Skip to content

Zeus v1.0.0-alpha.3 — dogfood hardening

Latest

Choose a tag to compare

@Merchantlee99 Merchantlee99 released this 12 Jun 06:51

Fixed

  • Treat sensitive filesystem reads as governed actions: .env, private-key, cloud credential, SSH, and secret-like paths now force an ASK before content can be exposed through fs.read.
  • Extended Hermes and proxy tool mapping for web aliases such as web_extract, fetch_url, extract_url, and browser_navigate so they resolve to web.fetch instead of falling through to conservative host.tool.*.
  • Reduced dogfood false positives for read-only diagnostics: path-qualified Python binaries, versioned python3.x, safe python -m pip read-only commands, and Zeus module probes now classify as read-only when appropriate.

Added

  • zeus status now separates standing grants, replay authorizations, approval queue state, and the operator inbox so active authority is not confused with resolved approval history.
  • Replay authorization rows are queryable from the control-plane store for status and cockpit surfaces.

Evidence

  • ruff clean.
  • Product test suite passed without private live-host eval files: .venv/bin/python -m pytest --ignore=tests/test_live_host_eval_tree.py passed: 1915 tests.
  • Editable install smoke passed: zeus-agent 1.0.0a3.
  • Fresh zeus status smoke rendered grant_inventory, approval_queue, and operator_inbox.

Private live-host eval scaffolding is intentionally not included in this release.