1.0.0-beta1: API freeze and endpoint hardening Freezes the collector contract for the entire 1.x line and lands the production-readiness hardening pass on /cwv/beacon. The substrate has been exercised by three async decorators, seven panel contributors, one probe collector, and two synchronous collectors without contract changes since alpha7. What freezes: - Four collector interfaces (synchronous, async-decoration, probe, panel-contribution). - Beacon payload envelope JSON shape. - cwv_beacons and cwv_probes table schemas. - AsyncContextStore service contract. - CwvPanelWeight constants. Contract-cleanup drops: - Alpha6-envelope flat-field fallbacks in BeaconRequest. - Legacy cache_state field parsing in DrupalCacheCollector. Endpoint hardening: - Per-IP flood protection via Drupal's flood service. Default 60/60s/IP; configurable. - Server-side sampling enforcement (ceiling at the controller). - max_rows table-size ceiling (default 0 = unlimited) with FIFO prune; backstop for broken-cron failure mode. - New SECURITY.md documenting attack surface, mitigations, and recommended CDN-side rate-limit configurations. Performance defaults: - Default sampling_rate lowered from 1.0 to 0.1 for new installs. Existing operators keep their explicit value. - New PERFORMANCE.md quantifies DB write load and sizing. Three new config keys land via cwv_update_10008. From this commit forward the 1.x contract is stable for sibling- module authors. RC1 cuts after a two-week soak; 1.0.0 stable cuts after RC1 holds clean. See ROADMAP.md, SECURITY.md, PERFORMANCE.md, and docs/collector-contract.md for the full picture.