Skip to content

feat(syndication): Sprint 13 — public RSS + Atom + sitemap feeds#8

Merged
dobrodob merged 1 commit intomainfrom
feat/sprint-13-syndication
Apr 19, 2026
Merged

feat(syndication): Sprint 13 — public RSS + Atom + sitemap feeds#8
dobrodob merged 1 commit intomainfrom
feat/sprint-13-syndication

Conversation

@dobrodob
Copy link
Copy Markdown
Member

@dobrodob dobrodob commented Apr 19, 2026

Summary

Seven new public read-only endpoints bring Publy onto the syndication map — every journalist-reader workflow (Feedly, NetNewsWire, Readwise), every podcast client, every search crawler can now consume content:

  • GET /feed/rss.xml / /feed/atom.xml — community-wide
  • GET /topics/:slug/feed/rss.xml / /feed/atom.xml — per-topic
  • GET /authors/:slug/feed/rss.xml / /feed/atom.xml — per-author
  • GET /sitemap.xml — search engines

All endpoints @Public(), all tenant-scoped via existing TenantInterceptor, all with CDN-friendly Cache-Control (5min feeds, 1h sitemap).

Why hand-rolled XML?

feed/rss npm packages pull in xml-builder transitive deps we already avoid. The specs are ~100 lines of string building each. Owning the output lets us add xmlns:media/xmlns:content incrementally without fighting an abstraction. Every text node routed through escapeXml() covering the five XML predefined entities + invalid-XML-1.0 control chars; RSS <description> wrapped in CDATA with ]]> rewriting for safety.

Invariants

Every feed query enforces:

WHERE status = 'PUBLISHED'
  AND visibility = 'PUBLIC'
  AND deleted_at IS NULL
  AND published_at IS NOT NULL

Nothing DRAFT/POSTED/COMMUNITY-visibility ever leaks into a public feed. Tenant scope is applied at the SQL layer — verified by integration tests that create shouts in one community and confirm another sees an empty feed.

Topic/author feeds throw NotFoundError on unknown slug rather than returning empty — an empty-feed oracle would hide typos from operators and clients.

New config

Key Purpose Dev default
FRONTEND_URL Base for feed item <link> targets (HTML page URLs) http://localhost:3000
DEFAULT_LANG BCP-47 language code for <language>/xml:lang ru

Tests

16 new integration tests → 369/369 total passing (was 353).

  • Community/topic/author queries correctly filter by status, visibility, tenant, deletion
  • Limit parameter honored
  • Tenant isolation verified across two communities
  • NotFoundError on unknown slug
  • RSS/Atom structural elements present (<channel>, <atom:link rel=\"self\">, <entry>, <id>)
  • XML injection resistance<script> in titles comes out as &lt;script&gt;
  • CDATA escape]]> in lead rewritten as ]]]]><![CDATA[>
  • Atom published/updated/author/category tags
  • Sitemap <urlset>/<loc>/<lastmod>/<changefreq>

Test plan

  • npx tsc --noEmit clean
  • npx biome check . clean (1 pre-existing warning unchanged)
  • npm run build:core + build:crdt clean
  • npx vitest run → 369/369 passing
  • CI green

🤖 Generated with Claude Code

@dobrodob @claude
feat(syndication): Sprint 13 — public RSS + Atom + sitemap feeds
404d705 
Adds a full syndication surface so Publy communities participate in the
read-across-the-web ecosystem (RSS readers, podcast clients, search
crawlers). Seven new public endpoints, all tenant-scoped via the existing
TenantInterceptor:

  GET /feed/rss.xml                       community RSS 2.0
  GET /feed/atom.xml                      community Atom 1.0
  GET /topics/:slug/feed/rss.xml          topic RSS
  GET /topics/:slug/feed/atom.xml         topic Atom
  GET /authors/:slug/feed/rss.xml         author RSS
  GET /authors/:slug/feed/atom.xml        author Atom
  GET /sitemap.xml                        sitemap 0.9

Design:
- Hand-rolled XML. No `feed`/`rss` libs — the specs are ~100 lines of
  string building per format, and owning the output lets us add media
  namespaces incrementally without fighting a library.
- Every text interpolation routed through `escapeXml()` covering the
  five predefined entities + invalid XML 1.0 control chars. RSS
  <description> wrapped in CDATA with `]]>` rewriting for safety.
- Hard invariants on included shouts: status='PUBLISHED' AND
  visibility='PUBLIC' AND deleted_at IS NULL AND published_at IS NOT NULL.
  COMMUNITY/OWNER-visibility content can't leak into public feeds.
- Topic/author feeds throw NotFoundError on unknown slug rather than
  returning empty — an empty-feed oracle would hide typos from
  operators and clients.
- CDN-friendly Cache-Control: 5min/10min for feeds, 1h/2h for sitemap.
- Content-Type set per format (application/rss+xml, application/atom+xml,
  application/xml) — feed readers are notoriously picky about MIME.

New config:
- FRONTEND_URL — base for item <link> targets (where HTML pages live)
- DEFAULT_LANG — BCP-47 language tag for <language>/<feed xml:lang>

Tests (16 new, 369/369 total passing):
- Community/topic/author queries respect status, visibility, tenant,
  deletedAt, and slug presence
- Limit parameter honored
- Tenant isolation verified across two communities
- NotFoundError on unknown topic/author slug
- RSS XML structure + atom:link self ref
- XML-unsafe chars in user input escaped (injection resistance)
- CDATA `]]>` end-sequence rewritten correctly
- Atom <id>, <updated>, <published>, author, and category tags present
- Sitemap <urlset>/<loc>/<lastmod>/<changefreq> structure

Pattern 37-syndication-feeds documented.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@dobrodob dobrodob merged commit 40f3f8f into main Apr 19, 2026
2 checks passed
@dobrodob dobrodob deleted the feat/sprint-13-syndication branch April 19, 2026 10:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dobrodob