Skip to content

Prevent POST /dev/unload behind an opt-in setting#483

Merged
remsky merged 1 commit into
remsky:masterfrom
sanjaygulati13:fix/gate-dev-unload
Jul 12, 2026
Merged

Prevent POST /dev/unload behind an opt-in setting#483
remsky merged 1 commit into
remsky:masterfrom
sanjaygulati13:fix/gate-dev-unload

Conversation

@sanjaygulati13

Copy link
Copy Markdown
Contributor

Currently /dev/unload is mounted by default with no authentication, so any caller that can reach the API can unload the active model from memory and can possibly force repeated reload cycles (#478).

Added an allow_dev_unload setting (default False) and return 403 when disabled. The endpoint is off by default and can be re-enabled with ALLOW_DEV_UNLOAD=true for trusted deployments.

Testing: uv run pytest (94 tests passed, I have included a new 403-when-disabled test) plus tried live, non-Docker run and I confirm /dev/unload returns 403 by default and 200 with ALLOW_DEV_UNLOAD=true set.

Did not test via Docker Compose or on CUDA hardware (I have Apple Silicon Mac). The change is a config flag and an early return guard with no docker container or GPU specific paths, but appreciate if someone else can confirm on other environments.

Currently /dev/unload is mounted by default with no authentication, so any caller that can reach the API can unload the active model from memory and can possibly force repeated reload cycles (remsky#478).

Add an 'allow_dev_unload' setting (default False) and return 403 when disabled, so the endpoint is off by default and can be re-enabled with ALLOW_DEV_UNLOAD=true for trusted deployments.
@remsky

remsky commented Jul 12, 2026

Copy link
Copy Markdown
Owner

LGTM, thanks!

@remsky
remsky merged commit 24ac58e into remsky:master Jul 12, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants