InsForge

v2.1.3 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 23d AI Agents & Assistants

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

ai ai-agents coding deno embeddings insforge

+7 more

nextjs oauth2 pgvector postgresql realtime vectors websockets

Affected surfaces

auth rce_ssrf

ReleasePort's take

Moderate signal

editorial:auto 13d

The release implements two-tier sandbox isolation for serverless functions and updates several components.

Why it matters: Security: implement the new two‑tier sandbox isolation for serverless functions to mitigate escape risks; migrate any affected projects before deploying v2.1.3.

Summary

AI summary

Two-tier sandbox isolation for serverless functions implemented.

Changes in this release

Type	Severity	Summary	CVE
Security	Medium	Implemented two-tier sandbox isolation for serverless functions. Implemented two-tier sandbox isolation for serverless functions. Source: llm_adapter@2026-05-21 Confidence: low	—
Feature	Medium	Added disable new user signups toggle to auth. Added disable new user signups toggle to auth. Source: llm_adapter@2026-05-21 Confidence: low	—
Dependency	Medium	Bumped version to v2.1.3. Bumped version to v2.1.3. Source: llm_adapter@2026-05-21 Confidence: low	—
Deprecation	Medium	Removed project restoring page. Removed project restoring page. Source: llm_adapter@2026-05-21 Confidence: low	—
Bugfix
Bugfix	Medium	Prepend `n-` to Fly network name for digit-leading APP_KEYs. Prepend `n-` to Fly network name for digit-leading APP_KEYs. Source: llm_adapter@2026-05-21 Confidence: high	—
Bugfix	Medium	Replaced bespoke wildcard matching with glob-based redirects in auth. Replaced bespoke wildcard matching with glob-based redirects in auth. Source: llm_adapter@2026-05-21 Confidence: high	—
Bugfix	Medium	Made migration 038_create-compute-services idempotent. Made migration 038_create-compute-services idempotent. Source: llm_adapter@2026-05-21 Confidence: low	—
Other
Other	Medium	Fixed repository URL case in README. Fixed repository URL case in README. Source: llm_adapter@2026-05-21 Confidence: low	—
Other	Medium	Fixed repository URL case and npm command in contributing guide. Fixed repository URL case and npm command in contributing guide. Source: llm_adapter@2026-05-21 Confidence: low	—
Other	Medium	Deleted orphaned SDK pages. Deleted orphaned SDK pages. Source: llm_adapter@2026-05-21 Confidence: low	—
Other	Medium	Removed emoji from partnership feature lists. Removed emoji from partnership feature lists. Source: llm_adapter@2026-05-21 Confidence: low	—

Full changelog

What's Changed

fix(compute): prepend n- to Fly network name (digit-leading APP_KEYs) by @tonychang04 in https://github.com/InsForge/InsForge/pull/1228
INS-166 Remove project restoring page by @Fermionic-Lyu in https://github.com/InsForge/InsForge/pull/1229
security: implement two-tier sandbox isolation for serverless functions by @prakharsingh-74 in https://github.com/InsForge/InsForge/pull/1137
docs(readme): fix repo URL case to InsForge/InsForge by @Hariharan79 in https://github.com/InsForge/InsForge/pull/1241
fix(auth): replace bespoke wildcard matching with glob-based redirect… by @Davidson3556 in https://github.com/InsForge/InsForge/pull/1235
feat(auth): add disable new user signups toggle by @junaiddshaukat in https://github.com/InsForge/InsForge/pull/1244
fix(migrations): make 038_create-compute-services idempotent by @tonychang04 in https://github.com/InsForge/InsForge/pull/1246
docs(contributing): fix repo URL case and npm command by @Hariharan79 in https://github.com/InsForge/InsForge/pull/1240
docs: delete orphaned SDK pages by @Hariharan79 in https://github.com/InsForge/InsForge/pull/1237
docs(partnership): remove emoji from feature lists by @Hariharan79 in https://github.com/InsForge/InsForge/pull/1236
bump version to v2.1.3 by @tonychang04 in https://github.com/InsForge/InsForge/pull/1247

New Contributors

@Hariharan79 made their first contribution in https://github.com/InsForge/InsForge/pull/1241

Full Changelog: https://github.com/InsForge/InsForge/compare/v2.1.2...v2.1.3

Security Fixes

Implement two-tier sandbox isolation for serverless functions

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track InsForge

Get notified when new releases ship.

About InsForge

All releases →

Related context

Related tools

Earlier breaking changes

v2.1.8 Restricts raw SQL permission to project_admin role only.