Skip to content

Captain 0.1.0-alpha.1

Pre-release
Pre-release

Choose a tag to compare

@Vivien83 Vivien83 released this 14 Jul 13:30

Captain 0.1.0-alpha.1

Captain's first public early-access release packages the release-grade core as
a self-hosted Rust daemon with durable sessions, guarded tool execution,
bounded memory, projects and automation, isolated agents, and authenticated
Control/API/channel surfaces.

Install

macOS, Linux, and VPS:

curl -fsSL https://github.com/Vivien83/captain/releases/download/v0.1.0-alpha.1/install.sh \
  | CAPTAIN_VERSION=v0.1.0-alpha.1 bash

Docker (linux/amd64 and linux/arm64):

docker pull ghcr.io/vivien83/captain-agent-os:v0.1.0-alpha.1

The release also contains an x86_64-pc-windows-msvc CLI zip. Every host
archive has a SHA-256 sidecar and platform manifest; manifest.json covers all
five targets.

Highlights

  • Conversations are durable, automatically named, and reopenable across Web
    Control, TUI, CLI, API, and the frozen Desktop wrapper.
  • Detached tool work survives interruption as inspectable state. Independent
    read-only operations may run concurrently; dependencies stay ordered.
  • Agent-as-service provisioning prepares authenticated ingress automatically
    and reports exactly what remains before signed egress callbacks are ready.
  • Codex catalog updates are detected in the background, but model changes
    always require an explicit decision and session strategy.
  • Approval gates, capability scopes, budgets, loop guards, snapshots, audit
    chaining, runtime health, and bounded shutdown behavior constrain autonomy.
  • The public source tree is secret-scanned, stripped of maintainer-only paths
    and history, and published with manual-only GitHub Actions.
  • Local release builds execute every macOS and Linux binary before packaging,
    reject compiled-version drift, and verify macOS ad-hoc signatures.

Alpha notice

This is a prerelease. Keep backups, review granted capabilities, and do not use
it for critical workloads. macOS binaries are ad-hoc signed but not
Apple-notarized; the Windows CLI is not Authenticode-signed. Verify the
published SHA-256 sidecar and expect an explicit operating-system approval on
first launch.

Captain binds to loopback by default. For remote access, configure Captain
authentication and place it behind HTTPS; never expose an unauthenticated
daemon directly to the Internet.

The presentation site is intentionally not part of this public repository or
release.