jamdesk 1.1.144 → 1.1.146

package/vendored/lib/banner-dismiss.ts

@@ -0,0 +1,53 @@
+// Banner dismissal persistence. The dismissal is keyed to a hash of the banner
+// content so that editing the message makes it reappear for everyone.
+// Modeled on lib/recent-searches.ts (SSR-safe localStorage access).
+
+const PREFIX = 'jamdesk_banner_dismissed_';
+
+export function bannerDismissKey(slug: string): string {
+  return `${PREFIX}${slug}`;
+}
+
+// Small deterministic djb2 hash → base36. Not cryptographic; only needs to
+// change when the content changes and stay stable otherwise.
+export function bannerHash(content: string): string {
+  let h = 5381;
+  for (let i = 0; i < content.length; i++) {
+    h = ((h << 5) + h + content.charCodeAt(i)) | 0;
+  }
+  return (h >>> 0).toString(36);
+}
+
+export function isBannerDismissed(slug: string, content: string): boolean {
+  if (typeof window === 'undefined') return false;
+  try {
+    return localStorage.getItem(bannerDismissKey(slug)) === bannerHash(content);
+  } catch {
+    return false;
+  }
+}
+
+export function dismissBanner(slug: string, content: string): void {
+  if (typeof window === 'undefined') return;
+  try {
+    localStorage.setItem(bannerDismissKey(slug), bannerHash(content));
+  } catch {
+    // Storage unavailable (private mode, quota) — fail open; banner just won't
+    // remember the dismissal.
+  }
+}
+
+/**
+ * Inline JS for the pre-paint <head> script. When the stored hash matches the
+ * current content it sets `data-jd-banner-dismissed` on <html>, so CSS can hide
+ * the bar before first paint (no flash for repeat visitors). slug + hash are
+ * JSON-encoded into the string for safety.
+ */
+export function bannerNoFlashScript(slug: string, content: string): string {
+  // Defense-in-depth: JSON.stringify escapes `<` in V8 but the spec does not
+  // require it, so escape it ourselves — a slug can never break out of the
+  // surrounding <script> tag.
+  const key = JSON.stringify(bannerDismissKey(slug)).replace(/</g, '\\u003c');
+  const hash = JSON.stringify(bannerHash(content)).replace(/</g, '\\u003c');
+  return `(function(){try{if(localStorage.getItem(${key})===${hash}){document.documentElement.setAttribute('data-jd-banner-dismissed','')}}catch(e){}})();`;
+}

package/vendored/lib/content-loader.ts

@@ -14,6 +14,7 @@ import fs from 'fs';
 import path from 'path';
 import { parseFrontmatterLenient } from './frontmatter-utils';
 import { getDocsConfig as getStaticDocsConfig, getContentDir } from './docs';
+import { getGitLastModified, injectLastUpdated } from './page-timestamps';
 import {
   getDocsConfig as getIsrDocsConfig,
   getMdxContent,
@@ -41,6 +42,9 @@ export interface ContentLoader {
  */
 class StaticContentLoader implements ContentLoader {
   private contentDir: string;
+  // Per-page git date cache (dev preview): avoids a git spawn on every re-render.
+  // null = looked up, no committed date (untracked/new file or non-git dir).
+  private dateCache = new Map<string, string | null>();
 
   constructor() {
     this.contentDir = getContentDir();
@@ -51,8 +55,19 @@ class StaticContentLoader implements ContentLoader {
   }
 
   async getContent(pagePath: string): Promise<string> {
-    const filePath = path.join(this.contentDir, pagePath) + '.mdx';
-    return fs.readFileSync(filePath, 'utf8');
+    const relPath = pagePath + '.mdx';
+    const content = fs.readFileSync(path.join(this.contentDir, relPath), 'utf8');
+
+    // Dev parity with the build: when metadata.timestamp is on, inject the
+    // page's last git-commit date so the renderer shows "Last updated on …".
+    if (!this.getConfig().metadata?.timestamp) return content;
+
+    let date = this.dateCache.get(pagePath);
+    if (date === undefined) {
+      date = getGitLastModified(this.contentDir, relPath);
+      this.dateCache.set(pagePath, date);
+    }
+    return date ? injectLastUpdated(content, date) : content;
   }
 
   async getAllPaths(): Promise<string[]> {

package/vendored/lib/heading-extractor.ts

@@ -15,6 +15,8 @@ export interface HeadingInfo {
   line: number; // 1-indexed
   /** When the entry is a <Step> inside a <Steps> block, this is its 1-based index within the block. */
   stepNumber?: number;
+  /** True when the entry came from an <Update label="..."> anchor (vs a markdown heading). */
+  isUpdate?: boolean;
 }
 
 /**
@@ -44,7 +46,13 @@ export function generateSlug(text: string): string {
 
 const HEADING_REGEX = /^(#{1,6})\s+(.+)$/;
 const FENCE_REGEX = /^(`{3,}|~{3,})/;
-const UPDATE_LABEL_REGEX = /<Update\s+label=["']([^"']+)["']/;
+// Global + matchAll (like STEP_TITLE_REGEX below) so multiple inline <Update>
+// tags on one line each get an anchor, and `[^>]*` so `label=` need not be the
+// first attribute (e.g. `<Update date=".." label="..">`). Alternation (not a
+// character class) keeps an apostrophe inside a double-quoted label from
+// terminating the capture. MUST only be used with matchAll — direct test/exec
+// would share lastIndex across calls and miscount.
+const UPDATE_LABEL_REGEX = /<Update\s+[^>]*label=(?:"([^"]+)"|'([^']+)')/g;
 const STEPS_OPEN_REGEX = /<Steps(\s|>)/;
 const STEPS_CLOSE_REGEX = /<\/Steps>/;
 // Global flag — we iterate with matchAll so authors who inline multiple
@@ -114,13 +122,11 @@ export function extractHeadings(content: string): HeadingInfo[] {
       }
     }
 
-    const updateMatch = line.match(UPDATE_LABEL_REGEX);
-    if (updateMatch) {
-      const text = updateMatch[1];
-      if (generateSlug(text)) {
-        const id = slugger.slug(text);
-        headings.push({ id, text, level: 2, line: i + 1 });
-      }
+    for (const match of line.matchAll(UPDATE_LABEL_REGEX)) {
+      const text = match[1] ?? match[2];
+      if (!generateSlug(text)) continue;
+      const id = slugger.slug(text);
+      headings.push({ id, text, level: 2, line: i + 1, isUpdate: true });
     }
 
     if (inStepsBlock) {

package/vendored/lib/inline-markdown.tsx

@@ -0,0 +1,59 @@
+import React from 'react';
+
+// Allow only safe URL schemes; everything else (javascript:, data:, etc.) is
+// dropped so author content can't inject script URLs into the banner.
+function sanitizeUrl(url: string): string | null {
+  const trimmed = url.trim();
+  // A single leading slash is a same-origin path; `//host` is protocol-relative
+  // (off-origin) and must NOT be treated as a safe relative link.
+  if (/^(\/(?!\/)|#|\.\.?\/)/.test(trimmed)) return trimmed; // relative / anchor
+  // mailto: is intentional — banner authors are trusted (docs.json owners);
+  // subject/body params are an accepted trade-off.
+  if (/^(https?:|mailto:)/i.test(trimmed)) return trimmed;
+  return null;
+}
+
+// Known limitation: a URL containing ')' truncates at the first ')'. Fine for
+// short banner copy; authors should percent-encode parens in link targets.
+// Matches [text](url), then **bold**, then *italic* — alternation order matters
+// so `**` is consumed by the bold branch before the italic branch sees it.
+const TOKEN = /\[([^\]]+)\]\(([^)\s]+)\)|\*\*([^*]+)\*\*|\*([^*]+)\*/g;
+
+/**
+ * Render a string with basic inline markdown (links, bold, italic) as safe
+ * React nodes. No raw HTML, no nesting, no custom components.
+ */
+export function renderInlineMarkdown(input: string): React.ReactNode[] {
+  const nodes: React.ReactNode[] = [];
+  let lastIndex = 0;
+  let key = 0;
+  let m: RegExpExecArray | null;
+  TOKEN.lastIndex = 0;
+  while ((m = TOKEN.exec(input)) !== null) {
+    if (m.index > lastIndex) nodes.push(input.slice(lastIndex, m.index));
+    if (m[1] !== undefined) {
+      const href = sanitizeUrl(m[2]);
+      if (href) {
+        const external = /^https?:/i.test(href);
+        nodes.push(
+          <a
+            key={key++}
+            href={href}
+            {...(external ? { target: '_blank', rel: 'noopener noreferrer' } : {})}
+          >
+            {m[1]}
+          </a>,
+        );
+      } else {
+        nodes.push(m[1]); // unsafe URL → render the link text as plain text
+      }
+    } else if (m[3] !== undefined) {
+      nodes.push(<strong key={key++}>{m[3]}</strong>);
+    } else if (m[4] !== undefined) {
+      nodes.push(<em key={key++}>{m[4]}</em>);
+    }
+    lastIndex = TOKEN.lastIndex;
+  }
+  if (lastIndex < input.length) nodes.push(input.slice(lastIndex));
+  return nodes;
+}

package/vendored/lib/layout-helpers.tsx

@@ -28,6 +28,7 @@ import { getAnalyticsScript } from '@/lib/analytics-script';
 import { AgentDirective } from './agent-directive';
 import { fetchCustomCss, fetchCustomJs } from '@/lib/r2-content';
 import { toHreflang } from '@/lib/language-utils';
+import { bannerNoFlashScript } from '@/lib/banner-dismiss';
 
 const scrollLockBootstrap = `
 (function() {
@@ -428,6 +429,13 @@ export async function DocsChrome({
     ? getAnalyticsScript(resolvedProjectSlug)
     : null;
 
+  // Global banner: only emit the pre-paint no-flash guard for a dismissible
+  // banner (a non-dismissible banner is never hidden, so the guard would risk
+  // hiding a mandatory message via a stale dismissal hash). Trimmed content
+  // must match what BannerBar hashes.
+  const bannerContent = config.banner?.content?.trim() || '';
+  const bannerNoFlash = !embed && !!bannerContent && config.banner?.dismissible === true && !!resolvedProjectSlug;
+
   // Font Awesome CSS uses preinit (not preload) so React 19 emits the
   // stylesheet link in <head> at SSR time. The previous approach used a
   // beforeInteractive Script that injected <link rel=stylesheet> at runtime —
@@ -473,6 +481,25 @@ export async function DocsChrome({
               '<style>html[data-scroll-locked] #content-scroll-container{overflow-y:auto !important;}</style>',
           }}
         />
+        {/* Banner no-flash: hide a previously-dismissed (dismissible) banner
+            before first paint. The <style> is inert until the script sets the
+            attribute; the script is prod-gated like the analytics inline script. */}
+        {bannerNoFlash && (
+          <>
+            <style
+              dangerouslySetInnerHTML={{
+                __html: 'html[data-jd-banner-dismissed] [data-jd-banner]{display:none!important}',
+              }}
+            />
+            {process.env.NODE_ENV === 'production' && (
+              <script
+                dangerouslySetInnerHTML={{
+                  __html: bannerNoFlashScript(resolvedProjectSlug, bannerContent),
+                }}
+              />
+            )}
+          </>
+        )}
         <meta name="viewport" content="width=device-width, initial-scale=1" />
         {/* Embed render (widget modal): default every in-frame link to a new tab.
             Clicking a doc link should open the full docs site in a new tab, not

package/vendored/lib/normalize-config.ts

@@ -10,7 +10,8 @@
  * Field mappings:
  * - modeToggle.default -> appearance.default
  * - modeToggle.isHidden -> appearance.strict
- * - metadata -> seo.metatags (merged, Jamdesk takes priority)
+ * - metadata.timestamp -> config.metadata.timestamp (real feature flag, kept)
+ * - metadata.<other> -> seo.metatags (legacy Mintlify metatags, deprecated)
  * - navbar.style -> preserved but ignored in rendering
  * - layout -> removed (theme determines layout)
  */
@@ -18,11 +19,15 @@
 import type { DocsConfig, ModeToggleConfig, MintlifyLayout } from './docs-types';
 
 /**
- * Input config type that includes Mintlify compatibility fields
+ * Input config type that includes Mintlify compatibility fields.
+ *
+ * `metadata` is overloaded for backward compatibility: historically it was a
+ * Mintlify metatags string-map, but it now also carries the real `timestamp`
+ * feature flag. Accept both shapes here and split them in normalizeConfig.
  */
 interface DocsConfigInput extends Omit<DocsConfig, 'modeToggle' | 'metadata' | 'layout'> {
   modeToggle?: ModeToggleConfig;
-  metadata?: Record<string, string>;
+  metadata?: Record<string, unknown>;
   layout?: MintlifyLayout;
 }
 
@@ -61,19 +66,31 @@ export function normalizeConfig(config: DocsConfigInput): NormalizeResult {
     }
   }
 
-  // 2. Normalize metadata -> seo.metatags
+  // 2. Normalize metadata.
+  //    - `timestamp` is a real page-metadata feature flag (show last-modified
+  //      date on every page) -> config.metadata.timestamp. NOT deprecated.
+  //    - any OTHER keys are legacy Mintlify metatags -> seo.metatags (deprecated).
   if (metadata) {
-    warnings.push(
-      'metadata is deprecated. Use seo: { metatags: { ... } } instead.'
-    );
-    const existingMetatags = normalized.seo?.metatags || {};
-    normalized.seo = {
-      ...normalized.seo,
-      metatags: {
-        ...metadata,
-        ...existingMetatags,
-      },
-    };
+    const { timestamp, ...legacyMetatags } = metadata;
+
+    if (timestamp !== undefined) {
+      normalized.metadata = { timestamp: timestamp === true };
+    }
+
+    const legacyKeys = Object.keys(legacyMetatags);
+    if (legacyKeys.length > 0) {
+      warnings.push(
+        'metadata is deprecated. Use seo: { metatags: { ... } } instead.'
+      );
+      const existingMetatags = normalized.seo?.metatags || {};
+      normalized.seo = {
+        ...normalized.seo,
+        metatags: {
+          ...(legacyMetatags as Record<string, string>),
+          ...existingMetatags,
+        },
+      };
+    }
   }
 
   // 3. Warn about layout

package/vendored/lib/page-timestamps.ts

@@ -0,0 +1,144 @@
+/**
+ * Page "last updated" timestamps (build-time).
+ *
+ * When a project enables `metadata.timestamp` in docs.json, the build computes
+ * the last git-commit date for each page and injects it into the page's
+ * frontmatter (`lastUpdated: YYYY-MM-DD`). The renderer reads that field and
+ * shows a "Last updated on <date>" line — see components/navigation/LastUpdated.
+ *
+ * Why build-time: git history only exists in the Cloud Run clone, not at ISR
+ * render time (which sees only R2 content). The injected date rides R2 with the
+ * page and needs no git at render.
+ */
+
+import { execFileSync } from 'child_process';
+// Extension-less import: this module is also pulled into the Next.js/ISR bundle
+// (via content-loader), and Next prod rejects `.js` specifiers in TS source.
+import { logger } from '../shared/logger';
+
+// Marks a commit header line in `git log` output so it can't be confused with a
+// file path (paths never contain control characters with core.quotePath=false).
+const COMMIT_MARKER = '\x01';
+
+/**
+ * Production clones are shallow (`--depth 1`), so `git log` would report the
+ * single clone commit's date for every file. Deepen to full history first.
+ * No-op for already-complete clones (e.g. local `jamdesk dev`). Best-effort:
+ * on failure the date map simply falls back to whatever history is present.
+ */
+function ensureFullHistory(repoDir: string): void {
+  try {
+    const isShallow = execFileSync(
+      'git',
+      ['-C', repoDir, 'rev-parse', '--is-shallow-repository'],
+      { encoding: 'utf-8', stdio: ['pipe', 'pipe', 'pipe'] },
+    ).trim();
+    if (isShallow !== 'true') return;
+
+    execFileSync(
+      'git',
+      ['-C', repoDir, 'fetch', '--unshallow', '--quiet'],
+      { encoding: 'utf-8', timeout: 120000, stdio: ['pipe', 'pipe', 'pipe'] },
+    );
+  } catch {
+    // Deliberately log no error detail: a failed git fetch can echo the
+    // tokenized origin URL in its output, which must not reach logs.
+    logger.warn('Could not deepen git history for timestamps; dates may reflect only the latest commit');
+  }
+}
+
+/**
+ * Map each repo-relative file path to the date (YYYY-MM-DD) of the most recent
+ * commit that added or modified it, via a single `git log` walk.
+ *
+ * Returns an empty map (logging a warning) if git is unavailable or the repo
+ * has no history — callers treat a missing entry as "no timestamp for this page".
+ *
+ * Caveat: renames reset a file's date to the rename commit (no `--follow`, which
+ * cannot run in a single multi-file pass). Acceptable for docs.
+ */
+export function buildGitLastModifiedMap(repoDir: string): Map<string, string> {
+  const map = new Map<string, string>();
+
+  ensureFullHistory(repoDir);
+
+  let output: string;
+  try {
+    output = execFileSync(
+      'git',
+      [
+        '-C', repoDir,
+        '-c', 'core.quotePath=false',
+        'log',
+        '--no-merges',
+        '--diff-filter=ACMRT',
+        '--name-only',
+        `--format=${COMMIT_MARKER}%cs`,
+      ],
+      { encoding: 'utf-8', maxBuffer: 512 * 1024 * 1024, stdio: ['pipe', 'pipe', 'pipe'] },
+    );
+  } catch (err) {
+    logger.warn('Failed to compute git last-modified map; timestamps omitted', {
+      error: err instanceof Error ? err.message : String(err),
+    });
+    return map;
+  }
+
+  // Commits stream newest-first, so the first time a path appears is its most
+  // recent change — keep that and ignore later (older) occurrences.
+  let currentDate = '';
+  for (const line of output.split('\n')) {
+    if (line.startsWith(COMMIT_MARKER)) {
+      currentDate = line.slice(COMMIT_MARKER.length).trim();
+    } else if (line && currentDate && !map.has(line)) {
+      map.set(line, currentDate);
+    }
+  }
+
+  return map;
+}
+
+/**
+ * Last-modified date (YYYY-MM-DD) for a single file, for the local `jamdesk dev`
+ * preview where pages are read one at a time (vs. the batch map used at build).
+ * Returns null for an untracked/new file or a non-git directory.
+ */
+export function getGitLastModified(dir: string, relPath: string): string | null {
+  try {
+    const out = execFileSync(
+      'git',
+      ['-C', dir, 'log', '-1', '--format=%cs', '--', relPath],
+      { encoding: 'utf-8', stdio: ['pipe', 'pipe', 'pipe'] },
+    ).trim();
+    return out || null;
+  } catch {
+    return null;
+  }
+}
+
+const FRONTMATTER_RE = /^---[ \t]*\r?\n([\s\S]*?)\r?\n---[ \t]*(?:\r?\n|$)/;
+const LAST_UPDATED_LINE_RE = /^lastUpdated:.*$/m;
+
+/**
+ * Inject (or replace) a `lastUpdated: <date>` line in the page's YAML
+ * frontmatter, returning the new content. Adds a frontmatter block when the
+ * page has none. Preserves the page body verbatim.
+ */
+export function injectLastUpdated(content: string, date: string): string {
+  // Quote the value so YAML keeps it a string — an unquoted YYYY-MM-DD is
+  // auto-parsed into a Date, which then renders as a timezone-shifted
+  // Date.toString() in the <time dateTime> attribute.
+  const line = `lastUpdated: "${date}"`;
+  const match = FRONTMATTER_RE.exec(content);
+
+  if (!match) {
+    return `---\n${line}\n---\n\n${content}`;
+  }
+
+  const inner = match[1];
+  const newInner = LAST_UPDATED_LINE_RE.test(inner)
+    ? inner.replace(LAST_UPDATED_LINE_RE, line)
+    : `${inner}\n${line}`;
+
+  return `---\n${newInner}\n---\n${content.slice(match[0].length)}`;
+}

package/vendored/lib/render-doc-page.tsx

@@ -20,6 +20,7 @@ import { TableOfContents } from '@/components/navigation/TableOfContents';
 import { PageColumns } from '@/components/layout/PageColumns';
 import { EmbedLinkInterceptor } from '@/components/layout/EmbedLinkInterceptor';
 import { PageNavigation } from '@/components/navigation/PageNavigation';
+import { LastUpdated } from '@/components/navigation/LastUpdated';
 import { SocialFooter } from '@/components/navigation/SocialFooter';
 import { ApiPageWrapper } from '@/components/mdx/ApiPage';
 import { OpenApiEndpoint } from '@/components/mdx/OpenApiEndpoint';
@@ -55,6 +56,7 @@ import { recmaGuardExpressions } from '@/lib/recma-guard-expressions';
 import { extractInlineComponents } from '@/lib/process-mdx-with-exports';
 import { extractHeadings } from '@/lib/heading-extractor';
 import { StepSlugProvider, type StepSlugEntry } from '@/components/mdx/StepSlugContext';
+import { UpdateSlugProvider, type UpdateSlugEntry } from '@/components/mdx/UpdateSlugContext';
 import { buildEndpointFromMdx } from '@/lib/build-endpoint-from-mdx';
 import { mdxSecurityOptions } from '@/lib/mdx-security-options';
 import { getContentDir } from '@/lib/docs';
@@ -148,6 +150,9 @@ interface FrontmatterData {
   mode?: string;
   hideFooter?: boolean;
   rss?: boolean;
+  // Injected at build time (YYYY-MM-DD) when metadata.timestamp is enabled —
+  // the date of the last git commit that touched this page. See LastUpdated.
+  lastUpdated?: string;
   [key: string]: unknown;
 }
 
@@ -361,9 +366,16 @@ export async function renderDocPage(input: RenderInput): Promise<ReactElement> {
     logger.warn(`[MDX] preprocess failed for ${pagePath}: ${preprocessError}`);
   }
 
-  const stepEntries: StepSlugEntry[] = extractHeadings(content)
+  // Both lists are derived from the SAME page-scoped slugger pass (extractHeadings),
+  // so Step and Update ids share one dedup namespace and never collide with each
+  // other or with markdown heading ids.
+  const pageHeadings = extractHeadings(content);
+  const stepEntries: StepSlugEntry[] = pageHeadings
     .filter(h => typeof h.stepNumber === 'number')
     .map(h => ({ title: h.text, slug: h.id }));
+  const updateEntries: UpdateSlugEntry[] = pageHeadings
+    .filter(h => h.isUpdate)
+    .map(h => ({ label: h.text, slug: h.id }));
 
   // [render-timing] proves the snippet/inline parallel win. With Promise.all,
   // wall-clock should be ~max(R2_snippets, CPU_inline). Compare against the
@@ -750,23 +762,26 @@ export async function renderDocPage(input: RenderInput): Promise<ReactElement> {
               ) : (
                 <MdxRenderBoundary fallback={<MdxErrorBlock label="page content" />}>
                   <StepSlugProvider entries={stepEntries}>
-                    <MDXRemote
-                      source={effectiveSource}
-                      components={ComponentsWithUnknownFallback}
-                      options={{
-                        ...mdxSecurityOptions,
-                        mdxOptions: {
-                          ...getCommonMdxOptions(config, highlighter),
-                          recmaPlugins: [recmaCompoundComponents, recmaGuardExpressions],
-                        },
-                      }}
-                    />
+                    <UpdateSlugProvider entries={updateEntries}>
+                      <MDXRemote
+                        source={effectiveSource}
+                        components={ComponentsWithUnknownFallback}
+                        options={{
+                          ...mdxSecurityOptions,
+                          mdxOptions: {
+                            ...getCommonMdxOptions(config, highlighter),
+                            recmaPlugins: [recmaCompoundComponents, recmaGuardExpressions],
+                          },
+                        }}
+                      />
+                    </UpdateSlugProvider>
                   </StepSlugProvider>
                 </MdxRenderBoundary>
               )}
             </div>
 
             {!embed && <PageNavigation currentSlug={slug.join('/')} config={config} />}
+            {!embed && config.metadata?.timestamp && <LastUpdated date={data.lastUpdated} />}
             <SocialFooter config={config} hidden={data.hideFooter} embed={embed} projectSlug={projectSlug ?? undefined} />
           </article>,
         )}
@@ -779,17 +794,19 @@ export async function renderDocPage(input: RenderInput): Promise<ReactElement> {
   ) : (
     <MdxRenderBoundary fallback={<MdxErrorBlock label="page content" />}>
       <StepSlugProvider entries={stepEntries}>
-        <MDXRemote
-          source={content}
-          components={ComponentsWithUnknownFallback}
-          options={{
-            ...mdxSecurityOptions,
-            mdxOptions: {
-              ...getCommonMdxOptions(config, highlighter),
-              recmaPlugins: [recmaCompoundComponents, recmaGuardExpressions],
-            },
-          }}
-        />
+        <UpdateSlugProvider entries={updateEntries}>
+          <MDXRemote
+            source={content}
+            components={ComponentsWithUnknownFallback}
+            options={{
+              ...mdxSecurityOptions,
+              mdxOptions: {
+                ...getCommonMdxOptions(config, highlighter),
+                recmaPlugins: [recmaCompoundComponents, recmaGuardExpressions],
+              },
+            }}
+          />
+        </UpdateSlugProvider>
       </StepSlugProvider>
     </MdxRenderBoundary>
   );
@@ -822,6 +839,7 @@ export async function renderDocPage(input: RenderInput): Promise<ReactElement> {
 
         {!embed && <PageNavigation currentSlug={slug.join('/')} config={config} isWideMode={isWideMode || hasPanel} />}
       </div>
+      {!embed && config.metadata?.timestamp && <LastUpdated date={data.lastUpdated} />}
       <SocialFooter config={config} hidden={data.hideFooter} embed={embed} projectSlug={projectSlug ?? undefined} />
     </article>,
   );

package/vendored/public/_jd/fonts/fontawesome/css/all.css

@@ -21846,4 +21846,71 @@
   font-display: block;
   src: url("../webfonts/fa-v4compatibility.woff2") format("woff2");
   unicode-range: U+F041, U+F047, U+F065-F066, U+F07D-F07E, U+F080, U+F08B, U+F08E, U+F090, U+F09A, U+F0AC, U+F0AE, U+F0B2, U+F0D0, U+F0D6, U+F0E4, U+F0EC, U+F10A-F10B, U+F123, U+F13E, U+F148-F149, U+F14C, U+F156, U+F15E, U+F160-F161, U+F163, U+F175-F178, U+F195, U+F1F8, U+F219, U+F27A;
-}
+}
+/* jamdesk: sharp-duotone-solid bundled here (webfont fa-sharp-duotone-solid-900.woff2). FA's trimmed all.min.css omitted the sharp-duotone family, so sharp-duotone-solid icons rendered as doubled glyphs. See builder/CLAUDE.md icon note. */
+:root, :host {
+  --fa-family-sharp-duotone: "Font Awesome 7 Sharp Duotone";
+  --fa-font-sharp-duotone-solid: normal 900 1em/1 var(--fa-family-sharp-duotone);
+  /* deprecated: this older custom property will be removed next major release */
+  --fa-style-family-sharp-duotone: var(--fa-family-sharp-duotone);
+}
+
+@font-face {
+  font-family: "Font Awesome 7 Sharp Duotone";
+  font-style: normal;
+  font-weight: 900;
+  font-display: block;
+  src: url("../webfonts/fa-sharp-duotone-solid-900.woff2");
+}
+.fasds {
+  --fa-family: var(--fa-family-sharp-duotone);
+  --fa-style: 900;
+  position: relative;
+  letter-spacing: normal;
+}
+
+.fa-sharp-duotone {
+  --fa-family: var(--fa-family-sharp-duotone);
+  position: relative;
+  letter-spacing: normal;
+}
+
+.fa-solid {
+  --fa-style: 900;
+}
+
+.fasds::before,
+.fa-sharp-duotone::before {
+  position: absolute;
+  color: var(--fa-primary-color, currentColor);
+  opacity: var(--fa-primary-opacity, 1);
+}
+
+.fasds::after,
+.fa-sharp-duotone::after {
+  color: var(--fa-secondary-color, currentColor);
+  opacity: var(--fa-secondary-opacity, 0.4);
+}
+
+.fa-swap-opacity .fasds::before,
+.fa-swap-opacity .fa-sharp-duotone::before,
+.fa-swap-opacity.fasds::before,
+.fa-swap-opacity.fa-sharp-duotone::before {
+  opacity: var(--fa-secondary-opacity, 0.4);
+}
+
+.fa-swap-opacity .fasds::after,
+.fa-swap-opacity .fa-sharp-duotone::after,
+.fa-swap-opacity.fasds::after,
+.fa-swap-opacity.fa-sharp-duotone::after {
+  opacity: var(--fa-primary-opacity, 1);
+}
+
+.fa-li.fasds,
+.fa-li.fa-sharp-duotone,
+.fa-stack-1x.fasds,
+.fa-stack-1x.fa-sharp-duotone,
+.fa-stack-2x.fasds,
+.fa-stack-2x.fa-sharp-duotone {
+  position: absolute;
+}