Hardening + new-node release addressing a middleware-engineer review punch list. Single-process design unchanged.
New nodes
- OpenAI node (OpenAI-compatible, configurable
baseURL→ OpenAI/Together/Groq/OpenRouter/Ollama/LM Studio) - OAuth2 Token node (client-credentials grant with token caching/refresh)
- Schema Validator node (dependency-free JSON Schema draft-07 subset, validate-and-reject)
API & observability
Idempotency-Keysupport onPOST /api/v1/chat(safe retries)- Prometheus
GET /api/metricsendpoint - DB readiness probe:
GET /api/health?ready=1 - Anthropic node
max_tokensnow configurable (was hard-coded 8192)
Security
sk-wf-*API keys hashed at rest (SHA-256; migration 014)- SSRF egress guard on HTTP Request / Webhook nodes (opt out via
SOOKET_ALLOW_PRIVATE_EGRESS) - Custom Code
node:vmhardened against constructor-chain escape - Constant-time webhook token comparison
- PBKDF2 memoised + raised to 600k iterations
- CORS deny-by-default (opt in via
CORS_ORIGIN) - Execution errors sanitised at the public API boundary
Resilience & engine
- Wall-clock execution deadline + queue-wait timeout
- Graph recursion-depth guard
- Shared sliding-window rate limiter (closes the boundary-burst hole)
- SQLite
busy_timeoutfor write contention
Fixes
- Docker image builds on glibc base; lazy onnxruntime load; skip puppeteer Chrome download
- Execution server uses per-request CORS headers after the CORS refactor
See TODO.md for the full review and per-item notes.