Genome Forge v0.1.13

Genome Forge v0.1.13

Release date: 2026-05-15

Highlights

• Added an explicit safety gate for non-loopback web UI binding.
• Kept normal workstation use unchanged: python3 web_ui.py --port 8080 still binds to 127.0.0.1.
• Required --allow-remote before accepting hosts such as 0.0.0.0.
• Updated security, install, architecture, API, developer, and README docs to explain the local-first bind model.
• Stabilized browser workflow tests so repeated UI actions wait for fresh output instead of accepting stale responses.

Bind Safety

Genome Forge is a local-first workstation app. Starting the server on a network-facing address now requires an explicit acknowledgement:

python3 web_ui.py --host 0.0.0.0 --port 8080 --allow-remote

Without --allow-remote, non-loopback hosts fail fast with a clear error. This reduces accidental exposure on lab or public networks while preserving an intentional opt-in path for trusted environments.

Validation

• python3 docs/validate_docs.py
• python3 -m py_compile web_ui.py tests/test_web_ui_security.py docs/validate_docs.py
• python3 -m unittest tests.test_web_ui_security -v
• python3 -m unittest discover -s tests -p 'test_*.py'
• ./.venv-docs/bin/python -m pytest
• python3 smoke_test.py
• python3 real_world_functional_test.py
• npm run test:e2e
• git diff --check

Validation Snapshot

• Unit tests: 44/44
• Smoke checks: 115/115
• Real-world functional checks: 104/104
• Browser E2E tests: 15/15

Notes

• This is a focused local-server safety release following v0.1.12.
• Genome Forge still does not claim hosted SaaS isolation, authenticated browser sessions, or regulated electronic-records compliance.