v0.21.1 — the truth-audit patch
The truth-audit patch. A full "are we lying anywhere?" pass over every public claim, score, and copy surface — the code came back clean; what had drifted was docs, and everything that drifted is now fixed and gated so it can't drift again. Plus two real hardenings the audit forced.
Security
- The secret-file permission floor now covers every secret, not just PVE's. Config already refused a group/other-readable PVE token or audit HMAC key file; the same
chmod 600guard now applies to the PBS/PDM token files, the PMG password file, the A2A/HTTP bearer-token files, and the A2A signing key. A hand-deployed0644credential fails loud at load time on every plane and every face. Heads-up: a deployment that was (mis)running with an exposed PBS/PMG/PDM secret file will now refuse to start until the file ischmod 600— that refusal is the fix working. - Supply-chain: all five
pip installsteps in CI/release/image builds are hash-pinned (--require-hashesagainst lockfiles exported fromuv.lock), and the container image build is two-stage — no build tooling, no source tree in what ships.
Changed
- THREAT_MODEL.md now covers both network faces (the 0.21.0 HTTP/OpenAPI face was missing from the network-attacker row) and names the shared
webguardperimeter. VERIFY.md worked examples refreshed; SECURITY.md support table no longer hardcodes a version. The copy-drift gate now fails on any stale version literal in the receipt docs. - README, fully re-read and rebuilt as a document. Every story told once, slots back to budget. Added: a brand-matched architecture diagram (light + dark), a navigation row, a "Verify in 60 seconds" collapsible with three runnable receipts, a "Choose the right tool" starter table, and a capability matrix. No new claims anywhere — every table cell was verified before it was written.
No tool-count change (still 365). Verify this release yourself: VERIFY.md.