Skip to content

Vigils v0.1.32

Choose a tag to compare

View all tags
@github-actions github-actions released this 07 Jun 18:00
· 26 commits to main since this release
v0.1.32
0b29eee

The audit checkpoint anchor (v0.1.31) now activates automatically.

Changed

  • The gateway auto-anchors the audit chain on shutdown. v0.1.31 added vigil-hub checkpoint
    to anchor the tamper-evident ledger against a full-chain rewrite, but a turnkey user (who runs
    setup --all / setup --mcp and never invokes it by hand) would never have an anchor — leaving
    that protection inert for them. Now vigil-hub serve and vigil-hub wrap emit a checkpoint
    automatically when the gateway shuts down, so every agent session leaves an anchor without any
    manual step. It's best-effort and never blocks shutdown (the write runs on a separate thread with
    a 5-second bound, so a wedged or network filesystem can't stall exit), writes only when there are
    new events, and prints to stderr (never the MCP channel). Run vigil-hub verify any time to check
    both chain-internal consistency and the anchors. (To fully close the threat, keep the
    <ledger>.checkpoints file append-only or synced offsite — see ADR 0020.)

中文

审计 checkpoint 锚点(v0.1.31)现在自动生效。

变更

  • 网关在关闭时自动锚定审计链。 v0.1.31 加入了 vigil-hub checkpoint 来把防篡改账本锚定起来、
    对抗整链重写,但 turnkey 用户(只跑 setup --all / setup --mcp、从不手动调用)永远不会有锚点
    —— 那项保护对他们形同虚设。现在 vigil-hub servevigil-hub wrap 在网关关闭时自动 emit 一个
    checkpoint,于是每次 agent 会话都会自动留下锚点,无需任何手动步骤。它是 best-effort、绝不阻断
    关闭    (写操作在独立线程上跑、有 5 秒上界,wedged 或网络文件系统也卡不住退出),仅在有新事件时才写,
    且输出到 stderr(绝不污染 MCP 通道)。随时可跑 vigil-hub verify 校验链内一致性 + 锚点。(要完全
    闭合该威胁,请把 <ledger>.checkpoints 文件设为 append-only 或异地同步 —— 见 ADR 0020。)

Downloads — which file do I want?

  • Desktop app (most users): the installer for your OS — Windows Vigils_*_x64-setup.exe (or .msi), macOS Vigils_*.dmg, Linux .AppImage / .deb / .rpm. Gives you the GUI: Activity Feed, Approval Queue, Server Registry.
  • CLI gateway (put Vigils in front of an AI agent — Claude Code / Codex / Cursor / Zed): vigils-cli-<platform> (contains vigil-hub + vigil-native-host). This is the MCP proxy your agent connects to.
  • Browser extension (guard pasting/typing secrets into AI web apps, Chrome MV3): vigils-chrome-extension.zip — unzip, then load unpacked at chrome://extensions.
  • The .sig and Vigils.app.tar.gz files are desktop auto-updater artifacts — you do not need to download them.

New here? Full setup & agent-integration guide: https://duncatzat.github.io/vigils

Early releases are unsigned; your OS may show a Gatekeeper / SmartScreen prompt on first run.

Apache-2.0 · https://vigils.ai · Full changelog

Assets 22
Loading