dev-dami · dev-dami · Jan 26, 2026 · Jan 25, 2026 · Jan 25, 2026 · Jan 25, 2026
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "ignite",
-  "version": "0.6.1",
+  "version": "0.7.1",
   "private": true,
   "description": "Secure JS/TS code execution in Docker with sandboxing for AI agents, untrusted code, and microservices",
   "workspaces": [

diff --git a/packages/cli/package.json b/packages/cli/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@ignite/cli",
-  "version": "0.6.0",
+  "version": "0.7.1",
   "type": "module",
   "bin": {
     "ignite": "./dist/index.js"

diff --git a/packages/cli/src/commands/run.ts b/packages/cli/src/commands/run.ts
@@ -1,5 +1,5 @@
 import { writeFile } from 'node:fs/promises';
-import { join } from 'node:path';
+import { resolve } from 'node:path';
 import { loadService, executeService, runPreflight, createReport, formatReportAsText, getImageName, buildServiceImage, parseAuditFromOutput, formatSecurityAudit, DEFAULT_POLICY, isValidRuntime, loadPolicyFile } from '@ignite/core';
 import { logger, ConfigError } from '@ignite/shared';
 
@@ -60,7 +60,7 @@ export async function runCommand(servicePath: string, options: RunOptions): Prom
       : undefined;
 
     if (options.auditOutput && audit) {
-      const outputPath = join(process.cwd(), options.auditOutput);
+      const outputPath = resolve(process.cwd(), options.auditOutput);
       await writeFile(outputPath, JSON.stringify(audit, null, 2));
       logger.success(`Audit saved to ${outputPath}`);
     }
-    if (options.auditOutput && audit) {
-      const outputPath = resolve(process.cwd(), options.auditOutput);
-      await writeFile(outputPath, JSON.stringify(audit, null, 2));
-      logger.success(`Audit saved to ${outputPath}`);
-    }
+    if (options.auditOutput && audit) {
+      const outputPath = resolve(process.cwd(), options.auditOutput);
+      try {
+        await writeFile(outputPath, JSON.stringify(audit, null, 2));
+        logger.success(`Audit saved to ${outputPath}`);
+      } catch (writeErr) {
+        logger.warn(`Failed to save audit to ${outputPath}: ${(writeErr as Error).message}`);
+      }
+    }
-    if (options.auditOutput && audit) {
-      const outputPath = resolve(process.cwd(), options.auditOutput);
-      await writeFile(outputPath, JSON.stringify(audit, null, 2));
-      logger.success(`Audit saved to ${outputPath}`);
-    }
+    if (options.auditOutput && audit) {
+      const outputPath = resolve(process.cwd(), options.auditOutput);
+      try {
+        await writeFile(outputPath, JSON.stringify(audit, null, 2));
+        logger.success(`Audit saved to ${outputPath}`);
+      } catch (writeErr) {
+        logger.warn(`Failed to save audit to ${outputPath}: ${(writeErr as Error).message}`);
+      }
+    }

diff --git a/packages/cli/src/index.ts b/packages/cli/src/index.ts
@@ -13,7 +13,7 @@ const program = new Command();
 program
   .name('ignite')
   .description('Secure sandbox for AI-generated code, untrusted scripts, and JS/TS execution')
-  .version('0.6.0');
+  .version('0.7.1');
 
 program
   .command('init <name>')

diff --git a/packages/core/package.json b/packages/core/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@ignite/core",
-  "version": "0.6.0",
+  "version": "0.7.1",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",

diff --git a/packages/core/src/service/load-service.ts b/packages/core/src/service/load-service.ts
@@ -127,6 +127,15 @@ function validateServiceConfig(config: unknown): ServiceValidation {
         failRatio: 'positive',
       });
 
+      const memoryConfig = pf['memory'] as Record<string, unknown> | undefined;
+      const warnRatio = memoryConfig?.['warnRatio'];
+      const failRatio = memoryConfig?.['failRatio'];
+      if (typeof warnRatio === 'number' && typeof failRatio === 'number') {
+        if (warnRatio >= failRatio) {
+          errors.push('preflight.memory.warnRatio must be less than preflight.memory.failRatio');
+        }
+      }
+
       validatePreflightSection(pf['dependencies'], 'preflight.dependencies', errors, {
         warnCount: 'positive',
         infoCount: 'positive',
@@ -137,11 +146,29 @@ function validateServiceConfig(config: unknown): ServiceValidation {
         failMb: 'positive',
       });
 
+      const imageConfig = pf['image'] as Record<string, unknown> | undefined;
+      const warnMb = imageConfig?.['warnMb'];
+      const failMb = imageConfig?.['failMb'];
+      if (typeof warnMb === 'number' && typeof failMb === 'number') {
+        if (warnMb >= failMb) {
+          errors.push('preflight.image.warnMb must be less than preflight.image.failMb');
+        }
+      }
+
       validatePreflightSection(pf['timeout'], 'preflight.timeout', errors, {
         minMs: 'positive',
         maxMs: 'positive',
         coldStartBufferMs: 'positive',
       });
+
+      const timeoutConfig = pf['timeout'] as Record<string, unknown> | undefined;
+      const minMs = timeoutConfig?.['minMs'];
+      const maxMs = timeoutConfig?.['maxMs'];
+      if (typeof minMs === 'number' && typeof maxMs === 'number') {
+        if (minMs >= maxMs) {
+          errors.push('preflight.timeout.minMs must be less than preflight.timeout.maxMs');
+        }
+      }
     }
   }
 

diff --git a/packages/http/package.json b/packages/http/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@ignite/http",
-  "version": "0.6.0",
+  "version": "0.7.1",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",

diff --git a/packages/shared/package.json b/packages/shared/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@ignite/shared",
-  "version": "0.6.0",
+  "version": "0.7.1",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",