emdash

v@emdash-cms/[email protected] Feature

This release adds 2 notable features for engineering teams evaluating rollout.

Published 6d Productivity & Wikis

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

astro cms emdash typescript

Affected surfaces

rbac rce_ssrf

Summary

AI summary

Updates Patch Changes, Minor Changes, and https://github.com/ascorbic across a mixed release.

Changes in this release

Type	Severity	Summary	CVE
Feature
Feature	Medium	Adds workerd-based plugin sandboxing for Node.js deployments. Adds workerd-based plugin sandboxing for Node.js deployments. Source: llm_adapter@2026-05-28 Confidence: high	—
Feature	Medium	Introduces `isHealthy()` method on `SandboxRunner` interface and `CloudflareSandboxRunner`. Introduces `isHealthy()` method on `SandboxRunner` interface and `CloudflareSandboxRunner`. Source: llm_adapter@2026-05-28 Confidence: high	—
Feature	Medium	Adds `SandboxUnavailableError` class for sandbox unavailability scenarios. Adds `SandboxUnavailableError` class for sandbox unavailability scenarios. Source: llm_adapter@2026-05-28 Confidence: high	—
Feature	Medium	Introduces `sandbox: false` configuration option to disable sandboxing. Introduces `sandbox: false` configuration option to disable sandboxing. Source: llm_adapter@2026-05-28 Confidence: high	—
Feature	Medium	Adds `mediaStorage` field on `SandboxOptions`. Adds `mediaStorage` field on `SandboxOptions`. Source: llm_adapter@2026-05-28 Confidence: high	—
Feature	Medium	Exports utility functions (`createHttpAccess`, `createUnrestrictedHttpAccess`) and repositories (`PluginStorageRepository`, `UserRepository`, `OptionsRepository`). Exports utility functions (`createHttpAccess`, `createUnrestrictedHttpAccess`) and repositories (`PluginStorageRepository`, `UserRepository`, `OptionsRepository`). Source: llm_adapter@2026-05-28 Confidence: high	—
Feature	Medium	Adds `storageConfig` to `PluginBridgeProps` for index usage by `PluginStorageRepository`. Adds `storageConfig` to `PluginBridgeProps` for index usage by `PluginStorageRepository`. Source: llm_adapter@2026-05-28 Confidence: high	—
Dependency	Low	Aligns `kysely` peer dependency to >=0.29.0 and uses workspace catalog for consistent versioning across packages. Aligns `kysely` peer dependency to >=0.29.0 and uses workspace catalog for consistent versioning across packages. Source: llm_adapter@2026-05-28 Confidence: high	—
Bugfix	Medium	Fixes `storageQuery()` and `storageCount()` to honor `where`, `orderBy`, and `cursor` options, preventing infinite pagination loops and incorrect counts. Fixes `storageQuery()` and `storageCount()` to honor `where`, `orderBy`, and `cursor` options, preventing infinite pagination loops and incorrect counts. Source: llm_adapter@2026-05-28 Confidence: high	—
Refactor	Low	Tightens workerd sandbox internals, adds validation helpers, centralises content table access, and introduces `typecheck` script for clean linting and type‑checking. Tightens workerd sandbox internals, adds validation helpers, centralises content table access, and introduces `typecheck` script for clean linting and type‑checking. Source: llm_adapter@2026-05-28 Confidence: high	—

Full changelog

Minor Changes

#426 02ed8ba Thanks @BenjaminPrice! - Adds workerd-based plugin sandboxing for Node.js deployments.
- emdash: Adds isHealthy() to SandboxRunner interface, SandboxUnavailableError class, sandbox: false config option, mediaStorage field on SandboxOptions, and exports createHttpAccess/createUnrestrictedHttpAccess/PluginStorageRepository/UserRepository/OptionsRepository for platform adapters.
- @emdash-cms/cloudflare: Implements isHealthy() on CloudflareSandboxRunner. Fixes storageQuery() and storageCount() to honor where, orderBy, and cursor options (previously ignored, causing infinite pagination loops and incorrect filtered counts). Adds storageConfig to PluginBridgeProps so PluginStorageRepository can use declared indexes.
- @emdash-cms/sandbox-workerd: New package. WorkerdSandboxRunner for production (workerd child process + capnp config + authenticated HTTP backing service) and MiniflareDevRunner for development.

Patch Changes

#1144 c50c3b2 Thanks @ascorbic! - Aligns the kysely peer dependency with the rest of the monorepo (>=0.29.0) and switches the dev/peer references to the workspace catalog so all packages bump in lockstep going forward.
#1147 20c87fe Thanks @ascorbic! - Tightens the workerd sandbox internals so the package now lints and type-checks cleanly.
- Bridge call bodies are validated with predicate-backed require* / optional* helpers instead of unchecked as casts. A misbehaving plugin that sends a malformed JSON-RPC body now gets a clear "Parameter X must be Y" error rather than triggering a downstream type confusion.
- Content table access (ec_* collections) is centralised behind a typed asContentDb() helper. Known tables (users, media, _plugin_storage) drop their as keyof Database casts entirely.
- HTTP init marshalling validates each field at the bridge boundary, including form-data parts.
- The backing service uses a typed HttpError class for status-bearing errors and validates incoming chunks/body shape defensively.
- getPluginStorageConfig() returns the real PluginStorageConfig shape from the manifest instead of Record<string, unknown>.
- WorkerdSandboxedPlugin now implements the correct SandboxedPluginInstance interface (the old SandboxedPlugin symbol did not exist).
- Adds a typecheck script (tsgo --noEmit) so the package participates in pnpm typecheck going forward.
No runtime behaviour changes.
Updated dependencies [02ed8ba, 11b3001, fae97ee, 88f544d, 9a30607, d0ff94b]:
- [email protected]

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track emdash

Get notified when new releases ship.

About emdash

All releases →

Related context

Related tools

Earlier breaking changes

[email protected] Schema migration adds `locale` and `translation_group` columns to `_emdash_bylines`.
[email protected] Byline hydration now strictly per-locale, suppressing cross‑locale fallback.
v@emdash-cms/[email protected] Changes `_emdash_content_bylines.byline_id` to store translation_group instead of row id, enforcing strict per-locale credit hydration.
v@emdash-cms/[email protected] Registry install handler fails closed on non-conforming aggregator release records.
v@emdash-cms/[email protected] Menu and menu-item API responses now camelCase, breaking clients expecting snake_case keys.