Skip to content

v1.5.3 — data-loss + security hardening

Choose a tag to compare

@quantumCF quantumCF released this 14 Jul 02:55

Continued independent-audit hardening.

Data-loss fix. Deleting a recording no longer destroys another workspace's evidence: delete_recording revokes only the caller's pointer and removes the shared content-addressed blob only when no workspace still references it, with canonical-digest + symlink-containment validation and legal-hold enforcement. Registry roots remain the authority; CAS lineage is never an ACL.

Security. Cross-origin redirects strip Authorization/Cookie/Proxy-Authorization and re-run SSRF checks; URLs are sanitized before entering any error, log, or CLI text; recording downloads are bounded (no memory scaling with response size).

Also. Canonical JSON rejects non-finite floats; every MCP tool result/error carries a uniform control envelope; redaction-span validation hardened; query-token keys are percent-decoded; first-run is robust to an uncreatable home; and the README banner scales to fit mobile.

All reproduce-then-fix + independently verified; full suite green.