john/secure_agent_envs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
secure_agent_envs/CHANGELOG.md
guessthepw 2861664a03 Add OpenCode and Tidewave CLI support 
- OpenCode: Open-source AI coding assistant (npm install -g opencode-ai)
  Supports multiple LLM providers including OpenAI, Anthropic, Gemini

- Tidewave: Elixir/Phoenix MCP server for AI-powered development
  Downloads binary from GitHub releases with ELF validation
  Enables runtime introspection, SQL queries, and code evaluation

Both tools are optional components in the interactive installer.
Tidewave is automatically skipped if Erlang is not selected.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-25 12:16:06 -05:00

3.2 KiB
Raw Blame History

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[0.10.0] - 2025-01-25

Added

  • OpenCode: Open-source AI coding assistant with multi-provider support
  • Tidewave CLI: Elixir/Phoenix MCP server for AI-powered development
  • New component selection options for OpenCode and Tidewave

[0.9.1] - 2025-01-25

Fixed

  • Add error checking for base64 decode operations in VM provisioning
  • Add set -e to VM bootstrap script for early failure detection

[0.9.0] - 2025-01-25

Security

  • Fix rustup pipe-to-shell vulnerability: now downloads to temp file with validation before execution
  • Fix SKIP_EXPORTS command injection risk: refactored to use base64-encoded list instead of shell command string
  • Fix Playwright symlink path validation: validates executable and path prefix before creating symlinks

[0.8.0] - 2025-01-25

Added

  • Project memory system using CLAUDE.md, CHANGELOG.md, and README.md
  • Versioning rules and documentation update guidelines in CLAUDE.md

[0.7.0] - 2025-01-25

Added

  • CHANGELOG.md with version history following Keep a Changelog format

[0.6.0] - 2025-01-25

Changed

  • All tools now use latest versions by default instead of pinning specific versions
  • PostgreSQL authentication uses scram-sha-256 for all TCP connections
  • Simplified tool installation by removing version pinning constraints

Security

  • VNC passwords are never stored and must be entered each time
  • Added documentation for input validation patterns and safe config loading

[0.5.0] - 2025-01-25

Security

  • Prevents shell injection through input validation and safe parameter passing
  • Replaces direct sourcing with manual config parsing to avoid code execution
  • Downloads and validates install scripts before execution instead of piping
  • Uses base64 encoding for secure VM parameter transmission
  • Adds checksum verification for binary downloads
  • Creates secure temporary directories and files with proper permissions

[0.4.0] - 2025-01-25

Changed

  • Replaces sequential installation with parallel step execution
  • Introduces real-time progress dashboard with spinner and status
  • Removes color variables to improve terminal compatibility
  • Restructures logging with per-step files for better debugging

Performance

  • Significantly reduces total setup time by running independent steps concurrently

[0.3.0] - 2025-01-25

Added

  • Dual-mode operation: orchestration on macOS, provisioning on Linux
  • Interactive component selection with visual menu interface
  • VNC desktop access for OAuth workflows and browser-based tasks

Security

  • Secure VM creation with disabled host filesystem access

[0.2.0] - 2025-01-25

Added

  • OrbStack development sandbox setup script
  • mise version manager with Node.js, Erlang, and Elixir support
  • PostgreSQL 16 with remote access configuration
  • Claude Code integration with multiple plugin marketplaces
  • Chromium browser and Playwright for automation tasks

[0.1.0] - 2025-01-25

Added

  • Initial project structure