Bundled with Local Regression Studio v1.0.11. These files work offline and on static hosting such as GitHub Pages.

Security and Privacy

Security and privacy

Privacy

Local Regression Studio processes CSV data, preprocessing, training, diagnostics, monitoring, and predictions in the user’s browser. It has no analytics, account service, cloud storage, remote model execution, or data-upload endpoint.

The Full Studio may load pinned Plotly and CSV parser assets from jsDelivr when deliberately started in hybrid mode. Those requests are for application libraries, not user CSV data. The local launchers default to bundled libraries. Strict-offline and Prediction-only editions force bundled assets and use a CSP that disallows remote script and connection sources.

The original CSV is not embedded in saved projects, models, experiment records, approved prediction packages, governance reports, or recovery snapshots. Derived artifacts can nevertheless reveal sensitive information through feature names, ranges, categories, coefficients, stored rows, predictions, residuals, approval notes, and monitoring outcomes. Treat downloads as potentially sensitive.

Local browser storage is used only for an optional recovery snapshot and user interface state. The recovery snapshot excludes the original CSV. Users can discard it from the recovery panel or clear site storage through the browser.


Security Policy

Supported release

The supported reference release is Local Regression Studio v1.0.11. Security corrections should be distributed as a new signed or checksum-verifiable release rather than by replacing files silently.

Reporting a vulnerability

Report suspected vulnerabilities privately to the application owner or deployment administrator. Include the application version, edition, browser, steps to reproduce, affected artifact type, and whether raw user data are required. Do not attach sensitive datasets unless an approved secure channel is available.

Security properties

  • Browser-local model development and prediction
  • No analytics, remote training, cloud-storage, or CSV-upload endpoint
  • Strict-offline editions with no permitted remote script or connection sources
  • SHA-256 artifact integrity for approved prediction packages
  • Optional ECDSA P-256 organizational signature verification against administrator-pinned public keys
  • Import file-size and structural-complexity limits
  • CSV row/column limits and duplicate-header rejection
  • Spreadsheet-formula injection protection in generated CSV files
  • HTML escaping of user-controlled labels and governance text
  • Bounded model and tuning workloads

Organizational signatures

The app does not create organizational signatures or store private keys. A deployment may configure trusted public JWK values in js/build-config.js under trustedSigningKeys. Signed packages are accepted only when the declared keyId exists in that trusted map and the ECDSA signature verifies over the package SHA-256 digest.

An embedded public key is not treated as organizational trust. Key distribution, rotation, revocation, custody, and signer identity are deployment responsibilities.

Known security boundaries

  • Prediction-only mode is a workflow restriction, not authentication or authorization.
  • Governance names and roles are recorded metadata, not verified identities.
  • A malicious user with permission to replace application files can also replace configuration and trusted keys; protect the deployment directory with ordinary hosting and operating-system controls.
  • Browser memory exhaustion cannot be eliminated completely. The app validates documented limits and refuses oversized structures, but administrators should set web-server upload limits as an additional control.
  • The Full Studio hybrid edition permits pinned jsDelivr sources through its CSP when hybrid mode is enabled. Use Strict-offline for controlled environments.

Security update process

  1. Reproduce and classify the issue.
  2. Correct it on a new maintenance branch.
  3. Add a regression test.
  4. Run numerical, migration, security, and browser checks.
  5. Publish a new version, checksum, manifest, SBOM, test report, and release notes.
  6. Inform operators whether approved model packages need reissue or revalidation.

Threat Model

Protected assets

  • Training and prediction CSV data
  • Fitted model and preprocessing state
  • Approved prediction packages
  • Governance and monitoring records
  • Trusted organizational public keys
  • Release files and manifests

Primary threats and controls

Threat Controls Residual risk
Sensitive data sent externally Local processing; no upload endpoint; strict-offline CSP Browser extensions, compromised host, or custom modifications remain outside app control
Malicious/oversized CSV File, row, and column limits; duplicate-header checks; bounded workloads Complex but within-limit data can still consume substantial memory
Malformed/oversized JSON File, depth, node, array, type, schema, and hash checks Novel semantic corruption may require additional model-specific checks
Spreadsheet formula injection Prefix dangerous exported cells with an apostrophe Users can manually remove protection after download
HTML/script injection Escaping and CSP Deployment modifications can weaken CSP
Package tampering SHA-256 integrity and embedded self-test vectors Hash alone does not prove organizational origin
False signer identity Administrator-pinned trusted keys Key custody, rotation, and revocation are organizational responsibilities
Unauthorized Studio access Separate prediction edition and deployment guidance Static editions do not provide authentication
Model misuse outside scope Intended/prohibited uses, applicability warnings, approval status Human process can ignore warnings
Stale model Review dates, monitoring, revalidation triggers, suspension/expiry Monitoring data can be late or incomplete
Supply-chain compromise Bundled libraries, version inventory, SBOM, manifest, strict-offline edition Reference build is checksum-verifiable but not signed by a private release key

Trust boundaries

The browser, operating system, hosting environment, installed extensions, and organizational identity system are outside the JavaScript application’s control. The app assumes its own static files and configured trusted keys have not been replaced by an attacker with deployment access.