From fa781db4eade867d9f4b0d992ae96f7bd3dfb003 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Thu, 26 Mar 2026 23:16:05 +0000
Subject: [PATCH] chore: version packages

---
 .changeset/security-hardening.md   | 17 -----------------
 packages/agents/CHANGELOG.md       |  7 +++++++
 packages/agents/package.json       |  4 ++--
 packages/cli/CHANGELOG.md          | 22 ++++++++++++++++++++++
 packages/cli/package.json          |  6 +++---
 packages/orchestrator/CHANGELOG.md | 22 ++++++++++++++++++++++
 packages/orchestrator/package.json |  6 +++---
 packages/spec/CHANGELOG.md         | 16 ++++++++++++++++
 packages/spec/package.json         |  2 +-
 9 files changed, 76 insertions(+), 26 deletions(-)
 delete mode 100644 .changeset/security-hardening.md

diff --git a/.changeset/security-hardening.md b/.changeset/security-hardening.md
deleted file mode 100644
index dd3407c1..00000000
--- a/.changeset/security-hardening.md
+++ /dev/null
@@ -1,17 +0,0 @@
----
-"@questpie/autopilot": minor
-"@questpie/autopilot-spec": minor
-"@questpie/autopilot-orchestrator": minor
----
-
-Security hardening: 22 fixes across auth, API, agents, secrets, and dashboard
-
-**API Security:** CORS locked to configured origin (not `*`), security headers (X-Frame-Options, X-Content-Type-Options, HSTS, Referrer-Policy), X-Forwarded-For trusted proxy validation, request body size limits, reduced status endpoint payload for unauthenticated requests.
-
-**Agent Sandbox:** SSRF protection blocks private IPs in `http_request` tool, optional domain allowlist via `agent_http_allowlist`, per-agent `tools` config controls Claude SDK built-in tools (`fs` → read-only, `fs_write` → read/write, `terminal` → Bash), `PreToolUse` hooks enforce `fs_scope` write globs on Write/Edit and deny patterns on Read, filesystem browser enforces role-based scope for viewers.
-
-**Rate Limiting:** Agents now rate-limited (600/min general, 50/min search, 100/min chat), weighted sliding window algorithm, password reset rate limiter (3/15min), timing-safe HMAC and bearer token comparison.
-
-**Secrets & Keys:** Agent keys persisted across restarts (encrypted with master key), encrypted YAML support, secret masking in logs, API key hashing utility.
-
-**Auth:** Mandatory 2FA for owner/admin roles, invite-only registration via `.auth/invites.yaml`, password complexity (min 12 chars, digit + special), banned user session blocking, dashboard uses cookie-based auth (no more token in query params).
diff --git a/packages/agents/CHANGELOG.md b/packages/agents/CHANGELOG.md
index 9fcec241..21fd45ae 100644
--- a/packages/agents/CHANGELOG.md
+++ b/packages/agents/CHANGELOG.md
@@ -1,5 +1,12 @@
 # @questpie/autopilot-agents
 
+## 1.1.0
+
+### Patch Changes
+
+- Updated dependencies [[`4558577`](https://github.com/questpie/autopilot/commit/455857765ef97937992cad5fea1f632be1c7b987)]:
+  - @questpie/autopilot-spec@1.1.0
+
 ## 1.0.0
 
 ### Major Changes
diff --git a/packages/agents/package.json b/packages/agents/package.json
index 3a35411d..4d49561b 100644
--- a/packages/agents/package.json
+++ b/packages/agents/package.json
@@ -1,6 +1,6 @@
 {
 	"name": "@questpie/autopilot-agents",
-	"version": "1.0.0",
+	"version": "1.1.0",
 	"private": false,
 	"type": "module",
 	"description": "QUESTPIE Autopilot agent system prompt templates",
@@ -30,7 +30,7 @@
 		"typecheck": "bunx tsc --noEmit"
 	},
 	"dependencies": {
-		"@questpie/autopilot-spec": "1.0.0"
+		"@questpie/autopilot-spec": "1.1.0"
 	},
 	"devDependencies": {
 		"@types/bun": "^1.3.11",
diff --git a/packages/cli/CHANGELOG.md b/packages/cli/CHANGELOG.md
index c34c701e..608e1f04 100644
--- a/packages/cli/CHANGELOG.md
+++ b/packages/cli/CHANGELOG.md
@@ -1,5 +1,27 @@
 # @questpie/autopilot
 
+## 1.1.0
+
+### Minor Changes
+
+- [`4558577`](https://github.com/questpie/autopilot/commit/455857765ef97937992cad5fea1f632be1c7b987) Thanks [@drepkovsky](https://github.com/drepkovsky)! - Security hardening: 22 fixes across auth, API, agents, secrets, and dashboard
+
+  **API Security:** CORS locked to configured origin (not `*`), security headers (X-Frame-Options, X-Content-Type-Options, HSTS, Referrer-Policy), X-Forwarded-For trusted proxy validation, request body size limits, reduced status endpoint payload for unauthenticated requests.
+
+  **Agent Sandbox:** SSRF protection blocks private IPs in `http_request` tool, optional domain allowlist via `agent_http_allowlist`, per-agent `tools` config controls Claude SDK built-in tools (`fs` → read-only, `fs_write` → read/write, `terminal` → Bash), `PreToolUse` hooks enforce `fs_scope` write globs on Write/Edit and deny patterns on Read, filesystem browser enforces role-based scope for viewers.
+
+  **Rate Limiting:** Agents now rate-limited (600/min general, 50/min search, 100/min chat), weighted sliding window algorithm, password reset rate limiter (3/15min), timing-safe HMAC and bearer token comparison.
+
+  **Secrets & Keys:** Agent keys persisted across restarts (encrypted with master key), encrypted YAML support, secret masking in logs, API key hashing utility.
+
+  **Auth:** Mandatory 2FA for owner/admin roles, invite-only registration via `.auth/invites.yaml`, password complexity (min 12 chars, digit + special), banned user session blocking, dashboard uses cookie-based auth (no more token in query params).
+
+### Patch Changes
+
+- Updated dependencies [[`4558577`](https://github.com/questpie/autopilot/commit/455857765ef97937992cad5fea1f632be1c7b987)]:
+  - @questpie/autopilot-spec@1.1.0
+  - @questpie/autopilot-orchestrator@1.1.0
+
 ## 1.0.0
 
 ### Major Changes
diff --git a/packages/cli/package.json b/packages/cli/package.json
index d3e197da..947e980a 100644
--- a/packages/cli/package.json
+++ b/packages/cli/package.json
@@ -1,6 +1,6 @@
 {
 	"name": "@questpie/autopilot",
-	"version": "1.0.0",
+	"version": "1.1.0",
 	"private": false,
 	"type": "module",
 	"description": "AI-native company operating system. Your company is a container. Your employees are agents.",
@@ -42,8 +42,8 @@
 		"prepublishOnly": "rm -rf ./templates && cp -r ../../templates ./templates"
 	},
 	"dependencies": {
-		"@questpie/autopilot-orchestrator": "1.0.0",
-		"@questpie/autopilot-spec": "1.0.0",
+		"@questpie/autopilot-orchestrator": "1.1.0",
+		"@questpie/autopilot-spec": "1.1.0",
 		"commander": "^13.0.0",
 		"simple-git": "^3.27.0",
 		"yaml": "^2.7.0"
diff --git a/packages/orchestrator/CHANGELOG.md b/packages/orchestrator/CHANGELOG.md
index ffc4646a..74bb8fbc 100644
--- a/packages/orchestrator/CHANGELOG.md
+++ b/packages/orchestrator/CHANGELOG.md
@@ -1,5 +1,27 @@
 # @questpie/autopilot-orchestrator
 
+## 1.1.0
+
+### Minor Changes
+
+- [`4558577`](https://github.com/questpie/autopilot/commit/455857765ef97937992cad5fea1f632be1c7b987) Thanks [@drepkovsky](https://github.com/drepkovsky)! - Security hardening: 22 fixes across auth, API, agents, secrets, and dashboard
+
+  **API Security:** CORS locked to configured origin (not `*`), security headers (X-Frame-Options, X-Content-Type-Options, HSTS, Referrer-Policy), X-Forwarded-For trusted proxy validation, request body size limits, reduced status endpoint payload for unauthenticated requests.
+
+  **Agent Sandbox:** SSRF protection blocks private IPs in `http_request` tool, optional domain allowlist via `agent_http_allowlist`, per-agent `tools` config controls Claude SDK built-in tools (`fs` → read-only, `fs_write` → read/write, `terminal` → Bash), `PreToolUse` hooks enforce `fs_scope` write globs on Write/Edit and deny patterns on Read, filesystem browser enforces role-based scope for viewers.
+
+  **Rate Limiting:** Agents now rate-limited (600/min general, 50/min search, 100/min chat), weighted sliding window algorithm, password reset rate limiter (3/15min), timing-safe HMAC and bearer token comparison.
+
+  **Secrets & Keys:** Agent keys persisted across restarts (encrypted with master key), encrypted YAML support, secret masking in logs, API key hashing utility.
+
+  **Auth:** Mandatory 2FA for owner/admin roles, invite-only registration via `.auth/invites.yaml`, password complexity (min 12 chars, digit + special), banned user session blocking, dashboard uses cookie-based auth (no more token in query params).
+
+### Patch Changes
+
+- Updated dependencies [[`4558577`](https://github.com/questpie/autopilot/commit/455857765ef97937992cad5fea1f632be1c7b987)]:
+  - @questpie/autopilot-spec@1.1.0
+  - @questpie/autopilot-agents@1.1.0
+
 ## 1.0.0
 
 ### Major Changes
diff --git a/packages/orchestrator/package.json b/packages/orchestrator/package.json
index fdfc8c1a..0dde1aa9 100644
--- a/packages/orchestrator/package.json
+++ b/packages/orchestrator/package.json
@@ -1,6 +1,6 @@
 {
 	"name": "@questpie/autopilot-orchestrator",
-	"version": "1.0.0",
+	"version": "1.1.0",
 	"private": false,
 	"type": "module",
 	"description": "QUESTPIE Autopilot orchestrator runtime",
@@ -27,8 +27,8 @@
 		"@google/genai": "^1.46.0",
 		"@hono/standard-validator": "^0.2.2",
 		"@huggingface/transformers": "^3.8.1",
-		"@questpie/autopilot-agents": "1.0.0",
-		"@questpie/autopilot-spec": "1.0.0",
+		"@questpie/autopilot-agents": "1.1.0",
+		"@questpie/autopilot-spec": "1.1.0",
 		"@scalar/hono-api-reference": "^0.10.4",
 		"better-auth": "^1.5.6",
 		"chokidar": "^4.0.0",
diff --git a/packages/spec/CHANGELOG.md b/packages/spec/CHANGELOG.md
index e128329e..778e47d3 100644
--- a/packages/spec/CHANGELOG.md
+++ b/packages/spec/CHANGELOG.md
@@ -1,5 +1,21 @@
 # @questpie/autopilot-spec
 
+## 1.1.0
+
+### Minor Changes
+
+- [`4558577`](https://github.com/questpie/autopilot/commit/455857765ef97937992cad5fea1f632be1c7b987) Thanks [@drepkovsky](https://github.com/drepkovsky)! - Security hardening: 22 fixes across auth, API, agents, secrets, and dashboard
+
+  **API Security:** CORS locked to configured origin (not `*`), security headers (X-Frame-Options, X-Content-Type-Options, HSTS, Referrer-Policy), X-Forwarded-For trusted proxy validation, request body size limits, reduced status endpoint payload for unauthenticated requests.
+
+  **Agent Sandbox:** SSRF protection blocks private IPs in `http_request` tool, optional domain allowlist via `agent_http_allowlist`, per-agent `tools` config controls Claude SDK built-in tools (`fs` → read-only, `fs_write` → read/write, `terminal` → Bash), `PreToolUse` hooks enforce `fs_scope` write globs on Write/Edit and deny patterns on Read, filesystem browser enforces role-based scope for viewers.
+
+  **Rate Limiting:** Agents now rate-limited (600/min general, 50/min search, 100/min chat), weighted sliding window algorithm, password reset rate limiter (3/15min), timing-safe HMAC and bearer token comparison.
+
+  **Secrets & Keys:** Agent keys persisted across restarts (encrypted with master key), encrypted YAML support, secret masking in logs, API key hashing utility.
+
+  **Auth:** Mandatory 2FA for owner/admin roles, invite-only registration via `.auth/invites.yaml`, password complexity (min 12 chars, digit + special), banned user session blocking, dashboard uses cookie-based auth (no more token in query params).
+
 ## 1.0.0
 
 ### Major Changes
diff --git a/packages/spec/package.json b/packages/spec/package.json
index f00f7d8f..ae8b769b 100644
--- a/packages/spec/package.json
+++ b/packages/spec/package.json
@@ -1,6 +1,6 @@
 {
 	"name": "@questpie/autopilot-spec",
-	"version": "1.0.0",
+	"version": "1.1.0",
 	"private": false,
 	"type": "module",
 	"description": "QUESTPIE Autopilot filesystem conventions, Zod schemas, and TypeScript types",