README.md:
- Add skip parameters example (-SkipVNC, -SkipOllama)
- Document VNC password prompt and minimum length
- Update requirements to show ISO creation fallbacks
CLAUDE.md:
- Add Windows script editing section
- Add Windows security patterns section
- Add Windows testing instructions
- Update VNC password minimum from 6 to 8 chars
- Document checksum verification for Windows
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Fixes:
- Tidewave CLI now downloads from correct repo (tidewave_app)
with proper musl binary naming convention
Features:
- Python runtime managed by mise instead of system apt
- Python added as selectable component in interactive menu
Documentation:
- WINDOWS_PLAN.md explains Hyper-V vs WSL2 security tradeoffs
- Documents CVEs affecting WSL2 (2024-20681, 2025-9074, 2025-53788)
- Describes full implementation architecture and workflow
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Creates setup_env_windows.ps1 PowerShell script that:
- Provisions full Hyper-V VMs (not WSL2) for complete isolation
- Uses Ubuntu cloud images with cloud-init for automated setup
- Generates SSH keys for passwordless access
- Adds VMs to hosts file for easy <name>.local access
- Disables integration services by default for security
Hyper-V provides stronger isolation than WSL2:
- Separate kernel per VM
- Complete filesystem isolation (no /mnt/c mount)
- Own network stack (no firewall bypass)
- No ability to launch Windows programs from Linux
Also updates README with cross-platform quick start guides
and security comparison between WSL2 and Hyper-V.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Establishes CLAUDE.md, CHANGELOG.md, and README.md as persistent
project memory. Adds documentation update triggers and semantic
versioning rules to ensure context is maintained across sessions.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Switches all tools to use latest versions by default instead of pinning specific versions, reducing maintenance overhead while still allowing customization for Erlang and Elixir.
Enhances security measures by documenting input validation patterns, safe config loading practices, and credential handling procedures. Updates PostgreSQL authentication to use scram-sha-256 for all TCP connections.
Clarifies that VNC passwords are never stored and must be entered each time, improving the security posture of credential management.
Simplifies tool installation by removing version pinning constraints and using native package managers where appropriate.
Implements orchestration on macOS and provisioning on Linux for isolated Claude Code environments
Adds interactive component selection with visual menu interface
Enables secure VM creation with disabled host filesystem access
Provides comprehensive toolchain including PostgreSQL, Erlang/Elixir, and browser automation
Configures VNC desktop access for OAuth workflows and browser-based tasks
