v1.0.0

Changelog

This is v1.0.0 of CedarJS 🎉 🚀 🚀 🎉
It marks a stable version of Cedar that's suitable for everyone migrating from Redwood to Cedar. And everyone else too, of course.

There are no breaking changes between RedwoodJS v8.9.0 and Cedar v1.0.0.
Cedar is successfully used in production by several large companies, so there should be no worry for you to also do the migration. See https://github.com/cedarjs/cedar#migrating-from-redwoodjs-to-cedarjs for detailed migration instructions

The biggest thing to note is that Cedar v1 does require a very recent minor version of Node v20 (v20.19 or newer).

Compared to Redwood v8.9.0 the biggest feature is by far experimental support for ESM projects, letting you use all the latest ESM-only versions of other packages.
It's still not recommended for production use, but if you do feel adventurous you can switch over your existing apps simply by adding "type": "module" to package.json, web/package.json and api/package.json.
I do however encourage you to try it out on a new project by passing the hidden --esm flag to yarn create cedar-app.

Other than that Cedar has received a bunch of security updates for third party packages, and it has support for Cron scheduling of Background Jobs, see https://cedarjs.com/docs/background-jobs#recurring-jobs

The Cedar docs have also become more AI-friendly, with https://cedarjs.com/llms.txt and https://cedarjs.com/llms-full.txt. Plus, all pages now have a dropdown menu at the top where you can pass the page to ChatGPT and Claude, or just copy the markdown version of the page for use with your local AI dev tool of choice.

🚀 Features

feat(sb): Prep for v8 upgrade (#516) by @Tobbe

Cedar is currently using Storybook 7. In Storybook 8 *.stories.mdx is no longer supported, so I'm switching to just plain *.mdx here to prepare for the v8 upgrade.

Also took the opportunity to do some Redwood -> Cedar rebranding

feat(storybook): Node 24 and ESM compatibility (#505) by @Tobbe

Getting rid of require() usage to prep for Node 24 and ESM

Was specifically seeing this error when running Storybook

[WebServer] SB_CORE-SERVER_0002 (CriticalPresetLoadError): Storybook failed to load the following preset: storybook-framework-cedarjs/preset.
[WebServer]
[WebServer] Please check whether your setup is correct, the Storybook dependencies (and their peer dependencies) are installed correctly and there are no package version clashes.
[WebServer]
[WebServer] If you believe this is a bug, please open an issue on Github.
[WebServer]
[WebServer] ReferenceError: require is not defined
[WebServer]     at getAbsolutePath (file://./node_modules/storybook-framework-cedarjs/dist/preset.js:9:49)
[WebServer]     at file://./node_modules/storybook-framework-cedarjs/dist/preset.js:11:12
[WebServer]     at ModuleJobSync.runSync (node:internal/modules/esm/module_job:514:37)
[WebServer]     at ModuleLoader.importSyncForRequire (node:internal/modules/esm/loader:449:47)
[WebServer]     at loadESMFromCJS (node:internal/modules/cjs/loader:1577:24)
[WebServer]     at Module._compile (node:internal/modules/cjs/loader:1742:5)
[WebServer]     at node:internal/modules/cjs/loader:1893:10
[WebServer]     at Object.newLoader (./node_modules/esbuild-register/dist/node.js:2262:9)
[WebServer]     at extensions..js (./node_modules/esbuild-register/dist/node.js:4833:24)
[WebServer]     at Module.load (node:internal/modules/cjs/loader:1480:32)
[WebServer]     at loadPreset (./node_modules/@storybook/core-common/dist/index.js:15:82)
[WebServer]
[WebServer] WARN[WebServer]  Broken build, fix the error above.

feat(yarn): Remove code that handles yarn v1 (#507) by @Tobbe

Cedar has never supported yarn v1. And neither has RW for a long time. So this PR is just cleaning up old legacy code

🛠️ Fixes

fix(cli): Fix spacing in node version check message (47f4f4c) by @Tobbe

>= v20.0.0 instead of >=v20.0.0

fix(cli): Remove cdr bin (#535) by @Tobbe

Standardize on only using yarn cedar by removing the cdr bin

fix(cca): yarn cedar dev (#528) by @Tobbe

Change from "yarn rw dev" to "yarn cedar dev" in the instructions printed to the terminal after running "yarn create cedar-app"

fix(cca): Redwood -> Cedar renaming (#531) by @Tobbe

Some more Redwood -> Cedar renaming ahead of the v1 launch

fix(docs): 'cedar' instead of 'cedarjs' as the bin name (#533) by @Tobbe

Align on advertising yarn cedar everywhere instead of yarn cedarjs.

Still a lot of yarn rw and yarn redwood to switch over

fix(cli): DEP0190 fix for updateCheck and telemetry (#509) by @Tobbe

Prep work for upgrading the version of Node that we use. With Node 24 they've gotten much louder about https://nodejs.org/api/deprecations.html#DEP0190

fix(cli): properly destroy generated files when running cedar destroy page (#513) by @rkmitra1

Fixes error when running cli destroy page function

ex: yarn cedarjs destroy page mypage

This pull request refactors how component destroy handlers are imported and updates the destroy page command logic and its tests to support asynchronous file operations.

Refactor and modularization:

• Changed dynamic import path in createHandler so that handler files are now expected in a subdirectory named after the component, correcting Terry

Async file handling:

• Updated the tasks function in pageHandler.js to await the result of pageFiles, ensuring proper handling of asynchronous file generation when destroying page files.

Test updates for async file operations:

• Modified tests in page.test.js to await the files function, ensuring that tests correctly handle asynchronous file generation when verifying file destruction.

fix(vite): Improve error message during server startup (#519) by @Tobbe

This fixes a bug where the "loading" error message never was shown, instead the default generic one was always used.

Also updated the generic message to say Cedar instead of RW

fix(webhooks): ESM+CJS compatible webhook verifiers (#530) by @Tobbe

When using the webhook verifiers in a CJS project you'd get the following error: TypeError: import_common.verifierLookup[type] is not a function. This PR fixes that by eliminating default exports which is a known problem when doing dual ESM/CJS builds. See evanw/esbuild#2623

Fixes #529

fix(cedar): Chipping away at the RW -> Cedar rebranding (#510) by @Tobbe

Switching from Redwood to Cedar in more places, and fixes a broken link to instead point towards Cedar

fix(vite): Special handling for auth requests in proxy server during startup (#520) by @Tobbe

Fixes this error:

Error: Failed to execute 'fetch' on 'Window': Failed to read the 'headers' property from 'RequestInit': String contains non ISO-8859-1 code point.

That would be seen if the user had dbAuth setup and a graphql request was made while the api server was still starting up.

The reason was that the error message contains a utf-8 character, and the message was sent as the auth token to the auth provider, which tried to set it as a header value. And utf-8 characters aren't allowed as header values.

📚 Docs

docs(auth): Fix syntax in Netlify Identity docs (#534) by @Tobbe

Fix for this build error introduced in #532

6:03:22 AM: [success] [webpackbar] Client: Compiled with some errors in 26.85s
6:03:22 AM: [ERROR] Client bundle compiled with errors therefore further build is impossible.
6:03:22 AM: Error: MDX compilation failed for file "/opt/build/repo/docs/docs/auth/netlify.md"
6:03:22 AM: Cause: Expected a closing tag for `<name-of-your-app>` (22:175-22:193) before the end of `paragraph`
6:03:22 AM: Details:
6:03:22 AM: {
6:03:22 AM:   "column": 1,
6:03:22 AM:   "message": "Expected a closing tag for `<name-of-your-app>` (22:175-22:193) before the end of `paragraph`",
6:03:22 AM:   "line": 22,
6:03:22 AM:   "name": "22:1-23:88",
6:03:22 AM:   "place": {

docs(newsletter): Add newsletter signup form (#537) by @Tobbe

This PR adds the form above to the main https://cedarjs.com website so that new visitors to the site can easily sign up to receive news of new Cedar releases etc

docs(auth): Update instructions for Netlify Identity (#532) by @thefonso

Updated how to find Netlify Identity on the Netlify site as it has been changed.

📦 Dependencies

chore(deps): nx v22.0.2 (#503) by @Tobbe

Should be no user facing changes. But I'm jumping two major versions here, and it's related to how we build. So worth keeping an extra eye out.

chore(deps): bump cipher-base from 1.0.4 to 1.0.7 (#480) by @Tobbe

Bumps cipher-base from 1.0.4 to 1.0.7.

Changelog

Sourced from cipher-base's changelog.

v1.0.7 - 2025-09-24

Commits

• [Refactor] use to-buffer fd1e5ee
• [Dev Deps] update @ljharb/eslint-config 08ba803

v1.0.6 - 2024-11-26

Commits

• [Fix] io.js 3.0 - Node.js 5.3 typed array support b7ddd2a

v1.0.5 - 2024-11-17

Commits

• [Tests] standard -> eslint, make test dir, etc ae02fd6
• [Tests] migrate from travis to GHA 66387d7
• [meta] fix package.json indentation 5c02918
• [Fix] return valid values on multi-byte-wide TypedArray input 8fd1364
• [meta] add auto-changelog 88dc806
• [meta] add npmignore and safe-publish-latest 7a137d7
• Only apps should have lockfiles 42528f2
• [Deps] update inherits, safe-buffer 0e7a2d9
• [meta] add missing engines.node f2dc13e

Commits

• 0056718 v1.0.7
• fd1e5ee [Refactor] use to-buffer
• 08ba803 [Dev Deps] update @ljharb/eslint-config
• f5249f9 v1.0.6
• b7ddd2a [Fix] io.js 3.0 - Node.js 5.3 typed array support
• f03cebf v1.0.5
• 88dc806 [meta] add auto-changelog
• 7a137d7 [meta] add npmignore and safe-publish-latest
• 5c02918 [meta] fix package.json indentation
• 8fd1364 [Fix] return valid values on multi-byte-wide TypedArray input
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for cipher-base since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

🧹 Chore

Click to see all chore contributions

• Version docs to 1.0 (243dd90) by @Tobbe
• chore(storybook): RW -> Cedar (#524) by @Tobbe
• chore(test-project): Update autoprefixer to 10.4.22 (#523) by @Tobbe
• chore(node): Fix DEP0190 (#506) by @Tobbe
• chore(lefthook): No NX tui when building (#504) by @Tobbe