The patch removes the SurrealDB default root/root login path and makes SurrealDB knowledge-store initialization require explicit username/password credentials, replacing an insecure implicit default.
Scattered source updates, isolated context, and manual follow-up across multiple feeds.
Introduced an authentication hardening change by eliminating the baked-in default credentials for SurrealDB and enforcing explicit username/password input when creating the knowledge store.
Developers and operators running PraisonAI with SurrealDB will no longer have hidden exposure from default privileged credentials, reducing the chance of unintended database access after deployment. This is implemented by removing the root/root default path and requiring explicit credentials in initialization; environments that still rely on default authentication will now fail to connect until updated, so deployment manifests, Docker/env setups, and local scripts should be checked to ensure credentials are correctly provisioned and secret rotation is enforced after rollout.
Developers and operators running PraisonAI with SurrealDB will no longer have hidden exposure from default privileged credentials, reducing the chance of unintended database access after deployment. This is implemented by removing the root/root default path and requiring explicit credentials in initialization; environments that still rely on default authentication will now fail to connect until updated, so deployment manifests, Docker/env setups, and local scripts should be checked to ensure credentials are correctly provisioned and secret rotation is enforced after rollout.