@glw907/cairn-cms 0.62.1 → 0.68.0

package/src/lib/content/schema.ts

@@ -2,6 +2,7 @@
 // declaration yields a plain-data field projection for the editor form, a generated validator,
 // and an inferred frontmatter type. Plan 1 builds the additive primitive; the adapter-contract
 // cutover and the typed reads are Plan 2.
+import { compilePattern, dateBoundsError, patternError, stringLengthError } from './field-rules.js';
 import type { FrontmatterField, ImageValue, ValidationResult } from './types.js';
 import { validateFields } from './validate.js';
 
@@ -77,16 +78,15 @@ export type Infer<S> = S extends ConceptSchema<infer F> ? InferFields<F> : never
 function applyRules(field: FrontmatterField, value: unknown, errors: Record<string, string>, patterns: Map<string, RegExp>): void {
   if (typeof value !== 'string' || value === '') return;
   if (field.type === 'text' || field.type === 'textarea') {
-    if (field.min != null && value.length < field.min) errors[field.name] = `${field.label} must be at least ${field.min} characters`;
-    else if (field.max != null && value.length > field.max) errors[field.name] = `${field.label} must be at most ${field.max} characters`;
-    else if (field.length != null && value.length !== field.length) errors[field.name] = `${field.label} must be exactly ${field.length} characters`;
-    else if (field.pattern != null) {
-      const re = patterns.get(field.name);
-      if (re && !re.test(value)) errors[field.name] = `${field.label} is not in the expected format`;
+    const lengthError = stringLengthError(value, field, field.label);
+    if (lengthError != null) errors[field.name] = lengthError;
+    else {
+      const formatError = patternError(value, patterns.get(field.name), field.label);
+      if (formatError != null) errors[field.name] = formatError;
     }
   } else if (field.type === 'date') {
-    if (field.min != null && value < field.min) errors[field.name] = `${field.label} must be on or after ${field.min}`;
-    else if (field.max != null && value > field.max) errors[field.name] = `${field.label} must be on or before ${field.max}`;
+    const boundsError = dateBoundsError(value, field, field.label);
+    if (boundsError != null) errors[field.name] = boundsError;
   }
 }
 
@@ -105,11 +105,7 @@ function compilePatterns(fields: FrontmatterField[]): Map<string, RegExp> {
   const compiled = new Map<string, RegExp>();
   for (const field of fields) {
     if ((field.type === 'text' || field.type === 'textarea') && field.pattern != null) {
-      try {
-        compiled.set(field.name, new RegExp(field.pattern));
-      } catch (cause) {
-        throw new Error(`cairn: field "${field.name}" has an invalid pattern: ${field.pattern}`, { cause });
-      }
+      compiled.set(field.name, compilePattern(field.pattern, field.name));
     }
   }
   return compiled;

package/src/lib/delivery/public-routes.ts

@@ -13,6 +13,7 @@ import { buildLinkResolver } from './site-resolver.js';
 import type { LinkResolve } from '../content/links.js';
 import type { MediaResolve } from '../render/resolve-media.js';
 import { parseMediaToken } from '../media/reference.js';
+import { log } from '../log/index.js';
 
 /** Injected dependencies for the public loaders. */
 export interface PublicRoutesDeps {
@@ -36,6 +37,14 @@ export interface PublicRoutesDeps {
    *  media is off and no `heroImage` projection is derived.
    */
   resolveMedia?: MediaResolve;
+  /**
+   * Whether the site configured media on, read from `runtime.resolvedAssets.enabled`. It exists only
+   *  to diagnose a forgotten wire-point: media on but no `resolveMedia` reached this factory, which
+   *  renders public hero and body images as bare `media:` tokens. When true and `resolveMedia` is
+   *  absent, the factory emits `media.resolver_absent` once at construction. It does not change
+   *  resolution; `resolveMedia` alone still gates the hero projection.
+   */
+  assetsEnabled?: boolean;
 }
 
 /** The archive and tag list data: summaries the template renders. */
@@ -74,7 +83,16 @@ export interface EntryData {
 
 /** Build the public loaders for a site's unified index. */
 export function createPublicRoutes(deps: PublicRoutesDeps) {
-  const { site, render, origin, siteName, description, feeds, defaultImage, resolveMedia } = deps;
+  const { site, render, origin, siteName, description, feeds, defaultImage, resolveMedia, assetsEnabled } = deps;
+
+  // Diagnose a forgotten wire-point: media is configured on but no resolver reached this factory, so
+  // every public hero and body `media:` token renders bare (the ecxc 0.57.0 finding). The condition
+  // is a property of the wiring, not of any one load, so it is checked once here at construction
+  // rather than per entryLoad or per image, which keeps the warning loud-once and out of the
+  // prerender hot path. Resolution is unchanged; resolveMedia alone still gates the hero projection.
+  if (assetsEnabled && !resolveMedia) {
+    log.warn('media.resolver_absent', { enabled: true });
+  }
 
   /**
    * Derive the hero projection from an entry's frontmatter, without mutating it (locked decision 5).

package/src/lib/index.ts

@@ -45,6 +45,13 @@ export {
 export { defineFields } from './content/schema.js';
 export { defineAdapter } from './content/adapter.js';
 export type { ConceptSchema, Infer, InferFields, DefineFieldsOptions, StandardInput, StandardSchemaV1 } from './content/schema.js';
+// The Contract v2 field vocabulary, additive beside `defineFields`. The individual *Field
+// interfaces and the bare `Infer` stay module-local: the old `FrontmatterField` model above
+// already exports those names, and the cutover plan frees them.
+export { fields } from './content/fields.js';
+export type { FieldDescriptor } from './content/fields.js';
+export { fieldset, initialValues } from './content/fieldset.js';
+export type { Fieldset, InferFieldset, FieldsetOptions, BehaviorTable } from './content/fieldset.js';
 export {
   isValidId,
   idFromFilename,

package/src/lib/log/events.ts

@@ -22,6 +22,7 @@ export type CairnLogEvent =
   | 'media.delivery_failed'
   | 'media.orphan_reconcile'
   | 'media.resolve_missing'
+  | 'media.resolver_absent'
   | 'media.deleted'
   | 'media.delete_blocked'
   | 'media.bulk_deleted'

package/src/lib/media/index.ts

@@ -8,6 +8,7 @@
 export { normalizeAssets, type ResolvedAssetConfig } from './config.js';
 export {
   parseMediaManifest,
+  readCommittedManifest,
   findByHash,
   upsertMediaEntry,
   removeMediaEntry,

package/src/lib/media/manifest.ts

@@ -38,6 +38,20 @@ export function parseMediaManifest(json: unknown): MediaManifest {
   return json as MediaManifest;
 }
 
+/**
+ * Read the committed media manifest from an `import.meta.glob` eager result, degrading a missing
+ *  file to an empty manifest. A static import of an absent `media.json` fails the Vite build before
+ *  any runtime degrade can run, so a fresh site with no manifest cannot build. A glob result is the
+ *  build-safe read: `import.meta.glob` returns `{}` when nothing matches rather than throwing, and
+ *  this helper extracts the single matched value and parses it, so a missing file reads a clean `{}`.
+ * @param globResult - The eager glob result for the committed manifest, an empty object when the
+ *  file is absent. The consumer passes
+ *  `import.meta.glob('<path-to-media.json>', { eager: true, import: 'default' })`.
+ */
+export function readCommittedManifest(globResult: Record<string, unknown>): MediaManifest {
+  return parseMediaManifest(Object.values(globResult)[0]);
+}
+
 /**
  * Validate one posted value as a MediaEntry, returning it narrowed or undefined. The trust boundary
  *  for an optimistic record the client re-posts: the upload action server-owned each field at

package/src/lib/render/highlight.ts

@@ -0,0 +1,259 @@
+// cairn-cms: build-time syntax highlighting for the shared render pipeline. It tokenizes fenced
+// code with Shiki and emits a <pre class="shiki"> whose tokens carry semantic CLASS names from a
+// fixed cairn ramp (cairn-tok-keyword, cairn-tok-string, ...), never an inline style and never a
+// baked hex literal. The colors live in the site theme, so recoloring the theme recolors code with
+// no markup change.
+//
+// CLASS-DRIVEN (load-bearing): the output is class-only, with no `style` attribute on the <pre>,
+// the <code>, or any token <span>. cairn is class-driven by design (the sink guard in
+// sanitize-schema.ts strips every inline `style` wholesale), and class output survives that floor
+// naturally because `className` is already allowed on `*`. The highlighter therefore needs no
+// special placement and no ordering invariant: it runs as an ordinary rehype plugin. Never weaken
+// the sanitize floor or the sink guard to accommodate this step, and never add `style` to an
+// allowlist; the point is that class-only output needs neither.
+//
+// THE .cairn-tok-* CLASS CONTRACT: the engine owns the token class names (below); the site owns the
+// colors. This mirrors the engine's .cairn-place-* figure-placement contract: a site styles the
+// classes in its own theme. The showcase binds each class to a --cairn-code-* role variable in
+// examples/showcase/src/lib/theme.css, so the syntax palette re-skins with the rest of the theme.
+//
+//   .cairn-tok-keyword    a language keyword, storage class, or control word
+//   .cairn-tok-string     a string or quoted literal
+//   .cairn-tok-comment    a comment
+//   .cairn-tok-function   a function name, tag name, or property key
+//   .cairn-tok-number     a numeric, boolean, or other constant literal
+//   .cairn-tok-punct      punctuation and operators
+//
+// Default text carries no token class and inherits the code block's foreground (--cairn-code-ink).
+//
+// SERVER/BUILD-ONLY: Shiki is loaded through a dynamic import so it stays out of the static client
+// graph (a separate async chunk). The highlighter runs only inside the async pipeline, at
+// render/prerender and in the Worker SSR. The highlighter is created once and its promise cached.
+import type { Root, Element } from 'hast';
+import { toString } from 'hast-util-to-string';
+import type { Highlighter, ThemeRegistrationRaw, ShikiTransformer } from 'shiki';
+
+// The curated language set Shiki preloads. Each id pulls its aliases too (loading `bash` also
+// registers `sh`, `shell`, `zsh`; loading `js` registers `javascript`, `mjs`, `cjs`). A fence whose
+// language is absent or outside this set falls back to plaintext rather than throwing.
+const LANGS = [
+  'js',
+  'ts',
+  'jsx',
+  'tsx',
+  'svelte',
+  'html',
+  'css',
+  'json',
+  'bash',
+  'markdown',
+  'python',
+  'yaml',
+  'sql',
+] as const;
+
+// The plaintext language id. Shiki special-cases it (and `plaintext`/`txt`/`ansi`) as always
+// available, so it is the safe fallback for an unknown or absent fence language: it escapes the
+// code text into the same <pre class="shiki"> wrapper with no token coloring.
+const PLAINTEXT = 'text';
+
+// Sentinel foreground colors, one per ramp slot. Shiki has no class-emitting mode, so the theme
+// assigns each scope group a unique sentinel hex, then the transformer below maps the resolved
+// sentinel back to its cairn-tok-* class and deletes the style. The sentinels never reach the
+// output. They are arbitrary distinct values; only their uniqueness and exact round-trip matter.
+const SENTINEL_INK = '#000000';
+const SENTINEL_TO_CLASS: Record<string, string> = {
+  '#000010': 'cairn-tok-comment',
+  '#000020': 'cairn-tok-keyword',
+  '#000030': 'cairn-tok-string',
+  '#000040': 'cairn-tok-function',
+  '#000050': 'cairn-tok-number',
+  '#000060': 'cairn-tok-punct',
+};
+
+// The Shiki theme that drives the class mapping. Every scope group resolves to its sentinel color;
+// the transformer turns the sentinel into a class. The background and default foreground are
+// sentinels too, stripped from the <pre> by the transformer so the site theme owns the surround.
+const CAIRN_CODE_THEME: ThemeRegistrationRaw = {
+  name: 'cairn-roles',
+  type: 'light',
+  fg: SENTINEL_INK,
+  bg: '#ffffff',
+  settings: [
+    { settings: { foreground: SENTINEL_INK, background: '#ffffff' } },
+    {
+      scope: ['comment', 'punctuation.definition.comment', 'string.comment'],
+      settings: { foreground: '#000010' },
+    },
+    {
+      scope: [
+        'keyword',
+        'keyword.control',
+        'storage',
+        'storage.type',
+        'storage.modifier',
+        'variable.language',
+        'keyword.operator.new',
+        'keyword.operator.expression',
+      ],
+      settings: { foreground: '#000020' },
+    },
+    {
+      scope: ['string', 'string.quoted', 'string.template', 'constant.other.symbol'],
+      settings: { foreground: '#000030' },
+    },
+    {
+      scope: [
+        'entity.name.function',
+        'support.function',
+        'meta.function-call',
+        'entity.name.tag',
+        'support.type.property-name',
+      ],
+      settings: { foreground: '#000040' },
+    },
+    {
+      scope: [
+        'constant.numeric',
+        'constant.language',
+        'constant.character',
+        'constant.other',
+        'keyword.other.unit',
+      ],
+      settings: { foreground: '#000050' },
+    },
+    {
+      scope: ['punctuation', 'meta.brace', 'keyword.operator', 'meta.delimiter'],
+      settings: { foreground: '#000060' },
+    },
+  ],
+};
+
+// Read the `color:#rrggbb` hex out of a token span's inline style, lowercased for the sentinel map.
+function styleColor(style: unknown): string | undefined {
+  if (typeof style !== 'string') return undefined;
+  const match = /color:(#[0-9a-fA-F]{6})/.exec(style);
+  return match ? match[1].toLowerCase() : undefined;
+}
+
+// Append a class to a hast element's class list, building the string form Shiki uses.
+function addClass(node: Element, className: string): void {
+  const existing = node.properties?.class;
+  const prefix = typeof existing === 'string' && existing.length > 0 ? `${existing} ` : '';
+  (node.properties ??= {}).class = `${prefix}${className}`;
+}
+
+// The transformer that converts Shiki's sentinel-colored inline styles into the cairn-tok-* classes
+// and strips every style attribute, so the output is class-only. The <pre> loses its
+// background/foreground style (the site theme owns the surround); each token <span> trades its
+// sentinel color for the matching class, and a default-foreground span is left unclassed.
+const cairnTokenClasses: ShikiTransformer = {
+  name: 'cairn-token-classes',
+  pre(node) {
+    if (node.properties) delete node.properties.style;
+  },
+  code(node) {
+    if (node.properties) delete node.properties.style;
+  },
+  span(node) {
+    const hex = styleColor(node.properties?.style);
+    if (node.properties) delete node.properties.style;
+    const className = hex ? SENTINEL_TO_CLASS[hex] : undefined;
+    if (className) addClass(node, className);
+  },
+};
+
+// The cached highlighter. Created once on first use and reused for every render. The dynamic import
+// keeps Shiki off the static client graph; the promise is cached so the WASM grammar load and the
+// theme registration happen at most once per process.
+let highlighterPromise: Promise<Highlighter> | undefined;
+
+function getHighlighter(): Promise<Highlighter> {
+  if (!highlighterPromise) {
+    highlighterPromise = import('shiki').then((shiki) =>
+      shiki.createHighlighter({ themes: [CAIRN_CODE_THEME], langs: [...LANGS] }),
+    );
+  }
+  return highlighterPromise;
+}
+
+// Read the fenced language off a <code> element's class list. Markdown emits the language as a
+// `language-<id>` class on the inner <code>. An empty or missing language returns undefined, which
+// the caller maps to plaintext.
+function codeLanguage(code: Element): string | undefined {
+  const className = code.properties?.className;
+  const classes = Array.isArray(className) ? className.map(String) : [];
+  const langClass = classes.find((c) => c.startsWith('language-'));
+  const lang = langClass?.slice('language-'.length);
+  return lang && lang.length > 0 ? lang : undefined;
+}
+
+// A fenced-code <pre> is a <pre> whose single element child is a <code>. Inline code (a bare <code>
+// with no <pre> parent) and any other <pre> are left untouched.
+function fencedCode(pre: Element): Element | undefined {
+  const child = pre.children.find((c): c is Element => c.type === 'element');
+  return child?.tagName === 'code' ? child : undefined;
+}
+
+// One pending highlight: the original <pre> to replace, the inner <code> to read text from, and the
+// fenced language. The <pre> is rewritten in place (mutated to become Shiki's <pre>) after the async
+// tokenize, which keeps the parent-children typing uniform across Root and Element.
+interface Job {
+  pre: Element;
+  code: Element;
+  lang: string;
+}
+
+// Descend the tree and collect every fenced-code <pre>. The walk is synchronous and gathers the
+// targets up front, because the highlight itself is async (unist-util-visit cannot await).
+function collectFencedCode(node: Root | Element, jobs: Job[]): void {
+  for (const child of node.children) {
+    if (child.type !== 'element') continue;
+    if (child.tagName === 'pre') {
+      const code = fencedCode(child);
+      if (code) {
+        jobs.push({ pre: child, code, lang: codeLanguage(code) ?? PLAINTEXT });
+        continue;
+      }
+    }
+    collectFencedCode(child, jobs);
+  }
+}
+
+/**
+ * The Shiki rehype plugin. Highlights every fenced-code block into a `<pre class="shiki">` whose
+ * tokens carry the cairn-tok-* classes (no inline style), then leaves the rest of the tree
+ * untouched. It runs as an async transformer because Shiki tokenizes asynchronously. Because the
+ * output is class-only it needs no special placement; it is safe anywhere after `remarkRehype`.
+ * @returns A unified transformer that mutates the hast tree in place.
+ */
+export function rehypeCairnHighlight() {
+  return async (tree: Root): Promise<void> => {
+    const jobs: Job[] = [];
+    collectFencedCode(tree, jobs);
+    if (jobs.length === 0) return;
+
+    const highlighter = await getHighlighter();
+    const loaded = new Set(highlighter.getLoadedLanguages());
+
+    for (const job of jobs) {
+      // Fall back to plaintext for any language outside the preloaded set so Shiki never throws on
+      // an unknown fence. Plaintext still produces the <pre class="shiki"> wrapper with escaped text.
+      const lang = loaded.has(job.lang) ? job.lang : PLAINTEXT;
+      const result = highlighter.codeToHast(toString(job.code), {
+        lang,
+        theme: 'cairn-roles',
+        transformers: [cairnTokenClasses],
+      });
+      const pre = result.children.find(
+        (c): c is Element => c.type === 'element' && c.tagName === 'pre',
+      );
+      if (!pre) continue;
+      // Rewrite the original <pre> into Shiki's <pre> in place: adopt its tag, properties, and
+      // children. Mutating the existing node avoids reindexing the parent's children array.
+      job.pre.tagName = pre.tagName;
+      job.pre.properties = pre.properties;
+      job.pre.children = pre.children;
+    }
+  };
+}

package/src/lib/render/pipeline.ts

@@ -9,7 +9,8 @@ import rehypeStringify from 'rehype-stringify';
 import rehypeSanitize from 'rehype-sanitize';
 import type { Schema } from 'hast-util-sanitize';
 import { VFile } from 'vfile';
-import { buildSanitizeSchema, rehypeAnchorRel, rehypeSinkGuard } from './sanitize-schema.js';
+import { buildSanitizeSchema, rehypeAnchorRel, rehypeSinkGuard, rehypeTaskListA11y } from './sanitize-schema.js';
+import { rehypeCairnHighlight } from './highlight.js';
 import { remarkDirectiveStamp } from './remark-directives.js';
 import { remarkFigure } from './remark-figure.js';
 import { remarkResolveCairnLinks, CAIRN_RESOLVE } from './resolve-links.js';
@@ -74,6 +75,16 @@ export function createRenderer(
     ...floor,
     [rehypeDispatch, registry, options.stagger],
     rehypeSlug,
+    // Name each GFM task-list checkbox from its item text. It runs after the sanitize floor (which
+    // does not allow aria-label) so the added attribute survives, and is content-not-sink, so it is
+    // not gated by unsafeDisableSanitize.
+    rehypeTaskListA11y,
+    // Build-time syntax highlighting. It emits class-only output (the cairn-tok-* ramp, no inline
+    // style), so it is class-driven like the rest of the pipeline and needs no special placement
+    // relative to the sanitize floor or the sink guard: the token classes survive the floor because
+    // `className` is already allowed on `*`. It runs unconditionally (a code fence is content, not a
+    // sink) and ships no client highlighter (Shiki is build-only behind a dynamic import).
+    rehypeCairnHighlight,
   ];
   if (rel !== false) rehypePlugins.push([rehypeAnchorRel, rel]);
   // The sink guard runs last, over the fully-built tree, so it neutralizes a sink a component

package/src/lib/render/registry.ts

@@ -86,7 +86,12 @@ export interface ComponentDef {
    *  result, so a build fn stays free of any motion concern.
    */
   build: (ctx: ComponentContext) => Element;
-  /** Optional role-to-default-icon, e.g. `{ caution: 'warning' }`. */
+  /**
+   * Optional role-to-default-icon, e.g. `{ caution: 'warning' }`. Maps a free-string role to a
+   *  glyph key in the site IconSet; choose a logically representative glyph and prefer glyphs
+   *  distinct across roles so the picker stays scannable. Overrides the engine
+   *  {@link DEFAULT_ICON_BY_ROLE} fallback for the roles it names.
+   */
   defaultIconByRole?: Record<string, string>;
   /** One line on when to reach for this component; feeds the picker and the reference file. */
   use?: string;
@@ -94,7 +99,10 @@ export interface ComponentDef {
   attributes?: AttributeField[];
   /** The named content regions this component accepts. */
   slots?: SlotDef[];
-  /** A glyph key from the site IconSet, shown beside the label in the picker. */
+  /**
+   * A glyph key from the site IconSet, shown beside the label in the picker. Choose a logically
+   *  representative glyph and prefer glyphs distinct across components so the picker stays scannable.
+   */
   icon?: string;
   /** A category heading for the picker. Components order by declaration within a group. */
   group?: string;
@@ -137,6 +145,20 @@ function findIconField(def: ComponentDef): AttributeField | undefined {
   return def.attributes?.find((field) => field.type === 'icon');
 }
 
+/**
+ * The engine's role-to-glyph-key fallback for the conventional admonition roles, which a site's
+ *  IconSet may satisfy. A component's own {@link ComponentDef.defaultIconByRole} overrides it.
+ */
+const DEFAULT_ICON_BY_ROLE: Record<string, string> = {
+  note: 'info',
+  tip: 'lightbulb',
+  important: 'star',
+  warning: 'warning',
+  caution: 'alert-triangle',
+  info: 'info',
+  danger: 'flame',
+};
+
 /**
  * Build a registry from a site's component definitions. The single source the render
  * pipeline (directive stamp plus rehype dispatch) and the editor palette both read.
@@ -159,7 +181,12 @@ export function defineRegistry({ components }: { components: ComponentDef[] }):
     defs: components,
     names: components.map((c) => c.name),
     get: (name) => byName.get(name),
-    defaultIcon: (name, role) => (role ? byName.get(name)?.defaultIconByRole?.[role] : undefined),
+    defaultIcon: (name, role) => {
+      if (!role) return undefined;
+      const def = byName.get(name);
+      if (!def || !findIconField(def)) return undefined;
+      return def.defaultIconByRole?.[role] ?? DEFAULT_ICON_BY_ROLE[role];
+    },
     iconField: (name) => {
       const def = byName.get(name);
       return def ? findIconField(def) : undefined;

package/src/lib/render/rehype-dispatch.ts

@@ -2,9 +2,7 @@ import type { Root, Element, ElementContent } from 'hast';
 import { h } from 'hastscript';
 import { dataAttrProp, type ComponentContext, type ComponentDef, type ComponentRegistry } from './registry.js';
 
-/**
- *
- */
+/** Narrow a hast node to an Element, false for a text node, a comment, or undefined. */
 export function isElement(node: ElementContent | undefined): node is Element {
   return !!node && node.type === 'element';
 }
@@ -21,9 +19,7 @@ export function strAttr(ctx: ComponentContext, key: string): string | undefined
 // hast Properties values are PropertyValue (string | number | boolean | array | null).
 // Directive markers (dataPrimitive/dataRole/dataAttr<Key>) are always stamped as strings;
 // this reads them back with that guarantee instead of casting at each call site.
-/**
- *
- */
+/** Read a hast element property as a string, or undefined when it is absent or non-string. */
 export function strProp(node: Element, name: string): string | undefined {
   const value = node.properties?.[name];
   return typeof value === 'string' ? value : undefined;

package/src/lib/render/sanitize-schema.ts

@@ -1,6 +1,7 @@
 import { defaultSchema, type Schema } from 'hast-util-sanitize';
 import type { Root, Element } from 'hast';
 import { visit } from 'unist-util-visit';
+import { toString } from 'hast-util-to-string';
 import { dataAttrProp, type ComponentRegistry } from './registry.js';
 
 // The fixed directive markers the stamp writes and the dispatch reads. They are inert data
@@ -68,6 +69,36 @@ export function rehypeAnchorRel(rel: string) {
   };
 }
 
+/**
+ * Give every GFM task-list checkbox an accessible name from its item text. remark-gfm emits a real
+ * `<input type="checkbox" disabled>` with no label, which axe's `label` rule flags as a critical
+ * violation even though the control is read-only; the visible label is the surrounding `<li>` text,
+ * not associated programmatically. This sets `aria-label` on each task-list checkbox to its item's
+ * text so the name travels with the control, keeping the engine's real disabled input (the bar's
+ * non-color cue) while clearing the violation on every site. It must run after the sanitize floor,
+ * which does not allow `aria-label`, so the attribute is added once the floor has run.
+ */
+export function rehypeTaskListA11y() {
+  return (tree: Root) => {
+    visit(tree, 'element', (node: Element) => {
+      const className = node.properties?.className;
+      const isTaskItem =
+        node.tagName === 'li' && Array.isArray(className) && className.includes('task-list-item');
+      if (!isTaskItem) return;
+      const checkbox = node.children.find(
+        (child): child is Element =>
+          child.type === 'element' &&
+          child.tagName === 'input' &&
+          child.properties?.type === 'checkbox',
+      );
+      if (!checkbox) return;
+      const label = toString(node).trim();
+      // Only when there is text to name it; an empty item leaves the box unnamed rather than blank.
+      if (label) (checkbox.properties ??= {})['ariaLabel'] = label;
+    });
+  };
+}
+
 // URL-bearing hast properties the post-dispatch guard scheme-checks. hast camelCases attribute
 // names through property-information (srcset -> srcSet, xlink:href -> xLinkHref with a capital L,
 // formaction -> formAction). data is the <object data> URL attribute; data-* attributes camelCase

package/src/lib/sveltekit/content-routes.ts

@@ -8,7 +8,7 @@ import { extractCairnLinks, formatCairnToken, rewriteCairnLink } from '../conten
 import { frontmatterFromForm, parseMarkdown, dateInputValue, serializeMarkdown } from '../content/frontmatter.js';
 import { deriveExcerpt } from '../content/excerpt.js';
 import { asString, entryIdentity } from '../content/identity.js';
-import { buildAddressIndex, addressCollision, type AdvisoryNotice, type AddressEntry } from '../content/advisories.js';
+import { buildAddressIndex, mainAddressIndex, addressCollision, type AdvisoryNotice, type AddressEntry } from '../content/advisories.js';
 import { isValidId, slugify, filenameFromId, composeDatedId, slugFromId, renameId } from '../content/ids.js';
 import { appCredentials, type GithubKeyEnv } from '../github/credentials.js';
 import { listMarkdown, readRaw, commitFile, commitFiles, type FileChange } from '../github/repo.js';
@@ -1072,14 +1072,16 @@ export function createContentRoutes(runtime: CairnRuntime, deps: ContentRoutesDe
       inbound = inboundLinks(manifest, concept.id, id);
     }
 
-    // The cross-branch address-collision advisory: warn-and-allow, never a gate. Build it from the
-    // same manifest read above (no second read) and degrade to no notice on any read failure, so a
-    // transient GitHub error never blocks the editor. Skip the build with no manifest to index.
+    // The address-collision advisory: warn-and-allow, never a gate. At edit-load it checks the
+    // published corpus only, built synchronously from the same manifest read above (no extra GitHub
+    // read per editor open); publishAction re-checks the full cross-branch index before it lands. The
+    // try/catch degrades to no notice if entryIdentity throws on a malformed-date entry. Skip the build
+    // with no manifest to index.
     let advisories: AdvisoryNotice[] = [];
     if (manifest !== null) {
       try {
         const identity = entryIdentity(concept, path, parsed.frontmatter);
-        const addressIndex = await buildAddressIndex(runtime.backend, token, runtime.concepts, manifest);
+        const addressIndex = mainAddressIndex(manifest);
         const other = addressCollision(addressIndex, { concept: concept.id, id }, identity.permalink);
         if (other) {
           const otherConcept = findConcept(runtime.concepts, other.concept);
@@ -1093,8 +1095,8 @@ export function createContentRoutes(runtime: CairnRuntime, deps: ContentRoutesDe
             },
           ];
         }
-      } catch (err) {
-        log.warn('github.unreachable', { scope: 'edit-advisories', error: String(err) });
+      } catch {
+        // A malformed-date entry that cannot resolve its permalink degrades to no advisory, fail open.
       }
     }
 

package/src/lib/sveltekit/guard.ts

@@ -41,6 +41,21 @@ export function createAuthGuard() {
   return async function handle({ event, resolve }: HandleInput): Promise<Response> {
     const { pathname } = event.url;
 
+    // Fail closed if the dev-backend flag is set in a deployed runtime. Read both env sources: a
+    // Cloudflare Worker var lands on platform.env, an adapter-node OS var on process.env. A correct
+    // production build already eliminated the dev backend (the consumer gates it on the build-foldable
+    // `dev`), so a set flag signals a polluted environment; refuse loudly.
+    const platformFlag = event.platform?.env?.CAIRN_DEV_BACKEND;
+    const processFlag =
+      typeof process !== 'undefined' ? process.env?.CAIRN_DEV_BACKEND : undefined;
+    if (platformFlag === '1' || platformFlag === true || processFlag === '1') {
+      log.error('guard.rejected', { reason: 'dev_backend_in_prod', path: pathname });
+      return new Response(
+        'cairn: the dev backend flag is set in a deployed environment. Unset CAIRN_DEV_BACKEND.',
+        { status: 503 },
+      );
+    }
+
     // Rule 2 - non-admin: restore the framework's strict Origin check the consumer disabled when
     // they set checkOrigin: false to hand cairn the admin CSRF authority.
     if (!isAdminPath(pathname)) {