Releases: rivet-dev/secure-exec
Releases · rivet-dev/secure-exec
Release list
v0.3.4-rc.1
What's Changed
- feat(pty): native terminal support for interactive shells by @NathanFlurry in #137
- feat(python): Pyodide python/python3 CLI + whole-VM-root filesystem + VFS-persistent pip by @NathanFlurry in #138
- fix(ci): stop boundary lint false-positive on fixtures; guard escaping local deps by @NathanFlurry in #139
- feat(python): outbound raw TCP/UDP sockets + complete the Pyodide FS hooks by @NathanFlurry in #142
- Migrate docs to @rivet-dev/docs-theme (de-Starlight) + Typesense search by @NathanFlurry in #147
- Basic Secure Exec footer (replace rivet-branded footer) by @NathanFlurry in #148
- fix(docker): don't leak FA Pro token into build logs by @NathanFlurry in #149
- docs: document the docs-embed rule in CLAUDE.md by @NathanFlurry in #151
- feat(bench): add native-baseline host-timing crate by @NathanFlurry in #153
- feat(sidecar): add GetResourceSnapshot resource-introspection wire hook by @NathanFlurry in #154
- perf(kernel): reuse a persistent DNS resolver instead of per-lookup runtime by @NathanFlurry in #155
- perf(sidecar): streamline execution/filesystem/service hot paths by @NathanFlurry in #157
- perf(v8): faster bridge dispatch and direct js-start Execute path by @NathanFlurry in #158
- fix(build): resolve url/qs in the v8-bridge build script by @NathanFlurry in #159
- test: repair and update secure-exec test suites for current APIs by @NathanFlurry in #160
- perf(kernel): chunked socket recv buffers and bounded oversized TCP write flushes by @NathanFlurry in #156
- feat: browser-converged runtime + real terminal client by @NathanFlurry in #161
- refactor(v8-bridge): split the bridge bundle into a documented multi-file TypeScript package by @NathanFlurry in #164
- feat(packages): sidecar package projection + agentos-toolchain + { packageDir } registry by @NathanFlurry in #150
- refactor(v8-bridge): modularize the bridge into a per-subsystem TypeScript package by @NathanFlurry in #165
- feat(pty): canonical-mode line editing (VKILL/VWERASE) + ECHOCTL caret echo by @NathanFlurry in #166
- fix(execution): provide host_tty.isatty/get_size + real set_raw_mode for wasm-c TTY guests by @NathanFlurry in #167
- docs(CLAUDE): add Performance hot-path rules by @NathanFlurry in #168
- perf(v8-runtime): pass V8-serialized args through without double copy by @NathanFlurry in #169
- perf(sidecar): move stdio write buffers into execution events instead of cloning by @NathanFlurry in #170
- perf(sidecar): bulk-copy loopback TLS reads instead of per-byte pop_front by @NathanFlurry in #171
- perf(sidecar): wait for fd readiness instead of 10ms sleep polls in socket accept/recv loops by @NathanFlurry in #172
- perf(sidecar): exponential backoff for loopback peer-socket pairing wait by @NathanFlurry in #173
- perf(sidecar): event-driven HTTP/2 event-queue and backpressure waits by @NathanFlurry in #174
- perf(execution): build the Python wait-loop runtime once instead of per poll tick by @NathanFlurry in #175
- perf(sidecar): reuse one runtime for blocking dispatch instead of per call by @NathanFlurry in #176
- perf(execution): map runtime events to frames directly instead of encode/decode by @NathanFlurry in #177
- fix(pty): cooked-mode echo/signal discipline + kernel-PTY stdin for TTY guests by @NathanFlurry in #179
- perf(v8-runtime): drain setImmediate in-isolate instead of kernel-timer round trips by @NathanFlurry in #180
- perf(v8-runtime): same-isolate wake parity for unix-domain sockets and dgram by @NathanFlurry in #181
- perf(sidecar): raw-byte fast path for guest fs reads and writes by @NathanFlurry in #182
- perf(v8-runtime): wake loopback peer on FIN/close by @NathanFlurry in #184
- perf(execution): single timer-wheel thread instead of thread-per-timer by @NathanFlurry in #185
- feat(v8-runtime): opt-in high-resolution guest clock for benchmarking by @NathanFlurry in #186
- feat(native-baseline): wasm32-wasi build for in-VM rust benchmark lane by @NathanFlurry in #187
- test(benchmarks): migrate differential matrix from agent-os onto NodeRuntime by @NathanFlurry in #188
- test(benchmarks): port focused lanes and add ecosystem command family by @NathanFlurry in #189
- docs(claude): agent-os docs are canonical for agentOS-visible behavior by @NathanFlurry in #183
- fix(runtime): native poll(2) for guest stdio + event-driven kernel waits by @NathanFlurry in #192
- fix(bridge): poll http2 server/session retain instead of monopolizing sync-RPC wait by @NathanFlurry in #193
- fix(execution): create-parent-aware WASI path resolution so wasm commands can create files by @NathanFlurry in #195
- fix(sidecar): buffer loopback TLS writes while the handshake is pending by @NathanFlurry in #190
- style: cargo fmt by @NathanFlurry in #191
- fix(execution): resolve guest module imports against the live guest filesystem by @NathanFlurry in #194
- fix(sidecar): release kernel socket slots when guest sockets close by @NathanFlurry in #196
- fix(browser): cover raw fs bridge globals and regenerate the wasi polyfill by @NathanFlurry in #197
- fix(v8-runtime): create snapshot blobs in a helper subprocess to contain a V8 isolate-lifecycle crash by @NathanFlurry in #198
- feat(runtime): push external socket events host-to-guest by @NathanFlurry in #199
- test(benchmarks): dedicated prewarmed sidecar per bench op by @NathanFlurry in #200
- test(benchmarks): automatic peak-memory-vs-native column by @NathanFlurry in #201
- test(benchmarks): module-resolution family by @NathanFlurry in #202
- test(benchmarks): permission-policy overhead family by @NathanFlurry in #203
- test(benchmarks): two-tier sizes for payload-sensitive ops by @NathanFlurry in #204
- test(benchmarks): concurrency and interference lanes by @NathanFlurry in #205
- test(benchmarks): canonical baseline and CI bench gate by @NathanFlurry in #206
- feat(native-baseline): full matrix op parity — zero borrowed stand-ins by @NathanFlurry in #207
- perf(kernel): cache filesystem usage for quota checks; fix WASI hot paths by @NathanFlurry in #208
- fix(sidecar): route shared-terminal child output through the PTY master only by @NathanFlurry in #209
- fix(sidecar): stop wasm stdin stream-event flood; tolerate shadow-sync races by @NathanFlurry in #210
- fix(registry): un-stub brush tab completion on wasi by @NathanFlurry in #211
- fix(core): drop the fixed 10ms trailing-output drain when exit arrives via event by @NathanFlurry in #212
- feat(execution): snapshot-baked wasm runner userland by @NathanFlurry in #213
- fix(ci): install build-tools workspace deps in the bench workflow by @NathanFlurry in #214
- perf(v8-runtime): parked warm session workers by @NathanFlurry in #215
- perf(execution): raw wasm module bytes + eager userland compile by @NathanFlurry in #216
- fix(sidecar): JS-lane reads see kernel-VFS state by @NathanFlurry in https://github.co...
v0.3.3
What's Changed
- fix(agent): mount @agentclientprotocol/sdk for pi and claude adapters by @NathanFlurry in #135
- fix(agent-adapters): robustness fixes to pi + claude ACP adapters by @NathanFlurry in #136
Full Changelog: v0.3.2...v0.3.3
v0.3.2
What's Changed
- fix(runtime): strip module shebang, stream large http responses, reject oversized vm.fetch by content-length by @NathanFlurry in #130
- fix(sidecar): shadow-walk skip + bound undici pool (net-bridge listener leak) by @NathanFlurry in #128
- fix(execution): size the wasm runner V8 heap so warmup stops OOMing by @NathanFlurry in #129
- fix: memory leaks by @NathanFlurry in #131
- feat(sidecar): stream extension events live during dispatch by @NathanFlurry in #132
- fix(sidecar): classify new limit constants + tolerate stale sidecar callback responses by @NathanFlurry in #133
Full Changelog: v0.3.1...v0.3.2
v0.3.1
What's Changed
- fix: add _readableState.ended to net.Socket stub (fixes #71) by @aayushprsingh in #73
- fix: exec() node fallback + feat: includeNodeShims option (fixes #64, #63) by @aayushprsingh in #66
- Fix nested export-star expansion in node loader by @Vercantez in #69
- fix(nodejs): scope npm/npx host fallback roots by @atharvasingh7007 in #72
- Migrate per-VM resource limits + virtualized identity from env to the BARE wire by @NathanFlurry in #82
- test: regression coverage for V8 Intl crash (#70), cross-exec loopback (#88), and JSON-over-VFS result decode (#11/#59) by @NathanFlurry in #97
- [codex] Restore sidecar reuse fast paths by @NathanFlurry in #98
- security: fix guest-reachable sandbox issues + remove over-defense against trusted config by @NathanFlurry in #100
- [codex] security runtime followups by @NathanFlurry in #99
- fix sandbox networking loopback dev servers by @NathanFlurry in #101
- [codex] refactor VFS into reusable crates and backends by @NathanFlurry in #102
- chore: rename to @agentos-software & @rivet-dev/agentos by @NathanFlurry in #105
- ci: publish WASM command packages manually, not in CI by @NathanFlurry in #107
- docs: website overhaul, OS-level pages link to agentOS, permissions tool→binding by @NathanFlurry in #106
- test+docs: host-mounted node_modules resolution (#109) by @NathanFlurry in #113
- feat: /workspace cwd + /home/agentos home + binding facade + all-platform publish by @NathanFlurry in #110
- fix: create crate asset dirs during publish by @NathanFlurry in #115
- fix: publish secure-exec vfs crates by @NathanFlurry in #116
- fix: coerce default http2.connect port to a number by @abcxff in #117
- ci(publish): guard native sidecar platform set by @NathanFlurry in #120
- fix(resolver): actionable "module not found" + host-mounted node_modules symlink coverage by @NathanFlurry in #114
- [codex] test custom JS VFS mounts by @NathanFlurry in #125
- perf: cut create-session latency via agent-SDK heap snapshot by @NathanFlurry in #124
- feat(codex+claude): wasi runtime fidelity fixes (non-blocking pipe/socket I/O, v8-bridge fidelity, codex toolchain) by @NathanFlurry in #126
- fix: backpressure bounded queues instead of destroying the session/sidecar + centralized queue tracker by @NathanFlurry in #123
- fix(v8-bridge): yield a macrotask between bridge socket reads (undici keep-alive leak) by @NathanFlurry in #122
- fix: repair main after #124 (rustfmt 1.96.0 + userland_code test ctors + clippy) by @NathanFlurry in #127
New Contributors
- @aayushprsingh made their first contribution in #73
- @Vercantez made their first contribution in #69
- @atharvasingh7007 made their first contribution in #72
- @abcxff made their first contribution in #117
Full Changelog: v0.3.0...v0.3.1
v0.3.1-rc.4
What's Changed
- fix: create crate asset dirs during publish by @NathanFlurry in #115
- fix: publish secure-exec vfs crates by @NathanFlurry in #116
- fix: coerce default http2.connect port to a number by @abcxff in #117
- ci(publish): guard native sidecar platform set by @NathanFlurry in #120
- fix(resolver): actionable "module not found" + host-mounted node_modules symlink coverage by @NathanFlurry in #114
- [codex] test custom JS VFS mounts by @NathanFlurry in #125
- perf: cut create-session latency via agent-SDK heap snapshot by @NathanFlurry in #124
- feat(codex+claude): wasi runtime fidelity fixes (non-blocking pipe/socket I/O, v8-bridge fidelity, codex toolchain) by @NathanFlurry in #126
- fix: backpressure bounded queues instead of destroying the session/sidecar + centralized queue tracker by @NathanFlurry in #123
- fix(v8-bridge): yield a macrotask between bridge socket reads (undici keep-alive leak) by @NathanFlurry in #122
New Contributors
Full Changelog: v0.3.1-rc.3...v0.3.1-rc.4
v0.3.1-rc.3
What's Changed
- feat: /workspace cwd + /home/agentos home + binding facade + all-platform publish by @NathanFlurry in #110
Full Changelog: v0.3.1-rc.1...v0.3.1-rc.3
v0.3.1-rc.2
What's Changed
- fix: add _readableState.ended to net.Socket stub (fixes #71) by @aayushprsingh in #73
- fix: exec() node fallback + feat: includeNodeShims option (fixes #64, #63) by @aayushprsingh in #66
- Fix nested export-star expansion in node loader by @Vercantez in #69
- fix(nodejs): scope npm/npx host fallback roots by @atharvasingh7007 in #72
- Migrate per-VM resource limits + virtualized identity from env to the BARE wire by @NathanFlurry in #82
- test: regression coverage for V8 Intl crash (#70), cross-exec loopback (#88), and JSON-over-VFS result decode (#11/#59) by @NathanFlurry in #97
- [codex] Restore sidecar reuse fast paths by @NathanFlurry in #98
- security: fix guest-reachable sandbox issues + remove over-defense against trusted config by @NathanFlurry in #100
- [codex] security runtime followups by @NathanFlurry in #99
- fix sandbox networking loopback dev servers by @NathanFlurry in #101
- [codex] refactor VFS into reusable crates and backends by @NathanFlurry in #102
- chore: rename to @agentos-software & @rivet-dev/agentos by @NathanFlurry in #105
- ci: publish WASM command packages manually, not in CI by @NathanFlurry in #107
- docs: website overhaul, OS-level pages link to agentOS, permissions tool→binding by @NathanFlurry in #106
- test+docs: host-mounted node_modules resolution (#109) by @NathanFlurry in #113
New Contributors
- @aayushprsingh made their first contribution in #73
- @Vercantez made their first contribution in #69
- @atharvasingh7007 made their first contribution in #72
Full Changelog: v0.3.0...v0.3.1-rc.2
v0.3.1-rc.1
What's Changed
- fix: add _readableState.ended to net.Socket stub (fixes #71) by @aayushprsingh in #73
- fix: exec() node fallback + feat: includeNodeShims option (fixes #64, #63) by @aayushprsingh in #66
- Fix nested export-star expansion in node loader by @Vercantez in #69
- fix(nodejs): scope npm/npx host fallback roots by @atharvasingh7007 in #72
- Migrate per-VM resource limits + virtualized identity from env to the BARE wire by @NathanFlurry in #82
- test: regression coverage for V8 Intl crash (#70), cross-exec loopback (#88), and JSON-over-VFS result decode (#11/#59) by @NathanFlurry in #97
- [codex] Restore sidecar reuse fast paths by @NathanFlurry in #98
- security: fix guest-reachable sandbox issues + remove over-defense against trusted config by @NathanFlurry in #100
- [codex] security runtime followups by @NathanFlurry in #99
- fix sandbox networking loopback dev servers by @NathanFlurry in #101
- [codex] refactor VFS into reusable crates and backends by @NathanFlurry in #102
- chore: rename to @agentos-software & @rivet-dev/agentos by @NathanFlurry in #105
- ci: publish WASM command packages manually, not in CI by @NathanFlurry in #107
- docs: website overhaul, OS-level pages link to agentOS, permissions tool→binding by @NathanFlurry in #106
- test+docs: host-mounted node_modules resolution (#109) by @NathanFlurry in #113
New Contributors
- @aayushprsingh made their first contribution in #73
- @Vercantez made their first contribution in #69
- @atharvasingh7007 made their first contribution in #72
Full Changelog: v0.3.0...v0.3.1-rc.1
v0.3.0
What's Changed
- feat: add Rust secure-exec runtime library by @NathanFlurry in #53
- feat: configurable JS runtime platform (CreateVmConfig.jsRuntime) by @NathanFlurry in #78
- perf(sidecar): cut guest fs RPC latency (fs-heavy workloads 5.7–41× faster) by @NathanFlurry in #77
- fix(ci): resolve pnpm/action-setup version conflict by @NathanFlurry in #83
- Security review fixes (secure-exec) by @NathanFlurry in #79
- fix(example): native-client uses current CreateVmConfig (unblocks CI) by @NathanFlurry in #84
- Security hardening: chokepoint lint + default-deny/safe-default guards by @NathanFlurry in #85
- Security review: close coverage gaps (DNS rebinding, supply chain, builtin desync, browser isolation) by @NathanFlurry in #86
- style: rustfmt security-review additions (unblock cargo fmt --check) by @NathanFlurry in #87
- feat: opt-in wall-clock execution backstop (complements CPU-time budget) by @NathanFlurry in #89
- fix(clippy): resolve -D warnings lints in security-review code by @NathanFlurry in #90
- ci: pin rust toolchain (1.96.0) + fix clippy lints by @NathanFlurry in #93
- test: make env-dependent dns/abort-signal conformance robust on CI by @NathanFlurry in #94
- test: stabilize crash-isolation timeout (pre-existing flake) by @NathanFlurry in #95
Full Changelog: v0.2.1...v0.3.0
v0.3.0-rc.2
What's Changed
- feat: add Rust secure-exec runtime library by @NathanFlurry in #53
- feat: configurable JS runtime platform (CreateVmConfig.jsRuntime) by @NathanFlurry in #78
- perf(sidecar): cut guest fs RPC latency (fs-heavy workloads 5.7–41× faster) by @NathanFlurry in #77
- fix(ci): resolve pnpm/action-setup version conflict by @NathanFlurry in #83
- Security review fixes (secure-exec) by @NathanFlurry in #79
- fix(example): native-client uses current CreateVmConfig (unblocks CI) by @NathanFlurry in #84
- Security hardening: chokepoint lint + default-deny/safe-default guards by @NathanFlurry in #85
- Security review: close coverage gaps (DNS rebinding, supply chain, builtin desync, browser isolation) by @NathanFlurry in #86
- style: rustfmt security-review additions (unblock cargo fmt --check) by @NathanFlurry in #87
- feat: opt-in wall-clock execution backstop (complements CPU-time budget) by @NathanFlurry in #89
- fix(clippy): resolve -D warnings lints in security-review code by @NathanFlurry in #90
- ci: pin rust toolchain (1.96.0) + fix clippy lints by @NathanFlurry in #93
- test: make env-dependent dns/abort-signal conformance robust on CI by @NathanFlurry in #94
Full Changelog: v0.2.1...v0.3.0-rc.2