ci: release

[emdashbot]

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

@emdash-cms/admin@0.6.0

Minor Changes

• #565 913cb62 Thanks @ophirbucai! - Adds full RTL (right-to-left) support to the admin UI by converting all directional Tailwind classes to their direction-aware equivalents.

Patch Changes

• #610 dfcb0cd Thanks @drudge! - Passes plugin block definitions into the PortableTextEditor nested inside WidgetEditor, so custom plugin-registered block types (image blocks, marker blocks, etc.) can be inserted and rendered inside content-type widgets. The manifest is fetched with react-query in the top-level Widgets component, flattened into a PluginBlockDef[] list, and threaded through WidgetAreaPanel → WidgetItem → WidgetEditor.

• #568 cf63b02 Thanks @Vallhalen! - Fix document outline not showing headings on initial load. The outline now defers initial extraction to next tick (so TipTap finishes hydrating) and also listens for transaction events to catch programmatic content changes.

• #564 0b32b2f Thanks @ascorbic! - Replaces the horizontal language-switch button bar on the admin login page with a dropdown, so the selector stays usable as more locales are added.

• #592 6c92d58 Thanks @asdfgl98! - Adds Korean locale support to the admin UI.

• #559 a2d5afb Thanks @ayfl269! - Adds Chinese (Traditional) translation for the admin UI, including login page, settings page, and locale switching.

• #604 39d285e Thanks @all3f0r1! - Fixes loading spinner not centered under logo on the login page.

• Updated dependencies []:

  • @emdash-cms/blocks@0.6.0

emdash@0.6.0

Minor Changes

• #626 1859347 Thanks @ascorbic! - Adds eager hydration of taxonomy terms on getEmDashCollection and getEmDashEntry results. Each entry now exposes a data.terms field keyed by taxonomy name (e.g. post.data.terms.tag, post.data.terms.category), populated via a single batched JOIN query alongside byline hydration. Templates that previously looped and called getEntryTerms(collection, id, taxonomy) per entry can read entry.data.terms directly and skip the N+1 round-trip.

  New exports: getAllTermsForEntries, invalidateTermCache.

  Reserved field slugs now also block terms, bylines, and byline at schema-creation time to prevent new fields shadowing the hydrated values. Existing installs that already have a user-defined field with any of those slugs will see the hydrated value overwrite the stored value on read (consistent with the pre-existing behavior of bylines / byline hydration); rename the field to keep its data accessible.

• #600 9295cc1 Thanks @ascorbic! - Adds Noto Sans as the default admin UI font via the Astro Font API. Fonts are downloaded from Google at build time and self-hosted. The base font covers Latin, Cyrillic, Greek, Devanagari, and Vietnamese. Additional scripts (Arabic, CJK, Hebrew, Thai, etc.) can be added via the new fonts.scripts config option. Set fonts: false to disable and use system fonts.

Patch Changes

• #595 cfd01f3 Thanks @ascorbic! - Fixes playground initialization crash caused by syncSearchState attempting first-time FTS enablement during field creation.

• #631 31d2f4e Thanks @ascorbic! - Improves cold-start performance for anonymous page requests. Sites with D1 replicas far from the worker colo should see the biggest improvement; on the blog-demo the homepage cold request on Asia colos dropped from several seconds to under a second.

  Three underlying changes:

  • Search index health checks run on demand (on the first search request) rather than at worker boot, reclaiming the time a boot-time scan spent walking every searchable collection.
  • Module-scoped caches (manifest, taxonomy names, byline existence, taxonomy-assignment existence) are now reused across anonymous requests that route through D1 read replicas. They previously rebuilt on every request.
  • Cold-start Server-Timing headers break runtime init into sub-phases (rt.db, rt.plugins, etc.) so further regressions are easier to diagnose.

• #605 445b3bf Thanks @ascorbic! - Fixes D1 read replicas being bypassed for anonymous public page traffic. The middleware fast path now asks the database adapter for a per-request scoped Kysely, so anonymous reads land on the nearest replica instead of the primary-pinned singleton binding.

  All D1-specific semantics (Sessions API, constraint selection, bookmark cookie) live in @emdash-cms/cloudflare/db/d1 behind a single createRequestScopedDb(opts) function. Core middleware has no D1-specific logic. Adapters opt in via a new supportsRequestScope: boolean flag on DatabaseDescriptor; d1() sets it to true.

  Other fixes in the same change:

  • Nested runWithContext calls in the request-context middleware now merge the parent context instead of replacing it, so an outer per-request db override is preserved through edit/preview flows.
  • Baseline security headers now forward Astro's cookie symbol across the response clone so cookies.set() calls in middleware survive.
  • Any write (authenticated or anonymous) now forces first-primary, so an anonymous form/comment POST isn't racing across replicas.
  • The session user is read once per request and reused in both the fast path and the full runtime init (previously read twice on authenticated public-page traffic).
  • Bookmark cookies are validated only for length (≤1024) and absence of control characters — no stricter shape check, so a future D1 bookmark format change won't silently degrade consistency.
  • The !config bail-out now still applies baseline security headers.
  • __ec_d1_bookmark references aligned to __em_d1_bookmark across runtime, docs, and JSDoc.

• #500 14c923b Thanks @all3f0r1! - Adds inline term creation in the post editor taxonomy sidebar. Tags show a "Create" option when no match exists; categories get an "Add new" button below the list.

• #606 c5ef0f5 Thanks @ascorbic! - Caches the manifest in memory and in the database to eliminate N+1 schema queries per request. Batches site info queries during initialization. Cold starts read 1 cached row instead of rebuilding from scratch.

• #465 0a61ef4 Thanks @Pouf5! - Fixes FTS5 tables not being created when a searchable collection is created or updated via the Admin UI.

• #636 6d41fe1 Thanks @ascorbic! - Fixes two correctness issues from the perf: cut anonymous cold-start runtime init roughly in half #631 cold-start work:

  • ensureSearchHealthy() now runs against the runtime's singleton database instead of the per-request session-bound one. The verify step reads, but a corrupted index triggers a rebuild write, and D1 Sessions on a GET request uses first-unconstrained routing that's free to land on a replica. The singleton goes through the default binding, which the adapter correctly promotes to first-primary for writes.
  • The playground request-context middleware now sets dbIsIsolated: true. Without it, schema-derived caches (manifest, taxonomy defs, byline/term existence probes) could carry values across playground sessions that have independent schemas.

• #627 b158e40 Thanks @ascorbic! - Prime the request-scoped cache for getEntryTerms during collection and entry hydration. getEmDashCollection and getEmDashEntry already fetch taxonomy terms for their results via a single batched JOIN; now the same data is seeded into the per-request cache under the same keys getEntryTerms uses, so existing templates that still call getEntryTerms(collection, id, taxonomy) in a loop get cache hits instead of a serial DB round-trip per iteration.

  Empty-result entries are seeded with [] for every taxonomy that applies to the collection so "this post has no tags" also short-circuits without a query. Cache entries are scoped to the request context via ALS and GC'd with it.

• #558 629fe1d Thanks @csfalcao! - Fixes /_emdash/api/search/suggest 500 error. getSuggestions no longer double-appends the FTS5 prefix operator * on top of the one escapeQuery already adds, so autocomplete queries like ?q=des now return results instead of raising SqliteError: fts5: syntax error near "*".

• #552 f52154d Thanks @masonjames! - Fixes passkey login failures so unregistered or invalid credentials return an authentication failure instead of an internal server error.

• #601 8221c2a Thanks @CacheMeOwside! - Fixes the Save Changes button on the Content Type editor failing silently with a 400 error

• #598 8fb93eb Thanks @maikunari! - Fixes WordPress import error reporting to surface the real exception message instead of a generic "Failed to import item" string, making import failures diagnosable.

• #629 6d7f288 Thanks @CacheMeOwside! - Adds toast feedback when taxonomy assignments are saved or fail on content items.

• 4ffa141 Thanks @auggernaut! - Fixes repeated FTS startup rebuilds on SQLite by verifying indexed row counts against the FTS shadow table.

• #582 04e6cca Thanks @all3f0r1! - Improves the "Failed to create database" error to detect NODE_MODULE_VERSION mismatches from better-sqlite3 and surface an actionable message telling the user to rebuild the native module.

• Updated dependencies [dfcb0cd, cf63b02, 0b32b2f, 913cb62, 6c92d58, a2d5afb, 39d285e, f52154d]:

  • @emdash-cms/admin@0.6.0
  • @emdash-cms/auth@0.6.0
  • @emdash-cms/gutenberg-to-portable-text@0.6.0

@emdash-cms/auth@0.6.0

Patch Changes

• #552 f52154d Thanks @masonjames! - Fixes passkey login failures so unregistered or invalid credentials return an authentication failure instead of an internal server error.

@emdash-cms/cloudflare@0.6.0

Patch Changes

• #605 445b3bf Thanks @ascorbic! - Fixes D1 read replicas being bypassed for anonymous public page traffic. The middleware fast path now asks the database adapter for a per-request scoped Kysely, so anonymous reads land on the nearest replica instead of the primary-pinned singleton binding.

  All D1-specific semantics (Sessions API, constraint selection, bookmark cookie) live in @emdash-cms/cloudflare/db/d1 behind a single createRequestScopedDb(opts) function. Core middleware has no D1-specific logic. Adapters opt in via a new supportsRequestScope: boolean flag on DatabaseDescriptor; d1() sets it to true.

  Other fixes in the same change:

  • Nested runWithContext calls in the request-context middleware now merge the parent context instead of replacing it, so an outer per-request db override is preserved through edit/preview flows.
  • Baseline security headers now forward Astro's cookie symbol across the response clone so cookies.set() calls in middleware survive.
  • Any write (authenticated or anonymous) now forces first-primary, so an anonymous form/comment POST isn't racing across replicas.
  • The session user is read once per request and reused in both the fast path and the full runtime init (previously read twice on authenticated public-page traffic).
  • Bookmark cookies are validated only for length (≤1024) and absence of control characters — no stricter shape check, so a future D1 bookmark format change won't silently degrade consistency.
  • The !config bail-out now still applies baseline security headers.
  • __ec_d1_bookmark references aligned to __em_d1_bookmark across runtime, docs, and JSDoc.

• #569 134f776 Thanks @Yusaku01! - Fixes the playground toolbar layout on small screens.

• Updated dependencies [cfd01f3, 31d2f4e, 445b3bf, 1859347, 14c923b, c5ef0f5, 0a61ef4, 6d41fe1, b158e40, 629fe1d, f52154d, 8221c2a, 8fb93eb, 6d7f288, 4ffa141, 04e6cca, 9295cc1]:

  • emdash@0.6.0

@emdash-cms/plugin-embeds@0.1.6

Patch Changes

• Updated dependencies [cfd01f3, 31d2f4e, 445b3bf, 1859347, 14c923b, c5ef0f5, 0a61ef4, 6d41fe1, b158e40, 629fe1d, f52154d, 8221c2a, 8fb93eb, 6d7f288, 4ffa141, 04e6cca, 9295cc1]:
  • emdash@0.6.0
  • @emdash-cms/blocks@0.6.0

@emdash-cms/blocks@0.6.0

create-emdash@0.6.0

@emdash-cms/gutenberg-to-portable-text@0.6.0

@emdash-cms/x402@0.6.0

@emdash-cms/perf-demo-site@0.0.1

Patch Changes

• Updated dependencies [cfd01f3, 31d2f4e, 445b3bf, 1859347, 14c923b, c5ef0f5, 134f776, 0a61ef4, 6d41fe1, b158e40, 629fe1d, f52154d, 8221c2a, 8fb93eb, 6d7f288, 4ffa141, 04e6cca, 9295cc1]:
  • emdash@0.6.0
  • @emdash-cms/cloudflare@0.6.0

[github-actions]

Scope check

This PR touches 21 files. PRs with a broad scope are harder to review. Please confirm the scope hasn't drifted beyond the intended change.
This PR spans 5 different areas (area/core, area/admin, area/plugins, area/auth, area/cloudflare). Consider breaking it into smaller, focused PRs.

If this scope is intentional, no action needed. A maintainer will review it. If not, please consider splitting this into smaller PRs.

See CONTRIBUTING.md for contribution guidelines.

[pkg-pr-new]

Open in StackBlitz

@emdash-cms/admin

npm i https://pkg.pr.new/@emdash-cms/admin@560

@emdash-cms/auth

npm i https://pkg.pr.new/@emdash-cms/auth@560

@emdash-cms/blocks

npm i https://pkg.pr.new/@emdash-cms/blocks@560

@emdash-cms/cloudflare

npm i https://pkg.pr.new/@emdash-cms/cloudflare@560

emdash

npm i https://pkg.pr.new/emdash@560

create-emdash

npm i https://pkg.pr.new/create-emdash@560

@emdash-cms/gutenberg-to-portable-text

npm i https://pkg.pr.new/@emdash-cms/gutenberg-to-portable-text@560

@emdash-cms/x402

npm i https://pkg.pr.new/@emdash-cms/x402@560

@emdash-cms/plugin-ai-moderation

npm i https://pkg.pr.new/@emdash-cms/plugin-ai-moderation@560

@emdash-cms/plugin-atproto

npm i https://pkg.pr.new/@emdash-cms/plugin-atproto@560

@emdash-cms/plugin-audit-log

npm i https://pkg.pr.new/@emdash-cms/plugin-audit-log@560

@emdash-cms/plugin-color

npm i https://pkg.pr.new/@emdash-cms/plugin-color@560

@emdash-cms/plugin-embeds

npm i https://pkg.pr.new/@emdash-cms/plugin-embeds@560

@emdash-cms/plugin-forms

npm i https://pkg.pr.new/@emdash-cms/plugin-forms@560

@emdash-cms/plugin-webhook-notifier

npm i https://pkg.pr.new/@emdash-cms/plugin-webhook-notifier@560

commit: 87591ec

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
✅ Deployment successful! View logs	emdash-playground	87591ec	Apr 18 2026, 10:31 AM

[github-actions]

Overlapping PRs

This PR modifies files that are also changed by other open PRs:

• fix(admin): use dropdown for login page language selector #564 (3 shared files)

This may cause merge conflicts or duplicated work. A maintainer will coordinate.