ltcai 4.2.0 → 4.3.1

package/latticeai/api/models.py

@@ -62,6 +62,7 @@ class LoadModelRequest(BaseModel):
     user_email: Optional[str] = None
     adapter_path: Optional[str] = None
     draft_model_id: Optional[str] = None
+    allow_download: bool = False
 
 
 class InstallEngineRequest(BaseModel):
@@ -82,6 +83,7 @@ class PrepareModelRequest(BaseModel):
     model: str
     engine: Optional[str] = None
     user_email: Optional[str] = None
+    allow_download: bool = False
 
 
 class VerifyCloudRequest(BaseModel):
@@ -127,9 +129,57 @@ def create_models_router(
     REQUIRE_AUTH = require_auth
     _list_compat_profiles = list_compat_profiles
 
-    def _recommended_with_engine_options(items: List[Dict[str, object]]) -> List[Dict[str, object]]:
+    def _recommended_with_engine_options(
+        items: List[Dict[str, object]],
+        engines: Optional[List[Dict[str, object]]] = None,
+        loaded_ids: Optional[List[str]] = None,
+        current_id: Optional[str] = None,
+    ) -> List[Dict[str, object]]:
+        engine_lookup = {str(engine.get("id") or ""): engine for engine in engines or []}
+        model_lookup: Dict[str, Dict[str, object]] = {}
+        for engine in engines or []:
+            engine_id = str(engine.get("id") or "")
+            for model in engine.get("models") or []:
+                if isinstance(model, dict):
+                    model_lookup[str(model.get("id") or "")] = {**model, "_engine": engine_id}
+        loaded = set(loaded_ids or [])
         out: List[Dict[str, object]] = []
         for item in items:
+            short_id = str(item["id"]).lower()
+            aliases = MODEL_ENGINE_ALIASES.get(short_id) or {}
+            options: List[Dict[str, str]] = []
+            for engine_name in ("local_mlx", "ollama", "lmstudio", "llamacpp", "vllm"):
+                real = aliases.get(engine_name)
+                if not real:
+                    continue
+                options.append({
+                    "engine": engine_name,
+                    "model_id": real,
+                    "load_id": real if engine_name == "local_mlx" else f"{engine_name}:{real}",
+                })
+            if not options:
+                options.append({"engine": "local_mlx", "model_id": item["id"], "load_id": item["id"]})
+            recommended_engine = options[0]["engine"]
+            load_id = options[0]["load_id"]
+            engine_info = engine_lookup.get(recommended_engine) or {}
+            model_info = model_lookup.get(load_id) or model_lookup.get(str(item["id"])) or {}
+            pulled = bool(model_info.get("pulled"))
+            is_loaded = load_id in loaded or str(item["id"]) in loaded or current_id in {load_id, str(item["id"])}
+            engine_installed = bool(engine_info.get("installed"))
+            pullable = bool(item.get("pullable", True))
+            download_required = bool(pullable and not pulled and not is_loaded)
+            if is_loaded:
+                load_status = "loaded"
+                unavailable_reason = None
+            elif not engine_installed:
+                load_status = "unavailable"
+                unavailable_reason = f"{engine_info.get('name') or recommended_engine} runtime is not installed."
+            elif download_required:
+                load_status = "download_required"
+                unavailable_reason = "Model files are not present locally. Downloads are opt-in and never start from token/model presence alone."
+            else:
+                load_status = "ready"
+                unavailable_reason = None
             base = {
                 "id": item["id"],
                 "name": item["name"],
@@ -144,23 +194,15 @@ def create_models_router(
                 "run_location": item.get("run_location"),
                 "internet_requirement": item.get("internet_requirement"),
                 "source_display_order": item.get("source_display_order"),
+                "pulled": pulled,
+                "download_required": download_required,
+                "load_available": is_loaded or (engine_installed and not download_required),
+                "load_status": load_status,
+                "unavailable_reason": unavailable_reason,
             }
-            short_id = str(item["id"]).lower()
-            aliases = MODEL_ENGINE_ALIASES.get(short_id) or {}
-            options: List[Dict[str, str]] = []
-            for engine_name in ("local_mlx", "ollama", "lmstudio", "llamacpp", "vllm"):
-                real = aliases.get(engine_name)
-                if not real:
-                    continue
-                options.append({
-                    "engine": engine_name,
-                    "model_id": real,
-                    "load_id": real if engine_name == "local_mlx" else f"{engine_name}:{real}",
-                })
-            if not options:
-                options.append({"engine": "local_mlx", "model_id": item["id"], "load_id": item["id"]})
             base["engine_options"] = options
-            base["recommended_engine"] = options[0]["engine"]
+            base["recommended_engine"] = recommended_engine
+            base["recommended_load_id"] = load_id
             out.append(base)
         return out
 
@@ -232,6 +274,7 @@ def create_models_router(
         require_user(request)
         return await prepare_and_load_model(
             req.model, request, engine=req.engine, user_email=req.user_email,
+            allow_download=req.allow_download,
         )
 
     @router.post("/engines/prepare-model/stream")
@@ -242,6 +285,7 @@ def create_models_router(
             try:
                 async for chunk in prepare_and_load_model_stream(
                     req.model, request, engine=req.engine, user_email=req.user_email,
+                    allow_download=req.allow_download,
                 ):
                     yield chunk
             except HTTPException as exc:
@@ -287,10 +331,13 @@ def create_models_router(
 
     @router.get("/models")
     async def list_models():
+        engines = await asyncio.to_thread(engine_status)
         recommended = _recommended_with_engine_options(
-            list(filter_lower_family_versions(ENGINE_MODEL_CATALOG.get("local_mlx", [])))
+            list(filter_lower_family_versions(ENGINE_MODEL_CATALOG.get("local_mlx", []))),
+            engines=engines,
+            loaded_ids=_router.loaded_model_ids,
+            current_id=_router.current_model_id,
         )
-        engines = await asyncio.to_thread(engine_status)
         return {
             "recommended": recommended,
             "cloud": _router.detected_cloud_models(),
@@ -319,6 +366,7 @@ def create_models_router(
             return await prepare_and_load_model(
                 model_id, request, engine=req.engine, user_email=req.user_email,
                 adapter_path=req.adapter_path, draft_model_id=req.draft_model_id,
+                allow_download=req.allow_download,
             )
         except HTTPException:
             raise

package/latticeai/api/portability.py

@@ -26,6 +26,8 @@ class BackupRequest(BaseModel):
 class RestoreRequest(BaseModel):
     path: str
     verify: bool = True
+    dry_run: bool = False
+    confirm: bool = False
 
 
 class EncryptedArchiveRequest(BaseModel):
@@ -36,6 +38,18 @@ class EncryptedArchiveRequest(BaseModel):
 class EncryptedRestoreRequest(BaseModel):
     path: str
     passphrase: str
+    dry_run: bool = False
+    confirm: bool = False
+
+
+class EncryptedInspectRequest(BaseModel):
+    path: str
+    passphrase: Optional[str] = None
+
+
+class EncryptedVerifyRequest(BaseModel):
+    path: str
+    passphrase: str
 
 
 class DockerPostgresRequest(BaseModel):
@@ -74,6 +88,12 @@ def create_portability_router(
         _require_service()
         return service.storage_status()
 
+    @router.get("/api/knowledge-graph/backup-health")
+    async def backup_health(request: Request):
+        require_user(request)
+        _require_service()
+        return service.backup_health()
+
     @router.get("/api/knowledge-graph/provenance")
     async def recent_provenance(request: Request, limit: int = 50, source_type: Optional[str] = None):
         """Recent ingestions (provenance trail) for the ingestion-sources UI."""
@@ -114,7 +134,7 @@ def create_portability_router(
         require_admin(request)
         _require_service()
         try:
-            return service.restore(req.path, verify=req.verify)
+            return service.restore(req.path, verify=req.verify, dry_run=req.dry_run, confirm=req.confirm)
         except (ValueError, FileNotFoundError) as exc:
             raise HTTPException(status_code=400, detail=str(exc))
 
@@ -127,12 +147,49 @@ def create_portability_router(
         except (ValueError, FileNotFoundError) as exc:
             raise HTTPException(status_code=400, detail=str(exc))
 
+    @router.post("/api/knowledge-graph/archive/inspect")
+    async def inspect_encrypted_archive(req: EncryptedInspectRequest, request: Request):
+        require_admin(request)
+        _require_service()
+        try:
+            return service.inspect_encrypted_archive(req.path, passphrase=req.passphrase)
+        except (ValueError, FileNotFoundError) as exc:
+            raise HTTPException(status_code=400, detail=str(exc))
+
+    @router.post("/api/knowledge-graph/archive/verify")
+    async def verify_encrypted_archive(req: EncryptedVerifyRequest, request: Request):
+        require_admin(request)
+        _require_service()
+        result = service.verify_encrypted_archive(req.path, passphrase=req.passphrase)
+        if not result.get("ok"):
+            raise HTTPException(status_code=400, detail="; ".join(result.get("errors") or ["Archive verification failed."]))
+        return result
+
+    @router.post("/api/knowledge-graph/archive/import")
+    async def import_encrypted_archive(req: EncryptedRestoreRequest, request: Request):
+        require_admin(request)
+        _require_service()
+        try:
+            return service.import_encrypted_archive(
+                req.path,
+                passphrase=req.passphrase,
+                dry_run=req.dry_run,
+                confirm=req.confirm,
+            )
+        except (ValueError, FileNotFoundError) as exc:
+            raise HTTPException(status_code=400, detail=str(exc))
+
     @router.post("/api/knowledge-graph/archive/restore")
     async def restore_encrypted_archive(req: EncryptedRestoreRequest, request: Request):
         require_admin(request)
         _require_service()
         try:
-            return service.restore_encrypted_archive(req.path, passphrase=req.passphrase)
+            return service.restore_encrypted_archive(
+                req.path,
+                passphrase=req.passphrase,
+                dry_run=req.dry_run,
+                confirm=req.confirm,
+            )
         except (ValueError, FileNotFoundError) as exc:
             raise HTTPException(status_code=400, detail=str(exc))
 

package/latticeai/app_factory.py

@@ -154,6 +154,7 @@ def _build(config: "Optional[Config]" = None) -> Dict[str, Any]:
     from latticeai.api.hooks import create_hooks_router
     from latticeai.core.hooks import HooksRegistry
     from latticeai.core.builtin_hooks import register_builtin_hook_runners
+    from latticeai.core.product_hardening import build_product_hardening_status
     from latticeai.api.agent_registry import create_agent_registry_router
     from latticeai.core.agent_registry import AgentRegistry
     from latticeai.api.memory import create_memory_router
@@ -1256,6 +1257,13 @@ def _build(config: "Optional[Config]" = None) -> Dict[str, Any]:
         except Exception as e:
             return {"error": str(e)}
 
+    def _product_hardening_status():
+        return build_product_hardening_status(
+            config=CONFIG,
+            portability=KG_PORTABILITY,
+            device_identity=DEVICE_IDENTITY,
+        )
+
     app.include_router(create_admin_router(
         require_admin=require_admin, require_user=require_user,
         load_users=load_users, save_users=save_users,
@@ -1270,6 +1278,7 @@ def _build(config: "Optional[Config]" = None) -> Dict[str, Any]:
         invite_code=INVITE_CODE, invite_gate_enabled=INVITE_GATE_ENABLED,
         default_port=DEFAULT_PORT,
         policy_matrix=policy_matrix,
+        product_hardening_status=_product_hardening_status,
     ))
 
     app.include_router(create_invitations_router(

package/latticeai/brain/projection.py

@@ -94,17 +94,24 @@ class KnowledgeGraphProjectionMixin:
         """
         if KGStoreV2 is None or _exec_script is None:
             return
+        self._v2_projection_available = False
         try:
             self._backup_before_v2_flip()
             with self._connect() as conn:
                 conn.execute("BEGIN")
                 stale = self._projection_version(conn) != _PROJECTION_VERSION
+                # Reconstruction views are non-authoritative. Recreate them on
+                # every startup so older SQLite rename migrations cannot strand
+                # a view against a temporary table such as edges_v2_old.
+                for stmt in (
+                    "DROP VIEW IF EXISTS kgv2_edges",
+                    "DROP VIEW IF EXISTS kgv2_nodes",
+                ):
+                    conn.execute(stmt)
                 if stale:
                     # The projection is non-authoritative; drop it so init_schema
                     # recreates the tables with the current normalized columns.
                     for stmt in (
-                        "DROP VIEW IF EXISTS kgv2_edges",
-                        "DROP VIEW IF EXISTS kgv2_nodes",
                         "DROP TABLE IF EXISTS edges_v2",
                         "DROP TABLE IF EXISTS nodes_v2",
                     ):
@@ -128,6 +135,9 @@ class KnowledgeGraphProjectionMixin:
                     (_V2_WRITE_MASTER_KEY, _V2_WRITE_MASTER_KEY, mastered_at),
                 )
                 conn.execute(f"PRAGMA user_version={_KG_DB_FORMAT_VERSION}")
+                conn.execute("SELECT 1 FROM kgv2_nodes LIMIT 1").fetchone()
+                conn.execute("SELECT 1 FROM kgv2_edges LIMIT 1").fetchone()
+            self._v2_projection_available = True
         except Exception as e:
             logging.warning("knowledge_graph: v2 schema init/backfill skipped: %s", e)
 

package/latticeai/brain/retrieval.py

@@ -879,6 +879,16 @@ class KnowledgeGraphRetrievalMixin:
                     if isinstance(storage_capabilities, dict)
                     else "bruteforce-cosine"
                 ),
+                "vector_search_mode": (
+                    (storage_capabilities.get("metadata") or {}).get("vector_mode")
+                    if isinstance(storage_capabilities, dict)
+                    else "fallback"
+                ),
+                "sqlite_vec_ann_available": (
+                    bool((storage_capabilities.get("metadata") or {}).get("sqlite_vec_ann_available"))
+                    if isinstance(storage_capabilities, dict)
+                    else False
+                ),
             },
             "source_items": len(source_items),
             "indexed_items": sum(vector_counts.values()),

package/latticeai/brain/store.py

@@ -53,10 +53,15 @@ class KnowledgeGraphStore(
         self._embedding_model = (
             embedder if embedder is not None else LocalEmbeddingModel()
         )
+        self._v2_projection_available = False
         self._init_db()
         # Read graph queries from the v2 projection (kgv2_* views) when available.
         # Toggle off (e.g. in tests) to compare against the legacy tables.
-        self._read_from_v2 = KGStoreV2 is not None and _READ_FROM_V2_DEFAULT
+        self._read_from_v2 = (
+            KGStoreV2 is not None
+            and _READ_FROM_V2_DEFAULT
+            and self._v2_projection_available
+        )
 
     def _read_tables(self) -> tuple:
         """Return (nodes_table, edges_table) for read queries.

package/latticeai/core/config.py

@@ -157,13 +157,15 @@ class Config:
             if packaged_static.exists():
                 static_dir = packaged_static
 
+        default_sso_redirect = f"http://localhost:{port}/auth/sso/callback"
+
         return cls(
             app_mode=app_mode,
             is_public=is_public,
             host=host,
             port=port,
             network_exposed=network_exposed,
-            enable_telegram=_bool(env, "LATTICEAI_ENABLE_TELEGRAM", default=not is_public),
+            enable_telegram=_bool(env, "LATTICEAI_ENABLE_TELEGRAM", default=False),
             enable_graph=_bool(env, "LATTICEAI_ENABLE_GRAPH", default=True),
             autoload_models=_bool(env, "LATTICEAI_AUTOLOAD_MODELS", default=is_public),
             model_idle_unload_seconds=_int(env, "LATTICEAI_MODEL_IDLE_UNLOAD_SECONDS", 0),
@@ -196,7 +198,7 @@ class Config:
             sso_discovery_url=_value(env, "OIDC_DISCOVERY_URL", ""),
             sso_client_id=_value(env, "OIDC_CLIENT_ID", ""),
             sso_client_secret=_value(env, "OIDC_CLIENT_SECRET", ""),
-            sso_redirect_uri=_value(env, "OIDC_REDIRECT_URI", "http://localhost:4825/auth/sso/callback"),
+            sso_redirect_uri=_value(env, "OIDC_REDIRECT_URI", default_sso_redirect),
             sso_provider_name=_value(env, "OIDC_PROVIDER_NAME", "SSO"),
             discord_permission_webhook=_value(env, "LATTICEAI_DISCORD_PERMISSION_WEBHOOK", ""),
             discord_bot_token=_value(env, "LATTICEAI_DISCORD_BOT_TOKEN", ""),

package/latticeai/core/marketplace.py

@@ -11,7 +11,7 @@ from copy import deepcopy
 from typing import Any, Dict, List, Optional
 
 
-MARKETPLACE_VERSION = "4.2.0"
+MARKETPLACE_VERSION = "4.3.1"
 TEMPLATE_KINDS = ("plugin", "workflow", "agent")
 
 

package/latticeai/core/multi_agent.py

@@ -14,7 +14,7 @@ from datetime import datetime
 from typing import Any, Callable, Dict, List, Optional
 
 
-MULTI_AGENT_VERSION = "4.2.0"
+MULTI_AGENT_VERSION = "4.3.1"
 
 AGENT_ROLES = ("researcher", "planner", "executor", "reviewer", "release")
 CORE_PIPELINE = ("planner", "executor", "reviewer")

package/latticeai/core/product_hardening.py

@@ -0,0 +1,218 @@
+"""Product hardening and privacy status helpers.
+
+These helpers are read-only and must not perform network probes. They describe
+the local-first startup posture and distinguish available credentials from
+enabled outbound communication.
+"""
+
+from __future__ import annotations
+
+import os
+import shutil
+from pathlib import Path
+from typing import Any, Dict, Mapping, Optional
+
+from latticeai import __version__
+from latticeai.core.config import Config
+
+
+def _bool(env: Mapping[str, str], key: str, default: bool = False) -> bool:
+    raw = env.get(key)
+    if raw is None:
+        return default
+    return raw.strip().lower() in {"1", "true", "yes", "on"}
+
+
+def _present(env: Mapping[str, str], *keys: str) -> bool:
+    return any(bool(str(env.get(key) or "").strip()) for key in keys)
+
+
+def external_integration_status(
+    config: Config,
+    *,
+    env: Optional[Mapping[str, str]] = None,
+) -> Dict[str, Any]:
+    if env is None:
+        env = os.environ
+    telegram_credentials = _present(env, "LATTICEAI_TELEGRAM_BOT_TOKEN", "TELEGRAM_BOT_TOKEN")
+    brain_network_auto_push = _bool(env, "LATTICEAI_BRAIN_NETWORK_AUTO_PUSH", default=False)
+    updater_enabled = _bool(env, "LATTICEAI_ENABLE_UPDATES", default=False)
+    model_downloads_enabled = _bool(env, "LATTICEAI_ALLOW_MODEL_DOWNLOADS", default=False) or bool(config.autoload_models)
+    docker_auto_start = _bool(env, "LATTICEAI_DOCKER_AUTO_START", default=False)
+    external_connectors_enabled = _bool(env, "LATTICEAI_ENABLE_EXTERNAL_CONNECTORS", default=False)
+    postgres_enabled = config.storage_engine == "postgres" and bool(config.postgres_dsn)
+    return {
+        "local_only_default": default_startup_local_only(config, env=env),
+        "integrations": {
+            "telegram": {
+                "enabled": bool(config.enable_telegram),
+                "credential_present": telegram_credentials,
+                "opt_in_required": True,
+                "automatic_egress": bool(config.enable_telegram),
+                "detail": (
+                    "enabled by LATTICEAI_ENABLE_TELEGRAM"
+                    if config.enable_telegram
+                    else "disabled; token presence alone does not start Telegram"
+                ),
+            },
+            "brain_network": {
+                "enabled": brain_network_auto_push,
+                "credential_present": False,
+                "opt_in_required": True,
+                "automatic_egress": brain_network_auto_push,
+                "detail": "peer pushes are user/admin initiated; no automatic peer sync by default",
+            },
+            "updates": {
+                "enabled": updater_enabled,
+                "credential_present": False,
+                "opt_in_required": True,
+                "automatic_egress": updater_enabled,
+                "detail": "desktop updater checks are disabled unless LATTICEAI_ENABLE_UPDATES is true",
+            },
+            "model_downloads": {
+                "enabled": model_downloads_enabled,
+                "credential_present": _present(env, "HF_TOKEN", "HUGGINGFACEHUB_API_TOKEN"),
+                "opt_in_required": True,
+                "automatic_egress": bool(config.autoload_models),
+                "detail": "model downloads require an explicit load/autoload setting",
+            },
+            "docker": {
+                "enabled": docker_auto_start,
+                "credential_present": False,
+                "opt_in_required": True,
+                "automatic_egress": docker_auto_start,
+                "detail": "Docker setup requires explicit runtime consent; auto-start is disabled by default",
+            },
+            "postgres": {
+                "enabled": postgres_enabled,
+                "credential_present": bool(config.postgres_dsn),
+                "opt_in_required": True,
+                "automatic_egress": postgres_enabled,
+                "detail": "Postgres scale mode is used only when storage engine and DSN are explicitly configured",
+            },
+            "external_connectors": {
+                "enabled": external_connectors_enabled,
+                "credential_present": _present(
+                    env,
+                    "OPENAI_API_KEY",
+                    "ANTHROPIC_API_KEY",
+                    "GITHUB_TOKEN",
+                    "SLACK_BOT_TOKEN",
+                    "DISCORD_BOT_TOKEN",
+                ),
+                "opt_in_required": True,
+                "automatic_egress": external_connectors_enabled,
+                "detail": "connector credentials are inert until the connector is explicitly enabled and invoked",
+            },
+        },
+    }
+
+
+def default_startup_local_only(
+    config: Config,
+    *,
+    env: Optional[Mapping[str, str]] = None,
+) -> bool:
+    if env is None:
+        env = os.environ
+    local_embedding = config.embedding_provider in {"", "hash", "local", "fallback", "sqlite"}
+    external = external_integration_status_no_recurse(config, env=env)
+    return (
+        not config.network_exposed
+        and not config.cors_allow_network
+        and not config.enable_telegram
+        and not config.autoload_models
+        and config.storage_engine == "sqlite"
+        and local_embedding
+        and not any(item["automatic_egress"] for item in external.values())
+    )
+
+
+def external_integration_status_no_recurse(
+    config: Config,
+    *,
+    env: Mapping[str, str],
+) -> Dict[str, Dict[str, Any]]:
+    return {
+        "brain_network": {"automatic_egress": _bool(env, "LATTICEAI_BRAIN_NETWORK_AUTO_PUSH", default=False)},
+        "updates": {"automatic_egress": _bool(env, "LATTICEAI_ENABLE_UPDATES", default=False)},
+        "docker": {"automatic_egress": _bool(env, "LATTICEAI_DOCKER_AUTO_START", default=False)},
+        "postgres": {"automatic_egress": config.storage_engine == "postgres" and bool(config.postgres_dsn)},
+        "external_connectors": {"automatic_egress": _bool(env, "LATTICEAI_ENABLE_EXTERNAL_CONNECTORS", default=False)},
+    }
+
+
+def build_product_hardening_status(
+    *,
+    config: Config,
+    portability: Any = None,
+    device_identity: Any = None,
+    env: Optional[Mapping[str, str]] = None,
+) -> Dict[str, Any]:
+    if env is None:
+        env = os.environ
+    storage = {"available": False}
+    backup = {"available": False}
+    if portability is not None and getattr(portability, "available", lambda: False)():
+        storage = portability.storage_status()
+        backup = portability.backup_health()
+    identity = {}
+    if device_identity is not None:
+        identity = device_identity.describe()
+    data_dir = Path(config.data_dir)
+    return {
+        "version": __version__,
+        "startup": {
+            "local_only_default": default_startup_local_only(config, env=env),
+            "host": config.host,
+            "port": config.port,
+            "network_exposed": config.network_exposed,
+            "auth_required": config.require_auth,
+            "cors_network_allowed": config.cors_allow_network,
+        },
+        "desktop": {
+            "sidecar_lifecycle": "managed",
+            "restart_supported": True,
+            "shutdown_supported": True,
+            "updater": {
+                "enabled": _bool(env, "LATTICEAI_ENABLE_UPDATES", default=False),
+                "limitation": "No external update checks run unless explicitly enabled by policy.",
+            },
+        },
+        "first_run": {
+            "data_dir": str(data_dir),
+            "data_dir_exists": data_dir.exists(),
+            "python_available": shutil.which("python3") is not None or shutil.which("python") is not None,
+            "docker_available": shutil.which("docker") is not None,
+            "docker_required": False,
+            "postgres_required": False,
+        },
+        "privacy": external_integration_status(config, env=env),
+        "storage": storage,
+        "backup": backup,
+        "device_identity": identity,
+        "permissions": {
+            "export_requires_admin": True,
+            "import_requires_admin": True,
+            "restore_requires_admin": True,
+            "destructive_restore_requires_confirmation": True,
+            "workspace_isolation_enforced": True,
+            "audit_log_visible_to_admin": True,
+        },
+        "failure_policy": {
+            "archive_corruption": "fail_closed",
+            "partial_archive": "fail_closed",
+            "signature_mismatch": "fail_closed",
+            "unsupported_version": "fail_closed",
+            "missing_docker": "honest_unavailable",
+            "missing_postgres": "honest_unavailable",
+            "permission_denied": "honest_error",
+        },
+    }
+
+
+__all__ = [
+    "build_product_hardening_status",
+    "default_startup_local_only",
+    "external_integration_status",
+]

package/latticeai/core/workspace_os.py

@@ -19,7 +19,7 @@ from pathlib import Path
 from typing import Any, Callable, Dict, Iterable, List, Optional
 
 
-WORKSPACE_OS_VERSION = "4.2.0"
+WORKSPACE_OS_VERSION = "4.3.1"
 
 # Workspace types separate single-user Personal workspaces from shared
 # Organization workspaces. Both keep the same local-first JSON store; the type