Skip to content

chore(release): assure, prune, and sync docs for v1.1.25 #94

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
shenald-dev merged 1 commit into from
Apr 27, 2026
Merged

chore(release): assure, prune, and sync docs for v1.1.25 #94

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions .jules/warden.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -132,3 +132,9 @@ Observation / Pruned:
Assessed JULES/BOLT's optimization changing global `express.json` middleware into a route-specific middleware. This prevents unhandled routes (e.g. 404s) from attempting to buffer and parse large JSON payloads, saving CPU cycles and mitigating DoS vectors. The JSON error handler was effectively moved correctly to preserve functionality. Ran full tests and robustness scripts to verify correct validation edge cases pass. Zero unused files or exports were identified for pruning.
Alignment / Deferred:
Appended release notes for performance and security patch. Version bumped to 1.1.24.

2026-04-27 — Assessment & Lifecycle
Observation / Pruned:
Assessed BOLT's optimization moving the `/health` endpoint above `helmet()` and `cors()` middlewares, while manually setting `Content-Type`. This effectively prevents parsing and middleware overhead for frequent health check pings without compromising the expected response headers. Also bumped minor/patch versions via `npm update`. No dead code or unused files found, as previous optimizations have pruned effectively.
Alignment / Deferred:
Appended release notes for performance patch. Version bumped to 1.1.25.
4 changes: 4 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
## v1.1.25 - 2026-04-27
### Changed
- **Performance:** Moved the `/health` endpoint above `helmet()` and `cors()` middlewares, saving significant CPU cycle overhead on load balancer pings by skipping unnecessary security header injections and CORS processing for this specific endpoint. No dead code pruned.

## v1.1.24 - 2026-04-25
### Changed
- **Security/Performance:** Modified the `express.json()` middleware to act as a route-specific middleware on `/v1/chat/completions` rather than globally. This prevents unnecessary JSON parsing for non-existent endpoints (like 404 routes), mitigating potential CPU exhaustion DoS vectors from large arbitrary payloads.
Expand Down
30 changes: 15 additions & 15 deletions package-lock.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "one-api",
"version": "1.1.24",
"version": "1.1.25",
"description": "One API to rule them all. Unified gateway for 20+ LLM providers. OpenAI-compatible, single binary, zero config.",
"main": "src/index.js",
"scripts": {
Expand Down
Loading