| Version | Supported |
|---|---|
| 0.1.x | ✅ |
If you discover a security vulnerability in Deerflow, please report it responsibly:
- Do not open a public GitHub issue.
- Report the vulnerability through GitHub Security Advisories or contact the maintainer directly via GitHub.
- Include the following in your report:
- A description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested mitigations (optional)
- Allow up to 72 hours for acknowledgment before any public disclosure.
We take all security reports seriously and will respond promptly.
When deploying Deerflow, follow these security practices:
- Never commit secrets to version control. Use environment variables for all sensitive values.
- Copy
.env.exampleto.env.localand fill in your own values. Never commit.env.local. - Generate strong, unique secrets for
JWT_SECRETandDEERFLOW_LOCK_SECRETusing a cryptographically secure random generator. - In production, set
CORS_ORIGINto your specific domain rather than using wildcard (*). - Run
npm audit --audit-level=moderateregularly and before every deployment. - Keep dependencies updated. Enable Dependabot for automated security updates.
Deerflow includes several built-in security enforcement mechanisms:
| Feature | Module | Description |
|---|---|---|
| Deep Security Scan | deerflow/enforcement/security-deep.ts |
Scans for OWASP Top 10 and CWE patterns (eval, innerHTML, injection) |
| npm Audit Gate | scripts/quality-gate.ts |
Blocks deployment on moderate+ vulnerabilities |
| Anti-Pattern Detection | deerflow/enforcement/anti-pattern.ts |
Flags eval(), innerHTML, hardcoded secrets, and other dangerous patterns |
| Fabrication Detection | deerflow/enforcement/fabrication-detector.ts |
Catches code referencing non-existent security packages |
| Tamper-Proof Lock | deerflow/enforcement/tamper-proof-lock.ts |
SHA-256 hash chain prevents bypassing enforcement gates |
- The tamper-proof lock secret is derived from environment variables or a machine fingerprint. On shared CI machines, set the
DEERFLOW_LOCK_SECRETenvironment variable for consistent behavior. - The fabrication detector uses pattern matching rather than full AST analysis. It may produce false positives or miss novel fabrication patterns.
- The security deep scan covers common vulnerability patterns but does not replace a dedicated SAST tool such as Semgrep or CodeQL.
Security updates are published as patch releases. We recommend enabling Dependabot or Renovate for automatic security dependency updates.