docs: clarify intentional network-visible canvas model in security policy
- 7c9130f docs: require SECURITY.md before GHSA reviews
- cf6edc6 docs(changelog): credit allsmog for Lobster security report
- 0e85380 style: format files and fix safe-bins e2e typing
- 268b0dc style: fix formatting drift in security allowlist checks
- 74c51ae style: format gateway server methods
- 758ea3c style: apply oxfmt import ordering for check
- d9046f0 chore(deps): update dependencies to latest
- 182ffdf test: dedupe zai env test setup and cover blank legacy key
- 4ddc4df test: dedupe fetch cleanup-throw signal harness
- 7426848 test(feishu): add mention regex injection regressions
- 79ab492 test: dedupe extracted-size budget assertions in archive tests
-
- 7c9130f docs: require SECURITY.md before GHSA reviews
- cf6edc6 docs(changelog): credit allsmog for Lobster security report
Tests / Style / Chore
- 3c127b6 test: dedupe provider usage tests and expand coverage- 0e85380 style: format files and fix safe-bins e2e typing
- 268b0dc style: fix formatting drift in security allowlist checks
- 74c51ae style: format gateway server methods
- 758ea3c style: apply oxfmt import ordering for check
- d9046f0 chore(deps): update dependencies to latest
- 182ffdf test: dedupe zai env test setup and cover blank legacy key
- 4ddc4df test: dedupe fetch cleanup-throw signal harness
- 7426848 test(feishu): add mention regex injection regressions
- 79ab492 test: dedupe extracted-size budget assertions in archive tests
-
