A security and regression gate for framework work, distilled from docmd v0.8.x battle test.
Highlights
- New
docmd-devsecurity and regression checklist.references/security-and-regression-checklist.mdcovers the ten docmd-specific regression areas (container parser, plugin HTML-injection contract, public API honesty, i18n/versioning, deploy/Docker hardening, migration correctness, CLI honesty, rendering, TUI, engines). Every rule traces back to a report ID for auditability. - New "Workflow 5: Hard checks before any framework change ships" in
docmd-dev/SKILL.md. Walks the generic Node triage (ai-devnodejs-cautions.md+security-must-checks.md), then the docmd checklist, thenpnpm prep, then one regression test per bug class. Codifies the lessons from the v0.8.x regressions: safety-named functions must enforce, no silent no-ops, no accepted-but-unused flags, documented API = real API, loud fallbacks. - Path and URL hardening for plugins (
safePath,sanitizeUrl,safePath-by-accident), MCP tools, OpenAPI, and container fences. - Output injection beyond visible HTML:
href/srcURL-scheme allowlists (javascript:,data:,vbscript:), machine-readable outputs (llms.txt, search-index, CSV with formula-prefix stripping), and<meta>from frontmatter. - Plugin output-injection contract:
generateMetaTags,generateScripts,getAssets, template slots, andtranslationsreturns are untrusted;headandbodyscript generation are distinct typed returns; no legacy descriptor-less escape hatch; built-ins win over plugin engine overrides. - WebSocket and dev-server defaults:
verifyClientonWebSocketServer, bind to127.0.0.1by default rather than0.0.0.0. - i18n and versioning silent failures gone: missing translations warn instead of silently falling back, search index includes every locale, default-locale-at-root links resolve, RTL sets
dir="rtl", missing version folder names the version. - Deploy and Docker hardening: every generated server config ships a security-header baseline (CSP, HSTS, Referrer-Policy, X-Content-Type-Options); Netlify
[[redirects]]does not soft-404; Docker runs non-root with a Node base image consistent with the official image;WORKDIRwritability is validated. - Migration correctness:
nav:translated, frontmatter aliases translated, all legacy keys upgraded by--upgrade, no silentoutrewrite,--dry-runavailable. - CLI honesty: exit codes are a contract, no dead flags, no silent no-ops in
add/remove/migrate, validation errors are readable. - Loud fallbacks: Rust engine fallback to JS emits one warning line with the cause; per-platform binaries auto-resolve on Mac ARM.
docmd-dev/SKILL.mddescription updated to state that docmd is Node.js and TypeScript only and enforces the security and quality gate before any framework change ships.- Layered, not duplicated.
docmd-devowns the docmd-only layer and points back toai-devfor generic Node rules rather than re-stating them.