Skip to content

Releases: rivet-dev/secure-exec

v0.3.4-rc.1

v0.3.4-rc.1 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 03 Jul 23:28
34953c5

What's Changed

  • feat(pty): native terminal support for interactive shells by @NathanFlurry in #137
  • feat(python): Pyodide python/python3 CLI + whole-VM-root filesystem + VFS-persistent pip by @NathanFlurry in #138
  • fix(ci): stop boundary lint false-positive on fixtures; guard escaping local deps by @NathanFlurry in #139
  • feat(python): outbound raw TCP/UDP sockets + complete the Pyodide FS hooks by @NathanFlurry in #142
  • Migrate docs to @rivet-dev/docs-theme (de-Starlight) + Typesense search by @NathanFlurry in #147
  • Basic Secure Exec footer (replace rivet-branded footer) by @NathanFlurry in #148
  • fix(docker): don't leak FA Pro token into build logs by @NathanFlurry in #149
  • docs: document the docs-embed rule in CLAUDE.md by @NathanFlurry in #151
  • feat(bench): add native-baseline host-timing crate by @NathanFlurry in #153
  • feat(sidecar): add GetResourceSnapshot resource-introspection wire hook by @NathanFlurry in #154
  • perf(kernel): reuse a persistent DNS resolver instead of per-lookup runtime by @NathanFlurry in #155
  • perf(sidecar): streamline execution/filesystem/service hot paths by @NathanFlurry in #157
  • perf(v8): faster bridge dispatch and direct js-start Execute path by @NathanFlurry in #158
  • fix(build): resolve url/qs in the v8-bridge build script by @NathanFlurry in #159
  • test: repair and update secure-exec test suites for current APIs by @NathanFlurry in #160
  • perf(kernel): chunked socket recv buffers and bounded oversized TCP write flushes by @NathanFlurry in #156
  • feat: browser-converged runtime + real terminal client by @NathanFlurry in #161
  • refactor(v8-bridge): split the bridge bundle into a documented multi-file TypeScript package by @NathanFlurry in #164
  • feat(packages): sidecar package projection + agentos-toolchain + { packageDir } registry by @NathanFlurry in #150
  • refactor(v8-bridge): modularize the bridge into a per-subsystem TypeScript package by @NathanFlurry in #165
  • feat(pty): canonical-mode line editing (VKILL/VWERASE) + ECHOCTL caret echo by @NathanFlurry in #166
  • fix(execution): provide host_tty.isatty/get_size + real set_raw_mode for wasm-c TTY guests by @NathanFlurry in #167
  • docs(CLAUDE): add Performance hot-path rules by @NathanFlurry in #168
  • perf(v8-runtime): pass V8-serialized args through without double copy by @NathanFlurry in #169
  • perf(sidecar): move stdio write buffers into execution events instead of cloning by @NathanFlurry in #170
  • perf(sidecar): bulk-copy loopback TLS reads instead of per-byte pop_front by @NathanFlurry in #171
  • perf(sidecar): wait for fd readiness instead of 10ms sleep polls in socket accept/recv loops by @NathanFlurry in #172
  • perf(sidecar): exponential backoff for loopback peer-socket pairing wait by @NathanFlurry in #173
  • perf(sidecar): event-driven HTTP/2 event-queue and backpressure waits by @NathanFlurry in #174
  • perf(execution): build the Python wait-loop runtime once instead of per poll tick by @NathanFlurry in #175
  • perf(sidecar): reuse one runtime for blocking dispatch instead of per call by @NathanFlurry in #176
  • perf(execution): map runtime events to frames directly instead of encode/decode by @NathanFlurry in #177
  • fix(pty): cooked-mode echo/signal discipline + kernel-PTY stdin for TTY guests by @NathanFlurry in #179
  • perf(v8-runtime): drain setImmediate in-isolate instead of kernel-timer round trips by @NathanFlurry in #180
  • perf(v8-runtime): same-isolate wake parity for unix-domain sockets and dgram by @NathanFlurry in #181
  • perf(sidecar): raw-byte fast path for guest fs reads and writes by @NathanFlurry in #182
  • perf(v8-runtime): wake loopback peer on FIN/close by @NathanFlurry in #184
  • perf(execution): single timer-wheel thread instead of thread-per-timer by @NathanFlurry in #185
  • feat(v8-runtime): opt-in high-resolution guest clock for benchmarking by @NathanFlurry in #186
  • feat(native-baseline): wasm32-wasi build for in-VM rust benchmark lane by @NathanFlurry in #187
  • test(benchmarks): migrate differential matrix from agent-os onto NodeRuntime by @NathanFlurry in #188
  • test(benchmarks): port focused lanes and add ecosystem command family by @NathanFlurry in #189
  • docs(claude): agent-os docs are canonical for agentOS-visible behavior by @NathanFlurry in #183
  • fix(runtime): native poll(2) for guest stdio + event-driven kernel waits by @NathanFlurry in #192
  • fix(bridge): poll http2 server/session retain instead of monopolizing sync-RPC wait by @NathanFlurry in #193
  • fix(execution): create-parent-aware WASI path resolution so wasm commands can create files by @NathanFlurry in #195
  • fix(sidecar): buffer loopback TLS writes while the handshake is pending by @NathanFlurry in #190
  • style: cargo fmt by @NathanFlurry in #191
  • fix(execution): resolve guest module imports against the live guest filesystem by @NathanFlurry in #194
  • fix(sidecar): release kernel socket slots when guest sockets close by @NathanFlurry in #196
  • fix(browser): cover raw fs bridge globals and regenerate the wasi polyfill by @NathanFlurry in #197
  • fix(v8-runtime): create snapshot blobs in a helper subprocess to contain a V8 isolate-lifecycle crash by @NathanFlurry in #198
  • feat(runtime): push external socket events host-to-guest by @NathanFlurry in #199
  • test(benchmarks): dedicated prewarmed sidecar per bench op by @NathanFlurry in #200
  • test(benchmarks): automatic peak-memory-vs-native column by @NathanFlurry in #201
  • test(benchmarks): module-resolution family by @NathanFlurry in #202
  • test(benchmarks): permission-policy overhead family by @NathanFlurry in #203
  • test(benchmarks): two-tier sizes for payload-sensitive ops by @NathanFlurry in #204
  • test(benchmarks): concurrency and interference lanes by @NathanFlurry in #205
  • test(benchmarks): canonical baseline and CI bench gate by @NathanFlurry in #206
  • feat(native-baseline): full matrix op parity — zero borrowed stand-ins by @NathanFlurry in #207
  • perf(kernel): cache filesystem usage for quota checks; fix WASI hot paths by @NathanFlurry in #208
  • fix(sidecar): route shared-terminal child output through the PTY master only by @NathanFlurry in #209
  • fix(sidecar): stop wasm stdin stream-event flood; tolerate shadow-sync races by @NathanFlurry in #210
  • fix(registry): un-stub brush tab completion on wasi by @NathanFlurry in #211
  • fix(core): drop the fixed 10ms trailing-output drain when exit arrives via event by @NathanFlurry in #212
  • feat(execution): snapshot-baked wasm runner userland by @NathanFlurry in #213
  • fix(ci): install build-tools workspace deps in the bench workflow by @NathanFlurry in #214
  • perf(v8-runtime): parked warm session workers by @NathanFlurry in #215
  • perf(execution): raw wasm module bytes + eager userland compile by @NathanFlurry in #216
  • fix(sidecar): JS-lane reads see kernel-VFS state by @NathanFlurry in https://github.co...
Read more

v0.3.3

Choose a tag to compare

@github-actions github-actions released this 27 Jun 01:53

What's Changed

  • fix(agent): mount @agentclientprotocol/sdk for pi and claude adapters by @NathanFlurry in #135
  • fix(agent-adapters): robustness fixes to pi + claude ACP adapters by @NathanFlurry in #136

Full Changelog: v0.3.2...v0.3.3

v0.3.2

Choose a tag to compare

@github-actions github-actions released this 26 Jun 02:39
d8a4435

What's Changed

  • fix(runtime): strip module shebang, stream large http responses, reject oversized vm.fetch by content-length by @NathanFlurry in #130
  • fix(sidecar): shadow-walk skip + bound undici pool (net-bridge listener leak) by @NathanFlurry in #128
  • fix(execution): size the wasm runner V8 heap so warmup stops OOMing by @NathanFlurry in #129
  • fix: memory leaks by @NathanFlurry in #131
  • feat(sidecar): stream extension events live during dispatch by @NathanFlurry in #132
  • fix(sidecar): classify new limit constants + tolerate stale sidecar callback responses by @NathanFlurry in #133

Full Changelog: v0.3.1...v0.3.2

v0.3.1

Choose a tag to compare

@github-actions github-actions released this 25 Jun 11:03
3d18ea0

What's Changed

  • fix: add _readableState.ended to net.Socket stub (fixes #71) by @aayushprsingh in #73
  • fix: exec() node fallback + feat: includeNodeShims option (fixes #64, #63) by @aayushprsingh in #66
  • Fix nested export-star expansion in node loader by @Vercantez in #69
  • fix(nodejs): scope npm/npx host fallback roots by @atharvasingh7007 in #72
  • Migrate per-VM resource limits + virtualized identity from env to the BARE wire by @NathanFlurry in #82
  • test: regression coverage for V8 Intl crash (#70), cross-exec loopback (#88), and JSON-over-VFS result decode (#11/#59) by @NathanFlurry in #97
  • [codex] Restore sidecar reuse fast paths by @NathanFlurry in #98
  • security: fix guest-reachable sandbox issues + remove over-defense against trusted config by @NathanFlurry in #100
  • [codex] security runtime followups by @NathanFlurry in #99
  • fix sandbox networking loopback dev servers by @NathanFlurry in #101
  • [codex] refactor VFS into reusable crates and backends by @NathanFlurry in #102
  • chore: rename to @agentos-software & @rivet-dev/agentos by @NathanFlurry in #105
  • ci: publish WASM command packages manually, not in CI by @NathanFlurry in #107
  • docs: website overhaul, OS-level pages link to agentOS, permissions tool→binding by @NathanFlurry in #106
  • test+docs: host-mounted node_modules resolution (#109) by @NathanFlurry in #113
  • feat: /workspace cwd + /home/agentos home + binding facade + all-platform publish by @NathanFlurry in #110
  • fix: create crate asset dirs during publish by @NathanFlurry in #115
  • fix: publish secure-exec vfs crates by @NathanFlurry in #116
  • fix: coerce default http2.connect port to a number by @abcxff in #117
  • ci(publish): guard native sidecar platform set by @NathanFlurry in #120
  • fix(resolver): actionable "module not found" + host-mounted node_modules symlink coverage by @NathanFlurry in #114
  • [codex] test custom JS VFS mounts by @NathanFlurry in #125
  • perf: cut create-session latency via agent-SDK heap snapshot by @NathanFlurry in #124
  • feat(codex+claude): wasi runtime fidelity fixes (non-blocking pipe/socket I/O, v8-bridge fidelity, codex toolchain) by @NathanFlurry in #126
  • fix: backpressure bounded queues instead of destroying the session/sidecar + centralized queue tracker by @NathanFlurry in #123
  • fix(v8-bridge): yield a macrotask between bridge socket reads (undici keep-alive leak) by @NathanFlurry in #122
  • fix: repair main after #124 (rustfmt 1.96.0 + userland_code test ctors + clippy) by @NathanFlurry in #127

New Contributors

Full Changelog: v0.3.0...v0.3.1

v0.3.1-rc.4

v0.3.1-rc.4 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 25 Jun 09:01
9d2572a

What's Changed

  • fix: create crate asset dirs during publish by @NathanFlurry in #115
  • fix: publish secure-exec vfs crates by @NathanFlurry in #116
  • fix: coerce default http2.connect port to a number by @abcxff in #117
  • ci(publish): guard native sidecar platform set by @NathanFlurry in #120
  • fix(resolver): actionable "module not found" + host-mounted node_modules symlink coverage by @NathanFlurry in #114
  • [codex] test custom JS VFS mounts by @NathanFlurry in #125
  • perf: cut create-session latency via agent-SDK heap snapshot by @NathanFlurry in #124
  • feat(codex+claude): wasi runtime fidelity fixes (non-blocking pipe/socket I/O, v8-bridge fidelity, codex toolchain) by @NathanFlurry in #126
  • fix: backpressure bounded queues instead of destroying the session/sidecar + centralized queue tracker by @NathanFlurry in #123
  • fix(v8-bridge): yield a macrotask between bridge socket reads (undici keep-alive leak) by @NathanFlurry in #122

New Contributors

Full Changelog: v0.3.1-rc.3...v0.3.1-rc.4

v0.3.1-rc.3

v0.3.1-rc.3 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 23 Jun 15:05
165e5dc

What's Changed

  • feat: /workspace cwd + /home/agentos home + binding facade + all-platform publish by @NathanFlurry in #110

Full Changelog: v0.3.1-rc.1...v0.3.1-rc.3

v0.3.1-rc.2

v0.3.1-rc.2 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 23 Jun 10:34
3604a03

What's Changed

New Contributors

Full Changelog: v0.3.0...v0.3.1-rc.2

v0.3.1-rc.1

v0.3.1-rc.1 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 23 Jun 04:51
3604a03

What's Changed

New Contributors

Full Changelog: v0.3.0...v0.3.1-rc.1

v0.3.0

Choose a tag to compare

@github-actions github-actions released this 19 Jun 12:41

What's Changed

  • feat: add Rust secure-exec runtime library by @NathanFlurry in #53
  • feat: configurable JS runtime platform (CreateVmConfig.jsRuntime) by @NathanFlurry in #78
  • perf(sidecar): cut guest fs RPC latency (fs-heavy workloads 5.7–41× faster) by @NathanFlurry in #77
  • fix(ci): resolve pnpm/action-setup version conflict by @NathanFlurry in #83
  • Security review fixes (secure-exec) by @NathanFlurry in #79
  • fix(example): native-client uses current CreateVmConfig (unblocks CI) by @NathanFlurry in #84
  • Security hardening: chokepoint lint + default-deny/safe-default guards by @NathanFlurry in #85
  • Security review: close coverage gaps (DNS rebinding, supply chain, builtin desync, browser isolation) by @NathanFlurry in #86
  • style: rustfmt security-review additions (unblock cargo fmt --check) by @NathanFlurry in #87
  • feat: opt-in wall-clock execution backstop (complements CPU-time budget) by @NathanFlurry in #89
  • fix(clippy): resolve -D warnings lints in security-review code by @NathanFlurry in #90
  • ci: pin rust toolchain (1.96.0) + fix clippy lints by @NathanFlurry in #93
  • test: make env-dependent dns/abort-signal conformance robust on CI by @NathanFlurry in #94
  • test: stabilize crash-isolation timeout (pre-existing flake) by @NathanFlurry in #95

Full Changelog: v0.2.1...v0.3.0

v0.3.0-rc.2

v0.3.0-rc.2 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 19 Jun 11:22

What's Changed

  • feat: add Rust secure-exec runtime library by @NathanFlurry in #53
  • feat: configurable JS runtime platform (CreateVmConfig.jsRuntime) by @NathanFlurry in #78
  • perf(sidecar): cut guest fs RPC latency (fs-heavy workloads 5.7–41× faster) by @NathanFlurry in #77
  • fix(ci): resolve pnpm/action-setup version conflict by @NathanFlurry in #83
  • Security review fixes (secure-exec) by @NathanFlurry in #79
  • fix(example): native-client uses current CreateVmConfig (unblocks CI) by @NathanFlurry in #84
  • Security hardening: chokepoint lint + default-deny/safe-default guards by @NathanFlurry in #85
  • Security review: close coverage gaps (DNS rebinding, supply chain, builtin desync, browser isolation) by @NathanFlurry in #86
  • style: rustfmt security-review additions (unblock cargo fmt --check) by @NathanFlurry in #87
  • feat: opt-in wall-clock execution backstop (complements CPU-time budget) by @NathanFlurry in #89
  • fix(clippy): resolve -D warnings lints in security-review code by @NathanFlurry in #90
  • ci: pin rust toolchain (1.96.0) + fix clippy lints by @NathanFlurry in #93
  • test: make env-dependent dns/abort-signal conformance robust on CI by @NathanFlurry in #94

Full Changelog: v0.2.1...v0.3.0-rc.2