v1.2.0
New features
- Visitor graph now includes OS (teal nodes) and device type (violet nodes) dimensions
- OS detected from User-Agent: iOS, iPadOS, Android, ChromeOS, Windows, macOS, Linux
- Device type sourced from Cloudflare runtime metadata (trusted, not attacker-controlled)
Security
parseOS()threat documented in THREAT_MODEL.md §3- jazzer.js fuzz target added for
parseOS()— run in CI on every push - Fuzz coverage: ReDoS confirmed low-risk (simple literal regex patterns, no quantifier nesting)
Documentation
- Public THREAT_MODEL.md updated to v1.2.0
- Private threat model updated with residual risk and open items (admin repo)
- README and SECURITY.md updated for v1.2.0
Signing key fingerprint: 3F1A A06D A8C5 8ACE F25B C882 3263 D1B8 7AAA FCD4
Verify: git tag -v v1.2.0