v0.8.2

What's Changed

• Remove overlayfs COW and branchfs backend + CLI fixes by @congwang-mk in #73
• Add riscv64 architecture support by @congwang-mk in #60
• core: error on missing chroot path instead of silently dropping confinement by @congwang-mk in #79
• core: fail closed on three confinement-path fail-open bugs by @congwang-mk in #80
• handler: add deferred off-loop dispatch and inject_bytes content injection (core, FFI, Python) by @congwang-mk in #77

Full Changelog: v0.8.1...v0.8.2

v0.8.1

What's Changed

• Replace ambient nesting detection with explicit no_supervisor opt-in by @congwang-mk in #64
• seccomp: fall back to NEW_LISTENER on kernels without WAIT_KILLABLE_RECV by @dzerik in #63
• python: make PEP 585/604 annotations parse on 3.8 and 3.9 by @congwang-mk in #70
• Virtualize /etc/hosts: always-on, image-seeded, leak-proof shim by @congwang-mk in #69

Full Changelog: v0.8.0...v0.8.1

v0.8.0

What's Changed

• policy_fn: extend execve argv freeze to peer processes (#27) by @congwang-mk in #33
• network: replace net_allow_hosts/net_connect with unified net_allow (#32) by @congwang-mk in #34
• feat(seccomp): ExtraHandler — user-supplied syscall handlers by @dzerik in #20
• argv-safety: register children at fork time by @congwang-mk in #35
• net-allow: support * in port position for any-port wildcard by @congwang-mk in #37
• feat(seccomp): Handler trait + IntoIterator-shaped run_with_extra_handlers (Follow-up A) by @dzerik in #36
• Make syscall policy explicit; rename deny to blocklist by @congwang-mk in #38
• test: switch /etc probe from /etc/os-release to /etc/group by @congwang-mk in #39
• netlink: deny socket families outside a small allowlist by @congwang-mk in #40
• net_allow: scheme-prefixed rules with per-protocol destination filtering by @congwang-mk in #41
• Sectioned profile schema and Sandbox API consolidation by @congwang-mk in #42
• sandbox: split spawn() into create()/start() for OCI-style lifecycle by @congwang-mk in #45
• feat(ffi): C ABI for the Handler trait (RFC #43) by @dzerik in #44
• core: restore port-remap transparency and tighten bind path by @congwang-mk in #48
• core: drain seccomp notifications via AsyncFd, remove per-sandbox blocking thread by @congwang-mk in #50
• test: use spawn() in pause/resume tests to avoid thread race by @congwang-mk in #51
• ffi: fix sandlock_spawn failure under multi-threaded callers with restricted seccomp (#47) by @congwang-mk in #49
• feat(python): Handler wrapper on the C ABI (RFC #43) by @dzerik in #46
• core: add Sandbox::spawn() that awaits execve completion by @congwang-mk in #52
• mcp: import-by-entrypoint tool execution and injected workspace param by @congwang-mk in #55
• feat(python): ergonomic layer — read_path + 4 presets + dedicated docs page by @dzerik in #54
• Fix Landlock path rules on non-directory paths (files, devices, FIFOs) by @congwang-mk in #57
• Fix COW statx and execve for files in the upper layer by @congwang-mk in #58
• Resolve thread-group leader in dup_fd_from_pid for pre-6.9 kernels by @congwang-mk in #59
• Rename run_with_extra_handlers to run_with_handlers by @congwang-mk in #56

New Contributors

• @dzerik made their first contribution in #20

Full Changelog: v0.7.0...v0.8.0

v0.7.0

What's Changed

• netlink: virtualize NETLINK_ROUTE as loopback-only view by @congwang-mk in #15
• Add Linux arm64 sandbox runtime support by @gokwok in #19
• ci: run rust and python tests on arm64 runners by @congwang-mk in #22
• net: block legacy socket ioctls and virtualize /proc/net by @congwang-mk in #23
• supervisor: unify per-process lifecycle and bundle per-process state by @congwang-mk in #24
• ci: pin release build to ubuntu-22.04 for older glibc compat by @congwang-mk in #26
• seccomp: cap dirent/BPF size, seal injected memfds (#13) by @congwang-mk in #25
• seccomp: audit and harden Continue-site safety (issue #27) by @congwang-mk in #28
• policy_fn: drop path strings, keep argv via sibling-thread freeze (#27) by @congwang-mk in #29
• release: build aarch64 Linux binaries and wheels (#21) by @congwang-mk in #30

New Contributors

• @gokwok made their first contribution in #19

Full Changelog: v0.6.0...v0.7.0

v0.6.0

Full Changelog: v0.5.0...v0.6.0

v0.5.0

Full Changelog: v0.4.8...v0.5.0

v0.4.8

Full Changelog: v0.4.7...v0.4.8

v0.4.7

Full Changelog: v0.4.6...v0.4.7

v0.4.6

Full Changelog: v0.4.5...v0.4.6

v0.4.5

Full Changelog: v0.4.4...v0.4.5