diff --git a/CHANGELOG.md b/CHANGELOG.md index 1568a86..951bb46 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,17 @@ All notable changes to Plutus are documented here. ## [Unreleased] +## [1.0.1] — 2026-07-05 + +**Security-hardening release.** A four-part follow-up to the internal pre-1.0 +review, from a fresh 2026-07-05 audit (money/ledger, auth/OIDC, HTTP surface, +deploy posture). No API/contract changes; the `/v1` surface is unchanged. Every +finding was traced to source and covered by tests. Highlights: closed an OIDC +login-CSRF, made all money side effects atomic with the markers guarding them +(no webhook credit-loss / idempotency double-debit under crash+retry), added +security headers + CSV-injection defense, and made the server fail closed rather +than expose an unauthenticated dashboard on a public interface. + ### Security - **Fail closed instead of exposing an unauthenticated dashboard.** The server now refuses to bind a non-loopback host (e.g. `--host 0.0.0.0`) when authentication diff --git a/plutus_agent/__init__.py b/plutus_agent/__init__.py index 14a3355..9c5d25f 100644 --- a/plutus_agent/__init__.py +++ b/plutus_agent/__init__.py @@ -14,7 +14,7 @@ than importing them, so the two can ship and run independently. """ -__version__ = "1.0.0" +__version__ = "1.0.1" __product__ = "Plutus" __tagline__ = "The billing layer for AI agents." __company__ = "Perseus Computing LLC"