Skip to content

chore: Release v1.51.0 (SPLADE viz Stage 2b + 4 red-team security fixes)#2090

Merged
jamie8johnson merged 1 commit into
mainfrom
release/v1.51.0
Jun 29, 2026
Merged

chore: Release v1.51.0 (SPLADE viz Stage 2b + 4 red-team security fixes)#2090
jamie8johnson merged 1 commit into
mainfrom
release/v1.51.0

Conversation

@jamie8johnson

Copy link
Copy Markdown
Owner

Release v1.51.0

The SPLADE-viz Stage 2b feature + four security fixes from a post-v1.50.1 red-team pass.

Stage 2b (Added)

The eval-gold "where hybrid wins" stratified tour + R@K-delta panel: a new /api/eval_gold route + a cluster-3d gold-tour mode that shows, per gold query, the dense-leg→fused-leg rank movement (rescued vs hurt), stratified across all 8 categories including the zero/negative-uplift ones. Live-verified: the showcase deltas (121→2, 69→4, 4→24, 2→8) reproduce the standalone legs analysis exactly.

Security (4 red-team findings, all confirmed / 0 false-positive)

  • Leading-directive heuristic missed the canonical ignore all previous instructions (filler "all" defeated the exact-prefix match) — now a normalized kill-verb family.
  • Comment-marker strip-set omitted /* /** -- % ; — a directive behind them was relayed unflagged.
  • Full-file cqs read relayed the whole file verbatim with no scan — now scans the exact relayed bytes.
  • /api/search_legs forwarded the client query with no -- separator (flag-injection) — now flags-first + -- + query.

The heuristic widening was empirically proven inert: 0 newly-flagged chunks on the real 17.5k-chunk corpus. SECURITY.md updated.

Recall — carries unchanged

The scoring path is byte-identical to v1.50.1 (the diff touches only the injection scanner, the read/serve relay surfaces, and docs — the src/search/scoring / embedder / query.rs / fusion diff is empty). So 47.2 / 70.7 / 86.7 (R@1/R@5/R@20) carries — no recall A/B needed (the empty diff is stronger proof than an eval run with HNSW noise).

Gates

Full suite 841 passed, 0 failed; clippy --all-targets --features cuda-index clean; fmt --check clean; provenance clean. A release.yml cross-build dry-run (all 3 targets) runs before tagging — the v1.50.0 lesson.

After merge: dry-run-green → tag v1.51.0 → release.yml binaries + GitHub release → cargo publish → deploy (security fixes + viz to the daemon).

SPLADE-viz Stage 2b (the eval-gold "where hybrid wins" tour + R@K-delta panel)
plus four security fixes from a post-v1.50.1 red-team pass (4 confirmed / 0
false-positive across serve/MCP/relay/parse/path): the leading-directive
"ignore all previous" gap, the comment-marker strip-set (/* -- %), the
unscanned full-file read relay, and the /api/search_legs flag-injection.

Scoring is byte-identical to v1.50.1 (the diff touches only the injection
scanner, the read/serve relay surfaces, and docs — the src/search/scoring,
embedder, query.rs, fusion diff is empty), so retrieval carries unchanged:
47.2 / 70.7 / 86.7 (R@1/R@5/R@20), no recall A/B needed. Full suite 841 passed,
0 failed; clippy --all-targets clean.

The heuristic widening was empirically proven inert (0 newly-flagged chunks on
the real 17.5k corpus). SECURITY.md updated to list the full-file read as a
scanned relay surface.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@jamie8johnson jamie8johnson merged commit 6cb5cda into main Jun 29, 2026
13 checks passed
@jamie8johnson jamie8johnson deleted the release/v1.51.0 branch June 29, 2026 05:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant