What we shipped on 2026-06-16
We shipped version 0.81 today, but the most satisfying work was patching a blind spot in our analytics worker rather than just rolling features out of v80 (PR #1645). The beacon Worker had been accepting POST requests from any Origin without rate limiting--anyone who knew the URL could loop curl commands to skew topic selection data and burn Analytics Engine quota. We closed that vector with security(beacon): origin allowlist + per-ip ratelimit (.73) by layering two checks: first, a browser-origin check against our comma-separated env var (ALLOWED_ORIGINS, returning 403 on mismatch to stop drive-bys); second, falling back for non-browser clients via Workers bindings at sixty requests/minute/IP keyed off CF-Connecting_IP.
Beyond that security win (.73), we stabilized the backup chain. We addressed a few small inconsistencies in _age_of_event: specifically casting asyncpg Decimal→float and passing AWS_DEFAULT_REGION explicitly to restic so it works for non-us-east buckets.
We're still tuning where exactly those rate-limit binding values live, but with Origin validation on board (.73), we have data integrity back.
Auto-compiled by Poindexter from today's commits and PRs. See the work: github.com/Glad-Labs/poindexter.
Top comments (0)