v0.12.0 — Polish & Hardening

Generic next-release bucket. Picks up follow-ups deferred from v0.11.0 (config polish, schema versioning, deprecation timelines) and absorbs whatever incremental work lands between v0.11 and v0.12.

Currently planned:

Not enough history yet — burndown needs at least one completed day of activity.

Progress 2/2 work items

Config polish follow-ups from v0.11.0 review (WORK-176): schema URL versioning, mirroring footgun, three-shapes deprecation timeline, target field review.
Security policy for transform pipeline (WORK-177): opt-in SecurityPolicy so hosted products can render untrusted content with layered defences (sanitisation, iframe sandbox attr, meta-CSP, separate-origin escape hatch). Default stays trusted — no behaviour change for self-hosted users.

Add other items as they emerge.

Work Items

Done 2

WORK-176 main

v0.11.0 config follow-ups

A handful of concerns surfaced during the v0.11.0 design review that we deliberately deferred rather than block the milestone. None are urgent; all are worth addressing before the unified config shape ossifies further.

medium moderate

11/11 criteria

WORK-177 main

Security policy for transform pipeline (sandbox hardening)

Today the transform pipeline assumes its input is trusted. The sandbox rune in particular concatenates author HTML/CSS/JS into a srcdoc iframe with sandbox="allow-scripts allow-same-origin" (packages/behaviors/src/elements/sandbox.ts:127), which gives author scripts the parent origin's cookies, localStorage, and DOM. That's fine for self-hosted single-author projects but unsafe for any hosted product surface that renders content from one tenant in another tenant's session.Add an opt-in security policy on the pipeline so hosts can render untrusted content with layered defences (sanitisation, CSP, iframe sandbox, optional separate origin) without breaking the trusted-default behaviour self-hosted users rely on.

high moderate

19/19 criteria