jamdesk 1.1.147 → 1.1.149

package/dist/__tests__/unit/seo-ai-schema.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=seo-ai-schema.test.d.ts.map

package/dist/__tests__/unit/seo-ai-schema.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"seo-ai-schema.test.d.ts","sourceRoot":"","sources":["../../../src/__tests__/unit/seo-ai-schema.test.ts"],"names":[],"mappings":""}

package/dist/__tests__/unit/seo-ai-schema.test.js

@@ -0,0 +1,40 @@
+import { describe, it, expect } from 'vitest';
+import { createRequire } from 'module';
+import fs from 'fs';
+import path from 'path';
+import { fileURLToPath } from 'url';
+const require = createRequire(import.meta.url);
+const Ajv = require('ajv').default || require('ajv');
+// Load the schema via fs (not `import ... from '.json'`): the CLI is module:NodeNext,
+// where a JSON import needs an import attribute. fs.readFileSync mirrors how the real
+// validate command (src/lib/docs-config.ts) and other CLI tests load bundled JSON.
+const schemaDir = path.dirname(fileURLToPath(import.meta.url));
+const schema = JSON.parse(fs.readFileSync(path.join(schemaDir, '../../../vendored/schema/docs-schema.json'), 'utf-8'));
+// Minimal config that satisfies anyOf[0] (jam theme) with no extra properties.
+// Required: theme (const "jam"), name, navigation (must match one of the
+// navigationSchema anyOf variants; anyOf[6] = { pages: [] } is the simplest).
+const BASE = {
+    theme: 'jam',
+    name: 'Test',
+    navigation: { pages: [] },
+};
+describe('docs.json schema: seo.ai.llmsTxt', () => {
+    const compile = () => new Ajv({ allErrors: true, strict: false, logger: false }).compile(schema);
+    it('baseline config validates (control)', () => {
+        const validate = compile();
+        validate(BASE);
+        expect(validate.errors ?? []).toEqual([]);
+    });
+    it('accepts seo.ai.llmsTxt: false', () => {
+        const validate = compile();
+        const ok = validate({ ...BASE, seo: { ...BASE.seo, ai: { llmsTxt: false } } });
+        expect(validate.errors ?? []).toEqual([]);
+        expect(ok).toBe(true);
+    });
+    it('rejects an unknown key under seo.ai (additionalProperties:false)', () => {
+        const validate = compile();
+        validate({ ...BASE, seo: { ...BASE.seo, ai: { bogus: true } } });
+        expect((validate.errors ?? []).length).toBeGreaterThan(0);
+    });
+});
+//# sourceMappingURL=seo-ai-schema.test.js.map

package/dist/__tests__/unit/seo-ai-schema.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"seo-ai-schema.test.js","sourceRoot":"","sources":["../../../src/__tests__/unit/seo-ai-schema.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC;AACvC,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AAEpC,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/C,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,OAAO,IAAI,OAAO,CAAC,KAAK,CAAC,CAAC;AACrD,sFAAsF;AACtF,sFAAsF;AACtF,mFAAmF;AACnF,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AAC/D,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CACvB,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,2CAA2C,CAAC,EAAE,OAAO,CAAC,CAC5F,CAAC;AAEF,+EAA+E;AAC/E,yEAAyE;AACzE,8EAA8E;AAC9E,MAAM,IAAI,GAAG;IACT,KAAK,EAAE,KAAK;IACZ,IAAI,EAAE,MAAM;IACZ,UAAU,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;CAC5B,CAAC;AAEF,QAAQ,CAAC,kCAAkC,EAAE,GAAG,EAAE;IAC9C,MAAM,OAAO,GAAG,GAAG,EAAE,CAAC,IAAI,GAAG,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC,OAAO,CAAC,MAAgB,CAAC,CAAC;IAE3G,EAAE,CAAC,qCAAqC,EAAE,GAAG,EAAE;QAC3C,MAAM,QAAQ,GAAG,OAAO,EAAE,CAAC;QAC3B,QAAQ,CAAC,IAAI,CAAC,CAAC;QACf,MAAM,CAAC,QAAQ,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;QACrC,MAAM,QAAQ,GAAG,OAAO,EAAE,CAAC;QAC3B,MAAM,EAAE,GAAG,QAAQ,CAAC,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,EAAE,GAAI,IAAY,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;QACxF,MAAM,CAAC,QAAQ,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAC1C,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kEAAkE,EAAE,GAAG,EAAE;QACxE,MAAM,QAAQ,GAAG,OAAO,EAAE,CAAC;QAC3B,QAAQ,CAAC,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,EAAE,GAAI,IAAY,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;QAC1E,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACP,CAAC,CAAC,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "jamdesk",
-  "version": "1.1.147",
+  "version": "1.1.149",
   "description": "CLI for Jamdesk — build, preview, and deploy documentation sites from MDX. Dev server with hot reload, 50+ components, OpenAPI support, AI search, and Mintlify migration",
   "keywords": [
     "jamdesk",

package/vendored/components/ConsentGate.tsx

@@ -0,0 +1,87 @@
+// builder/build-service/components/ConsentGate.tsx
+'use client';
+
+import { useEffect, useRef } from 'react';
+import type { GatedScript } from '../lib/consent-gating';
+
+const POLL_MS = 1000;
+
+function hasConsent(key: string, value: string): boolean {
+  try {
+    return window.localStorage.getItem(key) === value;
+  } catch {
+    // Storage unavailable (private mode / blocked iframe) → treat as no consent
+    return false;
+  }
+}
+
+function injectScripts(scripts: GatedScript[]): void {
+  for (const s of scripts) {
+    const el = document.createElement('script');
+    el.setAttribute('data-jd-consent-script', s.id);
+    if (s.kind === 'src' && s.src) {
+      el.src = s.src;
+      for (const [name, val] of Object.entries(s.attrs ?? {})) el.setAttribute(name, val);
+    } else if (s.kind === 'inline' && s.code) {
+      el.textContent = s.code;
+    } else {
+      continue;
+    }
+    (s.appendTo === 'head' ? document.head : document.body).appendChild(el);
+  }
+}
+
+/**
+ * Consent gate for analytics/tracking scripts (integrations.cookies).
+ * Renders nothing. Injects the given scripts once localStorage[consentKey]
+ * equals consentValue — immediately on mount if consent pre-exists, else via
+ * a storage listener (cross-tab) + poll (same-tab CMP writes don't fire
+ * storage events). Scripts are injected at most once per page load; consent
+ * revocation takes effect on the next page load.
+ */
+export function ConsentGate({
+  consentKey,
+  consentValue,
+  scripts,
+}: {
+  consentKey: string;
+  consentValue: string;
+  scripts: GatedScript[];
+}) {
+  // scripts is a fresh array identity each render (built server-side, serialized
+  // across the RSC boundary). Hold it in a ref so the effect doesn't list it as
+  // a dependency — otherwise a parent re-render before consent arrives would
+  // tear down and restart the polling window. Content is stable per page.
+  const scriptsRef = useRef(scripts);
+  scriptsRef.current = scripts;
+
+  useEffect(() => {
+    if ((window as any).__jdConsentInjected) return;
+    let intervalId: ReturnType<typeof setInterval> | undefined;
+
+    const stop = () => {
+      if (intervalId !== undefined) clearInterval(intervalId);
+      window.removeEventListener('storage', check);
+    };
+    const check = () => {
+      if ((window as any).__jdConsentInjected) { stop(); return; }
+      if (!hasConsent(consentKey, consentValue)) return;
+      (window as any).__jdConsentInjected = true;
+      stop();
+      injectScripts(scriptsRef.current);
+    };
+
+    check();
+    if (!(window as any).__jdConsentInjected) {
+      // Diagnostics: wrong key/value otherwise fails silently forever.
+      console.debug(
+        `[Jamdesk] Consent gating active — analytics withheld until localStorage["${consentKey}"] equals the configured value.`,
+      );
+      window.addEventListener('storage', check);
+      intervalId = setInterval(check, POLL_MS);
+    }
+    return stop;
+  }, [consentKey, consentValue]);
+
+  return null;
+}

package/vendored/components/mdx/Accordion.tsx

@@ -35,6 +35,10 @@ export const Accordion = memo(function Accordion({
 
   return (
     <div className="border border-[var(--color-border)] rounded-lg mb-2 last:mb-0 not-prose overflow-hidden">
+      {/* WAI-ARIA accordion pattern: the heading WRAPS the toggle button. A heading
+          nested inside the button would be pruned from the a11y tree (button name is
+          computed from contents) and flagged by axe — so it goes on the outside. */}
+      <div role="heading" aria-level={3}>
       <button
         type="button"
         onClick={() => setIsOpen(!isOpen)}
@@ -66,7 +70,8 @@ export const Accordion = memo(function Accordion({
           aria-hidden="true"
         />
       </button>
-      
+      </div>
+
       {/* Content */}
       <div
         className={`overflow-hidden transition-all duration-200 ${

package/vendored/components/mdx/MDXComponents.tsx

@@ -414,7 +414,20 @@ export const MDXComponents = {
     // Check for mermaid diagrams - render with Mermaid component
     if (language === 'mermaid') {
       const diagramCode = extractTextFromChildren(children);
-      return <Mermaid>{diagramCode}</Mermaid>;
+      return (
+        <>
+          <Mermaid>{diagramCode}</Mermaid>
+          {/* Crawler / AI fallback: the client-only SVG leaves the server HTML empty.
+              Use <noscript>, NOT sr-only: a JS-disabled crawler reads it, while users
+              with JS (and screen readers) get the real rendered diagram and never see
+              duplicate text. */}
+          {diagramCode.trim() && (
+            <noscript>
+              <pre>{diagramCode}</pre>
+            </noscript>
+          )}
+        </>
+      );
     }
 
     // Check for HTTP code blocks - render with special styling

package/vendored/components/mdx/MermaidInner.tsx

@@ -1,6 +1,6 @@
 'use client';
 
-import { useEffect, useLayoutEffect, useMemo, useRef, useState } from 'react';
+import { useEffect, useLayoutEffect, useRef, useState } from 'react';
 import mermaid from 'mermaid';
 import {
   CACHE_KEY_PREFIX,
@@ -355,11 +355,6 @@ export function MermaidInner({ children, className, minWidth }: MermaidInnerProp
   });
   const [error, setError] = useState<string | null>(null);
 
-  // Reserves space so the skeleton → SVG swap doesn't shift layout below it.
-  // Derived from svg (not separate state) so it can't desync. The regex is
-  // cheap (small string, no backtracking).
-  const minHeightPx = useMemo(() => (svg ? readSvgHeight(svg) : 0), [svg]);
-
   useEffect(() => {
     let cancelled = false;
 
@@ -482,8 +477,7 @@ export function MermaidInner({ children, className, minWidth }: MermaidInnerProp
   return (
     <div
       ref={containerRef}
-      className={`mermaid-container my-6 flex justify-center overflow-x-auto ${className || ''}`}
-      style={minHeightPx ? { minHeight: `${minHeightPx}px` } : undefined}
+      className={`mermaid-container my-6 flex justify-center items-start overflow-x-auto ${className || ''}`}
       dangerouslySetInnerHTML={{ __html: svg }}
     />
   );

package/vendored/lib/consent-gating.ts

@@ -0,0 +1,119 @@
+// builder/build-service/lib/consent-gating.ts
+// Consent gating for analytics/tracking scripts (integrations.cookies) and
+// CMP loader validation (integrations.osano / integrations.termly).
+// Pure module — no DOM, no React — so the server layout and tests share it.
+import type { IntegrationsConfig } from './docs-types';
+
+export interface GatedScript {
+  /** Stable id — used as DOM marker (data-jd-consent-script) and React key */
+  id: string;
+  kind: 'inline' | 'src';
+  /** Inline JS source (kind: 'inline') */
+  code?: string;
+  /** External src (kind: 'src') */
+  src?: string;
+  /** Extra attributes set via setAttribute (kind: 'src'); '' = boolean attr */
+  attrs?: Record<string, string>;
+  appendTo: 'head' | 'body';
+}
+
+// Tracking-ID guards: these values get interpolated into inline JS / URLs, so
+// they must be strictly validated (same posture as the existing Crisp guard).
+// /i is intentional: tolerate lowercase-typed IDs (alphanumerics + hyphen
+// can't break out of the inline JS string regardless of case).
+const GA4_ID_RE = /^G-[A-Z0-9]+$/i;
+const GTM_ID_RE = /^GTM-[A-Z0-9]+$/i;
+const CRISP_ID_RE = /^[a-f0-9-]{36}$/; // mirrors layout-helpers.tsx guard
+
+// CMP loader URL pins. Defense-in-depth: schema validates these too, but the
+// renderer must not trust config blobs from R2. Path charset includes '.' so
+// every schema-valid Osano URL also passes here (schema only pins prefix/suffix).
+const OSANO_SRC_RE = /^https:\/\/cmp\.osano\.com\/[A-Za-z0-9._/-]+\/osano\.js$/;
+const TERMLY_SRC_RE =
+  /^https:\/\/app\.termly\.io\/resource-blocker\/[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}(\?autoBlock=(on|off))?$/;
+
+export function isConsentGatingEnabled(integrations: IntegrationsConfig | undefined): boolean {
+  const c = integrations?.cookies;
+  return typeof c?.key === 'string' && c.key.length > 0 &&
+         typeof c?.value === 'string' && c.value.length > 0;
+}
+
+/** Validated CMP script srcs to render ungated in <head> (Osano first). */
+export function getCmpScriptSrcs(integrations: IntegrationsConfig | undefined): string[] {
+  const srcs: string[] = [];
+  const osano = integrations?.osano?.scriptSource;
+  if (osano && OSANO_SRC_RE.test(osano)) srcs.push(osano);
+  const termly = integrations?.termly?.scriptSource;
+  if (termly && TERMLY_SRC_RE.test(termly)) srcs.push(termly);
+  return srcs;
+}
+
+/**
+ * Build serializable descriptors for every analytics/tracking script.
+ * Emitted unconditionally — the caller is responsible for the prod gate:
+ * layout-helpers renders <ConsentGate> (and thus calls this) only when
+ * NODE_ENV === 'production', matching the dev-suppression the direct render
+ * paths already apply to Plausible/Crisp/customJs/first-party analytics.
+ */
+export function buildGatedScripts({
+  integrations,
+  customJs,
+  analyticsScript,
+}: {
+  integrations: IntegrationsConfig | undefined;
+  customJs: string | null;
+  analyticsScript: string | null;
+}): GatedScript[] {
+  const scripts: GatedScript[] = [];
+  const i = integrations ?? {};
+
+  if (i.plausible?.scriptUrl) {
+    // Proxy mode — mirrors PlausibleScript's scriptUrl branch in layout-helpers
+    scripts.push({ id: 'plausible-proxy', kind: 'src', src: i.plausible.scriptUrl, attrs: { async: '' }, appendTo: 'head' });
+    scripts.push({
+      id: 'plausible-proxy-init', kind: 'inline', appendTo: 'head',
+      code: 'window.plausible=window.plausible||function(){(plausible.q=plausible.q||[]).push(arguments)},plausible.init=plausible.init||function(i){plausible.o=i||{}};plausible.init()',
+    });
+  } else if (i.plausible?.domain) {
+    const baseServer = (i.plausible.server || 'https://plausible.io').replace(/\/+$/, '');
+    const attrs: Record<string, string> = { defer: '', 'data-domain': i.plausible.domain };
+    if (i.plausible.server) attrs['data-api'] = `${baseServer}/api/event`;
+    scripts.push({ id: 'plausible', kind: 'src', src: `${baseServer}/js/script.js`, attrs, appendTo: 'head' });
+  }
+
+  // GTM/GA4 here are raw inline equivalents of the standard snippets. The
+  // ungated direct renders use @next/third-parties (ConditionalGTM/ConditionalGA)
+  // instead; these descriptors deliberately bypass it because they're injected
+  // client-side at consent time, not at SSR. Functionally equivalent for tracking,
+  // but they carry NO Next.js CSP nonce and GTM omits the <noscript> iframe
+  // fallback (irrelevant — no-JS clients can't trigger the consent gate anyway).
+  if (i.gtm?.tagId && GTM_ID_RE.test(i.gtm.tagId)) {
+    scripts.push({
+      id: 'gtm', kind: 'inline', appendTo: 'head',
+      code: `(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','${i.gtm.tagId}');`,
+    });
+  }
+
+  if (i.ga4?.measurementId && GA4_ID_RE.test(i.ga4.measurementId)) {
+    scripts.push({
+      id: 'ga4-loader', kind: 'src', appendTo: 'head', attrs: { async: '' },
+      src: `https://www.googletagmanager.com/gtag/js?id=${i.ga4.measurementId}`,
+    });
+    scripts.push({
+      id: 'ga4-init', kind: 'inline', appendTo: 'head',
+      code: `window.dataLayer=window.dataLayer||[];function gtag(){dataLayer.push(arguments);}gtag('js',new Date());gtag('config','${i.ga4.measurementId}');`,
+    });
+  }
+
+  if (i.crisp?.websiteId && CRISP_ID_RE.test(i.crisp.websiteId)) {
+    scripts.push({
+      id: 'crisp', kind: 'inline', appendTo: 'body',
+      code: `window.$crisp=[];window.CRISP_WEBSITE_ID="${i.crisp.websiteId}";(function(){var d=document;var s=d.createElement("script");s.src="https://client.crisp.chat/l.js";s.async=1;d.getElementsByTagName("head")[0].appendChild(s)})();`,
+    });
+  }
+
+  if (customJs) scripts.push({ id: 'custom-js', kind: 'inline', code: customJs, appendTo: 'body' });
+  if (analyticsScript) scripts.push({ id: 'jd-analytics', kind: 'inline', code: analyticsScript, appendTo: 'body' });
+
+  return scripts;
+}

package/vendored/lib/docs-types.ts

@@ -644,7 +644,10 @@ export interface NewsletterConfig {
 }
 
 /**
- * Analytics and integration configurations (stubs - TODO: implement)
+ * Analytics and integration configurations.
+ * Implemented: ga4, gtm, plausible, crisp, osano, termly, cookies (consent
+ * gating), analytics opt-out via AnalyticsConfig. Others remain config-only
+ * stubs accepted for Mintlify compatibility.
  */
 export interface IntegrationsConfig {
   ga4?: { measurementId: string };
@@ -664,6 +667,7 @@ export interface IntegrationsConfig {
   logrocket?: { appId: string };
   mixpanel?: { projectToken: string };
   osano?: { scriptSource: string };
+  termly?: { scriptSource: string };
   pirsch?: { id: string };
   posthog?: { apiKey: string; apiHost?: string };
   plausible?: { domain?: string; server?: string; scriptUrl?: string };
@@ -707,6 +711,7 @@ export interface SeoConfig {
   indexing?: 'navigable' | 'all';
   /** Include hidden pages in sitemap (default: false) */
   indexHiddenPages?: boolean;
+  ai?: { llmsTxt?: boolean }; // default true; false suppresses llms.txt + llms-full.txt
 }
 
 /**

package/vendored/lib/extract-faq.ts

@@ -0,0 +1,54 @@
+export interface FaqPair { question: string; answer: string; }
+
+// Nested component subtrees that are NOT part of the FAQ answer prose (CTAs,
+// cards, media, callouts). Drop them WITH their inner text before flattening.
+const NESTED_BLOCK_TAGS = [
+  'Card', 'CardGroup', 'Columns', 'Frame', 'Note', 'Warning', 'Tip', 'Info',
+  'Steps', 'Step', 'Tabs', 'Tab', 'CodeGroup',
+];
+
+function stripMarkdown(s: string): string {
+  return s
+    .replace(/```[\s\S]*?```/g, ' ')         // fenced code
+    .replace(/`([^`]+)`/g, '$1')              // inline code
+    .replace(/!\[[^\]]*\]\([^)]*\)/g, ' ')    // images
+    .replace(/\[([^\]]+)\]\([^)]*\)/g, '$1')  // links → text
+    .replace(/(\*\*|__)(.*?)\1/g, '$2')       // bold
+    .replace(/(\*|_)(.*?)\1/g, '$2')          // italic
+    .replace(/^#{1,6}\s+/gm, '')              // ATX headings
+    .replace(/^\s*[-*+]\s+/gm, '')            // bullet markers
+    .replace(/^\s*\d+\.\s+/gm, '');           // ordered markers
+}
+
+// Lightweight extraction of <Accordion title="...">body</Accordion>. Only the
+// QUOTED-title form is matched (the title={expr} form is intentionally skipped —
+// an expression can't be resolved to display text). Answers are reduced to plain
+// text for schema.org: nested component subtrees dropped, markdown stripped.
+//
+// KNOWN LIMITATION (regex, not AST): an <Accordion> nested INSIDE another
+// <Accordion> body truncates the outer answer at the first </Accordion> and
+// merges the inner answer in (the inner question is lost). Harmless for the
+// FAQPage JSON-LD — output stays valid, just an imperfect answer string on the
+// rare nested page. Sibling accordions in an <AccordionGroup> are unaffected.
+// The fix for true nesting is the compiled-MDX AST walk (mdxJsxFlowElement),
+// the documented upgrade path; kept regex-first per the plan's decision.
+export function extractFaqPairs(rawMdx: string): FaqPair[] {
+  const pairs: FaqPair[] = [];
+  const re = /<Accordion\b[^>]*?\btitle\s*=\s*("|')(.*?)\1[^>]*>([\s\S]*?)<\/Accordion>/g;
+  let m: RegExpExecArray | null;
+  while ((m = re.exec(rawMdx))) {
+    const question = m[2].trim();
+    let body = m[3];
+    for (const tag of NESTED_BLOCK_TAGS) {
+      body = body
+        .replace(new RegExp(`<${tag}\\b[^>]*>[\\s\\S]*?<\\/${tag}>`, 'g'), ' ') // paired
+        .replace(new RegExp(`<${tag}\\b[^>]*/>`, 'g'), ' ');                    // self-closing
+    }
+    const answer = stripMarkdown(body)
+      .replace(/<[^>]+>/g, ' ') // any remaining tags
+      .replace(/\s+/g, ' ')
+      .trim();
+    if (question && answer) pairs.push({ question, answer });
+  }
+  return pairs;
+}

package/vendored/lib/json-ld.ts

@@ -10,6 +10,7 @@
 
 import type { DocsConfig, NavigationPage, GroupConfig } from './docs-types';
 import { normalizeNavPage } from './docs-types';
+import type { FaqPair } from './extract-faq';
 
 interface BreadcrumbEntry {
   name: string;
@@ -21,6 +22,7 @@ export interface JsonLdOptions {
   pagePath: string;
   pageTitle: string;
   baseUrl: string;
+  faqPairs?: FaqPair[];
 }
 
 export interface JsonLdGraph {
@@ -106,7 +108,7 @@ export function findBreadcrumbPath(
   // Search all navigation structures (mirrors Breadcrumb.tsx order)
   let trail: BreadcrumbEntry[] | null = null;
 
-  if (!trail && nav.languages) {
+  if (nav && !trail && nav.languages) {
     for (const lang of nav.languages) {
       if (!lang.tabs) continue;
       for (const tab of lang.tabs) {
@@ -116,19 +118,19 @@ export function findBreadcrumbPath(
       if (trail) break;
     }
   }
-  if (!trail && nav.anchors) {
+  if (nav && !trail && nav.anchors) {
     for (const anchor of nav.anchors) {
       if (anchor.groups) trail = searchGroups(anchor.groups);
       if (trail) break;
     }
   }
-  if (!trail && nav.tabs) {
+  if (nav && !trail && nav.tabs) {
     for (const tab of nav.tabs) {
       if (tab.groups) trail = searchGroups(tab.groups);
       if (trail) break;
     }
   }
-  if (!trail && nav.groups) {
+  if (nav && !trail && nav.groups) {
     trail = searchGroups(nav.groups);
   }
 
@@ -145,7 +147,7 @@ export function findBreadcrumbPath(
  * Returns a schema.org @graph with WebSite + BreadcrumbList.
  */
 export function buildJsonLd(options: JsonLdOptions): JsonLdGraph {
-  const { config, pagePath, pageTitle, baseUrl } = options;
+  const { config, pagePath, pageTitle, baseUrl, faqPairs } = options;
   const breadcrumbs = findBreadcrumbPath(config, pagePath, baseUrl, pageTitle);
 
   return {
@@ -166,6 +168,15 @@ export function buildJsonLd(options: JsonLdOptions): JsonLdGraph {
           item: item.url,
         })),
       },
+      ...(faqPairs && faqPairs.length
+        ? [{
+            '@type': 'FAQPage',
+            mainEntity: faqPairs.map((p) => ({
+              '@type': 'Question', name: p.question,
+              acceptedAnswer: { '@type': 'Answer', text: p.answer },
+            })),
+          }]
+        : []),
     ],
   };
 }

package/vendored/lib/layout-helpers.tsx

@@ -3,7 +3,7 @@
 // or — in non-ISR dev/tests — from URL params; this module owns the
 // rendering once those have resolved.
 import { Inter, JetBrains_Mono } from 'next/font/google';
-import { preload, preinit } from 'react-dom';
+import { preinit } from 'react-dom';
 import fs from 'fs';
 import path from 'path';
 import { ThemeProvider } from '@/components/theme/ThemeProvider';
@@ -25,6 +25,8 @@ import type { BackgroundConfig, DocsConfig, FontConfig, LanguageCode } from '@/l
 import { LinkPrefixProvider } from '@/lib/link-prefix-context';
 import { ProjectSlugProvider } from '@/lib/project-slug-context';
 import { getAnalyticsScript } from '@/lib/analytics-script';
+import { isConsentGatingEnabled, buildGatedScripts, getCmpScriptSrcs } from '@/lib/consent-gating';
+import { ConsentGate } from '@/components/ConsentGate';
 import { AgentDirective } from './agent-directive';
 import { fetchCustomCss, fetchCustomJs } from '@/lib/r2-content';
 import { toHreflang } from '@/lib/language-utils';
@@ -429,6 +431,21 @@ export async function DocsChrome({
     ? getAnalyticsScript(resolvedProjectSlug)
     : null;
 
+  // integrations.cookies consent gating: when key+value are configured, all
+  // analytics/tracking scripts are withheld until the CMP writes
+  // localStorage[key] === value (ConsentGate injects them client-side).
+  const consentGating = isConsentGatingEnabled(config.integrations);
+  // CMP loaders (Osano/Termly) are NEVER gated — they ARE the consent banner.
+  const cmpScriptSrcs = process.env.NODE_ENV === 'production'
+    ? getCmpScriptSrcs(config.integrations)
+    : [];
+  // Preconnect origins are best-effort: getCmpScriptSrcs only returns
+  // regex-validated absolute https URLs (so new URL can't throw today), but
+  // guard anyway — a malformed preconnect must never 500 the whole render.
+  const cmpPreconnectOrigins = cmpScriptSrcs
+    .map((src) => { try { return new URL(src).origin; } catch { return null; } })
+    .filter((origin): origin is string => origin !== null);
+
   // Global banner: only emit the pre-paint no-flash guard for a dismissible
   // banner (a non-dismissible banner is never hidden, so the guard would risk
   // hiding a mandatory message via a stale dismissal hash). Trimmed content
@@ -437,26 +454,34 @@ export async function DocsChrome({
   const bannerNoFlash = !embed && !!bannerContent && config.banner?.dismissible === true && !!resolvedProjectSlug;
 
   // Font Awesome CSS uses preinit (not preload) so React 19 emits the
-  // stylesheet link in <head> at SSR time. The previous approach used a
-  // beforeInteractive Script that injected <link rel=stylesheet> at runtime —
-  // that delayed @font-face parsing past the preloaded fonts' "few seconds"
-  // grace window, producing the chrome console warning "preloaded but not
-  // used within a few seconds." preinit closes the gap: the preloaded fonts
-  // are matched to their @font-face declarations as soon as the stylesheet
-  // parses, which now starts at HTML-parse time alongside the preloads.
+  // stylesheet link in <head> at SSR time. preinit (rather than a runtime
+  // beforeInteractive <Script>/<link> injection) is what gets the @font-face
+  // rules parsed early: the previous Script that ran document.createElement at
+  // parse time delayed @font-face parsing, so the actual woff2 fetch started
+  // late. preinit hoists the stylesheet at HTML-parse time instead.
   //
-  // The font preloads stay on react-dom preload() so React 19 dedupes them
-  // (JSX <link rel=preload> tags used to ship twice — once from the JSX tree,
-  // once from React's preload manager). The <noscript> fallback below uses
-  // dangerouslySetInnerHTML for the same reason: a JSX <link rel=stylesheet>
-  // inside noscript was being hoisted into <head> as a real stylesheet.
+  // The individual woff2 weights are deliberately NOT preloaded — they load on
+  // demand when the stylesheet's @font-face rules are matched to the icons a
+  // page actually uses. The default docs icon weight is solid, so the previous
+  // unconditional fa-light-300 / fa-brands-400 preloads were almost never used
+  // and Chrome flagged them "preloaded but not used within a few seconds."
+  // The <noscript> fallback below uses dangerouslySetInnerHTML because a JSX
+  // <link rel=stylesheet> inside noscript was being hoisted into <head> as a
+  // real stylesheet by React 19.
   preinit(FA_CSS_HREF, { as: 'style' });
-  preload('/_jd/fonts/fontawesome/webfonts/fa-light-300.woff2', { as: 'font', type: 'font/woff2', crossOrigin: 'anonymous' });
-  preload('/_jd/fonts/fontawesome/webfonts/fa-brands-400.woff2', { as: 'font', type: 'font/woff2', crossOrigin: 'anonymous' });
 
   return (
     <html lang={toHreflang(lang)} dir={dir} suppressHydrationWarning data-scroll-behavior="smooth" data-scroll-locked="true">
       <head>
+        {/* CMP scripts must be first + synchronous: auto-blocking CMPs
+            (Osano/Termly) need to intercept later scripts. Never gated.
+            preconnect first: the sync fetch is render-blocking. */}
+        {cmpPreconnectOrigins.map((origin) => (
+          <link key={`pc-${origin}`} rel="preconnect" href={origin} />
+        ))}
+        {cmpScriptSrcs.map((src) => (
+          <script key={src} src={src} />
+        ))}
         {/*
           SSR scroll lock — prevents Chrome's same-tab cross-origin "preserve
           scroll" heuristic from scrolling #content-scroll-container on first
@@ -674,7 +699,7 @@ export async function DocsChrome({
             {customCss}
           </style>
         )}
-        {process.env.NODE_ENV === 'production' && (config.integrations?.plausible?.domain || config.integrations?.plausible?.scriptUrl) && (
+        {!consentGating && process.env.NODE_ENV === 'production' && (config.integrations?.plausible?.domain || config.integrations?.plausible?.scriptUrl) && (
           <PlausibleScript
             domain={config.integrations.plausible.domain}
             server={config.integrations.plausible.server}
@@ -684,7 +709,7 @@ export async function DocsChrome({
       </head>
       <body className={fontClassName} data-theme={themeName || 'jam'} data-decoration={decoration || undefined} suppressHydrationWarning>
         {!embed && <AgentDirective hostAtDocs={!!config.hostAtDocs} />}
-        {config.integrations?.gtm?.tagId && (
+        {!consentGating && config.integrations?.gtm?.tagId && (
           <ConditionalGTM gtmId={config.integrations.gtm.tagId} />
         )}
         <ThemeProvider
@@ -712,7 +737,7 @@ export async function DocsChrome({
           client" warning in `jamdesk dev`. Same pattern as the
           project-subdomain hydration suppressor in <head>.
         */}
-        {process.env.NODE_ENV === 'production' && config.integrations?.crisp?.websiteId &&
+        {!consentGating && process.env.NODE_ENV === 'production' && config.integrations?.crisp?.websiteId &&
           /^[a-f0-9-]{36}$/.test(config.integrations.crisp.websiteId) && (
           <script
             dangerouslySetInnerHTML={{
@@ -720,15 +745,26 @@ export async function DocsChrome({
             }}
           />
         )}
-        {process.env.NODE_ENV === 'production' && customJs && (
+        {!consentGating && process.env.NODE_ENV === 'production' && customJs && (
           <script dangerouslySetInnerHTML={{ __html: customJs }} />
         )}
-        {process.env.NODE_ENV === 'production' && analyticsScript && (
+        {!consentGating && process.env.NODE_ENV === 'production' && analyticsScript && (
           <script dangerouslySetInnerHTML={{ __html: analyticsScript }} />
         )}
-        {config.integrations?.ga4?.measurementId && (
+        {!consentGating && config.integrations?.ga4?.measurementId && (
           <ConditionalGA gaId={config.integrations.ga4.measurementId} />
         )}
+        {consentGating && process.env.NODE_ENV === 'production' && (
+          <ConsentGate
+            consentKey={config.integrations!.cookies!.key!}
+            consentValue={config.integrations!.cookies!.value!}
+            scripts={buildGatedScripts({
+              integrations: config.integrations,
+              customJs,
+              analyticsScript,
+            })}
+          />
+        )}
         <JdReadySentinel />
       </body>
     </html>

package/vendored/lib/llms-flag.ts

@@ -0,0 +1,5 @@
+import type { DocsConfig } from './docs-types';
+
+export function isLlmsTxtEnabled(config: DocsConfig): boolean {
+  return config.seo?.ai?.llmsTxt !== false;
+}

package/vendored/lib/logo-warning.ts

@@ -0,0 +1,35 @@
+import type { BuildWarning } from '../shared/status-reporter.js'; // vendored copy — NOT '../../shared'
+import type { Logo } from './docs-types.js';
+
+const MAX_LOGO_BYTES = 100 * 1024;
+const MAX_REASONABLE_WIDTH = 720; // 2x the LOGO_MAX_WIDTH target
+
+/**
+ * Collect the distinct image refs from a logo config (string or {light,dark}),
+ * in light-then-dark order with empties dropped.
+ *
+ * Used to SNAPSHOT the originals before the convertToWebp pass can rewrite them:
+ * an object {light,dark} logo shares its nested object across the enhancedConfig
+ * shallow spread, so a later in-place ".webp" rewrite mutates docsConfig.logo too —
+ * destroying the ".png"/".jpg" refs the always-on downscale needs. Reading from a
+ * pre-convert snapshot makes the downscale work for object logos, not just strings.
+ */
+export function collectLogoRefs(logo: Logo | undefined): string[] {
+  const refs: string[] = [];
+  if (typeof logo === 'string') {
+    refs.push(logo);
+  } else if (logo && typeof logo === 'object') {
+    if (logo.light) refs.push(logo.light);
+    if (logo.dark) refs.push(logo.dark);
+  }
+  return [...new Set(refs.filter(Boolean))];
+}
+
+export function buildLogoWarning(logo: { path: string; width: number; height: number; bytes: number }): BuildWarning | null {
+  if (logo.bytes <= MAX_LOGO_BYTES && logo.width <= MAX_REASONABLE_WIDTH) return null;
+  return {
+    type: 'logo_oversized',
+    file: logo.path,
+    message: `Logo is ${logo.width}×${logo.height} (${Math.round(logo.bytes / 1024)} KB). It's auto-downscaled, but uploading a logo ≤ ${MAX_REASONABLE_WIDTH}px wide / ≤ 100 KB avoids shipping a large source.`,
+  };
+}

package/vendored/lib/noindex-warning.ts

@@ -0,0 +1,14 @@
+// NOTE: lib/*.ts import the VENDORED shared copy at build-service/shared via
+// '../shared/...js' (see other lib files). '../../shared' would resolve outside the
+// build-service package and break tsc + the prod build.
+import type { BuildWarning } from '../shared/status-reporter.js';
+
+export function buildNoindexWarning(noindex: boolean): BuildWarning | null {
+  if (!noindex) return null;
+  return {
+    type: 'site_noindex',
+    file: 'docs.json',
+    message:
+      'This site is set to noindex: robots.txt is "Disallow: /" and the sitemap is empty, so it will not be indexed by any search engines. AI crawlers are still served via llms.txt (set seo.ai.llmsTxt: false to disable). Remove "noindex" from seo.metatags.robots to allow search indexing.',
+  };
+}

package/vendored/lib/r2-cleanup.ts

@@ -442,6 +442,32 @@ export async function sweepStaleLocaleLlmsTxt(
   return staleKeys;
 }
 
+/**
+ * Delete a project's AI-context files: the root `llms.txt` + `llms-full.txt` and
+ * every per-locale `<locale>/llms.txt`. Called on every build where `seo.ai.llmsTxt`
+ * is false so a previously published llms.txt stops serving after a customer opts
+ * out — the build gate stops REGENERATING these files but otherwise leaves the
+ * already-uploaded copies in place. The deletes are idempotent (DeleteObject is a
+ * no-op-success on a missing key), so re-running on later disabled-llms builds is
+ * harmless and self-healing. Per-locale files are discovered and deleted by
+ * sweepStaleLocaleLlmsTxt with an EMPTY active-locale set (every known-language
+ * locale then counts as removable). Note the returned array lists the keys
+ * TARGETED, not necessarily ones that existed. Non-fatal by contract: callers treat
+ * a throw as a warning — a stale llms.txt is a cosmetic orphan, never build-failing.
+ */
+export async function deleteLlmsTxtArtifacts(projectSlug: string): Promise<string[]> {
+  const localeKeys = await sweepStaleLocaleLlmsTxt(projectSlug, new Set());
+  const client = getR2S3Client();
+  const { bucketName } = getR2Config();
+  const rootKeys = [`${projectSlug}/llms.txt`, `${projectSlug}/llms-full.txt`];
+  // Independent keys — delete concurrently (matches deleteRemovedR2Objects' Promise.all).
+  // A rejection propagates so the caller's non-fatal try/catch logs it; see doc above.
+  await Promise.all(
+    rootKeys.map((key) => client.send(new DeleteObjectCommand({ Bucket: bucketName, Key: key }))),
+  );
+  return [...localeKeys, ...rootKeys];
+}
+
 /**
  * Delete EVERY R2 object under the `{slug}/` prefix.
  *

package/vendored/lib/render-doc-page.tsx

@@ -63,6 +63,7 @@ import { getContentDir } from '@/lib/docs';
 import type { DocsConfig } from '@/lib/docs-types';
 import { buildSeoMetadata, generateAutoDescription, buildSiteTitle } from '@/lib/seo';
 import { buildJsonLd } from '@/lib/json-ld';
+import { extractFaqPairs } from '@/lib/extract-faq';
 import {
   getContentLoader,
   isIsrMode,
@@ -337,11 +338,13 @@ export async function renderDocPage(input: RenderInput): Promise<ReactElement> {
   const rawContent = parsed.content;
 
   const baseUrl = resolveBaseUrl(requestHeaders, projectSlug, hostAtDocs);
+  const faqPairs = extractFaqPairs(rawContent);
   const jsonLd = buildJsonLd({
     config,
     pagePath,
     pageTitle: data.title || pagePath,
     baseUrl,
+    faqPairs,
   });
   const jsonLdScript = renderJsonLdScript(jsonLd);
 

package/vendored/lib/seo.ts

@@ -615,6 +615,18 @@ function derivePageLocale(pagePath: string, languages?: LanguageConfig[]): strin
  *   the full hreflang cluster, so language discovery is preserved.
  * @returns Partial<Metadata> to spread into generateMetadata return
  */
+
+// Next.js Metadata.robots can be a string OR an object. When we must ALSO emit
+// googlebot (object-only), a raw string robots directive would be lost — convert
+// it to object form first so the general directive survives the merge.
+function parseRobotsString(robots: string): { index: boolean; follow: boolean } {
+  const tokens = robots.toLowerCase().split(',').map((t) => t.trim());
+  return {
+    index: !tokens.includes('noindex'),
+    follow: !tokens.includes('nofollow'),
+  };
+}
+
 export function buildSeoMetadata(
   config: DocsConfig,
   frontmatter: PageFrontmatter,
@@ -653,12 +665,14 @@ export function buildSeoMetadata(
 
   // 3. Googlebot (separate from robots)
   if (metatags.googlebot) {
-    // Merge googlebot with existing robots config
-    const existingRobots = typeof metadata.robots === 'object' ? metadata.robots : {};
-    metadata.robots = {
-      ...existingRobots,
-      googleBot: metatags.googlebot,
-    };
+    // Merge googlebot with existing robots config. When metadata.robots is a string
+    // (set above from metatags.robots), coerce it to object form first so the general
+    // directive (e.g. noindex) is not silently dropped by the spread.
+    const base =
+      typeof metadata.robots === 'string'
+        ? parseRobotsString(metadata.robots)
+        : (metadata.robots ?? {});
+    metadata.robots = { ...base, googleBot: metatags.googlebot };
   }
 
   // 4. Google site verification

package/vendored/lib/validate-config.ts

@@ -36,6 +36,9 @@ export interface IntegrationsConfig {
   ga4?: { measurementId: string };
   gtm?: { tagId: string };
   plausible?: { domain?: string; server?: string; scriptUrl?: string };
+  osano?: { scriptSource: string };
+  termly?: { scriptSource: string };
+  cookies?: { key?: string; value?: string };
   [key: string]: unknown;
 }
 

package/vendored/lib/validate-page-frontmatter.ts

@@ -0,0 +1,30 @@
+import type { BuildWarning } from '../shared/status-reporter.js'; // vendored copy — NOT '../../shared'
+
+const MIN_DESCRIPTION_CHARS = 110; // matches the Ahrefs "too short" floor used elsewhere
+
+interface PageInfo {
+  path: string;
+  frontmatter: { title?: unknown; description?: unknown; hidden?: unknown };
+  content: string;
+}
+
+export function validatePageFrontmatter(pages: PageInfo[]): BuildWarning[] {
+  const warnings: BuildWarning[] = [];
+  for (const page of pages) {
+    const fm = page.frontmatter ?? {};
+    // Hidden pages are intentionally unlisted (not indexed, not in nav) — don't nag.
+    if (fm.hidden === true) continue;
+    const title = typeof fm.title === 'string' ? fm.title.trim() : '';
+    const description = typeof fm.description === 'string' ? fm.description.trim() : '';
+
+    if (!title) {
+      warnings.push({ type: 'page_missing_title', file: page.path, message: 'Page has no frontmatter title; navigation and llms.txt fall back to the file path.' });
+    }
+    if (!description) {
+      warnings.push({ type: 'page_missing_description', file: page.path, message: 'Page has no frontmatter description; add one for SEO and llms.txt.' });
+    } else if (description.length < MIN_DESCRIPTION_CHARS) {
+      warnings.push({ type: 'page_short_description', file: page.path, message: `Description is ${description.length} chars; aim for ${MIN_DESCRIPTION_CHARS}–160.` });
+    }
+  }
+  return warnings;
+}

package/vendored/schema/docs-schema.json

@@ -598,6 +598,16 @@
                         "indexHiddenPages": {
                             "type": "boolean",
                             "description": "Include hidden pages in the sitemap for search engine indexing. Defaults to `false`"
+                        },
+                        "ai": {
+                            "type": "object",
+                            "additionalProperties": false,
+                            "properties": {
+                                "llmsTxt": {
+                                    "type": "boolean",
+                                    "description": "Generate llms.txt and llms-full.txt for AI crawlers. Default true. Set false to stop publishing AI-context files (independent of search noindex)."
+                                }
+                            }
                         }
                     },
                     "additionalProperties": false,
@@ -1258,6 +1268,19 @@
                             ],
                             "additionalProperties": false
                         },
+                        "termly": {
+                            "type": "object",
+                            "properties": {
+                                "scriptSource": {
+                                    "type": "string",
+                                    "pattern": "^https://app\\.termly\\.io/resource-blocker/[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}(\\?autoBlock=(on|off))?$"
+                                }
+                            },
+                            "required": [
+                                "scriptSource"
+                            ],
+                            "additionalProperties": false
+                        },
                         "pirsch": {
                             "type": "object",
                             "properties": {
@@ -1345,12 +1368,18 @@
                             "type": "object",
                             "properties": {
                                 "key": {
-                                    "type": "string"
+                                    "type": "string",
+                                    "minLength": 1
                                 },
                                 "value": {
-                                    "type": "string"
+                                    "type": "string",
+                                    "minLength": 1
                                 }
                             },
+                            "required": [
+                                "key",
+                                "value"
+                            ],
                             "additionalProperties": false
                         }
                     },

package/vendored/shared/status-reporter.ts

@@ -22,7 +22,29 @@ export interface ProgressUpdate {
 }
 
 /** Warning types that can occur during builds (non-blocking) */
-export type BuildWarningType = 'broken_link' | 'auto_migrate' | 'missing_asset' | 'missing_image' | 'missing_page' | 'missing_openapi_ref' | 'inline_code_on_api_page' | 'invalid_openapi_spec' | 'missing_snippet' | 'risky_expression' | 'missing_favicon' | 'missing_description' | 'missing_logo';
+export const BUILD_WARNING_TYPES = [
+  'broken_link',
+  'auto_migrate',
+  'missing_asset',
+  'missing_image',
+  'missing_page',
+  'missing_openapi_ref',
+  'inline_code_on_api_page',
+  'invalid_openapi_spec',
+  'missing_snippet',
+  'risky_expression',
+  'missing_favicon',
+  'missing_description',
+  'missing_logo',
+  // New (2026-06-16 docs-platform-review fixes):
+  'site_noindex',
+  'page_missing_title',
+  'page_missing_description',
+  'page_short_description',
+  'logo_oversized',
+] as const;
+
+export type BuildWarningType = (typeof BUILD_WARNING_TYPES)[number];
 
 /** Build warning structure */
 export interface BuildWarning {
@@ -55,6 +77,10 @@ export const SUGGESTION_TYPES: ReadonlySet<BuildWarningType> = new Set([
   'missing_favicon',
   'missing_description',
   'missing_logo',
+  'site_noindex',
+  'page_missing_description',
+  'page_short_description',
+  'logo_oversized',
 ]);
 
 /**

package/vendored/workspace-package-lock.json

@@ -373,6 +373,9 @@
       "cpu": [
         "arm"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "LGPL-3.0-or-later",
       "optional": true,
       "os": [
@@ -389,6 +392,9 @@
       "cpu": [
         "arm64"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "LGPL-3.0-or-later",
       "optional": true,
       "os": [
@@ -405,6 +411,9 @@
       "cpu": [
         "ppc64"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "LGPL-3.0-or-later",
       "optional": true,
       "os": [
@@ -421,6 +430,9 @@
       "cpu": [
         "riscv64"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "LGPL-3.0-or-later",
       "optional": true,
       "os": [
@@ -437,6 +449,9 @@
       "cpu": [
         "s390x"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "LGPL-3.0-or-later",
       "optional": true,
       "os": [
@@ -453,6 +468,9 @@
       "cpu": [
         "x64"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "LGPL-3.0-or-later",
       "optional": true,
       "os": [
@@ -469,6 +487,9 @@
       "cpu": [
         "arm64"
       ],
+      "libc": [
+        "musl"
+      ],
       "license": "LGPL-3.0-or-later",
       "optional": true,
       "os": [
@@ -485,6 +506,9 @@
       "cpu": [
         "x64"
       ],
+      "libc": [
+        "musl"
+      ],
       "license": "LGPL-3.0-or-later",
       "optional": true,
       "os": [
@@ -501,6 +525,9 @@
       "cpu": [
         "arm"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "Apache-2.0",
       "optional": true,
       "os": [
@@ -523,6 +550,9 @@
       "cpu": [
         "arm64"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "Apache-2.0",
       "optional": true,
       "os": [
@@ -545,6 +575,9 @@
       "cpu": [
         "ppc64"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "Apache-2.0",
       "optional": true,
       "os": [
@@ -567,6 +600,9 @@
       "cpu": [
         "riscv64"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "Apache-2.0",
       "optional": true,
       "os": [
@@ -589,6 +625,9 @@
       "cpu": [
         "s390x"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "Apache-2.0",
       "optional": true,
       "os": [
@@ -611,6 +650,9 @@
       "cpu": [
         "x64"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "Apache-2.0",
       "optional": true,
       "os": [
@@ -633,6 +675,9 @@
       "cpu": [
         "arm64"
       ],
+      "libc": [
+        "musl"
+      ],
       "license": "Apache-2.0",
       "optional": true,
       "os": [
@@ -655,6 +700,9 @@
       "cpu": [
         "x64"
       ],
+      "libc": [
+        "musl"
+      ],
       "license": "Apache-2.0",
       "optional": true,
       "os": [
@@ -929,6 +977,9 @@
       "cpu": [
         "arm64"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -945,6 +996,9 @@
       "cpu": [
         "arm64"
       ],
+      "libc": [
+        "musl"
+      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -961,6 +1015,9 @@
       "cpu": [
         "x64"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -977,6 +1034,9 @@
       "cpu": [
         "x64"
       ],
+      "libc": [
+        "musl"
+      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -1316,6 +1376,9 @@
       "cpu": [
         "arm64"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -1332,6 +1395,9 @@
       "cpu": [
         "arm64"
       ],
+      "libc": [
+        "musl"
+      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -1348,6 +1414,9 @@
       "cpu": [
         "x64"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -1364,6 +1433,9 @@
       "cpu": [
         "x64"
       ],
+      "libc": [
+        "musl"
+      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -2852,9 +2924,9 @@
       }
     },
     "node_modules/dompurify": {
-      "version": "3.4.10",
-      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.4.10.tgz",
-      "integrity": "sha512-0xzNv0e7oYC6yyuOGZIABPM4qtg3QxLFniDNPP4ZP90wR8Yq3zgwpRbrNiT4N3IKqDbbYFEJLV+JWEs19aZ//w==",
+      "version": "3.4.11",
+      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.4.11.tgz",
+      "integrity": "sha512-zhlUV12GsaRzMsf9q5M254YhA4+VuF0fG+QFqu6aYpoGlKtz+w8//jBcGVYBgQkR5GHjUomejY84AV+/uPbWdw==",
       "license": "(MPL-2.0 OR Apache-2.0)",
       "optionalDependencies": {
         "@types/trusted-types": "^2.0.7"
@@ -2867,9 +2939,9 @@
       "license": "MIT"
     },
     "node_modules/electron-to-chromium": {
-      "version": "1.5.373",
-      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.373.tgz",
-      "integrity": "sha512-G2Hym8JIf/QreuseqkDibgH8Ci8KfJzqGDKdakbhSx9UltwRBH2cBLAWU/lBX0sCdv0TlhyxQyDCnSfxgMWsjA==",
+      "version": "1.5.375",
+      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.375.tgz",
+      "integrity": "sha512-ZWP5eB4BVPW/ZYo9252hQZHZ5XavtsTgpbhcmMmRwymavC5AsLWQWBPaKMeNd2LW0KGby5HPXvj7+sr4ta5j/Q==",
       "license": "ISC"
     },
     "node_modules/enhanced-resolve": {
@@ -3865,6 +3937,9 @@
       "cpu": [
         "arm64"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "MPL-2.0",
       "optional": true,
       "os": [
@@ -3885,6 +3960,9 @@
       "cpu": [
         "arm64"
       ],
+      "libc": [
+        "musl"
+      ],
       "license": "MPL-2.0",
       "optional": true,
       "os": [
@@ -3905,6 +3983,9 @@
       "cpu": [
         "x64"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "MPL-2.0",
       "optional": true,
       "os": [
@@ -3925,6 +4006,9 @@
       "cpu": [
         "x64"
       ],
+      "libc": [
+        "musl"
+      ],
       "license": "MPL-2.0",
       "optional": true,
       "os": [