harald/zeroclaw
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3
zeroclaw/CHANGELOG.md

2.6 KiB
Raw Blame History

Changelog

All notable changes to ZeroClaw will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

Security

  • Legacy XOR cipher migration: The enc: prefix (XOR cipher) is now deprecated. Secrets using this format will be automatically migrated to enc2: (ChaCha20-Poly1305 AEAD) when decrypted via decrypt_and_migrate(). A tracing::warn! is emitted when legacy values are encountered. The XOR cipher will be removed in a future release.

Added

  • SecretStore::decrypt_and_migrate() — Decrypts secrets and returns a migrated enc2: value if the input used the legacy enc: format
  • SecretStore::needs_migration() — Check if a value uses the legacy enc: format
  • SecretStore::is_secure_encrypted() — Check if a value uses the secure enc2: format

Deprecated

  • enc: prefix for encrypted secrets — Use enc2: (ChaCha20-Poly1305) instead. Legacy values are still decrypted for backward compatibility but should be migrated.

0.1.0 - 2026-02-13

Added

  • Core Architecture: Trait-based pluggable system for Provider, Channel, Observer, RuntimeAdapter, Tool
  • Provider: OpenRouter implementation (access Claude, GPT-4, Llama, Gemini via single API)
  • Channels: CLI channel with interactive and single-message modes
  • Observability: NoopObserver (zero overhead), LogObserver (tracing), MultiObserver (fan-out)
  • Security: Workspace sandboxing, command allowlisting, path traversal blocking, autonomy levels (ReadOnly/Supervised/Full), rate limiting
  • Tools: Shell (sandboxed), FileRead (path-checked), FileWrite (path-checked)
  • Memory (Brain): SQLite persistent backend (searchable, survives restarts), Markdown backend (plain files, human-readable)
  • Heartbeat Engine: Periodic task execution from HEARTBEAT.md
  • Runtime: Native adapter for Mac/Linux/Raspberry Pi
  • Config: TOML-based configuration with sensible defaults
  • Onboarding: Interactive CLI wizard with workspace scaffolding
  • CLI Commands: agent, gateway, status, cron, channel, tools, onboard
  • CI/CD: GitHub Actions with cross-platform builds (Linux, macOS Intel/ARM, Windows)
  • Tests: 159 inline tests covering all modules and edge cases
  • Binary: 3.1MB optimized release build (includes bundled SQLite)

Security

  • Path traversal attack prevention
  • Command injection blocking
  • Workspace escape prevention
  • Forbidden system path protection (/etc, /root, ~/.ssh)