Releases: 1set/starcli
Release list
v0.1.2
starcli v0.1.1 — Sure Footing
The breadth StarCLI shipped in First Light is now wired, tested, and portable.
⚠️ Behavior changes
- Host command execution (
cmd) is off by default. Opt in with--allow-cmd(run any command) or the new--dangerously-allow-all. Previouslycmdloaded butrun()never executed (a wiring gap); the flags now genuinely enable it.
Added
- Seven more domain modules wired into the default set —
cache,emoji,qrcode,totp,liquid,toml,yaml(all pure; loadable even under--caps safe). --dangerously-allow-all: one flag opens network + filesystem + host command execution of any command.- Embedded IANA time-zone database, so named time zones resolve in minimal / scratch / distroless images and slim binaries.
Fixed
--allow-cmdnow actually enables command execution (it was previously a no-op).
Quality & internals
- End-to-end test suite that builds the binary and runs sample scripts (asserting stdout + exit), web-server handler httptest coverage, and real domain-module integration (sqlite / markdown / gum); the web package went from 0% to 50% coverage.
- Logging and terminal initialization consolidated onto zap, the standard library, and
golang.org/x/sys.
Built test-first on Go 1.25; CI green across ubuntu / macOS / Windows.
starcli v0.1.0 — First Light
starcli is the turnkey command-line interpreter for the Star* ecosystem — it
wires Google's Starlark-in-Go (via starbox + starlet + the starpkg
domain modules) into a single executable that runs .star scripts. It is the
ecosystem's front door: python to its CPython.
This first release was built test-first — a characterization safety net was
laid over the legacy code, the internals were refactored behind it, and every
feature since landed with tests, a race + coverage gate, and a Docker floor
check.
Run modes
REPL · direct code (-c) · a script file · a web server (-w).
Modules out of the box
The Starlark stdlib (math, json, re, time, string, struct, …) plus
the starpkg domain modules: sys, gum, cmd, email, llm, markdown,
sqlite, web, and an args parser.
Capabilities — secure when you want it
- Open by default: every wired module loads, so scripts just work.
- Tighten on purpose with
--caps safe|network|full(or theSTAR_CAPSenv var)
and the granular--allow-net/--allow-fs/--allow-cmd. - Host command execution (
cmd) is gated alone — never granted by a tier,
not evenfull.
Guardrails
- Execution budgets:
--max-stepsbounds runaway loops,--max-outputcaps
result size. - Classified exit codes:
2syntax ·3compile ·4module-withheld ·
5max-steps ·6output-limit. --checkresolves a script without running it, reporting
file:line:col: message.
Output & I/O
--record <file>saves the complete session transcript (stdout + stderr)
for replay and review.--log-file <file>+--log-format console|jsonroute the scriptlog
module to a file.sys.read()/ lazysys.lines()/sys.isatty()consume piped stdin data.- An
argparse-styleargsmodule (ArgumentParser→add_argument→
parse_args) for the script's own arguments.
Behavior notes
- The capability posture is open by default — sandboxing is opt-in.
- Built on Go 1.25 (gum v0.2.0 / Charm v2).
Built on starbox v0.2.0 · starlet v0.2.2 · gum v0.2.0 · go.starlark.net (ffb3f39 baseline).