Skip to content

zy v1.0.46

Latest

Choose a tag to compare

@iskandarputra iskandarputra released this 14 Jun 08:53

Official binary release for zy 1.0.46.

What's changed in 1.0.46

Added

  • An interactive audit browser with analytics. Running audit on a
    terminal opens a full-screen, mouse-driven viewer of the command ledger.
    A List view: scrollable rows with risk badges and exit codes, a detail
    strip, live / search, risk and failed-only filters, in-place chain
    verification that jumps to any broken sequence, and JSON export of the current
    view. An Analysis dashboard: totals, failure rate, risk breakdown bars,
    top programs, and per-day activity. Enter (or a second click) opens a
    deep-detail overlay with every field and the full entry/prev hashes. Mouse
    wheel scrolls, clicks select and switch tabs. Scripts and zy -c audit still
    print the text status.

  • audit list and pipeable audit output. audit list [N], audit search,
    and audit risk now emit a structured table instead of plain text, so the
    ledger flows through the pipeline: audit list 500 | where exit != 0,
    audit list | where risk == destructive, audit list 50 | to csv. audit is
    now a data-aware builtin, so it stays in-process across a pipe.

  • audit prune and automatic retention with a size cap. audit prune [--days N] [--vacuum] trims old entries and optionally reclaims disk space;
    the oldest contiguous prefix is removed so the surviving chain still verifies
    from its new genesis. The shell auto-prunes once a day to [audit] retention_days (default 30) and [audit] max_entries (default 50000),
    whichever is stricter, so the database stays bounded even under heavy use
    (0 disables either limit).

  • policy rules now persist, and there's a manager TUI. Rules added with
    policy add are saved to ~/.zy/policy.conf and auto-load at startup, so they
    survive a restart (previously they vanished unless you passed --policy FILE
    every launch). New subcommands: policy remove/enable/disable <n>,
    policy save, policy test <cmd> (shows whether a command is allowed and
    which rule matched), and add now takes rate:N / priority:N. policy list
    emits a table, so policy list | where action == deny works. Running policy
    on a terminal opens a full-screen manager: a live test field (type a command,
    see allow/deny against the rules), action badges, toggle/remove, a
    restricted-mode switch, mouse + keyboard.

  • z/zi now learn the directory a terminal opens in. Before, a directory
    only entered the frecency database when you actively cd into it, so a shell
    started directly inside a project (an IDE or file manager "open terminal here",
    a new tmux or split pane) was invisible to z and zi until you navigated
    somewhere and back. The interactive shell now records its startup directory on
    launch. zy -c and scripts still do not touch the database.

Changed

  • Audit logging is now opt-in (off by default). It used to run for everyone
    and grow silently (multi-hundred-MB ledgers were common). It is a
    team/server/compliance feature, so it now stays off until you set [audit] enabled = true in ~/.zy/config.toml. A ledger you already collected stays
    readable, verifiable, and prunable after you disable it; audit with nothing
    to show points you at the switch. (--no-audit still force-disables.)
  • audit status now shows the DB size and retention window, and audit verify pinpoints the break. Verification used to just say pass/fail; it now
    reports the exact sequence number and reason (hash mismatch vs broken link)
    when the chain is bad. audit.sqlite-wal is also truncated on a clean exit so
    it stops accumulating across many shells.
  • customize's pill-shape pickers now preview the full prompt, and honor your
    merge setting.
    The Library and Mix & Match tabs used to show a fixed two-pill
    mock that always looked un-merged, no matter how your prompt was actually set
    up. They now render the same three-pill sample prompt the main menu shows, using
    the highlighted shape and your live "Merge pills" setting, so a merged ribbon
    previews as a connected ribbon and separate caps preview as separate caps.

Fixed

  • A cd visit could be silently dropped under concurrent-shell contention.
    The frecency write-through ignored SQLite's return code, so if a write lost the
    WAL lock past the busy timeout (common when several zy shells run at once), the
    visit vanished with no error. It now retries the write a few times before
    giving up.
  • jump.sqlite-wal no longer creeps up to its 4MB checkpoint threshold and
    stays there.
    With many long-lived shells the default passive auto-checkpoint
    kept losing the race to a concurrent reader, leaving a multi-megabyte WAL over a
    table of a dozen rows. The shell now truncates the WAL back into the main
    database on a clean exit.

Verify your download

curl -LO https://github.com/iskandarputra/zyshell/releases/download/v1.0.46/zy_1.0.46_amd64.deb
curl -LO https://github.com/iskandarputra/zyshell/releases/download/v1.0.46/SHA256SUMS
curl -LO https://github.com/iskandarputra/zyshell/releases/download/v1.0.46/SHA256SUMS.minisig
curl -LO https://github.com/iskandarputra/zyshell/releases/download/v1.0.46/zy-release.pub

minisign -Vm SHA256SUMS -p zy-release.pub      # confirms maintainer signature
sha256sum -c SHA256SUMS --ignore-missing       # confirms the .deb hash matches

Full signing policy: docs/ops/RELEASE_SIGNING.md

VirusTotal scan

This release was uploaded to VirusTotal at publish time. Click through to see the live verdict from 65+ AV engines:

https://www.virustotal.com/gui/file/2c18944d3fc262e8564e494c943f74d16480a84ed18256d755189cf31db377e9/detection

(Scans run within ~5 minutes of upload. If the page shows "Item not found", wait a moment and refresh.)

Try without installing

docker run --rm -it ghcr.io/iskandarputra/zyshell:1.0.46

Install (Debian / Ubuntu)

Download zy_1.0.46_amd64.deb from the assets below, then:

sudo dpkg -i zy_1.0.46_amd64.deb
sudo apt-get install -f