Releases: gnana997/crucible
Release list
crucible v0.3.4
Full Changelog: v0.3.3...v0.3.4
crucible v0.3.3
Full Changelog: v0.3.2...v0.3.3
crucible v0.3.2
Full Changelog: v0.3.1...v0.3.2
crucible v0.3.1
Full Changelog: v0.3.0...v0.3.1
crucible v0.3.0
Full Changelog: v0.2.0...v0.3.0
crucible v0.2.0
Full Changelog: v0.1.3...v0.2.0
crucible v0.1.3
Full Changelog: v0.1.2...v0.1.3
crucible v0.1.2
Full Changelog: v0.1.1...v0.1.2
crucible v0.1.1
crucible is a self-hosted Firecracker microVM sandbox for running untrusted AI-generated code — snapshot/fork with clone-safety, default-deny egress, a CLI, and a one-line systemd install. Single Linux/amd64 binary.
What's new in v0.1.1
- Guest networking now works. The native profile images were missing
udev, sosystemd-networkdnever broughteth0up (no DHCP, no network). Fixed (addedudev+dbus);/etc/resolv.confis now written correctly too. - State survives reboots. The daemon work dir / durable registry moved from ephemeral
/tmpto/var/lib/crucible/run. - Smoother install. Complete copy-paste install runbook, clearer next-steps,
install.shdownload-mode fixes, and the one-liner now uses| sudo bash(it's a bash script).
Verified end-to-end on v0.1.1: boot → exec → snapshot → fork with clone-safety → timeouts → OOM → default-deny egress allowlist (allowed host returns 200, non-allowlisted host blocked).
Feature summary (v0.1)
Firecracker microVMs under jailer · snapshot + fork with lazy userfaultfd memory · clone-safety (per-fork RNG / machine-id / hostname) · default-deny hostname-allowlist networking · cgroup + per-request resource limits · native python / node / go / base rootfs profiles · CLI (sandbox / snapshot / fork / run, -o json) · Prometheus /metrics · durable registry with reconcile-on-restart.
Install: see the README.
Status: v0.1 — single-operator, no authentication, loopback-only; not yet hardened for untrusted multi-tenant use (SECURITY.md).
Full Changelog: v0.1.0...v0.1.1
crucible v0.1.0
Full Changelog: https://github.com/gnana997/crucible/commits/v0.1.0