ,CAAC,EAAE;gBAClC,cAAc,EAAE;oBACd,oBAAoB,EAAE,EAAE;iBACzB;aACF;YACD;gBACE,QAAQ,EAAE,cAAc;gBACxB,UAAU,EAAE,iBAAiB;gBAC7B,qBAAqB,EAAE,QAAQ,CAAC,EAAE;gBAClC,kBAAkB,EAAE;oBAClB,QAAQ,EAAE,EAAE;oBACZ,SAAS,EAAE,GAAG;oBACd,oBAAoB,EAAE,YAAY;oBAClC,kBAAkB,EAAE,CAAC,SAAS,CAAC;iBAChC;aACF;SACF;QAED,oBAAoB,EAAE;YACpB,cAAc,EAAE,KAAK;YACrB,oBAAoB,EAAE,mBAAmB;YACzC,cAAc,EAAE;gBACd,KAAK;gBACL,MAAM;gBACN,SAAS;gBACT,KAAK;gBACL,MAAM;gBACN,OAAO;gBACP,QAAQ;aACT;YACD,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YACzC,QAAQ,EAAE,IAAI;YACd,aAAa,EAAE,cAAc,CAAC,EAAE;YAChC,qBAAqB,EAAE,mBAAmB,CAAC,EAAE;YAC7C,oBAAoB,EAAE;gBACpB;oBACE,SAAS,EAAE,gBAAgB;oBAC3B,WAAW,EAAE,YAAY,CAAC,GAAG;iBAC9B;aACF;SACF;QAED,qBAAqB,EAAE;YACrB,yDAAyD;YACzD;gBACE,WAAW,EAAE,aAAa;gBAC1B,cAAc,EAAE,KAAK;gBACrB,oBAAoB,EAAE,mBAAmB;gBACzC,cAAc,EAAE;oBACd,KAAK;oBACL,MAAM;oBACN,SAAS;oBACT,KAAK;oBACL,MAAM;oBACN,OAAO;oBACP,QAAQ;iBACT;gBACD,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;gBACzC,QAAQ,EAAE,IAAI;gBACd,aAAa,EAAE,sCAAsC;gBACrD,qBAAqB,EAAE,0BAA0B;aAClD;YACD,mDAAmD;YACnD;gBACE,WAAW,EAAE,UAAU;gBACvB,cAAc,EAAE,UAAU;gBAC1B,oBAAoB,EAAE,mBAAmB;gBACzC,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;gBAC1C,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;gBACzC,QAAQ,EAAE,IAAI;gBACd,aAAa,EAAE,gBAAgB,CAAC,EAAE;gBAClC,oBAAoB,EAAE;oBACpB;wBACE,SAAS,EAAE,gBAAgB;wBAC3B,WAAW,EAAE,oBAAoB,CAAC,GAAG;qBACtC;iBACF;aACF;YACD,4CAA4C;YAC5C;gBACE,WAAW,EAAE,QAAQ;gBACrB,cAAc,EAAE,cAAc;gBAC9B,oBAAoB,EAAE,mBAAmB;gBACzC,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;gBAC1C,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;gBACzC,QAAQ,EAAE,IAAI;gBACd,aAAa,EAAE,gBAAgB,CAAC,EAAE;aACnC;YACD,uCAAuC;YACvC;gBACE,WAAW,EAAE,SAAS;gBACtB,cAAc,EAAE,KAAK;gBACrB,oBAAoB,EAAE,mBAAmB;gBACzC,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC;gBAC/B,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC;gBAC9B,QAAQ,EAAE,IAAI;gBACd,aAAa,EAAE,sCAAsC;gBACrD,qBAAqB,EAAE,mBAAmB,CAAC,EAAE;aAC9C;SACF;QAED,YAAY,EAAE;YACZ,cAAc,EAAE,EAAE,eAAe,EAAE,MAAM,EAAE;SAC5C;QAED,iBAAiB;KAClB,CACF,CAAC;IAEF,sDAAsD;IACtD,IAAI,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,IAAI,yBAAyB,EAAE;QAC1D,MAAM,EAAE,0BAA0B;QAClC,QAAQ,EAAE,KAAK,CAAC,WAAW,CAAC,IAAI;QAChC,SAAS,EAAE,0BAA0B;QACrC,SAAS,EAAE,YAAY,CAAC,GAAG;KAC5B,CAAC,CAAC;IAEH,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM;QACrB,CAAC,CAAC,YAAY,CAAA,WAAW,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE;QAC3C,CAAC,CAAC,YAAY,CAAA,WAAW,YAAY,CAAC,UAAU,EAAE,CAAC;IAErD,OAAO,EAAE,YAAY,EAAE,GAAG,EAAE,CAAC;AAC/B,CAAC"}
1
+ {"version":3,"file":"cdn.js","sourceRoot":"","sources":["../src/cdn.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAmBH,MAAM,UAAU,SAAS,CAAC,IAAY,EAAE,IAAa;IACnD,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,aAAa,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IAChD,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC;IAE7C,oEAAoE;IACpE,MAAM,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAW,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAG,CAAC,CAAC;IAEtE,4EAA4E;IAC5E,iCAAiC;IACjC,4EAA4E;IAC5E,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,IAAI,UAAU,EAAE;QAClE,IAAI,EAAE,YAAY,CAAA,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,YAAY;QACxD,OAAO,EAAE,mBAAmB;QAC5B,OAAO,EAAE,IAAI;QACb,yBAAyB,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC;QACpC,IAAI,EAAE,YAAY,CAAA;;;;qBAID,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiEzB;KACA,CAAC,CAAC;IAEH,4EAA4E;IAC5E,qCAAqC;IACrC,4EAA4E;IAC5E,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,QAAQ,CACtD,GAAG,IAAI,cAAc,EACrB;QACE,IAAI,EAAE,YAAY,CAAA,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,gBAAgB;QAC5D,OAAO,EAAE,mBAAmB;QAC5B,OAAO,EAAE,IAAI;QACb,IAAI,EAAE;;;;;;;;;;;;;;;;;GAiBT;KACE,CACF,CAAC;IAEF,4EAA4E;IAC5E,iBAAiB;IACjB,4EAA4E;IAE5E,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,WAAW,CACnD,GAAG,IAAI,gBAAgB,EACvB;QACE,IAAI,EAAE,YAAY,CAAA,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,YAAY;QACxD,OAAO,EACL,gEAAgE;QAClE,UAAU,EAAE,WAAW;QACvB,MAAM,EAAE,KAAK;QACb,MAAM,EAAE,CAAC;QACT,wCAAwC,EAAE;YACxC,aAAa,EAAE,EAAE,cAAc,EAAE,MAAM,EAAE;YACzC,aAAa,EAAE;gBACb,cAAc,EAAE,WAAW;gBAC3B,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,oBAAoB,CAAC,EAAE;aAC3C;YACD,kBAAkB,EAAE;gBAClB,mBAAmB,EAAE,WAAW;gBAChC,YAAY,EAAE;oBACZ,6DAA6D;oBAC7D,2DAA2D;oBAC3D,uDAAuD;oBACvD,8DAA8D;oBAC9D,qDAAqD;oBACrD,KAAK,EAAE,CAAC,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,CAAC;iBAC9G;aACF;YACD,0BAA0B,EAAE,IAAI;YAChC,wBAAwB,EAAE,IAAI;SAC/B;KACF,CACF,CAAC;IAEF,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,WAAW,CACrD,GAAG,IAAI,kBAAkB,EACzB;QACE,IAAI,EAAE,YAAY,CAAA,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,cAAc;QAC1D,OAAO,EAAE,iDAAiD;QAC1D,UAAU,EAAE,QAAQ;QACpB,MAAM,EAAE,QAAQ;QAChB,MAAM,EAAE,QAAQ;QAChB,wCAAwC,EAAE;YACxC,aAAa,EAAE,EAAE,cAAc,EAAE,MAAM,EAAE;YACzC,aAAa,EAAE,EAAE,cAAc,EAAE,MAAM,EAAE;YACzC,kBAAkB,EAAE;gBAClB,mBAAmB,EAAE,WAAW;gBAChC,YAAY,EAAE;oBACZ,KAAK,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,EAAE,KAAK,CAAC;iBAC/C;aACF;YACD,0BAA0B,EAAE,IAAI;YAChC,wBAAwB,EAAE,IAAI;SAC/B;KACF,CACF,CAAC;IAEF,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,WAAW,CACrD,GAAG,IAAI,kBAAkB,EACzB;QACE,IAAI,EAAE,YAAY,CAAA,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,cAAc;QAC1D,OAAO,EAAE,mDAAmD;QAC5D,UAAU,EAAE,QAAQ;QACpB,MAAM,EAAE,QAAQ;QAChB,MAAM,EAAE,QAAQ;QAChB,wCAAwC,EAAE;YACxC,aAAa,EAAE,EAAE,cAAc,EAAE,MAAM,EAAE;YACzC,aAAa,EAAE,EAAE,cAAc,EAAE,MAAM,EAAE;YACzC,kBAAkB,EAAE,EAAE,mBAAmB,EAAE,MAAM,EAAE;YACnD,0BAA0B,EAAE,IAAI;YAChC,wBAAwB,EAAE,IAAI;SAC/B;KACF,CACF,CAAC;IAEF,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,WAAW,CACvD,GAAG,IAAI,oBAAoB,EAC3B;QACE,IAAI,EAAE,YAAY,CAAA,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,gBAAgB;QAC5D,OAAO,EAAE,uDAAuD;QAChE,MAAM,EAAE,CAAC;QACT,UAAU,EAAE,CAAC;QACb,MAAM,EAAE,CAAC;QACT,wCAAwC,EAAE;YACxC,aAAa,EAAE,EAAE,cAAc,EAAE,MAAM,EAAE;YACzC,aAAa,EAAE,EAAE,cAAc,EAAE,MAAM,EAAE;YACzC,kBAAkB,EAAE,EAAE,mBAAmB,EAAE,MAAM,EAAE;YACnD,0BAA0B,EAAE,IAAI;YAChC,wBAAwB,EAAE,IAAI;SAC/B;KACF,CACF,CAAC;IAEF,4EAA4E;IAC5E,wBAAwB;IACxB,4EAA4E;IAE5E,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAChE,GAAG,IAAI,qBAAqB,EAC5B;QACE,IAAI,EAAE,YAAY,CAAA,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,iBAAiB;QAC7D,OAAO,EAAE,4CAA4C;QACrD,aAAa,EAAE,EAAE,cAAc,EAAE,MAAM,EAAE;QACzC,aAAa,EAAE;YACb,cAAc,EAAE,WAAW;YAC3B,OAAO,EAAE;gBACP,KAAK,EAAE;oBACL,gBAAgB;oBAChB,oBAAoB;oBACpB,cAAc;oBACd,QAAQ;oBACR,oBAAoB;iBACrB;aACF;SACF;QACD,kBAAkB,EAAE,EAAE,mBAAmB,EAAE,KAAK,EAAE;KACnD,CACF,CAAC;IAEF,0EAA0E;IAC1E,sEAAsE;IACtE,qEAAqE;IACrE,0EAA0E;IAC1E,0EAA0E;IAC1E,oEAAoE;IACpE,2EAA2E;IAC3E,4CAA4C;IAC5C,MAAM,wCAAwC,GAC5C,sCAAsC,CAAC;IAEzC,sEAAsE;IACtE,iCAAiC;IACjC,MAAM,uBAAuB,GAAG,sCAAsC,CAAC;IAEvE,4EAA4E;IAC5E,+BAA+B;IAC/B,4EAA4E;IAE5E,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC,GAAG,IAAI,UAAU,EAAE;QACzE,IAAI,EAAE,YAAY,CAAA,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,YAAY;QACxD,WAAW,EAAE,yBAAyB;QACtC,6BAA6B,EAAE,IAAI;QACnC,eAAe,EAAE,QAAQ;QACzB,eAAe,EAAE,OAAO;KACzB,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC,GAAG,IAAI,UAAU,EAAE;QACzE,IAAI,EAAE,YAAY,CAAA,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,YAAY;QACxD,WAAW,EAAE,uCAAuC;QACpD,6BAA6B,EAAE,QAAQ;QACvC,eAAe,EAAE,QAAQ;QACzB,eAAe,EAAE,OAAO;KACzB,CAAC,CAAC;IAEH,4EAA4E;IAC5E,0BAA0B;IAC1B,4EAA4E;IAE5E,MAAM,YAAY,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAW,EAAE,EAAE;QACrD,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,OAAO,MAAM,CAAC,QAAQ,CAAC;IACzB,CAAC,CAAC,CAAC;IAEH,MAAM,iBAAiB,GAAG,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAW,EAAE,EAAE;QACpE,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,OAAO,MAAM,CAAC,QAAQ,CAAC;IACzB,CAAC,CAAC,CAAC;IAEH,MAAM,gBAAgB,GAAG,YAAY,CAAA,GAAG,aAAa,CAAC,IAAI,OAAO,GAAG,CAAC,eAAe,EAAE,CAAC,IAAI,gBAAgB,CAAC;IAE5G,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,gBAAgB,CAAC;IAEvD,yDAAyD;IACzD,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAC7D,MAAM,iBAAiB,GAAG,IAAI,CAAC,MAAM;QACnC,CAAC,CAAC;YACE,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc;YAC7C,gBAAgB,EAAE,UAAmB;YACrC,sBAAsB,EAAE,cAAuB;SAChD;QACH,CAAC,CAAC;YACE,4BAA4B,EAAE,IAAI;SACnC,CAAC;IAEN,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,YAAY,CAClD,GAAG,IAAI,cAAc,EACrB;QACE,OAAO,EAAE,IAAI;QACb,OAAO,EAAE,YAAY,CAAA,sBAAsB,IAAI,CAAC,KAAK,EAAE;QACvD,WAAW,EAAE,WAAW;QACxB,UAAU;QACV,OAAO;QAEP,OAAO,EAAE;YACP;gBACE,QAAQ,EAAE,KAAK;gBACf,UAAU,EAAE,YAAY;gBACxB,kBAAkB,EAAE;oBAClB,QAAQ,EAAE,EAAE;oBACZ,SAAS,EAAE,GAAG;oBACd,oBAAoB,EAAE,YAAY;oBAClC,kBAAkB,EAAE,CAAC,SAAS,CAAC;iBAChC;aACF;YACD;gBACE,QAAQ,EAAE,UAAU;gBACpB,UAAU,EAAE,gBAAgB;gBAC5B,qBAAqB,EAAE,QAAQ,CAAC,EAAE;gBAClC,cAAc,EAAE;oBACd,oBAAoB,EAAE,EAAE;iBACzB;aACF;YACD;gBACE,QAAQ,EAAE,cAAc;gBACxB,UAAU,EAAE,iBAAiB;gBAC7B,qBAAqB,EAAE,QAAQ,CAAC,EAAE;gBAClC,kBAAkB,EAAE;oBAClB,QAAQ,EAAE,EAAE;oBACZ,SAAS,EAAE,GAAG;oBACd,oBAAoB,EAAE,YAAY;oBAClC,kBAAkB,EAAE,CAAC,SAAS,CAAC;iBAChC;aACF;SACF;QAED,oBAAoB,EAAE;YACpB,cAAc,EAAE,KAAK;YACrB,oBAAoB,EAAE,mBAAmB;YACzC,cAAc,EAAE;gBACd,KAAK;gBACL,MAAM;gBACN,SAAS;gBACT,KAAK;gBACL,MAAM;gBACN,OAAO;gBACP,QAAQ;aACT;YACD,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;YACzC,QAAQ,EAAE,IAAI;YACd,aAAa,EAAE,cAAc,CAAC,EAAE;YAChC,qBAAqB,EAAE,mBAAmB,CAAC,EAAE;YAC7C,oBAAoB,EAAE;gBACpB;oBACE,SAAS,EAAE,gBAAgB;oBAC3B,WAAW,EAAE,YAAY,CAAC,GAAG;iBAC9B;aACF;SACF;QAED,qBAAqB,EAAE;YACrB,yDAAyD;YACzD;gBACE,WAAW,EAAE,aAAa;gBAC1B,cAAc,EAAE,KAAK;gBACrB,oBAAoB,EAAE,mBAAmB;gBACzC,cAAc,EAAE;oBACd,KAAK;oBACL,MAAM;oBACN,SAAS;oBACT,KAAK;oBACL,MAAM;oBACN,OAAO;oBACP,QAAQ;iBACT;gBACD,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;gBACzC,QAAQ,EAAE,IAAI;gBACd,aAAa,EAAE,uBAAuB;gBACtC,qBAAqB,EAAE,wCAAwC;aAChE;YACD,qEAAqE;YACrE,4DAA4D;YAC5D,iEAAiE;YACjE,mEAAmE;YACnE,mEAAmE;YACnE,0BAA0B;YAC1B;gBACE,WAAW,EAAE,cAAc;gBAC3B,cAAc,EAAE,KAAK;gBACrB,oBAAoB,EAAE,mBAAmB;gBACzC,cAAc,EAAE;oBACd,KAAK;oBACL,MAAM;oBACN,SAAS;oBACT,KAAK;oBACL,MAAM;oBACN,OAAO;oBACP,QAAQ;iBACT;gBACD,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;gBACzC,QAAQ,EAAE,IAAI;gBACd,aAAa,EAAE,uBAAuB;gBACtC,qBAAqB,EAAE,wCAAwC;gBAC/D,oBAAoB,EAAE;oBACpB;wBACE,SAAS,EAAE,gBAAgB;wBAC3B,WAAW,EAAE,YAAY,CAAC,GAAG;qBAC9B;iBACF;aACF;YACD,qEAAqE;YACrE,6DAA6D;YAC7D,mEAAmE;YACnE,yEAAyE;YACzE,EAAE;YACF,mEAAmE;YACnE,gEAAgE;YAChE,wDAAwD;YACxD;gBACE,WAAW,EAAE,eAAe;gBAC5B,cAAc,EAAE,KAAK;gBACrB,oBAAoB,EAAE,mBAAmB;gBACzC,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;gBAC1C,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;gBACzC,QAAQ,EAAE,IAAI;gBACd,aAAa,EAAE,kBAAkB,CAAC,EAAE;gBACpC,qBAAqB,EAAE,mBAAmB,CAAC,EAAE;gBAC7C,oBAAoB,EAAE;oBACpB;wBACE,SAAS,EAAE,gBAAgB;wBAC3B,WAAW,EAAE,YAAY,CAAC,GAAG;qBAC9B;iBACF;aACF;YACD;gBACE,WAAW,EAAE,eAAe;gBAC5B,cAAc,EAAE,KAAK;gBACrB,oBAAoB,EAAE,mBAAmB;gBACzC,cAAc,EAAE;oBACd,KAAK;oBACL,MAAM;oBACN,SAAS;oBACT,KAAK;oBACL,MAAM;oBACN,OAAO;oBACP,QAAQ;iBACT;gBACD,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;gBACzC,QAAQ,EAAE,IAAI;gBACd,aAAa,EAAE,uBAAuB;gBACtC,qBAAqB,EAAE,wCAAwC;gBAC/D,oBAAoB,EAAE;oBACpB;wBACE,SAAS,EAAE,gBAAgB;wBAC3B,WAAW,EAAE,YAAY,CAAC,GAAG;qBAC9B;iBACF;aACF;YACD,2DAA2D;YAC3D,mEAAmE;YACnE,qEAAqE;YACrE,iEAAiE;YACjE,gEAAgE;YAChE,8DAA8D;YAC9D,uDAAuD;YACvD,EAAE;YACF,uEAAuE;YACvE,4DAA4D;YAC5D,qEAAqE;YACrE,qEAAqE;YACrE,6BAA6B;YAC7B;gBACE,WAAW,EAAE,mBAAmB;gBAChC,cAAc,EAAE,KAAK;gBACrB,oBAAoB,EAAE,mBAAmB;gBACzC,cAAc,EAAE;oBACd,KAAK;oBACL,MAAM;oBACN,SAAS;oBACT,KAAK;oBACL,MAAM;oBACN,OAAO;oBACP,QAAQ;iBACT;gBACD,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;gBACzC,QAAQ,EAAE,IAAI;gBACd,aAAa,EAAE,uBAAuB;gBACtC,qBAAqB,EAAE,mBAAmB,CAAC,EAAE;gBAC7C,oBAAoB,EAAE;oBACpB;wBACE,SAAS,EAAE,gBAAgB;wBAC3B,WAAW,EAAE,YAAY,CAAC,GAAG;qBAC9B;iBACF;aACF;YACD;gBACE,WAAW,EAAE,qBAAqB;gBAClC,cAAc,EAAE,KAAK;gBACrB,oBAAoB,EAAE,mBAAmB;gBACzC,cAAc,EAAE;oBACd,KAAK;oBACL,MAAM;oBACN,SAAS;oBACT,KAAK;oBACL,MAAM;oBACN,OAAO;oBACP,QAAQ;iBACT;gBACD,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;gBACzC,QAAQ,EAAE,IAAI;gBACd,aAAa,EAAE,uBAAuB;gBACtC,qBAAqB,EAAE,mBAAmB,CAAC,EAAE;gBAC7C,oBAAoB,EAAE;oBACpB;wBACE,SAAS,EAAE,gBAAgB;wBAC3B,WAAW,EAAE,YAAY,CAAC,GAAG;qBAC9B;iBACF;aACF;YACD,mDAAmD;YACnD;gBACE,WAAW,EAAE,UAAU;gBACvB,cAAc,EAAE,UAAU;gBAC1B,oBAAoB,EAAE,mBAAmB;gBACzC,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;gBAC1C,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;gBACzC,QAAQ,EAAE,IAAI;gBACd,aAAa,EAAE,gBAAgB,CAAC,EAAE;gBAClC,oBAAoB,EAAE;oBACpB;wBACE,SAAS,EAAE,gBAAgB;wBAC3B,WAAW,EAAE,oBAAoB,CAAC,GAAG;qBACtC;iBACF;aACF;YACD,4CAA4C;YAC5C;gBACE,WAAW,EAAE,QAAQ;gBACrB,cAAc,EAAE,cAAc;gBAC9B,oBAAoB,EAAE,mBAAmB;gBACzC,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;gBAC1C,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC;gBACzC,QAAQ,EAAE,IAAI;gBACd,aAAa,EAAE,gBAAgB,CAAC,EAAE;aACnC;YACD,uCAAuC;YACvC;gBACE,WAAW,EAAE,SAAS;gBACtB,cAAc,EAAE,KAAK;gBACrB,oBAAoB,EAAE,mBAAmB;gBACzC,cAAc,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC;gBAC/B,aAAa,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC;gBAC9B,QAAQ,EAAE,IAAI;gBACd,aAAa,EAAE,uBAAuB;gBACtC,qBAAqB,EAAE,mBAAmB,CAAC,EAAE;aAC9C;SACF;QAED,YAAY,EAAE;YACZ,cAAc,EAAE,EAAE,eAAe,EAAE,MAAM,EAAE;SAC5C;QAED,iBAAiB;KAClB,CACF,CAAC;IAEF,sDAAsD;IACtD,IAAI,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,IAAI,yBAAyB,EAAE;QAC1D,MAAM,EAAE,0BAA0B;QAClC,QAAQ,EAAE,KAAK,CAAC,WAAW,CAAC,IAAI;QAChC,SAAS,EAAE,0BAA0B;QACrC,SAAS,EAAE,YAAY,CAAC,GAAG;KAC5B,CAAC,CAAC;IAEH,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM;QACrB,CAAC,CAAC,YAAY,CAAA,WAAW,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE;QAC3C,CAAC,CAAC,YAAY,CAAA,WAAW,YAAY,CAAC,UAAU,EAAE,CAAC;IAErD,OAAO,EAAE,YAAY,EAAE,GAAG,EAAE,CAAC;AAC/B,CAAC"}
package/lambda/api/bootstrap CHANGED
Binary file
package/lambda/webhook-worker/bootstrap CHANGED
Binary file
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "headroom-cms",
3
- "version": "0.1.6",
3
+ "version": "0.1.8",
4
4
  "description": "Headroom CMS — Serverless headless CMS for AWS, deployed with SST",
5
5
  "type": "module",
6
6
  "main": "dist/index.js",
@@ -17,14 +17,6 @@
17
17
  "admin",
18
18
  "src"
19
19
  ],
20
- "scripts": {
21
- "build": "tsc",
22
- "build:lambdas": "./scripts/build-lambdas.sh",
23
- "build:admin": "./scripts/build-admin.sh",
24
- "build:functions": "./scripts/build-functions.sh",
25
- "build:image-lambda": "./scripts/build-image-lambda.sh",
26
- "build:all": "pnpm build:lambdas && pnpm build:admin && pnpm build:functions && pnpm build:image-lambda && pnpm build"
27
- },
28
20
  "peerDependencies": {
29
21
  "sst": "^4.0.0"
30
22
  },
@@ -46,5 +38,13 @@
46
38
  "@types/node": "^25.3.2",
47
39
  "esbuild": "^0.25.0",
48
40
  "typescript": "^5.9.3"
41
+ },
42
+ "scripts": {
43
+ "build": "tsc",
44
+ "build:lambdas": "./scripts/build-lambdas.sh",
45
+ "build:admin": "./scripts/build-admin.sh",
46
+ "build:functions": "./scripts/build-functions.sh",
47
+ "build:image-lambda": "./scripts/build-image-lambda.sh",
48
+ "build:all": "pnpm build:lambdas && pnpm build:admin && pnpm build:functions && pnpm build:image-lambda && pnpm build"
49
49
  }
50
- }
50
+ }
package/src/cdn.ts CHANGED
@@ -91,14 +91,8 @@ export function createCdn(name: string, args: CdnArgs) {
91
91
  var keyHash = crypto.createHash('sha256').update(apiKeyHeader.value).digest('hex');
92
92
  var hashPrefix = keyHash.substring(0, 8);
93
93
 
94
- // Fetch API key hash and version in parallel
95
- var results = await Promise.all([
96
- kvsHandle.get('site:' + site + ':key:' + hashPrefix).catch(function() { return null; }),
97
- kvsHandle.get('site:' + site + ':version').catch(function() { return '0'; }),
98
- ]);
99
-
100
- var storedHash = results[0];
101
- var versionResult = results[1];
94
+ // Fetch the stored API key hash from KVS
95
+ var storedHash = await kvsHandle.get('site:' + site + ':key:' + hashPrefix).catch(function() { return null; });
102
96
 
103
97
  // Validate API key - compare full hash
104
98
  if (!storedHash || storedHash !== keyHash) {
@@ -110,9 +104,6 @@ export function createCdn(name: string, args: CdnArgs) {
110
104
  };
111
105
  }
112
106
 
113
- // Add version header for cache key discrimination
114
- request.headers['x-site-version'] = { value: versionResult || '0' };
115
-
116
107
  return request;
117
108
  }
118
109
  `,
@@ -165,12 +156,17 @@ export function createCdn(name: string, args: CdnArgs) {
165
156
  cookiesConfig: { cookieBehavior: "none" },
166
157
  headersConfig: {
167
158
  headerBehavior: "whitelist",
168
- headers: { items: ["x-site-version"] },
159
+ headers: { items: ["x-headroom-version"] },
169
160
  },
170
161
  queryStringsConfig: {
171
162
  queryStringBehavior: "whitelist",
172
163
  queryStrings: {
173
- items: ["collection", "limit", "cursor", "before", "after", "tag", "relatedTo", "relField", "sort"],
164
+ // `select` MUST be in the cache key — without it, CloudFront
165
+ // will serve whichever variant (meta / full / title,cover)
166
+ // populated the cache entry first for every subsequent
167
+ // variant on the same URL, silently corrupting SDK consumers.
168
+ // See the single-item GET fix in handler/content.go.
169
+ items: ["collection", "limit", "cursor", "before", "after", "tag", "relatedTo", "relField", "sort", "select"],
174
170
  },
175
171
  },
176
172
  enableAcceptEncodingBrotli: true,
@@ -220,6 +216,24 @@ export function createCdn(name: string, args: CdnArgs) {
220
216
  },
221
217
  );
222
218
 
219
+ const versionCachePolicy = new aws.cloudfront.CachePolicy(
220
+ `${name}VersionCachePolicy`,
221
+ {
222
+ name: $interpolate`${$app.name}-${$app.stage}-version-cache`,
223
+ comment: "Short-TTL cache for /version to absorb client polling",
224
+ minTtl: 0,
225
+ defaultTtl: 2,
226
+ maxTtl: 2,
227
+ parametersInCacheKeyAndForwardedToOrigin: {
228
+ cookiesConfig: { cookieBehavior: "none" },
229
+ headersConfig: { headerBehavior: "none" },
230
+ queryStringsConfig: { queryStringBehavior: "none" },
231
+ enableAcceptEncodingBrotli: true,
232
+ enableAcceptEncodingGzip: true,
233
+ },
234
+ },
235
+ );
236
+
223
237
  // =========================================================================
224
238
  // Origin Request Policy
225
239
  // =========================================================================
@@ -235,9 +249,10 @@ export function createCdn(name: string, args: CdnArgs) {
235
249
  headers: {
236
250
  items: [
237
251
  "x-headroom-key",
252
+ "x-headroom-session",
238
253
  "content-type",
239
254
  "accept",
240
- "x-site-version",
255
+ "x-headroom-version",
241
256
  ],
242
257
  },
243
258
  },
@@ -245,10 +260,21 @@ export function createCdn(name: string, args: CdnArgs) {
245
260
  },
246
261
  );
247
262
 
248
- // Managed AllViewerExceptHostHeader policy for admin paths
249
- const adminOriginRequestPolicyId =
263
+ // Managed AllViewerExceptHostHeader policy forwards every viewer header
264
+ // except Host, including `Authorization`. CloudFront reserves certain
265
+ // headers (notably `Authorization`) and refuses to include them in a
266
+ // *custom* origin request policy, so paths that need bearer tokens at the
267
+ // origin must use this managed policy. It's used by `/v1/admin/*` as well
268
+ // as the site-user authenticated `/v1/*/auth/*` and `/v1/*/users/*`
269
+ // behaviors below. Safe to pair with the CachingDisabled policy — no cache
270
+ // key means no cross-user response leakage.
271
+ const allViewerExceptHostOriginRequestPolicyId =
250
272
  "b689b0a8-53d0-40ab-baf2-68738e2966ac";
251
273
 
274
+ // Managed CachingDisabled policy ID — used by admin and the site-user
275
+ // authenticated behaviors below.
276
+ const cachingDisabledPolicyId = "4135ea2d-6df8-44a3-9df3-4b5a84be39ad";
277
+
252
278
  // =========================================================================
253
279
  // Origin Access Controls (OAC)
254
280
  // =========================================================================
@@ -381,8 +407,147 @@ export function createCdn(name: string, args: CdnArgs) {
381
407
  ],
382
408
  cachedMethods: ["GET", "HEAD", "OPTIONS"],
383
409
  compress: true,
384
- cachePolicyId: "4135ea2d-6df8-44a3-9df3-4b5a84be39ad",
385
- originRequestPolicyId: adminOriginRequestPolicyId,
410
+ cachePolicyId: cachingDisabledPolicyId,
411
+ originRequestPolicyId: allViewerExceptHostOriginRequestPolicyId,
412
+ },
413
+ // Site-user authenticated paths: no caching, forwards Authorization.
414
+ // Covers OTP request/verify, GET/refresh session, and PATCH
415
+ // /v1/{site}/users/me. Caching is disabled because the cache key
416
+ // does not include user identity — caching authenticated responses
417
+ // here would leak data between users. The edge function still runs
418
+ // for API key validation.
419
+ {
420
+ pathPattern: "/v1/*/auth/*",
421
+ targetOriginId: "api",
422
+ viewerProtocolPolicy: "redirect-to-https",
423
+ allowedMethods: [
424
+ "GET",
425
+ "HEAD",
426
+ "OPTIONS",
427
+ "PUT",
428
+ "POST",
429
+ "PATCH",
430
+ "DELETE",
431
+ ],
432
+ cachedMethods: ["GET", "HEAD", "OPTIONS"],
433
+ compress: true,
434
+ cachePolicyId: cachingDisabledPolicyId,
435
+ originRequestPolicyId: allViewerExceptHostOriginRequestPolicyId,
436
+ functionAssociations: [
437
+ {
438
+ eventType: "viewer-request",
439
+ functionArn: edgeFunction.arn,
440
+ },
441
+ ],
442
+ },
443
+ // Version endpoint: short-TTL cache (2s) shared across all consumers
444
+ // for a given site. The edge function still runs for API key
445
+ // validation. Placed before /v1/*/users/* and the default behavior
446
+ // because CloudFront evaluates path patterns in order, first match wins.
447
+ //
448
+ // NOTE: pathPattern "/v1/*/version" matches exact "/version" only.
449
+ // CloudFront's `*` wildcard does not span path segments, so any
450
+ // future /version/* sub-routes need their own behavior.
451
+ {
452
+ pathPattern: "/v1/*/version",
453
+ targetOriginId: "api",
454
+ viewerProtocolPolicy: "redirect-to-https",
455
+ allowedMethods: ["GET", "HEAD", "OPTIONS"],
456
+ cachedMethods: ["GET", "HEAD", "OPTIONS"],
457
+ compress: true,
458
+ cachePolicyId: versionCachePolicy.id,
459
+ originRequestPolicyId: originRequestPolicy.id,
460
+ functionAssociations: [
461
+ {
462
+ eventType: "viewer-request",
463
+ functionArn: edgeFunction.arn,
464
+ },
465
+ ],
466
+ },
467
+ {
468
+ pathPattern: "/v1/*/users/*",
469
+ targetOriginId: "api",
470
+ viewerProtocolPolicy: "redirect-to-https",
471
+ allowedMethods: [
472
+ "GET",
473
+ "HEAD",
474
+ "OPTIONS",
475
+ "PUT",
476
+ "POST",
477
+ "PATCH",
478
+ "DELETE",
479
+ ],
480
+ cachedMethods: ["GET", "HEAD", "OPTIONS"],
481
+ compress: true,
482
+ cachePolicyId: cachingDisabledPolicyId,
483
+ originRequestPolicyId: allViewerExceptHostOriginRequestPolicyId,
484
+ functionAssociations: [
485
+ {
486
+ eventType: "viewer-request",
487
+ functionArn: edgeFunction.arn,
488
+ },
489
+ ],
490
+ },
491
+ // Submissions: never cached. The full lifecycle lives here
492
+ // (GET list/get/mine/batch, POST create/batch, PUT update), so the
493
+ // allowedMethods list is full. Writes go through CloudFront now that
494
+ // Phase 2 moved create/update off the old /submit/* verb routes.
495
+ // Uses the custom originRequestPolicy (not AllViewerExceptHost)
496
+ // because x-headroom-key and x-headroom-session are the trust
497
+ // boundary here — no Authorization header is involved.
498
+ //
499
+ // Two path patterns are registered because CloudFront pattern matching
500
+ // does not treat `/v1/*/submissions/*` as matching the bare
501
+ // `/v1/{site}/submissions` (no trailing slash) — which is where POST
502
+ // create and GET list land. Both entries share the same policies and
503
+ // edge function association.
504
+ {
505
+ pathPattern: "/v1/*/submissions",
506
+ targetOriginId: "api",
507
+ viewerProtocolPolicy: "redirect-to-https",
508
+ allowedMethods: [
509
+ "GET",
510
+ "HEAD",
511
+ "OPTIONS",
512
+ "PUT",
513
+ "POST",
514
+ "PATCH",
515
+ "DELETE",
516
+ ],
517
+ cachedMethods: ["GET", "HEAD", "OPTIONS"],
518
+ compress: true,
519
+ cachePolicyId: cachingDisabledPolicyId,
520
+ originRequestPolicyId: originRequestPolicy.id,
521
+ functionAssociations: [
522
+ {
523
+ eventType: "viewer-request",
524
+ functionArn: edgeFunction.arn,
525
+ },
526
+ ],
527
+ },
528
+ {
529
+ pathPattern: "/v1/*/submissions/*",
530
+ targetOriginId: "api",
531
+ viewerProtocolPolicy: "redirect-to-https",
532
+ allowedMethods: [
533
+ "GET",
534
+ "HEAD",
535
+ "OPTIONS",
536
+ "PUT",
537
+ "POST",
538
+ "PATCH",
539
+ "DELETE",
540
+ ],
541
+ cachedMethods: ["GET", "HEAD", "OPTIONS"],
542
+ compress: true,
543
+ cachePolicyId: cachingDisabledPolicyId,
544
+ originRequestPolicyId: originRequestPolicy.id,
545
+ functionAssociations: [
546
+ {
547
+ eventType: "viewer-request",
548
+ functionArn: edgeFunction.arn,
549
+ },
550
+ ],
386
551
  },
387
552
  // Media originals: served directly from S3 via OAC
388
553
  {
@@ -418,7 +583,7 @@ export function createCdn(name: string, args: CdnArgs) {
418
583
  allowedMethods: ["GET", "HEAD"],
419
584
  cachedMethods: ["GET", "HEAD"],
420
585
  compress: true,
421
- cachePolicyId: "4135ea2d-6df8-44a3-9df3-4b5a84be39ad",
586
+ cachePolicyId: cachingDisabledPolicyId,
422
587
  originRequestPolicyId: originRequestPolicy.id,
423
588
  },
424
589
  ],
package/admin/assets/AllContentPage-C11eeRMt.js DELETED
@@ -1 +0,0 @@
1
- import{j as s}from"./tanstack-Bs3zYPPV.js";import{u as T,f as D,r as w}from"./react-vendor-C2CvUxFh.js";import{u as M,a as R,b as L,c as z}from"./useContent-D8yDRTTy.js";import{m as k}from"./media-url-DIg_vSyf.js";import{w as E,x as H,v as r,S as F,j as h,y as V,B as _}from"./index-wYNPRVrc.js";import{u as q}from"./usePageTitle-Bwf-MpTD.js";import{C as G,c as J}from"./card-10FqkZPA.js";import{C as m}from"./checkbox-fC1QPb_4.js";import{T as K,a as O,b as S,c as i,d as Q,e as d}from"./table-WkEcC9MH.js";import{f as y}from"./format-C88SDH8g.js";import{B as W}from"./BulkActionBar-CastJGEP.js";import"./radix-C1kb_NqW.js";function ie(){const{host:c}=T(),p=D(),{collections:A}=E(),f=H();q({title:"Recent"});const[$,P]=w.useState(),[n,a]=w.useState(new Set),{data:o,isLoading:I}=M(c,$),j=R(c),g=L(c),b=z(c),N=new Map(A.map(e=>[e.name,e.label])),x=o?.items.map(e=>e.contentId)??[],v=x.length>0&&x.every(e=>n.has(e));function C(e){a(l=>{const t=new Set(l);return t.has(e)?t.delete(e):t.add(e),t})}function U(){a(v?new Set:new Set(x))}const B=j.isPending||g.isPending||b.isPending;return s.jsxs("div",{children:[!f&&s.jsxs("div",{className:"mb-6",children:[s.jsx("h1",{className:"text-2xl font-semibold",children:"All Content"}),s.jsx("p",{className:"text-muted-foreground text-sm",children:"Recently updated content across all collections."})]}),n.size>0&&s.jsx(W,{selectedCount:n.size,onPublish:async()=>{const e=[...n],t=(await j.mutateAsync(e)).filter(u=>u.status==="rejected").length;t?r.error(`${t} of ${e.length} failed to publish`):r.success(`${e.length} item(s) published`),a(new Set)},onUnpublish:async()=>{const e=[...n],t=(await g.mutateAsync(e)).filter(u=>u.status==="rejected").length;t?r.error(`${t} of ${e.length} failed to unpublish`):r.success(`${e.length} item(s) unpublished`),a(new Set)},onDelete:async()=>{const e=[...n],t=(await b.mutateAsync(e)).filter(u=>u.status==="rejected").length;t?r.error(`${t} of ${e.length} failed to delete`):r.success(`${e.length} item(s) deleted`),a(new Set)},onClear:()=>a(new Set),isPending:B}),I?s.jsx("div",{className:"space-y-2",children:Array.from({length:5}).map((e,l)=>s.jsx(F,{className:"h-12 w-full"},l))}):o?.items.length?s.jsxs(s.Fragment,{children:[f?s.jsx("div",{className:"grid gap-3","data-testid":"all-content-card-view",children:o.items.map(e=>{const l=e.coverUrl;return s.jsx(G,{className:V("cursor-pointer gap-0 overflow-hidden py-0 transition-shadow hover:shadow-md",n.has(e.contentId)&&"ring-2 ring-primary"),onClick:()=>p(`/sites/${c}/content/${e.collection}/${e.contentId}?from=recent`),children:s.jsx(J,{className:"p-3",children:s.jsxs("div",{className:"flex items-start gap-3 min-w-0",children:[l&&s.jsx("img",{src:k(l),alt:"",className:"h-12 w-12 rounded object-cover flex-shrink-0"}),s.jsxs("div",{className:"min-w-0 flex-1",children:[s.jsxs("div",{className:"flex items-center gap-2 min-w-0",children:[s.jsx("span",{className:"font-medium truncate",children:e.title||"Untitled"}),s.jsx(h,{variant:e.publishedAt?"default":"secondary",className:"shrink-0",children:e.publishedAt?"Published":"Draft"})]}),e.slug&&s.jsxs("p",{className:"text-xs text-muted-foreground truncate mt-0.5",children:["/",e.slug]}),s.jsxs("div",{className:"flex items-center gap-2 mt-1",children:[s.jsx(h,{variant:"outline",className:"text-[10px] px-1.5 py-0",children:N.get(e.collection)??e.collection}),s.jsx("span",{className:"text-xs text-muted-foreground",children:e.publishedAt?y(e.publishedAt):"—"})]})]}),s.jsx(m,{checked:n.has(e.contentId),onCheckedChange:()=>C(e.contentId),onClick:t=>t.stopPropagation(),className:"mt-1"})]})})},e.contentId)})}):s.jsxs(K,{children:[s.jsx(O,{children:s.jsxs(S,{children:[s.jsx(i,{className:"w-10",children:s.jsx(m,{checked:v,onCheckedChange:U,"aria-label":"Select all"})}),s.jsx(i,{children:"Title"}),s.jsx(i,{children:"Slug"}),s.jsx(i,{children:"Collection"}),s.jsx(i,{children:"Status"}),s.jsx(i,{children:"Updated"})]})}),s.jsx(Q,{children:o.items.map(e=>s.jsxs(S,{className:"cursor-pointer",onClick:()=>p(`/sites/${c}/content/${e.collection}/${e.contentId}?from=recent`),children:[s.jsx(d,{onClick:l=>l.stopPropagation(),children:s.jsx(m,{checked:n.has(e.contentId),onCheckedChange:()=>C(e.contentId),"aria-label":`Select ${e.title||"Untitled"}`})}),s.jsx(d,{className:"font-medium",children:s.jsxs("div",{className:"flex items-center gap-3",children:[!!e.coverUrl&&s.jsx("img",{src:k(e.coverUrl),alt:"",className:"h-8 w-8 rounded object-cover flex-shrink-0"}),s.jsx("span",{children:e.title||"Untitled"})]})}),s.jsx(d,{className:"text-muted-foreground text-sm",children:e.slug||"—"}),s.jsx(d,{children:s.jsx(h,{variant:"outline",children:N.get(e.collection)??e.collection})}),s.jsx(d,{children:s.jsx(h,{variant:e.publishedAt?"default":"secondary",children:e.publishedAt?"Published":"Draft"})}),s.jsx(d,{className:"text-muted-foreground",children:e.publishedAt?y(e.publishedAt):"—"})]},e.contentId))})]}),o.hasMore&&s.jsx("div",{className:"mt-4 flex justify-center",children:s.jsx(_,{variant:"outline",onClick:()=>P(o.cursor??void 0),children:"Load More"})})]}):s.jsx("p",{className:"text-muted-foreground",children:"No content yet."})]})}export{ie as AllContentPage};