Skip to content

v0.1.0

Pre-release
Pre-release

Choose a tag to compare

View all tags
@github-actions github-actions released this 14 May 00:01
· 4 commits to main since this release
v0.1.0
f8a8bd8

[0.1.0] - 2026-05-13

Highlights

First pre-alpha release of linpodx. This release establishes the Linux-native
container manager, AI-agent sandbox, desktop GUI, remote daemon, plugin system, and
multi-distro foundation that future 0.x releases will harden.

  • Local daemon + Rust CLI + iced GUI over a shared JSON-RPC surface.
  • AI-agent sandbox with approvals, tamper-evident audit log, sessions, snapshots, and bridge controls.
  • GUI passthrough, multi-distro templates, remote daemon security, plugin signing, and cluster scaffolding.
  • Source installer/uninstaller, release artifacts, and a winpodx-style release workflow.

Added — Core

  • Rust workspace with daemon, CLI, GUI, runtime, sandbox, common IPC, distro, MCP, network filtering, plugin, cluster, and web UI crates.
  • Rootless Podman-backed container lifecycle: list, inspect, create, start, stop, remove, pull, logs, exec, and minimum Podman version detection.
  • Unix-socket JSON-RPC daemon with typed IPC envelopes, event notifications, graceful shutdown, structured logging, SQLite migrations, and stable error responses.
  • CLI coverage for containers, images, volumes, networks, snapshots, sessions, MCP bridges, distro environments, passthrough, egress policy, remote daemon access, cluster operations, plugins, K8s operations, and registry workflows.
  • Image, volume, and network management, port mapping, registry push with optional client certificates, multi-arch manifest creation and push, and progress/event streaming.
  • Snapshot lifecycle with async jobs, lineage, diff support, branch aliases, pruning, encryption status, and file-level diff_v2 over OCI layers.
  • Session timelines that merge audit and MCP activity by container, plus table and JSON output across the CLI.
  • Source-based install.sh and uninstall.sh for release/main/local checkout installs, GUI launcher setup, optional helper capability setup, and data-preserving uninstall.

Added — AI sandbox

  • YAML sandbox profiles with network policy, mount whitelist, capability drop/add, CPU and memory caps, read-only rootfs, distro/systemd metadata, passthrough policy, and approval gates.
  • Policy engine that enforces denied mounts, denied capabilities, network-disabled profiles, read-only rootfs, resource caps, and profile reloads before container creation.
  • Tamper-evident audit log with SHA-256 hash chaining, verification command, typed audit events, and event publication.
  • Approval workflow for sensitive operations with request fan-out, timeouts, grant/deny outcomes, CLI listener, and GUI subscription support.
  • MCP host-stdio bridge with allowlists, per-method policy, audit events, lifecycle commands, and session integration.
  • Agent-oriented safety features including pre-run snapshots, rollback support, network allowlists, and isolated runtime configuration.

Added — Multi-distro

  • Distro templates for Ubuntu, Fedora, Arch, Debian, Alpine, and NixOS with default image, init mode, package list, shell, and recommended passthrough.
  • VM-mode lightweight environments with persistent home volumes, auto-restart behavior, systemd support, and --userns=keep-id host UID/GID mapping.
  • Distro CLI and IPC for listing, inspecting, creating, building, entering, and removing managed environments.

Added — GUI

  • iced desktop dashboard with live event subscriptions, reconnect handling, and container/image/volume/network views.
  • Embedded web UI with REST endpoints, legacy fallback, Leptos SPA support, sortable/filterable views, per-row modals, logs view, image push flow, and exec workflows.
  • Interactive PTY support over WebSocket with CLI raw-mode handling and browser terminal integration.
  • GUI/container passthrough support for Wayland, X11, audio, GPU, DBus session bus, clipboard, HiDPI/theme environment, and optional desktop file registration.

Added — Cluster

  • P2P gossip, node liveness transitions, and container view aggregation over the remote transport.
  • Kubernetes read/write adapter for pod, service, namespace, and deployment operations with daemon IPC and CLI commands.
  • Raft-backed leader election, multi-node membership, learner promotion, voter demotion, HTTP Raft transport, and audit events.
  • Replicated cluster state machine for container proposals/removals, state snapshots, install-snapshot restore, and raft-first/fallback container views.

Added — Plugins

  • WASM plugin runtime with approval short-circuiting, audit filters, profile validation, network decisions, runtime injection, and example plugins.
  • Plugin manifest installation path with signed package support, detached signatures, publisher key lookup, unsigned-plugin bypass gate, and audit events.
  • ed25519 signature verification with strict signature checks, key registry search paths, key listing, revocation markers, and revoke/list CLI commands.

Added — Remote

  • WebSocket remote daemon transport with bearer authentication, browser-friendly query-token fallback, first-frame fallback, and subprotocol bearer support.
  • mTLS remote daemon mode, certificate generation command, server/client certificate loading, and client common-name extraction.
  • Client certificate pinning with SQLite persistence, add/list/remove commands, audit events, and TOFU auto-enrollment with count and time-window controls.

Security

  • Seccomp OCI JSON and AppArmor profile compilation, SELinux dynamic and static label flows, runtime fallback option, and security option propagation into Podman.
  • L4 egress firewall helper with nftables enforcement and DNS-based egress allowlist support.
  • Snapshot at-rest encryption using AES-256-GCM, passphrase/raw-key sources, ciphertext hashing, side-car metadata, and decrypt/load path.
  • Supply-chain controls for plugin signing, key revocation, cargo audit, cargo deny, license policy, and exact pinning for selected crypto dependencies.
  • Remote hardening with mTLS, bearer token handling, client certificate pinning, TOFU expiry, and detailed audit events for accepted/rejected paths.

Performance

  • Live container metrics via podman stats with GUI sparkline support.
  • Criterion benchmark tooling, per-platform benchmark baselines, Linux x86_64 and Linux ARM64 CI coverage, and comparison scripts for regression checks.
  • Async snapshot jobs and streaming operations keep long-running runtime work off the interactive control path.

Changed

  • MSRV: 1.85 (was 1.83).
  • CI tests the stable toolchain and Rust 1.85 baseline.
  • Release notes are organized by user-visible capability area, with phase-level development notes kept below as pre-release history.

Documentation

  • README, install guide, release process, contribution guide, security policy, code of conduct, architecture notes, ADRs, scenarios, example profiles, and Korean documentation coverage.
  • README reorganized around quick install, launch, feature matrix, workflows, architecture, supported distros, and testing.
  • Example sandbox profiles for GUI passthrough, distro environments, strict MCP policy, interactive mount approvals, and signed/unsigned plugin workflows.

Testing

  • cargo test --workspace: 829 passed / 0 failed / 54 ignored.
  • 883 total tracked tests including ignored live integration coverage.
  • Pre-release integration coverage spans container, image, volume, network, approval, event, sandbox, snapshot, session, MCP, distro, passthrough, egress, K8s, cluster, remote, plugin, and encryption flows.
Assets 7
Loading