v1.2.0 Website And Scenario Demo

English

ModelFaucet v1.2.0 adds an independent bilingual GitHub Pages website and a static application-scenario economics demo.

Added

• Independent React website under apps/website for the GitHub Pages root.
• Use-case sections for vertical SaaS, browser extensions, desktop tools, commerce admins, and internal knowledge apps.
• Interactive scenario model for platform credits, visible BYOK gateway fees, and visible Local Bridge software fees.
• Merged Pages artifact build via pnpm pages:build, preserving existing VitePress docs paths while publishing the website at the root, /demo/, and /use-cases/.
• CI coverage for pnpm website:build and the merged Pages artifact.

Safety boundaries

• Provider API keys remain server-side only.
• The website does not add provider-key forms or hidden BYOK markup.
• Cloud services continue to reject localhost, metadata, link-local, and private LAN URLs.

Verification

• CI run passed: 27739844528
• Pages run passed: 27739844527
• Live website: https://hiclawbot.github.io/modelfaucet/
• Scenario demo: https://hiclawbot.github.io/modelfaucet/demo/
• Docs remain available, for example: https://hiclawbot.github.io/modelfaucet/quickstart

简体中文

ModelFaucet v1.2.0 新增独立双语 GitHub Pages 官网，以及静态应用场景收益模型。

新增内容

• 在 apps/website 下新增独立 React 官网，作为 GitHub Pages 根页面。
• 展示垂直 SaaS、浏览器插件、桌面工具、电商后台、内部知识应用等场景。
• 增加交互式场景模型，覆盖 platform credits、可见 BYOK gateway fee、可见 Local Bridge software fee。
• 新增 pnpm pages:build 合并 Pages 产物：官网发布到根路径、/demo/、/use-cases/，同时保留现有 VitePress 文档路径。
• CI 增加 pnpm website:build 和 Pages 合并产物构建校验。

安全边界

• Provider API key 仍只保存在服务端。
• 官网不加入 provider-key 表单，也不加入隐藏 BYOK markup。
• 云端服务仍拒绝 localhost、metadata、link-local 和私有局域网 URL。

验证结果

• CI run 已通过：27739844528
• Pages run 已通过：27739844527
• 官网：https://hiclawbot.github.io/modelfaucet/
• 场景 Demo：https://hiclawbot.github.io/modelfaucet/demo/
• 文档继续保留，例如：https://hiclawbot.github.io/modelfaucet/quickstart

ModelFaucet v1.1.0

English

ModelFaucet v1.1.0 is a source GA auth hardening release.

Highlights:

• Adds scoped developer API tokens with one-time raw token return, SHA-256 hash-only storage, token prefixes, scopes, expiry, revocation, and audit logging.
• Adds developer token lifecycle APIs: POST /v1/developer/tokens, GET /v1/developer/tokens, DELETE /v1/developer/tokens/:tokenId.
• Keeps DEVELOPER_ADMIN_TOKEN as a bootstrap/operator compatibility path.
• Enforces developer_id tenant filters across developer apps, features, operations, tokens, and developer provider keys.
• Keeps provider API keys server-side only, with encrypted storage and masked summaries.
• Updates bilingual Developer Auth docs, README, roadmap, API spec, release checklist, and GA verifier.

Validation:

• Local: pnpm lint, pnpm typecheck, pnpm test, pnpm ga:verify, pnpm verify:secrets, pnpm docs:build, pnpm security:audit, pnpm build, pnpm deps:review.
• Database: temporary PostgreSQL migrate/seed, hosted tenant isolation, local smoke, and live developer-auth tenant smoke.
• Remote: CI 27737709384 passed; docs 27737709381 passed.

简体中文

ModelFaucet v1.1.0 是 source GA auth hardening 版本。

重点：

• 新增 scoped developer API tokens：raw token 只在创建时返回一次，数据库只保存 SHA-256 hash、token prefix、scopes、过期、撤销和 audit 信息。
• 新增 token 生命周期 API：POST /v1/developer/tokens、GET /v1/developer/tokens、DELETE /v1/developer/tokens/:tokenId。
• 保留 DEVELOPER_ADMIN_TOKEN 作为 bootstrap/operator 兼容路径。
• 在 developer apps、features、operations、tokens 和 developer provider keys 上强制 developer_id 租户过滤。
• Provider API keys 仍只保存在服务端，只返回 masked summary。
• 更新双语 Developer Auth 文档、README、roadmap、API spec、release checklist 和 GA verifier。

验证：

• 本地通过：pnpm lint、pnpm typecheck、pnpm test、pnpm ga:verify、pnpm verify:secrets、pnpm docs:build、pnpm security:audit、pnpm build、pnpm deps:review。
• 数据库验证：临时 PostgreSQL migrate/seed、hosted tenant isolation、local smoke、live developer-auth tenant smoke。
• 远端通过：CI 27737709384；docs 27737709381。

ModelFaucet v1.0.1

English

ModelFaucet 1.0.1 is a source GA hardening patch focused on deployment validation and release hygiene.

Highlights

• Added pnpm compose:verify to validate both default and hosted Docker Compose configs from one reusable command.
• Added pnpm deps:review for dependency review before releases.
• Added English and Simplified Chinese deployment validation docs covering Docker/Compose, secret manager, CORS, public readiness, and database checks.
• Updated CI to use pnpm compose:verify on the Docker-capable runner.
• Updated GA readiness verification to check deployment validation docs and new release scripts.
• Updated README, docs homepage, roadmap, release checklist, and changelog for 1.0.1.

Security boundaries remain unchanged: provider API keys are server-side only, no hidden BYOK markup was added, and cloud-side guards continue to reject localhost/private-network targets.

中文

ModelFaucet 1.0.1 是 source GA hardening patch，重点是部署验证和发布门禁。

重点

• 新增 pnpm compose:verify，用一个可复用命令验证默认和 hosted Docker Compose config。
• 新增 pnpm deps:review，用于 release 前依赖审查。
• 新增中英文部署验证文档，覆盖 Docker/Compose、secret manager、CORS、public readiness 和 database checks。
• CI 改为在 Docker-capable runner 上运行 pnpm compose:verify。
• GA readiness verification 现在会检查部署验证文档和新的发布脚本。
• README、文档首页、roadmap、release checklist 和 changelog 已更新到 1.0.1。

安全边界保持不变：provider API keys 只能在服务端；没有添加隐藏 BYOK markup；cloud-side guard 继续拒绝 localhost/private-network 目标。

ModelFaucet v1.0.0

English

ModelFaucet 1.0.0 is the source GA release. It freezes stable public contracts for the Control API, Gateway, SDK, React package, Local Bridge, database migration expectations, hosted deployment checks, and production operating policies.

Highlights

• Added GA stability policy for API, SDK, database migration, and security contracts.
• Added migration and upgrade guides for 0.9.0 to 1.0.0, rollback, and fresh installs.
• Added production reference architecture for ingress, API, Gateway, LiteLLM, PostgreSQL, Redis, secret manager, observability, backup, restore, and incident response.
• Added governance, maintainership, support policy, release cadence, and security intake docs.
• Added package and container publishing strategy.
• Added pnpm ga:verify and CI coverage for GA readiness.
• Updated bilingual README, docs homepage, roadmap, release checklist, changelog, and docs navigation.

Security boundaries remain unchanged: provider API keys are server-side only, no hidden BYOK markup was added, and cloud-side guards continue to reject localhost/private-network targets.

This release is source GA. Hosted production promotion still requires deployment-specific verification such as Docker-capable smoke testing, real LiteLLM provider routing through a server-side test key, Stripe test card/webhook delivery, secret-manager wiring, backup/restore validation, and registry setup.

中文

ModelFaucet 1.0.0 是 source GA 版本。本版本冻结 Control API、Gateway、SDK、React package、Local Bridge、数据库迁移预期、hosted deployment checks 和生产运维政策的稳定公共契约。

重点

• 新增 API、SDK、数据库迁移和安全契约的 GA 稳定性政策。
• 新增从 0.9.0 到 1.0.0 的迁移升级指南、rollback 和 fresh install 指南。
• 新增生产参考架构，覆盖 ingress、API、Gateway、LiteLLM、PostgreSQL、Redis、secret manager、observability、backup、restore 和 incident response。
• 新增 governance、maintainership、support policy、release cadence 和 security intake 文档。
• 新增 package 和 container publishing strategy。
• 新增 pnpm ga:verify，并接入 CI 做 GA readiness verification。
• 更新双语 README、文档首页、roadmap、release checklist、changelog 和文档导航。

安全边界保持不变：provider API keys 只能在服务端；没有添加隐藏 BYOK markup；cloud-side guard 继续拒绝 localhost/private-network 目标。

这是 source GA release。托管生产晋级仍需要部署侧验证，例如 Docker-capable smoke testing、使用服务端测试 key 的真实 LiteLLM provider routing、Stripe test card/webhook delivery、secret-manager wiring、backup/restore validation 和 registry setup。

ModelFaucet v0.9.0

English

ModelFaucet 0.9.0 is the hosted source-beta release. It adds hosted deployment checks, a hosted reference Compose stack, tenant/app isolation checks, readiness smoke tooling, and bilingual Hosted Beta documentation.

Highlights

• Added pnpm hosted:verify-env for production env, public URL, CORS, secret-shape, contact, provider, and Stripe checks without printing secret values.
• Added .env.hosted.example and infra/hosted/docker-compose.hosted.yml for a secret-manager-backed hosted reference deployment.
• Added pnpm hosted:check-isolation for read-only tenant/app ownership checks.
• Added pnpm hosted:smoke-readiness for hosted API/Gateway readiness, metrics, and provider-health verification.
• Added English and Simplified Chinese Hosted Beta docs with pilot onboarding gates, acceptable-use policy, and incident response contacts.
• CI now validates hosted env contracts, hosted tenant isolation, and hosted Docker Compose config.

Provider API keys remain server-side only. No hidden BYOK markup was added. Cloud-side checks continue to reject localhost/private-network targets.

中文

ModelFaucet 0.9.0 是 hosted 源码 beta 版本。本版本新增托管部署检查、hosted 参考 Compose 栈、tenant/app isolation 检查、readiness smoke 工具，以及中英文 Hosted Beta 文档。

重点

• 新增 pnpm hosted:verify-env，校验生产环境、公开 URL、CORS、secret 形态、联系方式、provider 和 Stripe 条件，不打印 secret 值。
• 新增 .env.hosted.example 和 infra/hosted/docker-compose.hosted.yml，用于 secret-manager-backed 的 hosted 参考部署。
• 新增 pnpm hosted:check-isolation，只读校验 tenant/app ownership。
• 新增 pnpm hosted:smoke-readiness，验证 hosted API/Gateway readiness、metrics 和 provider health。
• 新增中英文 Hosted Beta 文档，覆盖 pilot onboarding、acceptable-use policy 和 incident response contacts。
• CI 现在校验 hosted env contract、hosted tenant isolation 和 hosted Docker Compose config。

Provider API key 仍然只能保存在服务端。没有添加隐藏 BYOK markup。云端检查继续拒绝 localhost/private-network 目标。

v0.8.0 Security Hardening

English

ModelFaucet v0.8.0 adds security hardening for the source beta before hosted pilots.

Highlights

• Added English and Chinese threat/abuse model docs.
• Expanded cloud-safe provider URL guard coverage for carrier NAT, metadata hostnames, IPv4-mapped IPv6, unspecified IPv6, and alternate localhost IPv4 notation.
• Added production CORS allowlist requirements for the API and Gateway with API_CORS_ORIGINS and GATEWAY_CORS_ORIGINS.
• Added API/Gateway env and CORS regression tests, plus provider failure redaction coverage.
• Added pnpm security:audit and wired dependency audit into CI.
• Updated security docs, API spec, release checklist, README, roadmap, changelog, and env examples.

Verification

• Local verify:secrets, security:audit, lint, typecheck, tests, docs build, Dashboard build, CRM build, and temporary-PostgreSQL pnpm smoke:local passed.
• GitHub Actions ci run 27709701040 passed, including the new dependency audit step.
• GitHub Actions docs run 27709701105 passed and deployed Pages.

Security posture is preserved and strengthened: provider API keys stay server-side, BYOK remains explicit, and cloud services are not allowed to access localhost or private LAN URLs.

中文

ModelFaucet v0.8.0 为 hosted pilot 前的源码 beta 增加安全加固。

重点更新

• 新增英文/中文 threat 和 abuse model 文档。
• 扩展 cloud-safe provider URL guard，覆盖 carrier NAT、metadata hostnames、IPv4-mapped IPv6、unspecified IPv6 和 localhost IPv4 变体写法。
• API 和 Gateway 的 production CORS 必须显式配置 API_CORS_ORIGINS 与 GATEWAY_CORS_ORIGINS。
• 增加 API/Gateway env 与 CORS 回归测试，并增加 provider failure redaction 覆盖。
• 新增 pnpm security:audit，并把 dependency audit 接入 CI。
• 更新 security docs、API spec、release checklist、README、roadmap、changelog 和 env examples。

验证

• 本地已通过 verify:secrets、security:audit、lint、typecheck、tests、docs build、Dashboard build、CRM build 和临时 PostgreSQL pnpm smoke:local。
• GitHub Actions ci run 27709701040 已通过，包括新增 dependency audit 步骤。
• GitHub Actions docs run 27709701105 已通过并部署 Pages。

安全边界得到保留并加强：provider API key 只保留在服务端，BYOK 仍然是显式能力，云服务不会访问 localhost 或私有 LAN URL。

v0.7.0 Billing and Settlement Beta

English

ModelFaucet v0.7.0 adds the billing and settlement beta so operators can audit money movement before any real payout workflow.

Highlights

• Added admin ledger reconciliation that reconstructs wallet balances from ledger entries.
• Added explicit wallet adjustment, refund, and chargeback accounting with idempotency support.
• Added payout approval before mark-paid, so paid transitions require an operator review gate.
• Added admin CSV exports for usage, revenue, and payouts.
• Added pnpm stripe:webhook:replay for Stripe test-mode webhook replay checks.
• Added English and Chinese billing/settlement docs.
• Extended local smoke to verify zero ledger reconciliation mismatches.

Verification

• Local verify:secrets, lint, typecheck, tests, docs build, Dashboard build, CRM build, temporary-PostgreSQL pnpm smoke:local, and temporary-API Stripe webhook replay passed.
• GitHub Actions ci run 27708896164 passed.
• GitHub Actions docs run 27708896436 passed and deployed Pages.

Security posture is unchanged: provider API keys stay server-side, BYOK remains explicit, and cloud services are not allowed to access localhost or private LAN URLs.

中文

ModelFaucet v0.7.0 增加 Billing 和 Settlement Beta，让运营者在任何真实 payout workflow 前先完成资金流审计。

重点更新

• 新增 admin ledger reconciliation，可从 ledger entries 重建 wallet balance。
• 新增显式 wallet adjustment、refund、chargeback accounting，并支持 idempotency key。
• 新增 payout approval gate；mark-paid 前必须先经过 operator review。
• 新增 usage、revenue、payouts 的 admin CSV 导出。
• 新增 pnpm stripe:webhook:replay，用于 Stripe test-mode webhook replay 检查。
• 新增英文/中文 billing 和 settlement 文档。
• 本地 smoke test 现在会验证 ledger reconciliation 没有 mismatch。

验证

• 本地已通过 verify:secrets、lint、typecheck、tests、docs build、Dashboard build、CRM build、临时 PostgreSQL pnpm smoke:local、以及临时 API Stripe webhook replay。
• GitHub Actions ci run 27708896164 已通过。
• GitHub Actions docs run 27708896436 已通过并部署 Pages。

安全边界保持不变：provider API key 只保留在服务端，BYOK 仍然是显式能力，云服务不会访问 localhost 或私有 LAN URL。

v0.6.0 Operations and Observability

English

ModelFaucet v0.6.0 adds the operations and observability layer for running the control API and gateway with clearer production signals.

Highlights

• Added /ready and Prometheus-style /metrics endpoints to the API and gateway.
• Added request ID propagation on responses and JSON error bodies.
• Added configurable in-memory rate limiting with x-ratelimit-* and retry-after headers.
• Added English and Chinese operations docs covering health checks, metrics, request IDs, and rate-limit tuning.
• Updated README, API spec, roadmap, changelog, and environment examples for the 0.6 release.

Verification

• Local verify:secrets, docs build, lint, typecheck, tests, dashboard build, CRM build, and local smoke test passed.
• GitHub Actions ci run 27707919894 passed.
• GitHub Actions docs run 27707920293 passed and deployed Pages.

Security posture is unchanged: provider API keys remain server-side, BYOK remains explicit, and cloud services are not allowed to access localhost or private LAN URLs.

中文

ModelFaucet v0.6.0 增加了面向生产运行的运维与可观测性基础能力，让控制 API 和网关具备更清晰的健康、指标和限流信号。

重点更新

• 为 API 和 Gateway 增加 /ready 与 Prometheus 风格 /metrics 端点。
• 增加请求 ID 透传，并在 JSON 错误响应中返回 request_id。
• 增加可配置的内存限流，并返回 x-ratelimit-* 与 retry-after 响应头。
• 新增英文/中文运维文档，覆盖健康检查、指标、请求 ID 和限流调优。
• 更新 README、API 规范、路线图、变更日志和环境变量示例到 0.6 版本。

验证

• 本地已通过 verify:secrets、docs build、lint、typecheck、tests、dashboard build、CRM build 和 local smoke test。
• GitHub Actions ci run 27707919894 已通过。
• GitHub Actions docs run 27707920293 已通过并部署 Pages。

安全边界保持不变：provider API key 仅保留在服务端，BYOK 仍然是显式能力，云服务不会访问 localhost 或私有 LAN URL。

v0.5.0 SDK and Local Bridge Beta

English

SDK and Local Bridge Beta for ModelFaucet.

• Added SDK runFeature for command-style feature calls with normalized text, usage, and ModelFaucet metadata.
• Added SDK Local Bridge diagnostics and in-memory offline local usage-report queue with flush support.
• Added React FaucetFeatureCommand and FaucetUsage components.
• Added Local Bridge /diagnostics for loopback and upstream checks without exposing upstream API keys.
• Added browser extension and desktop app integration notes that keep provider keys out of client bundles.
• Added English and Simplified Chinese SDK and Local Bridge guides.

Security boundaries remain unchanged: provider API keys stay server-side only, BYOK remains explicit, and cloud services must not access localhost or private LAN URLs.

简体中文

ModelFaucet SDK 和 Local Bridge Beta。

• 新增 SDK runFeature，用于 command-style feature call，并返回标准化文本、usage 和 ModelFaucet metadata。
• 新增 SDK Local Bridge diagnostics，以及内存中的离线本地 usage-report 队列和 flush 能力。
• 新增 React FaucetFeatureCommand 和 FaucetUsage 组件。
• 新增 Local Bridge /diagnostics，用于 loopback 和 upstream 检查，且不暴露 upstream API key。
• 新增浏览器插件和桌面应用集成说明，明确 provider key 不进入客户端 bundle。
• 新增英文和简体中文 SDK / Local Bridge guide。

安全边界保持不变：provider API key 只保存在服务端，BYOK 仍为显式行为，云端服务不得访问 localhost 或私有局域网 URL。

v0.4.0 Developer Console Beta

English

Developer Console Beta for ModelFaucet.

• Added developer-console APIs for app create/list/update/archive workflows.
• Added feature manifest create/list/update/delete APIs for route policy and pricing JSON.
• Added operations summary API for wallets, Stripe test top-ups, payouts, and audit logs.
• Added Dashboard Apps, Features, and Operations pages.
• Added API and dashboard tests for authorization, CRUD workflows, error states, and secret-free responses.

Security boundaries remain unchanged: provider API keys stay server-side only, BYOK remains explicit, and cloud services must not access localhost or private LAN URLs.

简体中文

ModelFaucet Developer Console Beta。

• 新增 developer-console API，支持 app 创建、列表、更新和归档。
• 新增 feature manifest API，支持 route policy 和 pricing JSON 的创建、列表、更新和删除。
• 新增 operations summary API，用于查看 wallets、Stripe 测试充值、payouts 和 audit logs。
• Dashboard 新增 Apps、Features 和 Operations 页面。
• 新增 API 和 Dashboard 测试，覆盖鉴权、CRUD、错误状态和无 secret 响应。

安全边界保持不变：provider API key 只保存在服务端，BYOK 仍为显式行为，云端服务不得访问 localhost 或私有局域网 URL。