Single source of truth for the v1.1 release plan. This issue sequences the milestone v1.1 work into ordered waves so humans and agents can see what to do next and why , not just what's left . The milestone says what ships in 1.1; this issue says in what order and what blocks what . (Same format as the v1.0 roadmap #167 .)
How to use this
Pick up the lowest-numbered wave with unfinished work. Within a wave, follow the listed order (it encodes intra-wave dependencies).
Every issue carries a wave-N-* label, so you can query directly, e.g. is:open is:issue milestone:v1.1 label:wave-4-dashboard.
Check the box here when an issue closes (GitHub keeps the cross-references live).
Status (updated 2026-06-29): All feature, privacy, hardening, and security-validation work is DONE — only launch polish (docs + assets) remains. The privacy spine is complete and live-validated on gouda: the Tor-default flips (#165 /#166 ), the structural fail-closed egress firewall (#270 + follow-ups #276 /#294 , and now #291 on the upgrade path), the standing leak-check harness (#274 ), and every per-app leak fix (#271 Tari, #273 p2pool-coupling, #278 p2pool↔monerod). The #256 Tor-vs-clearnet benchmark is CLOSED (PR #293 ): steady-state mining over Tor costs ~10% p2pool yield with 0 rejects , so Tor stays the default , and with it the #160 privacy epic is CLOSED . The last dashboard surface is final: #170 Component Health panel CLOSED (PRs #308 /#312 ), #263 XvB auto-register CLOSED (PR #317 ), #295 Tari-status dead code CLOSED (PR #318 ). Wave 5 hardening is done — #255 /#91 non-root + security follow-ups CLOSED (PR #320 ). Licensing is in — #259 CLOSED (PR #319 ). Waves 1, 2, 4, 5, and 7 are all complete. UPDATE 2026-06-30 — the last three launch-polish issues have landed and are now CLOSED: #258 AI-voice docs pass (PR #325 ), #257 Gupax FAQ rewrite (docs/faq.md matches gupax-io/gupax), and #80 launch assets (PR #229 — hero + per-view PNGs and images/launch/demo.gif, repo About set). The optional #206 tier-4 e2e validation is CLOSED (PR #322 ). Wave 3 (stratum #208 /#261 ) moved to v1.5 — see "Explicitly NOT in v1.1". v1.1 is code- and docs-complete. The only remaining non-code step is uploading the social-preview image in repo Settings → General. Next action: tag v1.1 (merge develop → main), then close this tracker and the milestone as the final release step.
Branching: v1.1 work lands on develop (the repo default); main stays at the released state and merges from develop only at release. See [[dev-branch-workflow]]. Validate a branch end-to-end on gouda with tests/integration/e2e.sh <branch> (lean by default).
The theme: v1.0 closed the privacy leaks ; v1.1 makes "behind Tor" the default — and structural , then makes that posture visible . The hard part is done — the Tor default is proven (benchmark-gated), enforced at the network layer, and rendered on the dashboard. All that remains is launch polish (#80 + docs).
Critical path (what gates "can we ship 1.1?")
#165 + #166 Tor-default flips ✅
│
▼
#270 + #274 enforce + prove Tor-only egress (fail-closed) ✅ (#271 #273 #276 #294 #278 #291 all fixed)
│
▼
#256 benchmark Tor-vs-clearnet ✅ CLOSED (PR #293) — Tor stays default (~10% yield cost, 0 rejects)
│
▼
#160 privacy epic ✅ CLOSED ─► #170 Component Health panel ✅ CLOSED ─► #263 XvB auto-register ✅ CLOSED
│
▼
#259 licensing ✅ CLOSED (image publish unblocked, with #282)
│
▼
#80 launch assets ◄── UNBLOCKED (dashboard UI final) ─► land docs (#258, #257) ─► SHIP 1.1
Parallel tracks (off the critical path)
Everything left is independent launch polish — pick up in any order:
Wave 1 — Cleanup & test debt wave-1-cleanup ✅ DONE (PR #265 → develop)
Zero-dependency warm-ups. Self-contained, low-risk, parallelizable — cleared first.
Wave 2 — Privacy defaults wave-2-privacy ✅ DONE
Flip the yield-trade-off paths to Tor, then PROVE the whole stack is genuinely behind Tor before trusting the benchmark — and make it structural, not per-app config.
The flips — merged to develop:
Make "everything behind Tor" real + provable:
Enforce Tor-only egress at the network layer (fail-closed) — stop relying on per-app config #270 — Enforce Tor-only egress at the network layer (fail-closed) — app containers get no clearnet route except the Tor SOCKS , so any per-app leak fails closed. Live-validated on gouda (clean all-Tor PASS).
Promote bench-verify-egress.sh into the live harness as a standing no-clearnet-leak check #274 — Promote bench-verify-egress.sh to a standing harness check (PR feat(#274): standing no-clearnet-leak egress gate in the harness #288 ) — the --check phase now gates on 0 app clearnet connections; the proof of Enforce Tor-only egress at the network layer (fail-closed) — stop relying on per-app config #270 .
Tari (minotari) dials some peers over clearnet despite transport type = "tor" #271 — Tari dials some peers over clearnet despite type=tor (PR fix(privacy): route Tari clearnet peer dials through Tor SOCKS — genuinely behind Tor (#271) #285 ) — proxy_bypass_for_outbound_tcp=false routes every dial via Tor SOCKS; with Tari: eliminate clearnet DNS leaks (DNS seeds + Tari Pulse), fix misleading DoT comment #162 's DNS sinkhole, Tari is fully Tor-only. (Upstream: Privacy: proxy_bypass_for_outbound_tcp defaults to true — a type = "tor" base node still direct-dials clearnet peers (leaks operator IP) tari-project/tari#7883 , #7884.)
p2pool flags silently dropped on a 'new compose + old image' partial update (#165 coupling) #273 — p2pool flags silently dropped on a stale-image partial update (PR fix(#273): fail-loud when a stale p2pool image drops the Tor flags #289 ) — pithead doctor now fails loudly when a stale image isn't applying --socks5.
Benchmark Tor vs clearnet while mining (p2pool / monerod / Tari) — does steady-state mining lose yield over Tor? #256 — Benchmark Tor vs clearnet while mining ✅ CLOSED (PR feat(#256): autonomous Tor-vs-clearnet benchmark harness + finalized methodology #293 ) — ~10% p2pool yield cost over Tor, 0 rejects → Tor stays the default ; results + raw data in docs/privacy.md.
[Epic] Privacy: no clearnet egress outside Tor — close leaks + privacy-first defaults #160 — [Epic] Privacy: no clearnet egress outside Tor ✅ CLOSED — the structural guarantee (per-app Tor + Enforce Tor-only egress at the network layer (fail-closed) — stop relying on per-app config #270 fail-closed firewall) landed.
Auto-transition clearnet initial sync back to Tor once synced (follow-up to #183) #234 — Auto-transition clearnet initial sync back to Tor once synced (follow-up to Feature: optional clearnet initial sync (Monero + Tari) then switch to Tor — default off, privacy-first #183 ) — the optional clearnet-IBD path flips itself back to Tor after sync.
Wave 3 — Stratum hardening wave-3-stratum → MOVED TO v1.5
The miner↔stack auth/TLS pair (#208 stratum-auth default-on → #261 stratum-over-TLS) has been deferred to v1.5 (it's cross-repo with RigForge, which tracks the worker side under its own v1.5 milestone). Not a v1.1 deliverable — see "Explicitly NOT in v1.1".
Wave 4 — Dashboard observability & XvB wave-4-dashboard ✅ DONE
The screenshot surface. All landed — the dashboard UI is now final, which unblocks #80 .
Wave 5 — Container & infra hardening wave-5-hardening
Lower-priority hardening; runs in parallel. None block the tag.
Run containers as a non-root user (drop root inside the container) #255 — Run containers as a non-root user ✅ CLOSED (PR feat(#255,#91): run all containers as non-root + security follow-ups #320 ) — all images run uid 1000 (data moved /root→/home/ubuntu), pithead chowns volumes to match; validated live on gouda (mining + Tari merge-mine work non-root).
Security follow-ups: dashboard host-networking, Tari gRPC allow-list, assert_safe_dir #91 — Security follow-ups ✅ CLOSED (PR feat(#255,#91): run all containers as non-root + security follow-ups #320 ) — dashboard network_mode: host → bridge, trimmed Tari gRPC allow-list, tightened assert_safe_dir.
e2e: optional tier-4 live validation for already-unit-tested security features #206 — e2e: live validation for already-unit-tested security features (worker-SSRF guard SSRF: miner-controlled worker name/IP becomes an outbound request host from the host-networked dashboard #122 , public-IP warning Warn when the host has a public IP (stratum :3333 is unauthenticated) — setup/doctor + dashboard badge #113 , XvB-stats-over-Tor) ✅ CLOSED (PR test(#206): live-validation for SSRF guard, public-IP warning & XvB-over-Tor #322 , merged 2026-06-28) — each closed at its lowest honest tier + wired into the gate (T1 shell for Warn when the host has a public IP (stratum :3333 is unauthenticated) — setup/doctor + dashboard badge #113 , T1 pytest for SSRF: miner-controlled worker name/IP becomes an outbound request host from the host-networked dashboard #122 , T4 live assert_xvb_over_tor for XvB). Does not block the tag.
e2e.sh deploys with pithead apply (--pull, not --build) → tests STALE first-party images #272 — e2e.sh rebuilds STALE first-party images on deploy (PR fix(#272): e2e deploys via pithead upgrade so it tests the branch's rebuilt images #287 ) — deploy now uses pithead upgrade (re-render + --build); exposed p2pool can't reach its local monerod when Tor is on — #165's --socks5 also proxies the monerod RPC (stack doesn't mine on the default) #278 .
p2pool can't reach its local monerod when Tor is on — #165's --socks5 also proxies the monerod RPC (stack doesn't mine on the default) #278 — p2pool can't reach its local monerod when Tor is on (PR fix(#278): keep p2pool's monerod RPC/ZMQ direct under Tor — restores mining on the Tor default #290 ) — p2pool: route outbound sidechain P2P through Tor by default (--socks5), documented clearnet opt-out #165 's --socks5 proxied the local monerod RPC through Tor; a socat loopback bridge keeps the node DIRECT while the sidechain rides Tor. Restored mining on the Tor default.
Wave 6 — Docs & launch wave-6-release ⬅ FINISH LINE
Independent docs land any time; #80 is the last gated item — and it's now unblocked.
Wave 7 — Tooling & code health wave-7-tooling ✅ COMPLETE (parallel track, after Wave 2)
Every file surface under a linter + formatter + CI gate (glued by pre-commit), plus the supply-chain gaps closed. Epic: #279 .
tooling: Python lint + format with ruff (+ .editorconfig, pre-commit) #280 — Python lint + format with ruff (+ .editorconfig, pre-commit) — the foundation the rest plugs into.
tooling: round out per-surface lint/format (shfmt, Biome, yamllint, markdownlint, buf) #281 — Round out per-surface lint/format — shfmt (shell), Biome (JS/CSS/JSON), yamllint, markdownlint + lychee (docs), buf (proto).
tooling: supply-chain & secrets hardening (gitleaks, Dependabot, Trivy, SHA-pinned actions + zizmor) #282 — Supply-chain & secrets hardening — gitleaks, Dependabot (pip/actions/docker), Trivy image scan, SHA-pinned actions + zizmor. Lands before v1.1 images publish (with Licensing hygiene: third-party attribution + GPLv3 compliance for published images #259 ).
tooling: reproducible Python builds with uv + uv.lock #283 — Reproducible Python builds — uv + hashed uv.lock across Dockerfile/CI/release.
tooling: correctness — hypothesis property tests + ruff ANN→ty roadmap #284 — Correctness — hypothesis property tests for the money/numeric logic; ruff ANN → ty roadmap (deferred — not a v1.1 blocker).
tooling: adopt RigForge's CI best practices (diff-cover patch coverage + checksum-verified pinned tool installs) #286 — Adopt RigForge's CI best practices — diff-cover patch-coverage gate + checksum-verified pinned tool installs.
governance: add a Contributor License Agreement (CLA) for inbound contributions #292 — Governance: Contributor License Agreement / DCO — inbound-contribution IP terms enforced on every PR. Org-wide trio with rigforge#119 and p2pool-starter-stack.github.ioImprove Readme to highlight Sync Mode #10 .
Cross-issue dependencies (live)
This…
…waits for
Status
#256 (benchmark)
#270 + #274 + #272 + #278
✅ all merged; #256 closed (PR #293 )
#160 (epic)
#165 + #166 + #270
✅ closed on the structural guarantee
#170 (Component Health panel)
#165 + #166 + #270
✅ closed (reflects final all-Tor posture)
#263 (XvB auto-register)
—
✅ closed (PR #317 ); reused v1.0 Tor SOCKS infra (#163 )
v1.1 image publish
#259 (licensing) + #282
✅ both merged — publish unblocked
#80 (launch assets)
#170 ✅ + #263 ✅; land #258 /#257 first
UNBLOCKED — dashboard UI final; capture after docs
Cross-repo companions (RigForge + website)
v1.1 (this release — ships in lockstep with RigForge v1.1):
Wave 7 tooling [Epic] Developer tooling & code-quality stack — professionalize the repo #279 ↔ rigforge#116 (companion tooling epic). RigForge is pure shell, so it gets a smaller, different set: tooling: supply-chain & secrets hardening (gitleaks, Dependabot, Trivy, SHA-pinned actions + zizmor) #282 ↔ rigforge#117 (gitleaks/Dependabot-actions/zizmor), tooling: Python lint + format with ruff (+ .editorconfig, pre-commit) #280 /tooling: round out per-surface lint/format (shfmt, Biome, yamllint, markdownlint, buf) #281 ↔ rigforge#118 (.editorconfig/pre-commit/yamllint/markdownlint+lychee). ✅ complete.
Governance / CLA governance: add a Contributor License Agreement (CLA) for inbound contributions #292 ↔ rigforge#119 ↔ p2pool-starter-stack.github.ioImprove Readme to highlight Sync Mode #10 — an org-wide trio; all three repos adopt the same mechanism (DCO recommended).
Website (p2pool-starter-stack.github.io, "site#" below) — v1.1, mostly Wave-7 companions:
Tooling ↔ Wave 7: site#16 (.editorconfig/Prettier/markdownlint) ↔ tooling: Python lint + format with ruff (+ .editorconfig, pre-commit) #280 /tooling: round out per-surface lint/format (shfmt, Biome, yamllint, markdownlint, buf) #281 · site#11 (SHA-pin actions/Dependabot/zizmor/gitleaks) ↔ tooling: supply-chain & secrets hardening (gitleaks, Dependabot, Trivy, SHA-pinned actions + zizmor) #282 (lands before the site's prod deploys) · site#12 (lychee dead-link monitoring) ↔ tooling: round out per-surface lint/format (shfmt, Biome, yamllint, markdownlint, buf) #281 · site#14 (codespell/cspell + Vale prose lint) ↔ tooling: round out per-surface lint/format (shfmt, Biome, yamllint, markdownlint, buf) #281 /Docs: edit out the AI-generated voice (the 'no X, no Y' tell) — make the docs read like a human wrote them #258 .
Governance: site#17 (CODEOWNERS, issue/PR templates, SECURITY.md) · site#10 (CLA) ↔ governance: add a Contributor License Agreement (CLA) for inbound contributions #292 ↔ rigforge#119.
Site-only: site#15 (single-source the Hugo version) · site#13 (Lighthouse CI budgets). v1.2: site#1 (faux/demo dashboard preview).
Explicitly NOT in v1.1 (later milestones)
v1.2 — Tailscale remote access [Investigate] Tailscale (mesh VPN) for secure remote dashboard access — the response path to #79/#121 alerts (opt-in, default off) #262 , Telegram alerting Telegram alerting (notifications-only): node/worker down + recovered (config.json, default off) #121 , outage flagging Flag outages / significant hashrate-loss events on the chart (+ feed Telegram/Healthchecks alerts) #99 , Healthchecks dead-man's-switch Healthchecks.io dead-man's-switch: detect power loss / host-down via external ping (config.json, default off) #79 .
v1.3 — telemetry-persistence epic [Epic] Persist valuable telemetry as time-series — stop discarding block / share-health / disk-growth / XvB / per-worker data #196 + Store share stats as time-series for reject-rate trends/charting #116 , dashboard calculators Add Tari (merge-mining) earnings to the dashboard calculator #117 /Add XvB tier / raffle calculator to the dashboard #118 , cadence/luck Pool cadence & luck panel (time-to-share, time-since-block, luck %, PPLNS weight) #84 , setup-warning badges Surface setup/host warnings as dashboard badges (AVX2, HugePages, low disk/RAM) #104 , db-failure e2e e2e: fault-inject a dashboard DB write failure and assert db_healthy=false (#131) #202 .
v1.4 — upgrade button Dashboard: new-version warning + one-click upgrade button #59 , config editor Stack config editor: change any setting from the dashboard, applied via pithead (incl. P2Pool mode hot-swap) #33 , CLI completion pithead CLI: shell tab-completion + safe chaining of subcommands #94 .
v1.5 — stratum auth default-on RigForge: fetch the stratum access-password at worker setup → default-on stratum auth (Phase 2 of #152) #208 (↔ rigforge#113) → stratum-over-TLS Stratum-over-TLS: encrypt the miner↔stack stratum link (follow-on to stratum auth #208) #261 (↔ rigforge#115) — the former Wave 3, moved here ; energy/profit calculator Dashboard: energy & profit calculator — net profit (earnings − power cost), from RigForge's power telemetry #260 , primary/backup sync [Feature] Sync Primary + Backup Stacks #249 , RigForge enriched feed [Feature] Dashboard: consume RigForge's enriched feed (rigforge#99) — update badge + per-worker health / power / tune / firmware #235 (↔ rigforge#99) , Worker Inspect Dashboard: Worker Inspect page — read/edit each miner's XMRig config over its API, with versioned config history + per-config hashrate stats #185 , custom-token/ports Dashboard: config to read workers that use a custom XMRig API token #171 /Configurable worker ports & endpoints: non-standard stratum/API ports + per-worker host/port/token overrides (later) #172 , Telegram bot Telegram interactive bot / command interface (query stack status over Telegram) #45 , RigForge↔Pithead integration tests Integration tests: RigForge worker ↔ Pithead xmrig-proxy (end-to-end flows) #209 (↔ rigforge#114) .
v1.6 — co-hosting [Feature/Discussion] Support co-hosting via migration guides and relaxed reverse-proxy/network bindings #181 , remote Tari node Evaluate a remote Tari base-node option (tari.mode: remote), mirroring Monero remote #103 , non-default-subnet e2e e2e: deploy a NON-default network.subnet in the live matrix (#180) #201 .
v2 (appliance) — bootable installers Bootable USB installers: self-provisioning appliance images for the stack host and RigForge miner #77 , Podman/Quadlet Evaluate Podman + Quadlet as the container runtime for the immutable appliance (vs Docker Compose) #78 , remote node-starter repos Far-off: appliance-style Monero (and Tari) node-starter repos for easy remote nodes #105 .
How to use this
wave-N-*label, so you can query directly, e.g.is:open is:issue milestone:v1.1 label:wave-4-dashboard.Status (updated 2026-06-29): All feature, privacy, hardening, and security-validation work is DONE — only launch polish (docs + assets) remains. The privacy spine is complete and live-validated on gouda: the Tor-default flips (#165/#166), the structural fail-closed egress firewall (#270 + follow-ups #276/#294, and now #291 on the upgrade path), the standing leak-check harness (#274), and every per-app leak fix (#271 Tari, #273 p2pool-coupling, #278 p2pool↔monerod). The #256 Tor-vs-clearnet benchmark is CLOSED (PR #293): steady-state mining over Tor costs ~10% p2pool yield with 0 rejects, so Tor stays the default, and with it the #160 privacy epic is CLOSED. The last dashboard surface is final: #170 Component Health panel CLOSED (PRs #308/#312), #263 XvB auto-register CLOSED (PR #317), #295 Tari-status dead code CLOSED (PR #318). Wave 5 hardening is done — #255/#91 non-root + security follow-ups CLOSED (PR #320). Licensing is in — #259 CLOSED (PR #319). Waves 1, 2, 4, 5, and 7 are all complete. UPDATE 2026-06-30 — the last three launch-polish issues have landed and are now CLOSED: #258 AI-voice docs pass (PR #325), #257 Gupax FAQ rewrite (docs/faq.md matches
gupax-io/gupax), and #80 launch assets (PR #229 — hero + per-view PNGs andimages/launch/demo.gif, repo About set). The optional #206 tier-4 e2e validation is CLOSED (PR #322). Wave 3 (stratum #208/#261) moved to v1.5 — see "Explicitly NOT in v1.1". v1.1 is code- and docs-complete. The only remaining non-code step is uploading the social-preview image in repo Settings → General. Next action: tag v1.1 (mergedevelop→main), then close this tracker and the milestone as the final release step.Critical path (what gates "can we ship 1.1?")
Parallel tracks (off the critical path)
Everything left is independent launch polish — pick up in any order:
Wave 5 hardening (e2e: optional tier-4 live validation for already-unit-tested security features #206)— optional tier-4 e2e validation ✅ CLOSED (PR test(#206): live-validation for SSRF guard, public-IP warning & XvB-over-Tor #322).Wave 1 — Cleanup & test debt
wave-1-cleanup✅ DONE (PR #265 → develop)Zero-dependency warm-ups. Self-contained, low-risk, parallelizable — cleared first.
known_workerspersistence layer (orphaned by the proxy-sourced worker rewrite; pure refactor, no behavior change)tar --no-xattrsinscripts/release.sh; cosmetic,good first issue)PROXY_AUTH_TOKENmakes the stack refuse to start (live validation of the xmrig-proxy HTTP API: enforce authentication (fail closed if the access token is empty) #153 fail-closed guard; independent)tests/integration/e2e.shgouda branch-runner + Remove dead known_workers persistence layer (orphaned by the proxy-sourced worker rewrite) #144/Release bundle carries macOS xattrs → 'LIBARCHIVE.xattr.com.apple.provenance' warnings on Linux extract #252 regression tests (in the same PR).Wave 2 — Privacy defaults
wave-2-privacy✅ DONEFlip the yield-trade-off paths to Tor, then PROVE the whole stack is genuinely behind Tor before trusting the benchmark — and make it structural, not per-app config.
The flips — merged to
develop:--socks5,p2pool.clearnetopt-out).xvb.toropt-out;--donate-level 0pinned).Make "everything behind Tor" real + provable:
compose up(PR fix(privacy): install Tor-egress firewall before containers start — close startup window (#276) #277) — closed the startup window whereESTABLISHEDgrandfathered early clearnet peers.network.tor_egress_firewall=falsenever disabled the firewall (jq// falsecoercion bug) — fixed so the opt-out actually works.up#291 —stack_upgradereasserts the firewall AFTERcompose up(PR fix(#291): apply Tor-egress firewall BEFORE compose in stack_upgrade #316) — the same startup window Tor-egress firewall installs after compose → startup window grandfathers clearnet connections (#270 follow-up) #276 fixed forup, now closed on the upgrade path too.bench-verify-egress.shto a standing harness check (PR feat(#274): standing no-clearnet-leak egress gate in the harness #288) — the--checkphase now gates on 0 app clearnet connections; the proof of Enforce Tor-only egress at the network layer (fail-closed) — stop relying on per-app config #270.type=tor(PR fix(privacy): route Tari clearnet peer dials through Tor SOCKS — genuinely behind Tor (#271) #285) —proxy_bypass_for_outbound_tcp=falseroutes every dial via Tor SOCKS; with Tari: eliminate clearnet DNS leaks (DNS seeds + Tari Pulse), fix misleading DoT comment #162's DNS sinkhole, Tari is fully Tor-only. (Upstream: Privacy:proxy_bypass_for_outbound_tcpdefaults to true — atype = "tor"base node still direct-dials clearnet peers (leaks operator IP) tari-project/tari#7883, #7884.)pithead doctornow fails loudly when a stale image isn't applying--socks5.docs/privacy.md.Wave 3 — Stratum hardening
wave-3-stratum→ MOVED TO v1.5The miner↔stack auth/TLS pair (#208 stratum-auth default-on → #261 stratum-over-TLS) has been deferred to v1.5 (it's cross-repo with RigForge, which tracks the worker side under its own v1.5 milestone). Not a v1.1 deliverable — see "Explicitly NOT in v1.1".
Wave 4 — Dashboard observability & XvB
wave-4-dashboard✅ DONEThe screenshot surface. All landed — the dashboard UI is now final, which unblocks #80.
build_tariderivation locked in by test.Wave 5 — Container & infra hardening
wave-5-hardeningLower-priority hardening; runs in parallel. None block the tag.
/root→/home/ubuntu), pithead chowns volumes to match; validated live on gouda (mining + Tari merge-mine work non-root).network_mode: host→ bridge, trimmed Tari gRPC allow-list, tightenedassert_safe_dir.assert_xvb_over_torfor XvB). Does not block the tag.pithead apply(--pull, not --build) → tests STALE first-party images #272 —e2e.shrebuilds STALE first-party images on deploy (PR fix(#272): e2e deploys viapithead upgradeso it tests the branch's rebuilt images #287) — deploy now usespithead upgrade(re-render +--build); exposed p2pool can't reach its local monerod when Tor is on — #165's --socks5 also proxies the monerod RPC (stack doesn't mine on the default) #278.--socks5proxied the local monerod RPC through Tor; a socat loopback bridge keeps the node DIRECT while the sidechain rides Tor. Restored mining on the Tor default.Wave 6 — Docs & launch
wave-6-release⬅ FINISH LINEIndependent docs land any time; #80 is the last gated item — and it's now unblocked.
THIRD_PARTY_LICENSES.md+ GPLv3 source pointers for the pinned p2pool/xmrig-proxy binaries. Image publish now unblocked (with the merged tooling: supply-chain & secrets hardening (gitleaks, Dependabot, Trivy, SHA-pinned actions + zizmor) #282).Wave 7 — Tooling & code health
wave-7-tooling✅ COMPLETE (parallel track, after Wave 2)Every file surface under a linter + formatter + CI gate (glued by
pre-commit), plus the supply-chain gaps closed. Epic: #279.ruff(+.editorconfig,pre-commit) — the foundation the rest plugs into.shfmt(shell), Biome (JS/CSS/JSON),yamllint,markdownlint+lychee(docs),buf(proto).uv+ hasheduv.lockacross Dockerfile/CI/release.hypothesisproperty tests for the money/numeric logic; ruffANN→tyroadmap (deferred — not a v1.1 blocker).diff-coverpatch-coverage gate + checksum-verified pinned tool installs.p2pool-starter-stack.github.ioImprove Readme to highlight Sync Mode #10.Cross-issue dependencies (live)
#256 (benchmark)#270 + #274 + #272 + #278#160 (epic)#165 + #166 + #270#170 (Component Health panel)#165 + #166 + #270#263 (XvB auto-register)—v1.1 image publish#259 (licensing) + #282Cross-repo companions (RigForge + website)
v1.1 (this release — ships in lockstep with RigForge v1.1):
.editorconfig/pre-commit/yamllint/markdownlint+lychee). ✅ complete.p2pool-starter-stack.github.ioImprove Readme to highlight Sync Mode #10 — an org-wide trio; all three repos adopt the same mechanism (DCO recommended).Website (
p2pool-starter-stack.github.io, "site#" below) — v1.1, mostly Wave-7 companions:.editorconfig/Prettier/markdownlint) ↔ tooling: Python lint + format with ruff (+ .editorconfig, pre-commit) #280/tooling: round out per-surface lint/format (shfmt, Biome, yamllint, markdownlint, buf) #281 · site#11 (SHA-pin actions/Dependabot/zizmor/gitleaks) ↔ tooling: supply-chain & secrets hardening (gitleaks, Dependabot, Trivy, SHA-pinned actions + zizmor) #282 (lands before the site's prod deploys) · site#12 (lychee dead-link monitoring) ↔ tooling: round out per-surface lint/format (shfmt, Biome, yamllint, markdownlint, buf) #281 · site#14 (codespell/cspell + Vale prose lint) ↔ tooling: round out per-surface lint/format (shfmt, Biome, yamllint, markdownlint, buf) #281/Docs: edit out the AI-generated voice (the 'no X, no Y' tell) — make the docs read like a human wrote them #258.Explicitly NOT in v1.1 (later milestones)