v0.3.7 — Security hardening, legacy separation, crash prevention#56
Merged
ApiliumDevTeam merged 12 commits intomainfrom Mar 7, 2026
Merged
v0.3.7 — Security hardening, legacy separation, crash prevention#56ApiliumDevTeam merged 12 commits intomainfrom
ApiliumDevTeam merged 12 commits intomainfrom
Conversation
Axum 0.8 changed route path parameters from `:param` to `{param}`.
The old syntax causes a runtime panic on router construction.
Affected routers: cortex REST (mod, memory, skill_verification), viz API.
- Fix :id → {id} in observability and reputation routers
- Add rust_crypto feature to jsonwebtoken 10 (prevents panic on JWT ops)
1. Mutex lock: recover from poisoned mutex instead of panic (main.rs) 2. RocksDB: cf() returns Result instead of expect/panic (rocks_storage.rs) 3. DecompositionRule: remove panic in Clone impl, type is not Clone (goal_solver.rs) 4. GraphQL test: fix add_triple → insert + Predicate type (graphql_subscriptions_test.rs) 5. aingle_zk: remove unused bincode dependency (Cargo.toml) 6. deep_context example: migrate bincode 1.x → 2.x API (semantic_index.rs)
- Upgrade rusqlite from 0.25 to 0.32 in all workspace crates (fixes libsqlite3-sys CVE-2022-35737, severity: high) - Upgrade r2d2_sqlite 0.18 → 0.25 for compatibility - Add .cargo/audit.toml to acknowledge legacy holochain advisories that cannot be fixed without major infrastructure replacement - cargo audit now passes clean (0 vulnerabilities, 0 warnings)
Move 20+ legacy crates to workspace exclude, remove patch overrides, and inline wasm_types into aingle_cortex to break the last dependency chain (cortex → zome_types → middleware_bytes → rmp-serde 0.14.4). Cargo.lock shrank ~4400 lines; cargo audit now returns zero advisories. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- JWT secret from AINGLE_JWT_SECRET env var (no hardcoded defaults) - Single-use refresh tokens with JTI revocation - CORS explicit origin whitelist (default: disabled) - Request body size limit (default: 1MB) - GraphQL playground disabled by default - ReDoS prevention: regex pattern length + compiled size limits - Query result hard cap (10K) to prevent OOM - Admin password from AINGLE_ADMIN_PASSWORD (min 12 chars) - Fix index-out-of-bounds crash in batch proof verification - Eliminate deadlock risk: never hold multiple RwLocks simultaneously - Saturating atomic counter to prevent usize underflow
- Replace Blake3 HMAC stub with ed25519-dalek real signatures - QUIC: verify TLS certificate signatures (replace SkipServerVerification) - QUIC: enforce 1MB max message size before buffer allocation - Wallet: bounds-check serialization to prevent data corruption - RocksDB: safe slice bounds check instead of panic on short values
Use subtle::ConstantTimeEq for all cryptographic comparisons in Pedersen commitments and hash opening proofs to prevent timing side-channel attacks.
- Per-byte input gas charging at function entry - Storage write gas proportional to value size (max 64KB) - Address::derive() restricted to #[cfg(test)] - deploy_address() with random nonce for production use - InvalidInput error variant for proper error handling
- Add missing Agent trait import in hope_agents doc-tests - Export DagEvent from aingle_viz lib.rs - Fix infinite loop in EventBroadcaster doc-test
Aligns all 10 product crates (libraries + executables) for the v0.3.7 release. Inter-crate refs use semver "0.3" ranges which remain compatible. Crates: aingle_graph, aingle_zk, titans_memory, aingle_ai, aingle_logic, hope_agents, aingle_cortex, aingle_minimal, aingle_contracts, aingle_viz
Release v0.3.7 — Security hardening + legacy separation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Release v0.3.7
Production release merging all changes from
devsince v0.3.4.Breaking changes
AINGLE_JWT_SECRETenv var now required (featureauth)AINGLE_ADMIN_PASSWORDenv var now required (min 12 chars)CortexConfig::cors_enabled: bool→cors_allowed_origins: Vec<String>Security (17 fixes)
Crash prevention (3 fixes)
.zip()iterationfetch_updatewithchecked_subInfrastructure
excludecargo audit— 0 vulnerabilitiesVerified
cargo check --workspace— cleancargo test --workspace— 1321 passed, 0 failedcargo audit— 0 advisories🤖 Generated with Claude Code