Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

v3.19.0 — Phase 0 hardening (H1+H2+H3+H4)

Latest

Choose a tag to compare

@wolverin0 wolverin0 released this 17 May 19:30
· 41 commits to main since this release
39ac4ff
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Highlights

Phase 0 hardening release. Closes all four security/ops gaps from the GPT-5.4 review against docs/ROADMAP.md Phase 0. All four mechanisms ship opt-in by default — zero breaking changes for callers that don't set the new env vars.

  • H1 (#113) — per-cycle LLM budget caps with reason-coded hard stops + per-provider circuit breaker
  • H2 (#114) — dashboard HTTP auth (viewer/operator roles) + CSRF + bind-safety refusal
  • H3 (#115) — webhook HMAC-SHA-256 signing + timestamp + 5-min replay window
  • H4 (#116) — MCP db/workspace path allowlist + admin-mode bypass

Env vars reference

Env var Default Purpose
MEMORYMASTER_MAX_LLM_CALLS_PER_CYCLE 0 (unlimited) H1 cycle call cap
MEMORYMASTER_MAX_TOKENS_PER_CYCLE 0 (unlimited) H1 cycle token cap
MEMORYMASTER_MAX_PROVIDER_FAILURES_PER_CYCLE 0 (unlimited) H1 per-provider breaker
MEMORYMASTER_DASHBOARD_TOKEN_VIEWER unset (legacy) H2 read-only bearer
MEMORYMASTER_DASHBOARD_TOKEN_OPERATOR unset (legacy) H2 mutating bearer
MEMORYMASTER_DASHBOARD_UNSAFE_BIND unset (refuse) H2 non-loopback escape
MEMORYMASTER_WEBHOOK_SECRET unset (no sig) H3 HMAC signing key
MEMORYMASTER_MCP_DB_ALLOWLIST unset (allow all) H4 DB path allowlist
MEMORYMASTER_MCP_WORKSPACE_ALLOWLIST unset (allow all) H4 workspace allowlist
MEMORYMASTER_MCP_ADMIN_MODE unset (enforce) H4 allowlist bypass

Tests

63 new tests, zero regressions on pre-existing suites.

  • test_llm_budget.py — 8 tests
  • test_dashboard_auth.py — 25 tests (19 unit + 6 end-to-end HTTP)
  • test_webhook_hmac.py — 13 tests
  • test_mcp_path_policy.py — 17 tests (12 unit + 5 chokepoint integration)

What's next

  • v3.20.0 — Phase 1 storage discipline (versioned migrations + SQLite/Postgres parity gate)
  • A1 full LongMemEval-S QA-accuracy publication run — mechanism shipped in v3.18.0 (#109), now safer with H1 budget caps in place
Assets 2
Loading

AltStyle によって変換されたページ (->オリジナル) /