Skip to content

v1.7.2 — HN-launch readiness sprint

Choose a tag to compare

View all tags
@rafaelburlet rafaelburlet released this 25 May 13:19
· 155 commits to main since this release
v1.7.2
eca3014
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

v1.7.2 — HN-launch readiness sprint

31 PRs in one sprint. Test count: 5253 → 5408 (+155 regression tests).

Wave 5a — Infra blockers

  • BI-002: npx @lynox-ai/core cold-shell isMainModule realpath fix
  • BI-003: release.yml builds multi-arch (linux/amd64 + linux/arm64) for Apple Silicon

Wave 5b — Launch blockers (12 PRs)

  • Mistral first-class pin + UI native preset
  • AI-Generated badge (B-016 i18n) + X-lynox-AI-Generated: true SSE header (B-017) per EU AI Act Art. 50
  • POSITIONING.md v9.1
  • MCP-server strip (re-add post staging E2E)
  • Tavily web-search retired in favour of SearXNG default

Wave 5c — Security HIGH (14 PRs)

  • H-001/2 INTERNAL_TOOLS unwrap for wrapUntrustedData + scanToolResult
  • H-003 SENSITIVE_PATHS denylist expansion (vault.db + ~/.ssh + ~/.aws)
  • H-004 bash tool ENV_SAFE_PREFIXES + CREDENTIAL_NAME_RE
  • H-024 ToolCallTracker shadow-mode observability
  • H-005 LGPL libvips documentation
  • H-007 uuid >=11.1.1 (CVE patch)
  • H-008 OTP timing-safe comparison
  • H-009 Turnstile production gate
  • H-010 OAuth UUID_RE strict
  • H-011 plan_task fresh provider config plumb
  • H-012 inbox classifier cross-region rebootstrap + suspension flag (EU residency drain-window guard)
  • H-013/14/15/16/17/18/19 docs alignment

Wave 5d — BYOK custom-endpoint allowlist

6-surface enforcement: engine boot-gate, reloadUserConfig re-eval, PUT /api/config server-side gate, api_setup tool gate (REQUIRES_USER_CONFIRMATION), Settings UI disclosure modal, env-flag LYNOX_CUSTOM_ENDPOINT_ACCEPTED. Vetted-provider allowlist + tier-1+ disclosure capture for non-allowlisted endpoints. GDPR Art. 28 controller-shift via captured acceptance.

Chat UX

  • Cost-footer 6× overcount fixed: done SSE event now authoritative, replaces multi-turn accumulation (#608)

Verification

Full pre-release staging walk on 4 tenants (engine.lynox.cloud, meridian-demo, mistral-demo, byok-demo). 8 phases, 6 HN-first-touch scenarios passed. Cost-footer fix verified live: $0.08 footer matches $0.076225 engine RunRecord.

🤖 Generated with Claude Code

Assets 2
Loading