emdash-cms/emdash @emdash-cms/cloudflare@0.15.0

on GitHub

Patch Changes

• #426 02ed8ba Thanks @BenjaminPrice! - Adds workerd-based plugin sandboxing for Node.js deployments.

  • emdash: Adds isHealthy() to SandboxRunner interface, SandboxUnavailableError class, sandbox: false config option, mediaStorage field on SandboxOptions, and exports createHttpAccess/createUnrestrictedHttpAccess/PluginStorageRepository/UserRepository/OptionsRepository for platform adapters.
  • @emdash-cms/cloudflare: Implements isHealthy() on CloudflareSandboxRunner. Fixes storageQuery() and storageCount() to honor where, orderBy, and cursor options (previously ignored, causing infinite pagination loops and incorrect filtered counts). Adds storageConfig to PluginBridgeProps so PluginStorageRepository can use declared indexes.
  • @emdash-cms/sandbox-workerd: New package. WorkerdSandboxRunner for production (workerd child process + capnp config + authenticated HTTP backing service) and MiniflareDevRunner for development.

• #1139 88f544d Thanks @ask-bonk! - Upgrades kysely to ^0.29.0 (was ^0.27.0) to resolve three high-severity advisories fixed in >=0.28.17:

  • GHSA-wmrf-hv6w-mr66 – SQL injection via unsanitized JSON path keys
  • GHSA-pv5w-4p9q-p3v2 – JSON-path traversal injection via JSONPathBuilder.key() / .at()
  • GHSA-8cpq-38p9-67gx – MySQL SQL injection via sql.lit(string)

  Also updates import paths for Migrator and Migration types to kysely/migration to comply with kysely 0.29 export changes.

• Updated dependencies [02ed8ba, 11b3001, fae97ee, 88f544d, 9a30607, d0ff94b]:

  • emdash@0.15.0