Skip to content

v0.12.0

Choose a tag to compare

View all tags
@clemlesne clemlesne released this 20 Feb 17:53
· 321 commits to main since this release
v0.12.0
e7bfbef

Breaking Changes

  • Resource-aware admission replaces max_concurrent_vms -- Fixed semaphore removed from all APIs (SchedulerConfig, Settings, CLI -j flag). New ResourceAdmissionController auto-detects host capacity (cgroup v1/v2 > psutil) with three gates: memory budget (1.5x overcommit), CPU budget (4.0x overcommit), and optional available-memory floor. MAX_MEMORY_MB cap (2048) removed -- VMs limited only by host resources.
  • warm_pool_size=0 now means disabled -- No longer falls back to 25% of max_concurrent_vms.

Security

  • REPL drops to UID 1000 -- Guest-agent stays root (PID 1), but REPL subprocess runs as uid/gid=1000, blocking mount(2), ptrace, raw sockets, and kernel module loading. Security architecture updated from 7 to 8 layers.
  • Remove /dev/mem, /dev/kmem, /dev/port at boot in tiny-init. Harden /dev/shm with nosuid|nodev|noexec.

Features

  • Cgroup-aware capacity detection -- Auto-detects container memory/CPU limits (v1 + v2). Graceful degradation to unlimited if probes fail.
  • Resource monitor -- Background task logging live per-VM resource usage (cgroup on Linux, psutil on macOS). Observability only.
  • Multiprocessing with cloudpickle -- Python REPL patches ForkingPickler with cloudpickle for exec()-defined functions. Forces fork start method (Python 3.14 defaults to forkserver which hangs). Namespace changed to __main__.__dict__ for pickle compatibility. cloudpickle==3.1.2 pre-installed in VM image.
  • TypeScript in JS REPL -- Bun transpiler loader changed from 'js' to 'ts' (TS superset of JS).
  • Bash replaces busybox ash for raw shell -- fixes arrays, process substitution, [[ ]], here-strings, traps. /dev/fd symlinks added in tiny-init.

Bug Fixes

  • timeout_seconds=0 rejected instead of silently using default (both Scheduler.run() and Session.exec())
  • memory_mb validated before acquiring resources (not after QEMU fails)
  • Int-to-str 4300-digit limit disabled (PYTHONINTMAXSTRDIGITS=0, safe under sandbox timeout/output caps)
  • Pydantic ValidationError wrapped as EnvVarValidationError in execute()
  • str | Language accepted in public API (run(), session())
  • README fixes -- read_file() API, bare package examples, concurrency docs

Tests

27 streaming callback tests, multiprocessing pool, non-root REPL enforcement, device security, int-to-str digits, 566-line admission controller suite, resource monitor, cgroup v1/v2 detection, TypeScript persistence in sessions, bash features (arrays, traps, process substitution, regex, here-strings).

Assets 2
Loading