Releases: clawborrator/desktop_v1
v0.6.0
Highlights
Adds daemon-side trust-hardening guardrails so a Claude Code session a desktop-share operator grantee spawns on your machine can be confined to a folder root you choose and capped at a session count you choose. The guardrails default off, so single-owner daemons behave exactly as before.
What's new
Two optional fields in ~/.clawborrator/desktop_v1.json:
-
allowed_roots— absolute folder paths CC sessions may spawn under. Asession.createwhose folder does not canonicalize under one of these roots is refused. Without this, anoperatorgrantee can spawn CC in any path on the owner's machine. Recommended for any daemon you intend to share."allowed_roots": ["/home/me/repos", "/home/me/work"]
-
max_concurrent_sessions— cap on alive CC children. Defense in depth."max_concurrent_sessions": 5
Enforced in spawn::precheck_create, the single funnel for create_session, so both the hub-WS session.create op (used by desktop-share grantees) AND the local clawborrator-supervisor new CLI go through the check. Path comparisons canonicalize both sides so symlinks and relative roots compare correctly; a misconfigured root entry is ignored rather than crashing the daemon.
Why this matters
Session sharing exposes an already-running session — the blast radius is that one session. Desktop sharing lets the grantee start new processes on the owner's machine: those run as the owner's OS user, in folders the owner's daemon can reach, on the owner's Claude account. allowed_roots is the recommended hardening for that trust grant. The hub-side feature is in hub_v1 v0.x — DESKTOP-SHARING.md.
Upgrading
Drop in the new binary and restart the daemon. No config migration needed — old configs continue to work as legacy single-owner. Add the two fields manually when you're ready to share.
Commits
ca5e91bDesktop sharing: trust-hardening guardrails for session.create5b16589Bump clawborrator-supervisor to v0.6.0
Full Changelog: v0.5.6...v0.6.0
v0.5.6
Full Changelog: v0.5.5...v0.5.6
v0.5.5
Full Changelog: v0.5.4...v0.5.5
v0.5.4
Full Changelog: v0.5.3...v0.5.4
v0.5.3
Full Changelog: v0.5.2...v0.5.3
v0.5.2
Full Changelog: v0.5.1...v0.5.2
v0.5.1
Full Changelog: v0.5.0...v0.5.1
v0.5.0
Full Changelog: v0.4.0...v0.5.0
v0.4.0
Full Changelog: v0.3.6...v0.4.0
v0.3.6 — prereq-check subcommand + npm/node docs
Patch release. Surfaces the Node.js / npm / npx prereq for Linux installs, plus a new `prereq-check` subcommand to verify your install state.
Why
Operators were hitting a second prereq gap after the `claude` CLI. The supervisor writes a per-session `.mcp.json` whose MCP-server entry is `{"command": "npx", "args": ["-y", "clawborrator-mcp"]}`, so Node.js + npm + npx have to be on PATH on the Linux host. Server boxes don't ship those by default, and the failure mode (CC spawns fine, MCP server hangs) was hard to attribute without journal-diving.
What's new
`clawborrator-supervisor prereq-check` subcommand
Run BEFORE creating your first session:
```sh
$ clawborrator-supervisor prereq-check
Runtime prerequisite check:
[ok] claude /home/mriiot/.local/bin/claude
[missing] npx install: sudo apt install -y nodejs npm # or dnf on fedora/rhel
[missing] npm install: sudo apt install -y nodejs npm
[missing] node install: sudo apt install -y nodejs
3 missing prereq(s). Install them, then re-run this check.
```
Scans $PATH plus `~/.local/bin` (the canonical Claude installer drop) for each tool. Exits 0 when everything's present, 1 otherwise.
README + landing + orchard-chat modal
All three list `claude` AND `nodejs/npm` upfront as Linux prereqs with the install commands. Server installs no longer need to discover prereqs the hard way through 502 errors.
Binaries
- `clawborrator-supervisor-windows-x64.exe` — Windows x64 (~7.4MB)
- `clawborrator-supervisor-linux-x64` — Linux x86_64 ELF (~8.8MB, glibc 2.36+)