chore: version packages

packages/agents/CHANGELOG.md

@@ -1,5 +1,12 @@
 # @questpie/autopilot-agents
 
+## 1.1.0
+
+### Patch Changes
+
+- Updated dependencies [[`4558577`](https://github.com/questpie/autopilot/commit/455857765ef97937992cad5fea1f632be1c7b987)]:
+  - @questpie/autopilot-spec@1.1.0
+
 ## 1.0.0
 
 ### Major Changes

packages/agents/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@questpie/autopilot-agents",
-	"version": "1.0.0",
+	"version": "1.1.0",
 	"private": false,
 	"type": "module",
 	"description": "QUESTPIE Autopilot agent system prompt templates",
@@ -30,7 +30,7 @@
 		"typecheck": "bunx tsc --noEmit"
 	},
 	"dependencies": {
-		"@questpie/autopilot-spec": "1.0.0"
+		"@questpie/autopilot-spec": "1.1.0"
 	},
 	"devDependencies": {
 		"@types/bun": "^1.3.11",

packages/cli/CHANGELOG.md

@@ -1,5 +1,27 @@
 # @questpie/autopilot
 
+## 1.1.0
+
+### Minor Changes
+
+- [`4558577`](https://github.com/questpie/autopilot/commit/455857765ef97937992cad5fea1f632be1c7b987) Thanks [@drepkovsky](https://github.com/drepkovsky)! - Security hardening: 22 fixes across auth, API, agents, secrets, and dashboard
+
+  **API Security:** CORS locked to configured origin (not `*`), security headers (X-Frame-Options, X-Content-Type-Options, HSTS, Referrer-Policy), X-Forwarded-For trusted proxy validation, request body size limits, reduced status endpoint payload for unauthenticated requests.
+
+  **Agent Sandbox:** SSRF protection blocks private IPs in `http_request` tool, optional domain allowlist via `agent_http_allowlist`, per-agent `tools` config controls Claude SDK built-in tools (`fs` → read-only, `fs_write` → read/write, `terminal` → Bash), `PreToolUse` hooks enforce `fs_scope` write globs on Write/Edit and deny patterns on Read, filesystem browser enforces role-based scope for viewers.
+
+  **Rate Limiting:** Agents now rate-limited (600/min general, 50/min search, 100/min chat), weighted sliding window algorithm, password reset rate limiter (3/15min), timing-safe HMAC and bearer token comparison.
+
+  **Secrets & Keys:** Agent keys persisted across restarts (encrypted with master key), encrypted YAML support, secret masking in logs, API key hashing utility.
+
+  **Auth:** Mandatory 2FA for owner/admin roles, invite-only registration via `.auth/invites.yaml`, password complexity (min 12 chars, digit + special), banned user session blocking, dashboard uses cookie-based auth (no more token in query params).
+
+### Patch Changes
+
+- Updated dependencies [[`4558577`](https://github.com/questpie/autopilot/commit/455857765ef97937992cad5fea1f632be1c7b987)]:
+  - @questpie/autopilot-spec@1.1.0
+  - @questpie/autopilot-orchestrator@1.1.0
+
 ## 1.0.0
 
 ### Major Changes

packages/cli/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@questpie/autopilot",
-	"version": "1.0.0",
+	"version": "1.1.0",
 	"private": false,
 	"type": "module",
 	"description": "AI-native company operating system. Your company is a container. Your employees are agents.",
@@ -42,8 +42,8 @@
 		"prepublishOnly": "rm -rf ./templates && cp -r ../../templates ./templates"
 	},
 	"dependencies": {
-		"@questpie/autopilot-orchestrator": "1.0.0",
-		"@questpie/autopilot-spec": "1.0.0",
+		"@questpie/autopilot-orchestrator": "1.1.0",
+		"@questpie/autopilot-spec": "1.1.0",
 		"commander": "^13.0.0",
 		"simple-git": "^3.27.0",
 		"yaml": "^2.7.0"

packages/orchestrator/CHANGELOG.md

@@ -1,5 +1,27 @@
 # @questpie/autopilot-orchestrator
 
+## 1.1.0
+
+### Minor Changes
+
+- [`4558577`](https://github.com/questpie/autopilot/commit/455857765ef97937992cad5fea1f632be1c7b987) Thanks [@drepkovsky](https://github.com/drepkovsky)! - Security hardening: 22 fixes across auth, API, agents, secrets, and dashboard
+
+  **API Security:** CORS locked to configured origin (not `*`), security headers (X-Frame-Options, X-Content-Type-Options, HSTS, Referrer-Policy), X-Forwarded-For trusted proxy validation, request body size limits, reduced status endpoint payload for unauthenticated requests.
+
+  **Agent Sandbox:** SSRF protection blocks private IPs in `http_request` tool, optional domain allowlist via `agent_http_allowlist`, per-agent `tools` config controls Claude SDK built-in tools (`fs` → read-only, `fs_write` → read/write, `terminal` → Bash), `PreToolUse` hooks enforce `fs_scope` write globs on Write/Edit and deny patterns on Read, filesystem browser enforces role-based scope for viewers.
+
+  **Rate Limiting:** Agents now rate-limited (600/min general, 50/min search, 100/min chat), weighted sliding window algorithm, password reset rate limiter (3/15min), timing-safe HMAC and bearer token comparison.
+
+  **Secrets & Keys:** Agent keys persisted across restarts (encrypted with master key), encrypted YAML support, secret masking in logs, API key hashing utility.
+
+  **Auth:** Mandatory 2FA for owner/admin roles, invite-only registration via `.auth/invites.yaml`, password complexity (min 12 chars, digit + special), banned user session blocking, dashboard uses cookie-based auth (no more token in query params).
+
+### Patch Changes
+
+- Updated dependencies [[`4558577`](https://github.com/questpie/autopilot/commit/455857765ef97937992cad5fea1f632be1c7b987)]:
+  - @questpie/autopilot-spec@1.1.0
+  - @questpie/autopilot-agents@1.1.0
+
 ## 1.0.0
 
 ### Major Changes

packages/orchestrator/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@questpie/autopilot-orchestrator",
-	"version": "1.0.0",
+	"version": "1.1.0",
 	"private": false,
 	"type": "module",
 	"description": "QUESTPIE Autopilot orchestrator runtime",
@@ -27,8 +27,8 @@
 		"@google/genai": "^1.46.0",
 		"@hono/standard-validator": "^0.2.2",
 		"@huggingface/transformers": "^3.8.1",
-		"@questpie/autopilot-agents": "1.0.0",
-		"@questpie/autopilot-spec": "1.0.0",
+		"@questpie/autopilot-agents": "1.1.0",
+		"@questpie/autopilot-spec": "1.1.0",
 		"@scalar/hono-api-reference": "^0.10.4",
 		"better-auth": "^1.5.6",
 		"chokidar": "^4.0.0",

packages/spec/CHANGELOG.md

@@ -1,5 +1,21 @@
 # @questpie/autopilot-spec
 
+## 1.1.0
+
+### Minor Changes
+
+- [`4558577`](https://github.com/questpie/autopilot/commit/455857765ef97937992cad5fea1f632be1c7b987) Thanks [@drepkovsky](https://github.com/drepkovsky)! - Security hardening: 22 fixes across auth, API, agents, secrets, and dashboard
+
+  **API Security:** CORS locked to configured origin (not `*`), security headers (X-Frame-Options, X-Content-Type-Options, HSTS, Referrer-Policy), X-Forwarded-For trusted proxy validation, request body size limits, reduced status endpoint payload for unauthenticated requests.
+
+  **Agent Sandbox:** SSRF protection blocks private IPs in `http_request` tool, optional domain allowlist via `agent_http_allowlist`, per-agent `tools` config controls Claude SDK built-in tools (`fs` → read-only, `fs_write` → read/write, `terminal` → Bash), `PreToolUse` hooks enforce `fs_scope` write globs on Write/Edit and deny patterns on Read, filesystem browser enforces role-based scope for viewers.
+
+  **Rate Limiting:** Agents now rate-limited (600/min general, 50/min search, 100/min chat), weighted sliding window algorithm, password reset rate limiter (3/15min), timing-safe HMAC and bearer token comparison.
+
+  **Secrets & Keys:** Agent keys persisted across restarts (encrypted with master key), encrypted YAML support, secret masking in logs, API key hashing utility.
+
+  **Auth:** Mandatory 2FA for owner/admin roles, invite-only registration via `.auth/invites.yaml`, password complexity (min 12 chars, digit + special), banned user session blocking, dashboard uses cookie-based auth (no more token in query params).
+
 ## 1.0.0
 
 ### Major Changes

packages/spec/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@questpie/autopilot-spec",
-	"version": "1.0.0",
+	"version": "1.1.0",
 	"private": false,
 	"type": "module",
 	"description": "QUESTPIE Autopilot filesystem conventions, Zod schemas, and TypeScript types",