{
  "version": "2.7.7",
  "release_date": "2025-09-22",
  "severity": "critical",
  "description": "Critical Security Fix - Hardware ID Isolation",
  "changelog": [
    "CRITICAL: Fixed security vulnerability where Hardware IDs were synchronized between servers through Redis",
    "SECURITY: Each server now maintains completely isolated license state using hardware_id-specific Redis keys",
    "SECURITY: Prevents license sharing between cloned VMs or servers sharing Redis instance",
    "FIX: Hardware IDs no longer stored in global Redis keys",
    "FIX: All license data now scoped to individual hardware_id namespaces",
    "FIX: Updated license_validator.py to use hardware_id-specific cache keys",
    "FIX: Updated license_manager.py to always use local hardware_id",
    "FIX: Updated demo_middleware.py to use hardware_id-specific keys",
    "FIX: Updated app.py license refresh to clear hardware_id-specific cache",
    "ENHANCEMENT: Added security comments throughout codebase"
  ],
  "files": [
    {
      "path": "app/license_validator.py",
      "action": "update",
      "content": "# File content will be retrieved from repository"
    },
    {
      "path": "app/license_manager.py",
      "action": "update",
      "content": "# File content will be retrieved from repository"
    },
    {
      "path": "app/demo_middleware.py",
      "action": "update",
      "content": "# File content will be retrieved from repository"
    },
    {
      "path": "app/app.py",
      "action": "update",
      "content": "# Partial update - license refresh endpoint only"
    },
    {
      "path": "app/startup_fix.py",
      "action": "update",
      "content": "# Updated version to 2.7.7"
    },
    {
      "path": "app/version.py",
      "action": "update",
      "content": "# Updated fallback version to 2.7.7"
    },
    {
      "path": "app/VERSION",
      "action": "update",
      "content": "2.7.7"
    }
  ],
  "requirements": {
    "min_version": "2.7.0",
    "restart_required": true,
    "clear_redis_required": true
  },
  "install_instructions": [
    "1. This patch fixes a critical security vulnerability",
    "2. Stop all services before applying",
    "3. Apply the patch",
    "4. Clear Redis license keys: redis-cli --scan --pattern 'license:*' | xargs redis-cli del",
    "5. Restart all services",
    "6. Each server will regenerate its own isolated license state"
  ],
  "rollback_instructions": [
    "1. Restore previous version files",
    "2. Restart services",
    "Note: Rolling back will re-introduce the security vulnerability"
  ]
}