includio-cms 0.20.0 → 0.22.0

package/dist/types/cms.schema.js

@@ -0,0 +1,629 @@
+import { z } from 'zod';
+/* -------------------------------------------------------------------------- */
+/*                                Localized                                    */
+/* -------------------------------------------------------------------------- */
+const localizedSchema = z.union([z.string(), z.record(z.string(), z.string())]);
+/* -------------------------------------------------------------------------- */
+/*                                  Slug                                       */
+/* -------------------------------------------------------------------------- */
+const SLUG_RE = /^[a-z][a-z0-9-]*$/;
+const slugSchema = z.string().regex(SLUG_RE, {
+    message: 'must be lowercase letters/digits/hyphens, starting with a letter'
+});
+/* -------------------------------------------------------------------------- */
+/*                                Languages                                    */
+/* -------------------------------------------------------------------------- */
+const LANG_CODE_RE = /^[a-z]{2}(-[A-Z]{2})?$/;
+const languageEntrySchema = z.union([
+    z.string().regex(LANG_CODE_RE, {
+        message: "must be a 2-letter ISO code (e.g. 'en' or 'pl-PL')"
+    }),
+    z
+        .object({
+        code: z.string().regex(LANG_CODE_RE, {
+            message: "must be a 2-letter ISO code (e.g. 'en' or 'pl-PL')"
+        }),
+        label: localizedSchema.optional(),
+        default: z.boolean().optional()
+    })
+        .passthrough()
+]);
+/* -------------------------------------------------------------------------- */
+/*                                  Fields                                     */
+/* -------------------------------------------------------------------------- */
+const FIELD_TYPES = [
+    'text',
+    'content',
+    'number',
+    'boolean',
+    'date',
+    'datetime',
+    'file',
+    'media',
+    'select',
+    'radio',
+    'checkboxes',
+    'relation',
+    'object',
+    'array',
+    'blocks',
+    'slug',
+    'seo',
+    'shop',
+    'url',
+    'custom'
+];
+const baseFieldShape = {
+    slug: slugSchema,
+    label: localizedSchema.optional(),
+    required: z.boolean().optional(),
+    description: localizedSchema.optional(),
+    localized: z.boolean().optional(),
+    defaultValue: z.unknown().optional(),
+    showWhen: z
+        .object({
+        field: z.string(),
+        equals: z.union([z.string(), z.array(z.string())]).optional(),
+        notEquals: z.union([z.string(), z.array(z.string())]).optional()
+    })
+        .optional()
+};
+const optionItemSchema = z.object({
+    label: localizedSchema.optional(),
+    value: z.string()
+});
+const fieldSchema = z.lazy(() => z.discriminatedUnion('type', [
+    // text
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('text'),
+        placeholder: localizedSchema.optional(),
+        minLength: z.number().int().nonnegative().optional(),
+        maxLength: z.number().int().positive().optional(),
+        pattern: z.string().optional(),
+        multiline: z.boolean().optional()
+    })
+        .passthrough(),
+    // content
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('content'),
+        inlineBlocks: z.array(fieldSchema).optional()
+    })
+        .passthrough(),
+    // number
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('number'),
+        min: z.number().optional(),
+        max: z.number().optional(),
+        step: z.number().optional()
+    })
+        .passthrough(),
+    // boolean
+    z
+        .object({ ...baseFieldShape, type: z.literal('boolean') })
+        .passthrough(),
+    // date / datetime
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('date'),
+        minDate: z.string().optional(),
+        maxDate: z.string().optional()
+    })
+        .passthrough(),
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('datetime'),
+        minDate: z.string().optional(),
+        maxDate: z.string().optional()
+    })
+        .passthrough(),
+    // file
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('file'),
+        accept: z.string().optional(),
+        maxSizeMB: z.number().positive().optional(),
+        multiple: z.boolean().optional()
+    })
+        .passthrough(),
+    // media
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('media'),
+        accept: z.string().optional(),
+        maxSizeMB: z.number().positive().optional(),
+        multiple: z.boolean().optional(),
+        styles: z
+            .array(z
+            .object({
+            name: z.string()
+        })
+            .passthrough())
+            .optional()
+    })
+        .passthrough(),
+    // select
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('select'),
+        options: z.array(optionItemSchema).min(1, {
+            message: 'select must declare at least one option'
+        }),
+        multiple: z.boolean().optional()
+    })
+        .passthrough(),
+    // radio
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('radio'),
+        options: z.array(optionItemSchema).min(1, {
+            message: 'radio must declare at least one option'
+        })
+    })
+        .passthrough(),
+    // checkboxes
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('checkboxes'),
+        options: z.array(optionItemSchema).min(1, {
+            message: 'checkboxes must declare at least one option'
+        })
+    })
+        .passthrough(),
+    // relation
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('relation'),
+        collection: z.string().min(1, { message: 'relation.collection is required' }),
+        multiple: z.boolean().optional(),
+        displayField: z.string().optional()
+    })
+        .passthrough(),
+    // object
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('object'),
+        fields: z.array(fieldSchema).min(1, {
+            message: 'object field must declare at least one nested field'
+        }),
+        accordionLabelField: z.string().optional(),
+        thumbnail: z.string().optional()
+    })
+        .passthrough(),
+    // array
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('array'),
+        of: z.enum(['text', 'number', 'url']),
+        minItems: z.number().int().nonnegative().optional(),
+        maxItems: z.number().int().positive().optional()
+    })
+        .passthrough(),
+    // blocks
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('blocks'),
+        of: z.array(fieldSchema).min(1, {
+            message: 'blocks.of must declare at least one block type'
+        }),
+        minItems: z.number().int().nonnegative().optional(),
+        maxItems: z.number().int().positive().optional(),
+        displayMode: z.enum(['simple', 'blocks']).optional()
+    })
+        .passthrough(),
+    // slug
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('slug'),
+        pattern: z.string().optional(),
+        sourceField: z.string().optional()
+    })
+        .passthrough(),
+    // seo
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('seo'),
+        slugSource: z.string().optional(),
+        titleSource: z.string().optional()
+    })
+        .passthrough(),
+    // shop
+    z
+        .object({ ...baseFieldShape, type: z.literal('shop') })
+        .passthrough(),
+    // url
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('url'),
+        placeholder: localizedSchema.optional(),
+        text: z.boolean().optional(),
+        newTab: z.boolean().optional(),
+        rel: z.boolean().optional()
+    })
+        .passthrough(),
+    // custom (plugin-provided)
+    z
+        .object({
+        ...baseFieldShape,
+        type: z.literal('custom'),
+        fieldType: z.string().min(1, { message: 'custom.fieldType is required' }),
+        config: z.record(z.string(), z.unknown()).optional()
+    })
+        .passthrough()
+]));
+/* -------------------------------------------------------------------------- */
+/*                              Form fields                                    */
+/* -------------------------------------------------------------------------- */
+const FORM_FIELD_TYPES = ['text', 'email', 'textarea', 'checkbox', 'select', 'file'];
+const formFieldBaseShape = {
+    slug: slugSchema,
+    label: localizedSchema.optional(),
+    required: z.boolean().optional(),
+    description: localizedSchema.optional(),
+    errorMessage: localizedSchema.optional(),
+    defaultValue: z.unknown().optional(),
+    showInDataTable: z.boolean().optional()
+};
+const formFieldSchema = z.discriminatedUnion('type', [
+    z
+        .object({
+        ...formFieldBaseShape,
+        type: z.literal('text'),
+        minLength: z.number().int().nonnegative().optional(),
+        maxLength: z.number().int().positive().optional()
+    })
+        .passthrough(),
+    z
+        .object({
+        ...formFieldBaseShape,
+        type: z.literal('email')
+    })
+        .passthrough(),
+    z
+        .object({
+        ...formFieldBaseShape,
+        type: z.literal('textarea'),
+        minLength: z.number().int().nonnegative().optional(),
+        maxLength: z.number().int().positive().optional()
+    })
+        .passthrough(),
+    z
+        .object({
+        ...formFieldBaseShape,
+        type: z.literal('checkbox')
+    })
+        .passthrough(),
+    z
+        .object({
+        ...formFieldBaseShape,
+        type: z.literal('select'),
+        options: z.array(optionItemSchema).min(1, {
+            message: 'form select must declare at least one option'
+        })
+    })
+        .passthrough(),
+    z
+        .object({
+        ...formFieldBaseShape,
+        type: z.literal('file'),
+        accept: z.string().optional(),
+        maxSize: z.number().positive().optional()
+    })
+        .passthrough()
+]);
+/* -------------------------------------------------------------------------- */
+/*                          Collections / Singles / Forms                      */
+/* -------------------------------------------------------------------------- */
+const configBaseShape = {
+    slug: slugSchema,
+    sidebarIcon: z.string().optional(),
+    previewUrl: z.string().optional(),
+    fields: z.array(fieldSchema).min(1, {
+        message: 'must declare at least one field'
+    }),
+    layout: z.unknown().optional(),
+    slugField: z.string().optional(),
+    pathTemplate: z.string().optional()
+};
+const collectionSchema = z
+    .object({
+    ...configBaseShape,
+    entryAdminTitle: z.string().optional(),
+    labels: z
+        .object({
+        singular: localizedSchema.optional(),
+        plural: localizedSchema.optional()
+    })
+        .optional(),
+    orderable: z.boolean().optional(),
+    listColumns: z.array(z.string()).optional()
+})
+    .passthrough();
+const singleSchema = z
+    .object({
+    ...configBaseShape,
+    label: localizedSchema.optional()
+})
+    .passthrough();
+const formSchema = z
+    .object({
+    slug: slugSchema,
+    sidebarIcon: z.string().optional(),
+    fields: z.array(formFieldSchema).min(1, {
+        message: 'form must declare at least one field'
+    }),
+    label: localizedSchema,
+    notificationEmailAddresses: z.array(z.string().email()).optional()
+})
+    .passthrough();
+/* -------------------------------------------------------------------------- */
+/*                                 Adapters                                    */
+/* -------------------------------------------------------------------------- */
+function adapterMethodsCheck(name, methods) {
+    return z.custom((val) => {
+        if (val == null || typeof val !== 'object')
+            return false;
+        for (const m of methods) {
+            if (typeof val[m] !== 'function')
+                return false;
+        }
+        return true;
+    }, {
+        message: `${name} is missing required methods (${methods.join(', ')})`
+    });
+}
+const dbAdapterSchema = adapterMethodsCheck('DatabaseAdapter', [
+    'createEntry',
+    'getEntries',
+    'updateEntry',
+    'createEntryVersion',
+    'getEntryVersions',
+    'createFormSubmission'
+]);
+const filesAdapterSchema = adapterMethodsCheck('FilesAdapter', [
+    'uploadFile',
+    'downloadFile',
+    'renameFile',
+    'deleteFile',
+    'listFiles'
+]);
+const emailAdapterSchema = adapterMethodsCheck('EmailAdapter', ['sendMail']);
+const aiAdapterSchema = z
+    .custom((val) => val != null && typeof val === 'object', {
+    message: 'AIAdapter must be an object'
+});
+/* -------------------------------------------------------------------------- */
+/*                                 ApiKeys                                     */
+/* -------------------------------------------------------------------------- */
+const apiKeySchema = z
+    .object({
+    key: z.string().min(8, { message: 'apiKey.key must be at least 8 chars' }),
+    name: z.string().optional(),
+    role: z.enum(['admin', 'editor']).optional(),
+    expiresAt: z.string().optional(),
+    rotatedAt: z.string().optional(),
+    permissions: z.array(z.string()).optional()
+})
+    .passthrough();
+/* -------------------------------------------------------------------------- */
+/*                                 CMSConfig                                   */
+/* -------------------------------------------------------------------------- */
+const cmsConfigBaseSchema = z
+    .object({
+    languages: z
+        .array(languageEntrySchema)
+        .min(1, { message: 'CMSConfig.languages must contain at least one language' }),
+    collections: z.array(collectionSchema).optional(),
+    singles: z.array(singleSchema).optional(),
+    forms: z.array(formSchema).optional(),
+    db: dbAdapterSchema,
+    files: filesAdapterSchema,
+    email: emailAdapterSchema.optional(),
+    auth: z
+        .object({
+        secret: z.string().min(1, { message: 'auth.secret is required' }),
+        baseURL: z.string().optional()
+    })
+        .passthrough()
+        .optional(),
+    plugins: z.array(z.unknown()).optional(),
+    ai: aiAdapterSchema.optional(),
+    media: z.unknown().optional(),
+    apiKeys: z.array(apiKeySchema).optional(),
+    typography: z
+        .object({ fixOrphans: z.boolean().optional() })
+        .passthrough()
+        .optional(),
+    sidebarHelp: z.boolean().optional(),
+    shop: z.unknown().optional(),
+    cmp: z.unknown().optional()
+})
+    .passthrough();
+/* -------------------------------------------------------------------------- */
+/*                          Cross-field invariants                             */
+/* -------------------------------------------------------------------------- */
+function getLangCode(entry) {
+    if (typeof entry === 'string')
+        return entry;
+    if (entry && typeof entry === 'object' && 'code' in entry) {
+        const c = entry.code;
+        return typeof c === 'string' ? c : null;
+    }
+    return null;
+}
+function isLangDefault(entry) {
+    return !!entry && typeof entry === 'object' && entry.default === true;
+}
+function* walkRelationFields(fields, path) {
+    if (!fields)
+        return;
+    for (let i = 0; i < fields.length; i++) {
+        const f = fields[i];
+        const fieldPath = [...path, i];
+        if (f.type === 'relation')
+            yield { field: f, path: fieldPath };
+        if (f.type === 'object' && Array.isArray(f.fields)) {
+            yield* walkRelationFields(f.fields, [...fieldPath, 'fields']);
+        }
+        if (f.type === 'blocks' && Array.isArray(f.of)) {
+            for (let j = 0; j < f.of.length; j++) {
+                const blockDef = f.of[j];
+                if (blockDef && Array.isArray(blockDef.fields)) {
+                    yield* walkRelationFields(blockDef.fields, [...fieldPath, 'of', j, 'fields']);
+                }
+            }
+        }
+        if (f.type === 'content' && Array.isArray(f.inlineBlocks)) {
+            for (let j = 0; j < f.inlineBlocks.length; j++) {
+                const ib = f.inlineBlocks[j];
+                if (ib && Array.isArray(ib.fields)) {
+                    yield* walkRelationFields(ib.fields, [...fieldPath, 'inlineBlocks', j, 'fields']);
+                }
+            }
+        }
+    }
+}
+/**
+ * Final config schema. Use `cmsConfigSchema.safeParse(input)` and pass any
+ * resulting `ZodError` to `formatConfigError` (in `core/errors.ts`) to get a
+ * human-readable {@link import('../core/errors.js').ConfigValidationError}.
+ *
+ * Cross-field invariants enforced via `superRefine`:
+ *  - `languages` has at most one `default: true`.
+ *  - `collections[].slug` are unique.
+ *  - `singles[].slug` are unique.
+ *  - `forms[].slug` are unique.
+ *  - Each `relation` field's `collection` references a declared collection.
+ *  - `apiKeys[].permissions` reference declared collection slugs.
+ */
+export const cmsConfigSchema = cmsConfigBaseSchema.superRefine((data, ctx) => {
+    // Default language: at most one (zero is fine — fall back to languages[0]).
+    const defaults = (data.languages ?? []).filter(isLangDefault);
+    if (defaults.length > 1) {
+        ctx.addIssue({
+            code: z.ZodIssueCode.custom,
+            path: ['languages'],
+            message: `more than one language is marked default (${defaults.length})`
+        });
+    }
+    // Collection slug uniqueness
+    const collectionSlugs = new Set();
+    (data.collections ?? []).forEach((c, i) => {
+        const slug = c.slug;
+        if (typeof slug !== 'string')
+            return;
+        if (collectionSlugs.has(slug)) {
+            ctx.addIssue({
+                code: z.ZodIssueCode.custom,
+                path: ['collections', i, 'slug'],
+                message: `duplicate collection slug '${slug}'`
+            });
+        }
+        collectionSlugs.add(slug);
+    });
+    // Single slug uniqueness
+    const singleSlugs = new Set();
+    (data.singles ?? []).forEach((s, i) => {
+        const slug = s.slug;
+        if (typeof slug !== 'string')
+            return;
+        if (singleSlugs.has(slug)) {
+            ctx.addIssue({
+                code: z.ZodIssueCode.custom,
+                path: ['singles', i, 'slug'],
+                message: `duplicate single slug '${slug}'`
+            });
+        }
+        singleSlugs.add(slug);
+    });
+    // Form slug uniqueness
+    const formSlugs = new Set();
+    (data.forms ?? []).forEach((f, i) => {
+        const slug = f.slug;
+        if (typeof slug !== 'string')
+            return;
+        if (formSlugs.has(slug)) {
+            ctx.addIssue({
+                code: z.ZodIssueCode.custom,
+                path: ['forms', i, 'slug'],
+                message: `duplicate form slug '${slug}'`
+            });
+        }
+        formSlugs.add(slug);
+    });
+    // Relation targets (must reference a declared collection)
+    const validTargets = new Set([...collectionSlugs, ...singleSlugs]);
+    (data.collections ?? []).forEach((c, i) => {
+        const fields = c.fields;
+        for (const { field, path } of walkRelationFields(fields, ['collections', i, 'fields'])) {
+            const target = field.collection;
+            if (typeof target !== 'string' || !validTargets.has(target)) {
+                ctx.addIssue({
+                    code: z.ZodIssueCode.custom,
+                    path: [...path, 'collection'],
+                    message: `relation target '${target}' does not reference a declared collection or single`
+                });
+            }
+        }
+    });
+    (data.singles ?? []).forEach((s, i) => {
+        const fields = s.fields;
+        for (const { field, path } of walkRelationFields(fields, ['singles', i, 'fields'])) {
+            const target = field.collection;
+            if (typeof target !== 'string' || !validTargets.has(target)) {
+                ctx.addIssue({
+                    code: z.ZodIssueCode.custom,
+                    path: [...path, 'collection'],
+                    message: `relation target '${target}' does not reference a declared collection or single`
+                });
+            }
+        }
+    });
+    // apiKeys permissions
+    (data.apiKeys ?? []).forEach((k, i) => {
+        const perms = k.permissions;
+        if (!perms)
+            return;
+        for (let j = 0; j < perms.length; j++) {
+            const p = perms[j];
+            if (!collectionSlugs.has(p)) {
+                ctx.addIssue({
+                    code: z.ZodIssueCode.custom,
+                    path: ['apiKeys', i, 'permissions', j],
+                    message: `apiKeys permission '${p}' does not reference a declared collection`
+                });
+            }
+        }
+    });
+});
+/** Exposed for tests only. Not part of the public API. */
+export const _internal = {
+    fieldSchema,
+    formFieldSchema,
+    collectionSchema,
+    singleSchema,
+    formSchema,
+    cmsConfigBaseSchema,
+    FIELD_TYPES,
+    FORM_FIELD_TYPES,
+    getLangCode
+};

package/dist/updates/0.21.0/index.d.ts

@@ -0,0 +1,2 @@
+import type { CmsUpdate } from '../index.js';
+export declare const update: CmsUpdate;

package/dist/updates/0.21.0/index.js

@@ -0,0 +1,55 @@
+export const update = {
+    version: '0.21.0',
+    date: '2026-04-30',
+    description: 'Faza 5 część 2 — security finish: form rate-limit DRY refactor, API keys `expiresAt` / `rotatedAt`, sharp timeout 30s, `{@html}` audit close. `KNOWN-RISKS.md` w root jako single source of truth dla zaakceptowanych ryzyk v1.0. Plus: faza 6 setup — vitest coverage (info-only), docker test profile, integration test scaffolding (`tests/`).',
+    features: [
+        '`KNOWN-RISKS.md` w root paczki — 5 ryzyk udokumentowanych: CSP `\'unsafe-inline\'`, API key rotation opt-in, in-memory rate-limit, sharp 30s timeout, ffmpeg/sharp args audit. Każde z mitygacją i triggerem fix.',
+        '`ApiKeyConfig.expiresAt?: string` (ISO-8601) — opt-in expiry, enforced w `validateApiKey()`. Wygasły klucz → 401 generic (no leak). Brak `expiresAt` = klucz nigdy nie wygasa (backward compat).',
+        '`ApiKeyConfig.rotatedAt?: string` — info-only audit-trail, nie enforced.',
+        '`generateApiKey()` (`includio-cms/sveltekit/server`) — crypto-random 32B base64url. Pełna rotacja = update `cms.config.ts` + redeploy (statyczny model, patrz KNOWN-RISKS §2).',
+        '`withTimeout<T>(promise, ms, label)` + `TimeoutError` (`$lib/server/utils/withTimeout`). Wrap dookoła wszystkich sharp calls (metadata, toBuffer, blur, admin thumbnail, downscale resize). Default 30s, env override `INCLUDIO_SHARP_TIMEOUT_MS`.',
+        'Form submit rate-limit: refaktor `src/routes/api/forms/[slug]/submit/+server.ts` — używa shared `MemoryRateLimitStore` z `$lib/server/security/rate-limit.js` (DRY z `/admin/api/*` rate-limit). Limity 5/h per IP zachowane. Env: `INCLUDIO_FORM_RATE_LIMIT_MAX`, `INCLUDIO_FORM_RATE_LIMIT_WINDOW_MS`.',
+        'Faza 6 setup: docker `test` profile (`db_test` na porcie 5434, tmpfs, `fsync=off`), `tests/helpers/{db,api,auth}.ts`, `tests/setup.ts` z TRUNCATE strategy, vitest project `integration` (sequential, `singleFork`), sanity test `tests/integration/db-sanity.spec.ts`.',
+        'Vitest coverage config (info-only, bez threshold) — `pnpm test:coverage` generuje `coverage/`. Reporter: text/json/html. Devdep: `@vitest/coverage-v8`.'
+    ],
+    fixes: [
+        '`{@html}` w `src/lib/admin/client/users/delete-user-dialog.svelte` (linie 85, 93) zastąpione safe Svelte template `{...}<strong>{...}</strong>{...}`. Defense-in-depth — content był admin-controlled, ale eliminuje wektor regresji XSS gdyby ktoś kiedyś dodał user-supplied input do tych komunikatów.'
+    ],
+    breakingChanges: [
+        'Brak hard breakages. `ApiKeyConfig.expiresAt` / `rotatedAt` są opcjonalne — istniejące configi działają bez zmian.',
+        '`usersLang.deleteWarningDesc` zmienia sygnaturę z `(name: string) => string` na statyczny obiekt `{ before: string; after: string }`. `usersLang.deleteConfirmType` analogicznie ze stringa na `{ before: string; after: string }`. Wpływ tylko na fork\'i admin UI z customowym lang — szybki `pnpm check` zwróci błąd typu, fix = przepisz wartości w lang.'
+    ],
+    notes: `## Setup integration tests (opt-in)
+
+\`\`\`bash
+docker compose --profile test up -d db_test
+pnpm prepack                    # buduje dist/ wymagany przez drizzle-kit push schema
+pnpm db:test:migrate            # drizzle-kit push do test DB
+pnpm test:integration           # uruchamia tests/integration/**
+docker compose --profile test down
+\`\`\`
+
+## API key expiry (opt-in)
+
+\`\`\`ts
+// cms.config.ts
+apiKeys: [
+    { key: 'sk-...', name: 'ci', role: 'admin', expiresAt: '2027-01-01T00:00:00Z' }
+]
+\`\`\`
+
+Generowanie nowego klucza:
+
+\`\`\`ts
+import { generateApiKey } from 'includio-cms/sveltekit/server';
+console.log(generateApiKey()); // → 43-char base64url, 32B entropii
+\`\`\`
+
+Pełna rotacja wymaga update'u \`cms.config.ts\` + redeploy. Pole \`rotatedAt\` jest info-only (audit trail) — admin ustawia ręcznie przy rotacji.
+
+## Known risks
+
+Lista zaakceptowanych ryzyk v1.0 — \`KNOWN-RISKS.md\` w root paczki. 5 sekcji: CSP \`unsafe-inline\`, API key rotation opt-in, in-memory rate-limit (multi-node = wymaga Redis adapter), sharp 30s timeout, ffmpeg/sharp shell audit (SAFE).
+
+Brak SQL migration.`
+};

package/dist/updates/0.22.0/index.d.ts

@@ -0,0 +1,2 @@
+import type { CmsUpdate } from '../index.js';
+export declare const update: CmsUpdate;