{"id":50105219,"url":"https://github.com/edithatogo/sourceright","last_synced_at":"2026-05-23T10:05:02.915Z","repository":{"id":356535982,"uuid":"1232955414","full_name":"edithatogo/sourceright","owner":"edithatogo","description":"Reference verification infrastructure for academic and legal citation workflows","archived":false,"fork":false,"pushed_at":"2026-05-17T08:29:25.000Z","size":1347,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-17T09:11:52.139Z","etag":null,"topics":["academic-writing","citations","cli","csl-json","legal-citations","mcp","reference-manager","rust"],"latest_commit_sha":null,"homepage":"https://edithatogo.github.io/sourceright/","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/edithatogo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE-APACHE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":"CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-08T12:49:02.000Z","updated_at":"2026-05-17T08:29:29.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/edithatogo/sourceright","commit_stats":null,"previous_names":["edithatogo/sourceright"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/edithatogo/sourceright","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edithatogo%2Fsourceright","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edithatogo%2Fsourceright/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edithatogo%2Fsourceright/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edithatogo%2Fsourceright/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/edithatogo","download_url":"https://codeload.github.com/edithatogo/sourceright/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edithatogo%2Fsourceright/sbom","scorecard":{"id":1247139,"data":{"date":"2026-05-08T13:04:05Z","repo":{"name":"github.com/edithatogo/sourceright","commit":"d2284797f664edcae33f93fd3983e6f1abc944e3"},"scorecard":{"version":"v5.3.0","commit":"c22063e786c11f9dd714d777a687ff7c4599b600"},"score":5.2,"checks":[{"name":"Security-Policy","score":4,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Warn: no linked content found","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#security-policy"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 0/3 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#binary-artifacts"}},{"name":"Maintained","score":0,"reason":"project was created within the last 90 days. Please review its contents carefully","details":["Warn: Repository was created within the last 90 days."],"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'actions' permission set to 'read': .github/workflows/security.yml:22","Info: jobLevel 'contents' permission set to 'read': .github/workflows/security.yml:23","Info: jobLevel 'contents' permission set to 'read': .github/workflows/security.yml:41","Info: jobLevel 'contents' permission set to 'read': .github/workflows/security.yml:57","Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/security.yml:58","Info: jobLevel 'contents' permission set to 'read': .github/workflows/security.yml:70","Info: topLevel 'contents' permission set to 'read': .github/workflows/ci.yml:9","Info: topLevel 'contents' permission set to 'read': .github/workflows/pages.yml:9","Info: topLevel 'contents' permission set to 'read': .github/workflows/release-dry-run.yml:13","Warn: topLevel 'contents' permission set to 'write': .github/workflows/release.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/security.yml:11","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#token-permissions"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: Dependabot: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#dependency-update-tool"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pages.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/pages.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pages.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/pages.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pages.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/pages.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pages.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/pages.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pages.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/pages.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-dry-run.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/release-dry-run.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-dry-run.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/release-dry-run.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/security.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/security.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/security.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/security.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/security.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/security.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/security.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/security.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/security.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/security.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/security.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/security.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/edithatogo/sourceright/security.yml/main?enable=pin","Info:   0 out of  21 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  10 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#pinned-dependencies"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE-APACHE:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#license"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#vulnerabilities"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#cii-best-practices"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: SAST configuration detected: CodeQL","Info: all commits (1) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#sast"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#branch-protection"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#fuzzing"}},{"name":"Contributors","score":0,"reason":"project has 0 contributing companies or organizations -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#contributors"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#signed-releases"}},{"name":"CI-Tests","score":10,"reason":"1 out of 1 merged PRs checked by a CI test -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#ci-tests"}}]},"last_synced_at":"2026-05-08T15:23:30.467Z","repository_id":356535982,"created_at":"2026-05-08T15:23:30.467Z","updated_at":"2026-05-08T15:23:30.467Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33390972,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-23T04:15:53.637Z","status":"ssl_error","status_checked_at":"2026-05-23T04:15:53.242Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["academic-writing","citations","cli","csl-json","legal-citations","mcp","reference-manager","rust"],"created_at":"2026-05-23T10:05:01.991Z","updated_at":"2026-05-23T10:05:02.892Z","avatar_url":"https://github.com/edithatogo.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Sourceright\n\n[![Release](https://github.com/edithatogo/sourceright/actions/workflows/release.yml/badge.svg)](https://github.com/edithatogo/sourceright/actions/workflows/release.yml)\n[![Publish crate](https://github.com/edithatogo/sourceright/actions/workflows/publish-crate.yml/badge.svg)](https://github.com/edithatogo/sourceright/actions/workflows/publish-crate.yml)\n[![Coverage](https://github.com/edithatogo/sourceright/actions/workflows/coverage.yml/badge.svg)](https://github.com/edithatogo/sourceright/actions/workflows/coverage.yml)\n\nSourceright is Rust-first reference triage and verification infrastructure for academic writing, agent workflows, and future legal citation work. It is currently a technical preview suitable for developer evaluation and pilot conversations.\n\n## Who This Is For\n\n- Technical editors and research-integrity teams that need auditable reference cleanup.\n- Library, repository, and publisher teams that want deterministic citation verification workflows.\n- Developers and agent workflows that need CSL-centered bibliographic pipelines with sidecar evidence.\n- Legal-tech researchers evaluating a separate legal citation path without conflating it with academic CSL.\n\n## What It Does / Does Not Do\n\nSourceright takes references from documents or text, produces canonical CSL JSON, standardises and cleans the records, collects provider evidence, routes uncertain records to manual review, and exports clean reference files for tools such as EndNote, Zotero, and BibLaTeX.\n\nIt does not claim to be a production-ready institutional product, a court filing compliance system, or a substitute for examiner-grade final verification. Robust DOCX/PDF extraction, live core-provider checks, better citation disambiguation, URL/archive integrity, and low-noise writeback suggestions remain hardening tracks.\n\n## Workflow\n\n```text\ndocument/text\n  -\u003e extracted references and in-text citations\n  -\u003e references.csl.json\n  -\u003e standardisation, cleaning, verification, enrichment\n  -\u003e references.verification.json and review-queue.jsonl\n  -\u003e conflict resolution, citation reconciliation, and reference integrity reports\n  -\u003e XML, ENW, RIS, BibLaTeX, and YAML exports\n```\n\n## Roadmap\n\n- Academic reference extraction and CSL JSON canonicalisation.\n- Provider-backed verification through Crossref first, then DOI resolution, DataCite, OpenAlex, PubMed/NCBI, and ORCID where useful.\n- In-text citation reconciliation against reference-list entries.\n- Manual review queues designed for human and agent/subagent verification.\n- Platform-neutral journal screening outputs for editorial workflows, with OJS as the first public integration target.\n- Reference reports for citation integrity auditing and AI-related citation-error signals.\n- CLI and MCP server interfaces over the same Rust core.\n- Legal citation analysis with a separate legal citation model and public-provider slots.\n- Claim/source/provenance graphs built over detected citation support without asserting claim truth.\n- Examiner-grade audit hardening for real DOCX/PDF extraction, live provider evidence, institutional-author matching, URL/archive checks, and explicit writeback plans.\n\nSee [conductor/tracks.md](conductor/tracks.md) for the implementation track map.\nThe canonical requirements and repo contract are in\n[docs/src/feature-contract-matrix.md](docs/src/feature-contract-matrix.md), with\nthe design diagrams in [docs/src/design.md](docs/src/design.md).\n\n## Current Status\n\nThe Rust core now includes canonical CSL handling, verification sidecars, intake segmentation, provider evidence normalization, cleaning, conflict resolution, citation reconciliation, manual review queues, reporting, exports, journal screening contracts, legal citation records, and claim/source provenance graphs. It should be treated as a structured triage and audit workflow and technical preview until tracks 36-40 close the examiner-grade verification gaps. Imported reference workflow material lives under `legacy/humanizer-next/` as provenance and regression material until audited, ported, or retired.\n\n## CLI\n\n```text\nsourceright init [document-or-directory]\nsourceright validate-csl [--json] \u003creferences.csl.json\u003e\nsourceright report [--json|--mcp-resource] [.sourceright-directory]\nsourceright export --preview --all [.sourceright-directory]\nsourceright bench [--json]\nsourceright citation-sync [--preview|--apply] [.sourceright-directory]\nsourceright mcp\n```\n\n`bench` runs the checked-in fixture suite without live providers. The benchmark\nsurface is a technical preview for deterministic regression and stress checks.\n`citation-sync` defaults to preview mode and requires explicit `--apply` before\nwriting audit logs or remote fixture snapshots.\n\n## Planned Distribution\n\n- `sourceright` CLI binary.\n- `sourceright mcp` server mode.\n- GitHub Releases with platform binaries, checksums, and provenance artifacts.\n- crates.io package after release dry runs pass.\n- OCI MCP image metadata for the official MCP Registry via `server.json` +\n  `Dockerfile` labels.\n- Smithery readiness (Streamable HTTP first; MCPB/local path until then).\n- Glama ownership metadata via `glama.json`.\n- `release-status.md` artifacts from the release and tag-triggered publish workflows.\n- `coverage-status.md` artifacts from the scheduled coverage workflow.\n- Thin adapter packages only where native tool ecosystems require them.\n- Track 30 owns the Starlight/Astro docs-site migration and Pages deployment.\n- Track 31 is reserved for coverage, mutation, property, load, edge, integration, and end-to-end test hardening.\n- Track 32 is reserved for publishing governance and provenance automation.\n- Track 33 covers live publication to crates.io, GitHub Releases, and registries.\n- Track 34 covers coverage measurement and reporting until the 85 percent floor is reproducible.\n- Track 35 covers the final public docs cutover and launch.\n- Tracks 36-40 cover examiner-grade audit hardening: document extraction, live core providers, citation disambiguation, URL/archive integrity, and low-noise writeback suggestions.\n- See `docs/src/release-runbook.md`, `docs/src/coverage-reporting.md`, and `docs/src/docs-cutover.md` for the operational sequence behind those tracks.\n- `v*.*.*` tags now auto-start the crate publish workflow, and the MCP registry workflow follows the release workflow completion.\n\n### Distribution metadata files\n\n- `server.json` (`io.github.edithatogo/sourceright`)\n- `Dockerfile` labels:\n  - `io.modelcontextprotocol.server.name`\n  - `org.opencontainers.image.source`\n- `glama.json`\n\n## Development\n\n```powershell\ncargo check\ncargo test\ncargo fmt --check\ncargo clippy --all-targets -- -D warnings\ncargo run --bin sourceright -- bench\ncargo package --locked\ncargo publish --dry-run --locked\ncargo machete\ncargo semver-checks check-release --release-type minor  # advisory until the public Rust API is stabilized\ncargo deny check advisories bans sources\ncargo tree -d --locked\ntaplo lint Cargo.toml book.toml deny.toml lychee.toml rust-toolchain.toml taplo.toml typos.toml fuzz/Cargo.toml plugins/**/*.toml .cargo/config.toml\ntypos --config typos.toml\nnpm --prefix docs-site run typecheck\nvale --minAlertLevel=error README.md docs/src docs/import-manifest.md .github/copilot-instructions.md\nnpx --yes markdownlint-cli2@0.18.1 README.md \"docs/**/*.md\" \".github/**/*.md\"\nlychee --config lychee.toml --offline README.md docs/src/**/*.md docs/import-manifest.md\nactionlint\nzizmor --min-severity medium .github/workflows\ncargo llvm-cov --locked --all-targets --summary-only --branch --fail-under-branches 85\ncargo mutants --workspace\npwsh -NoProfile -ExecutionPolicy Bypass -File scripts/verify.ps1 -CoverageMinimum 85\n```\n\nCoverage stays gated above 85 percent branch coverage in CI and in the checked-in pre-commit\nhook.\n\nRelease and publish workflows each emit a `release-status.md` artifact so the\nlatest tag has a named checklist surface.\nCoverage runs emit a `coverage-status.md` artifact so the latest numeric report\nhas a named checklist surface.\n\n## License\n\nLicensed under either of:\n\n- Apache License, Version 2.0\n- MIT license\n\nat your option.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fedithatogo%2Fsourceright","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fedithatogo%2Fsourceright","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fedithatogo%2Fsourceright/lists"}