v1.1.17 — Security Hardening, Model Forge Expansion, 3D Viewer Enhancements
· 3 min read
Model Forge Expanded to 17 Tools
6 new parametric 3D generators join the existing 11:
| Tool | Description |
|---|---|
| Lattice Structure | BCC/FCC/octet/diamond/cubic cells with configurable strut diameter |
| Multi-Color | Multi-object 3MF for AMS/MMU color assignment (stack/side-by-side/inlay) |
| Advanced Vase | 7 profiles: cylinder, sine, bulge, flare, twist, hourglass, tulip |
| Threads & Joints | M3-M20 bolts, nuts, standoffs, snap-fit clips with helical geometry |
| Texture Surface | 8 patterns: diamond plate, knurl, honeycomb, waves, brick, carbon fiber, dots, crosshatch |
| 3MF Validator | Validate files, check mesh integrity, detect extensions, match colors against inventory |
New MeshBuilder methods: addRevolutionSurface, addHelicalStrip, addCylindricalHeightmap.
Security Hardening (16 Improvements)
Full security audit with CIS Controls v8 and NIS2 alignment. All CRITICAL, HIGH, MEDIUM, and LOW findings resolved:
- CRITICAL: Command injection via ffmpeg replaced with spawnSync + input validation
- HIGH: SSRF guard on webhooks, auth disabled warning, metrics behind auth, camera WS auth, backup path traversal guard
- MEDIUM: First-message WS auth, trusted proxy validation (TRUSTED_PROXIES), TOFU cert pinning for MQTT, plugin integrity (SHA-256 manifest), SMS header sanitization
- LOW: Session invalidation on role change, TOTP rate limiting (5/15min), CSP hardened (removed unsafe-eval, added frame-ancestors), secret masking (getSafeConfig), health endpoint stripped
3D Viewer Enhancements
- Layer scrubber — slider for height-based model clipping
- Parts panel — per-object visibility toggle, double-click to isolate
- Materials panel — unique color swatches with part counts
- Parts button auto-shown for multi-object models
Server Management
New section in Settings > System > Updates:
- Restart Server — auto-reconnects when server is back
- Clear Browser Cache — unregisters SW, clears all caches
- Unregister Service Worker — fixes stale cache issues
i18n & Code Quality
- Merged 7 duplicate i18n keys in en.json — restored 266 lost translation keys
- Replaced 77+ Norwegian fallback strings and log messages with English
- Fixed filament analytics tabs (lazy i18n loading at render time)
- Switched formatters from hardcoded nb-NO to dynamic locale
docs/symlinked towebsite/docs/for unified documentation
Knowledge Base & Community
- 32 printers across 8 brands, 60 accessories, 93 filaments, 81 profiles
- 54 learning courses
- Full EULA (GeekTech.no)
- NFC Filament Tag (OpenSpool), 3MF Converter (Bambu to Snapmaker)
- Klipper Macro Manager, Quick Actions
Bug Fixes
- Camera WSS mixed content on HTTPS
- False v4l2-mpp detection (probes /status instead of /snapshot)
- Service worker skips /lang/ files for fresh translations
- EULA modal null check and global scope
- Printer isolation on switch
Install / Upgrade
git pull && npm install
Or fresh install:
git clone https://github.com/skynett81/3dprintforge.git
cd 3dprintforge
npm install
npm start
Full changelog: docs/project/changelog