OSS Baseline Expectations
OSS Baseline Expectations
Section titled “OSS Baseline Expectations”This page lists common OSS expectations and whether the current OSS stack meets them.
Summary
Section titled “Summary”| Expectation | Status | Notes |
|---|---|---|
| Clear install + run steps | Met | Quick Start and Docker Compose paths exist. |
| Minimal dependency footprint | Met | OSS uses regex-only PII and excludes AI models and enterprise services. |
| Basic observability | Met | /metrics is available when ENABLE_METRICS=true. |
| Documented limits / known caveats | Partial | Some operational caveats are documented; remaining gaps are tracked in the backlog. |
Details
Section titled “Details”Clear install + run steps (Met)
Section titled “Clear install + run steps (Met)”- Docker Compose and manual Python instructions are provided in the docs.
Minimal dependency footprint (Met)
Section titled “Minimal dependency footprint (Met)”- OSS excludes AI models (ONNX, GLiNER) and enterprise services.
- Regex-only PII keeps runtime dependencies lightweight.
Basic observability (Met)
Section titled “Basic observability (Met)”- Prometheus metrics are exposed on
/metricswhen enabled. - Health endpoints are available on the sidecar.
Documented limits / known caveats (Partial)
Section titled “Documented limits / known caveats (Partial)”- DLP block mode buffers responses in memory; set
DLP_MAX_OUTPUT_LENGTH. - Audit stats are per-worker unless a shared store is added.
- Keep APISIX config examples aligned with
safellm/config/apisix.yaml.