v0.8.0 Security Hardening
English
ModelFaucet v0.8.0 adds security hardening for the source beta before hosted pilots.
Highlights
- Added English and Chinese threat/abuse model docs.
- Expanded cloud-safe provider URL guard coverage for carrier NAT, metadata hostnames, IPv4-mapped IPv6, unspecified IPv6, and alternate localhost IPv4 notation.
- Added production CORS allowlist requirements for the API and Gateway with
API_CORS_ORIGINSandGATEWAY_CORS_ORIGINS. - Added API/Gateway env and CORS regression tests, plus provider failure redaction coverage.
- Added
pnpm security:auditand wired dependency audit into CI. - Updated security docs, API spec, release checklist, README, roadmap, changelog, and env examples.
Verification
- Local
verify:secrets,security:audit, lint, typecheck, tests, docs build, Dashboard build, CRM build, and temporary-PostgreSQLpnpm smoke:localpassed. - GitHub Actions
cirun27709701040passed, including the new dependency audit step. - GitHub Actions
docsrun27709701105passed and deployed Pages.
Security posture is preserved and strengthened: provider API keys stay server-side, BYOK remains explicit, and cloud services are not allowed to access localhost or private LAN URLs.
中文
ModelFaucet v0.8.0 为 hosted pilot 前的源码 beta 增加安全加固。
重点更新
- 新增英文/中文 threat 和 abuse model 文档。
- 扩展 cloud-safe provider URL guard,覆盖 carrier NAT、metadata hostnames、IPv4-mapped IPv6、unspecified IPv6 和 localhost IPv4 变体写法。
- API 和 Gateway 的 production CORS 必须显式配置
API_CORS_ORIGINS与GATEWAY_CORS_ORIGINS。 - 增加 API/Gateway env 与 CORS 回归测试,并增加 provider failure redaction 覆盖。
- 新增
pnpm security:audit,并把 dependency audit 接入 CI。 - 更新 security docs、API spec、release checklist、README、roadmap、changelog 和 env examples。
验证
- 本地已通过
verify:secrets、security:audit、lint、typecheck、tests、docs build、Dashboard build、CRM build 和临时 PostgreSQLpnpm smoke:local。 - GitHub Actions
cirun27709701040已通过,包括新增 dependency audit 步骤。 - GitHub Actions
docsrun27709701105已通过并部署 Pages。
安全边界得到保留并加强:provider API key 只保留在服务端,BYOK 仍然是显式能力,云服务不会访问 localhost 或私有 LAN URL。