Skip to content

Releases: vlune/selena

v0.1.1-rc2

11 Jun 18:46
@github-actions github-actions
v0.1.1-rc2
34c5c3c

Choose a tag to compare

View all tags
v0.1.1-rc2 Latest
Latest

Selena v0.1.1 — Pre-built binaries, security hardening & CI

The headline: you no longer need the Rust toolchain. This release ships
pre-built binaries for five platforms, alongside safer defaults, SSRF
protection, and a context-compaction correctness fix.

Pre-built binaries

First release with downloadable binaries — grab one below for:

  • Linux x86_64 / aarch64
  • macOS Intel / Apple Silicon
  • Windows x86_64

Verify downloads against SHA256SUMS. TLS now uses rustls instead of
OpenSSL, so the binaries are fully standalone — no system libssl required.

Security

  • auto_accept now defaults to false. Tools that require confirmation
    no longer run without explicit operator opt-in. Set "auto_accept": true
    in agent.json to restore the old behavior.
  • SSRF protection for webfetch. The built-in fetch tool now blocks
    loopback, RFC1918 private ranges, and link-local addresses including cloud
    metadata (169.254.0.0/16) — with DNS resolution vetting against
    rebinding, IPv4-mapped IPv6 unwrapping, and manual redirect handling with
    per-hop validation and DNS pinning. Local development can opt out via the
    webfetch allowlist settings.

Correctness

  • Context compaction can no longer drop in-flight messages. Compaction
    now guarantees the system prompt, the most recent user message, and
    everything after it survive — enforced inside ContextManager itself, so
    every caller is protected. Covered by new invariant tests.

Tooling & CI

  • GitHub Actions CI on Ubuntu, macOS, and Windows: cargo fmt --check,
    clippy -D warnings, and the full test suite — green on all three.
  • Live-endpoint tests are #[ignore]d in CI; run locally with
    cargo test -- --ignored against a running Ollama.
  • Repo hygiene: stripped UTF-8 BOMs, normalized line endings to LF,
    deterministic formatting via rustfmt.toml.

Internal

  • Replaced OpenSSL with rustls across the dependency tree.
  • Split the 1,600-line command tool into focused modules
    (platform / spawn / streaming / types) with no behavior change.
  • ~400 tests passing in CI.

Full Changelog: v0.1.1...v0.1.1-rc2

Assets 8
Loading

Selena Core v0.1.1 Released

11 Jun 16:31
@vlune vlune
v0.1.1
a941bb3
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Selena Core v0.1.1 Released

Selena v0.1.1 — Security hardening & CI

This release focuses on safe defaults, SSRF protection, a context-compaction
correctness fix, and continuous integration across all three platforms.

Security

  • auto_accept now defaults to false. Tools that require confirmation
    no longer run without explicit operator opt-in. Set "auto_accept": true
    in agent.json to restore the old behavior.
  • SSRF protection for webfetch. The built-in web fetch tool now blocks
    loopback (127.0.0.0/8, ::1), RFC1918 private ranges, and link-local
    addresses including cloud metadata (169.254.0.0/16) — with DNS resolution
    vetting to defeat rebinding, IPv4-mapped IPv6 unwrapping, and manual
    redirect handling with per-hop validation and DNS pinning so redirects
    cannot escape the blocklist. Local development can opt out via
    webfetch.allow_private_network or per-host webfetch.allow_hosts.

Correctness

  • Context compaction can no longer drop in-flight messages. Compaction
    now guarantees the system prompt, the most recent user message, and all
    messages after it survive, enforced inside ContextManager itself so every
    caller is protected. Covered by new invariant tests.
  • Restored/verified Unix process-group handling in the command tool after the
    module refactor.

Tooling & CI

  • GitHub Actions CI on ubuntu, macos, and windows: cargo fmt --check,
    cargo clippy --workspace --all-targets -- -D warnings, and
    cargo test --workspace — all green on all three platforms.
  • Live-endpoint tests (ollama_smoke) are #[ignore]d in CI; run them
    locally with cargo test -- --ignored against a running Ollama.
  • Repository hygiene: stripped UTF-8 BOMs, normalized line endings to LF via
    .gitattributes, added rustfmt.toml (newline_style = "Unix").

Internal

  • Split the 1,600-line command.rs into focused modules
    (platform / spawn / streaming / types) with no behavior change.
  • Test suite grown to ~400 tests passing in CI.

Full Changelog: v0.1.0...v0.1.1

Loading

Selena Core v0.1.0 Released

02 Jun 17:08
@vlune vlune
v0.1.0
328264b

Choose a tag to compare

View all tags
Selena Core v0.1.0 Released

Initial public release.

Features:

  • Tool registry
  • Tool calling
  • Skill loading
  • Context management
  • Session memory
  • JSON-based agent configuration

Full Changelog: https://github.com/vlune/selena/commits/v0.1.0

Loading