shadowbipnode/sysai-assistant

SysAI v1.3.3-beta

This release focuses on security hardening, privacy improvements, Windows installer support and developer workflow cleanup.

Highlights

• Added Content Security Policy hardening
• Removed remote Google Fonts dependency
• Improved local-first/privacy posture
• Added safe external URL validation for Electron
• Removed scanner HTTP fallback and kept scanners IPC-only
• Added secure storage fallback warning
• Added ESLint workflow and improved lint configuration
• Added automated Windows NSIS build workflow via GitHub Actions
• Added native Windows installer support
• Updated README with Windows beta and security notes

Security improvements

• External links are now restricted to safe HTTP/HTTPS protocols
• Scanner functionality is limited to Electron IPC instead of unused HTTP fallback endpoints
• CSP now restricts scripts, images, fonts, connections and object sources
• API key storage fallback is now explicitly warned when secure storage is unavailable

Privacy improvements

• Removed Google Fonts remote import
• UI now uses local/system font fallbacks
• Reduced external network dependencies
• Improved local-first operational model

Windows support

SysAI now includes:

• Native Windows NSIS installer
• Portable/unpacked ZIP build
• Automated Windows builds through GitHub Actions

Downloads

Linux:

• AppImage
• DEB
• RPM

Windows:

• NSIS Installer (.exe)
• Portable/unpacked ZIP beta build

Notes

Windows support remains beta.
Unsigned Windows builds may trigger SmartScreen warnings.

Feedback, bug reports and real-world infrastructure testing are extremely valuable at this stage.