* implement safe url validation for redirects
added validation for safe redirect urls to prevent xss attacks
* add changeset: fix dom xss in form redirects
(marked as patch version bump for @emdash-cms/plugin-forms)
---------
Co-authored-by: Matt Kane <mkane@cloudflare.com>
* docs: fix critical errors in import paths, types, and API references
- Fix Cloudflare adapter imports: d1/r2 come from @emdash-cms/cloudflare, not emdash/db or emdash/astro
- Fix PortableText import path: emdash/ui, not emdash/astro
- Replace set:html with PortableText component for Portable Text content
- Fix CLI binary alias: em, not ec
- Fix media upload API: POST multipart to /api/media, not JSON to /api/media/upload
- Fix MediaValue type: src not url, provider is optional, add previewUrl
- Fix EmDashMedia to Image component (actual export name)
- Fix Cloudflare Access auth config: use access() function, not nested object
- Fix REST API methods: content/media update is PUT not PATCH, settings is POST not PUT
- Fix contributing docs: Node.js 22+, pnpm 10+, correct E2E test command
- Fix WordPress migration: remove undocumented CLI import command
* docs: fix high-priority technical errors across docs
- Fix hook names: beforeSave/afterSave, not beforeCreate/afterCreate
- Fix status values: draft/published/scheduled, not archived
- Fix field type count: 14, not 15
- Fix MCP tool count: 33, not 28
- Fix Section.previewUrl type: string, not object
- Fix getSections examples to show { items } destructuring
- Add missing CollectionSupport values: search, seo
- Update reserved field slugs to match actual code
- Add MCP server enablement note (mcp: true required)
- Clarify getStaticPaths guidance: themes must be SSR, other sites can use static
- Delete orphaned duplicate migration/plugin-porting.mdx
* docs: fix medium-priority issues across docs
- Fix broken internal links: /guides/media/ -> /guides/media-library/, /guides/seeding/ -> /themes/seed-files/
- Standardize env var to EMDASH_PREVIEW_SECRET throughout preview guide
- Fix featuredImage -> featured_image in widgets guide
- Remove Discord social link (no Discord server exists)
- Fix formatting config reference: .oxfmtrc.json, not .prettierrc
- Add audienceEnvVar to Cloudflare Access config options
- Fix content model type declarations to show actual return types
* docs: document missing plugin hooks, capabilities, and context properties
- Add 10 missing hooks to reference: cron, email (beforeSend, deliver, afterSend),
comment (beforeCreate, moderate, afterCreate, afterModerate), page (metadata, fragments)
- Document all hook event types, handler signatures, and return values
- Add exclusive hook option to configuration tables
- Add 6 missing capabilities: network:fetch:any, read:users, email:send/provide/intercept, page:inject
- Add 6 missing context properties: ctx.site, ctx.url(), ctx.users, ctx.cron, ctx.email
- Update hooks reference tables in both plugins/hooks.mdx and reference/hooks.mdx
* Format
* fix(x402): add tsdown config to build middleware entry point
* adds optimizeDeps.exclude and ssr.optimizeDeps.exclude for @emdash-cms/x402 in the integration's Vite config
* fix CI typecheck
---------
Co-authored-by: Matt Kane <mkane@cloudflare.com>
* perf(db): optimize D1 indexes to eliminate full table scans
- Add composite indexes to ec_* tables for common query patterns
- Replace single-column indexes with (deleted_at, updated_at, id) composite
- Add (deleted_at, status) index for count queries
- Add (deleted_at, created_at, id) index for chronological ordering
- Optimize comment counting with partial indexes per status
- Rewrite countByStatus() to use parallel WHERE queries instead of GROUP BY
Fixes#131
* chore: add changeset for D1 index optimization
* style: wrap changeset description for formatting compliance
* docs: add changeset guidelines to contributing docs
Contributors and agents need to know when and how to add changesets.
Without one, changes to published packages won't trigger a release.
- CONTRIBUTING.md: full Changesets section with when/when-not, how to
add, writing descriptions, examples for patch/minor/major
- AGENTS.md: concise changeset subsection using --empty for
non-interactive use, added as step in PR flow
- PR template: changeset checkbox in checklist
* docs: note that multiple changes need separate changesets
Replace placeholder text branding ("— EmDash") with actual logo SVGs
from the brand assets. Adds Logo.tsx with LogoIcon (icon mark) and
LogoLockup (icon + wordmark) components.
- Sidebar: gradient icon mark replaces em dash text character
- Login, Signup, Setup: full lockup SVG with currentColor wordmark
- Welcome modal: logo icon replaces Sparkle placeholder
- Favicon: real gradient icon SVG replaces emoji
Node 22 ships npm 10.x which doesn't support trusted publishing via
OIDC (requires npm 11.5.1+). Node 24 bundles it natively, removing the
need for the `npm install -g npm@latest` step which was failing with a
`Cannot find module 'promise-retry'` error due to npm corrupting itself
during self-upgrade.
Add a rollup job that gates on all 8 E2E shards so it can be a single
required check. Exempt emdashbot from PR template validation alongside
dependabot and renovate.
GITHUB_TOKEN can't trigger CI on PRs it creates, so the changesets
release PR could never pass required checks. Use a GitHub App token
instead, which triggers workflows normally.
Also pins all actions to commit SHAs and uses frozen lockfile.
* chore: add PR template, issue templates, and contribution policy
Drive-by feature PRs are becoming a problem. This adds guardrails:
- PR template with type selection, checklist, and AI disclosure
- Bug report issue template (structured YAML form)
- Issue config that redirects features to Discussions and disables blank issues
- PR compliance workflow that enforces template completion and requires
a Discussion link for feature PRs
- Contribution policy in CONTRIBUTING.md (acceptance tiers, AI PR rules)
- Agent-facing rules in AGENTS.md (follow the template, no bulk changes)
* fornat
* fix(tests): remove explicit beforeAll timeouts that override global hookTimeout
Integration tests passed 60s timeouts to beforeAll, overriding the
120s hookTimeout in vitest.smoke.config.ts. On CI the dev server
startup can consume the full 60s, leaving no time for setup + seeding.
Also bumps createTestServer's default waitForServer timeout from 60s
to 90s, leaving 30s margin within the 120s hook budget.
* fix(tests): don't remove shared node_modules symlink during cleanup
Multiple integration test suites run concurrently and share the
fixture/node_modules symlink. When the suite that created it finishes
first, its cleanup deletes the symlink, causing other suites to fail
with MODULE_NOT_FOUND when their server process tries to resolve astro.
The symlink is gitignored so it's safe to leave in place.
- Fix playground-toolbar test: URL changed to github.com but test still expected docs.emdashcms.com
- create-emdash: extract selectTemplate() to eliminate unsafe/unnecessary type assertions
- create-emdash: use type-safe Object.keys filter instead of bare cast
- cloudflare/cache: use Reflect.get with typeof guard instead of double type assertion
- x402/enforcer: replace unsafe request cast with Reflect.get type guards for CF bot management
- x402/middleware: suppress unavoidable virtual module any-cast with eslint comment
