Skip to content

feat: SCORE schema, LSP reload, audit fixes (UTF-8 panic, XSS, perf)#61

Merged
avrabe merged 2 commits intomainfrom
feat/score-lsp-audit-fixes
Mar 21, 2026
Merged

feat: SCORE schema, LSP reload, audit fixes (UTF-8 panic, XSS, perf)#61
avrabe merged 2 commits intomainfrom
feat/score-lsp-audit-fixes

Conversation

@avrabe
Copy link
Copy Markdown
Contributor

@avrabe avrabe commented Mar 21, 2026

Summary

  • Eclipse SCORE metamodel schema (40+ types, 18 links, 20 rules)
  • LSP didSave full reload with stale diagnostic clearing
  • UTF-8 slicing panic fix (was: &title[..26] on multi-byte chars)
  • Mermaid securityLevel strict (was: loose, allowed XSS)
  • page_layout uses cached diagnostics (was: recomputing per page load)
  • HTML escaping for source refs, results view, wiki-link IDs

🤖 Generated with Claude Code

Test and others added 2 commits March 21, 2026 17:12
@claude
docs(schema): add research schema for market/competitive/patent/tech …
7a54feb 
…tracking

New artifact types: market-finding, competitive-analysis, patent-finding,
technology-evaluation, academic-reference. Enables traceability from
research findings to requirements and architecture decisions.

Trace: skip

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@claude
feat(schema): add Eclipse SCORE metamodel + fix critical audit findings
9c3049f 
1. SCORE schema (schemas/score.yaml): 40+ artifact types across 7 areas
   (process, requirements, architecture, implementation, safety,
   verification, documents) with 18 link types and 20 traceability rules

2. LSP didSave reload: full project reload on file save with stale
   diagnostic clearing and fresh republish

3. Critical bug fixes from deep audit:
   - UTF-8 string slicing panic: &title[..26] → chars().take(26)
   - Mermaid securityLevel: 'loose' → 'strict' (prevent XSS via diagrams)
   - Redundant validation: page_layout() now uses cached_diagnostics
   - HTML escaping: source file refs, results view, wiki-link IDs

Fixes: FEAT-001
Satisfies: SSC-4

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@avrabe avrabe merged commit 8a6b87d into main Mar 21, 2026
@avrabe avrabe deleted the feat/score-lsp-audit-fixes branch March 21, 2026 17:08
@codecov
Copy link
Copy Markdown

codecov Bot commented Mar 21, 2026

Codecov Report

❌ Patch coverage is 62.50000% with 3 lines in your changes missing coverage. Please review.

Files with missing lines Patch % Lines
rivet-core/src/document.rs 62.50% 3 Missing ⚠️

📢 Thoughts on this report? Let us know!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@avrabe