webhouse.appwebhouse.appdocs

What's new and worth knowing right now in @webhouse/cms — the patterns we recommend by default for new sites.

What's hot in @webhouse/cms

A short, opinionated tour of the recent features that change how you should build new sites — not just the changelog. Skim this before you start a new project; the defaults you bake in here save you weeks of refactoring later.

⚡ Instant Content Deployment (ICD)

The new default for any Next.js site that needs editor-driven content updates.

Forget triggering a Docker rebuild every time someone fixes a typo. ICD pushes content edits from CMS admin directly to your deployed Next.js site via an HMAC-signed webhook. The site writes the update to disk and calls revalidatePath() — content goes live in ~2 seconds.

  • Drop-in app/api/revalidate/route.ts template — copy, paste, deploy
  • Works on any Next.js host with a persistent filesystem (Fly.io with volumes, self-hosted Docker)
  • HMAC-SHA256 signed payloads + timing-safe comparison
  • Header pill ICD · auto in admin once configured — editors see live status
  • Full Docker deploys are still available for code/config changes; ICD just handles the content path

👉 Full ICD guide · Also covered in AI Builder Guide module 18

📦 Beam — single-file site export/import

Pack a complete site (content + media + config + agents + settings) into one .beam archive. Import on any other CMS admin instance — content, secrets stripped automatically, checksums verified.

Use it for:

  • Cloning sites between dev / staging / prod
  • Onboarding clients onto your production CMS
  • Backing up before risky migrations

Live Beam (HTTP push to a remote admin) is also available for direct admin-to-admin transfer with chunked upload.

🤖 Headless Site API (F139)

Use CMS admin as a headless backend inside any framework — Next.js, Astro, plain Node, you name it. Authenticate with a permanent wh_ Access Token. Read/write content, trigger deploys, read form inboxes, embed the AI chat in your own UI.

For projects where the design system is too custom to fit our default Next.js boilerplate.

👉 Headless API guide

🔐 Permission-based ACL (F55)

20 fine-grained permissions — content.publish, media.upload, forms.export, settings.edit etc. Map to roles (admin / editor / viewer) or assign per user. Server-side enforcement on every API route via requirePermission(). UI buttons hide when user can't act.

🌍 i18n with translation groups (F48)

Link documents across locales via translationGroup field. AI auto-translates on create. Hreflang tags, locale routing, language switcher — all built in. 18 AI routes for translation operations.

🛡 AI Lock

Field-level protection: AI agents cannot overwrite human edits. WriteContext threads actor identity through every CRUD call. Once you've manually polished a sentence, no agent will touch it without an explicit override.

What's new this week

See the changelog for full per-version notes.

JSON API →Edit on GitHub →