What's Changed
- feat: more sensitive files & allow read global by @weidankong in #6067
- chore: bump version to 2.0.0post2 by @cuiyuebing in #6070
- test(unit): runtime/security/install regression tests — PR-A4 by @hanson-hex in #5813
- feat(chat): update action configuration to disable replace and set ri… by @zhijianma in #6072
- chore: fix error in workflow by @rayrayraykk in #6073
- fix(doctor): use readiness endpoint in doctor by @wananing in #6053
- fix: ASK user for permissionfor sudo by @weidankong in #6079
- feat(chat): add chat archiving by @zhijianma in #6078
- fix(governance): bridge frontend tool-guard rules into policy deep scan by @vanwaals in #6063
- fix(sandbox): preserve venv PATH in shell execution by @fancyboi999 in #6081
- fix(goal): clean up stale session after goal completion by @rayrayraykk in #6086
- fix: use standard truncation hint for scroll-capped tool results by @niceIrene in #5953
- fix(cli): prevent TUI crash when clicking streaming output by @ekzhu in #6069
- perf(scroll): batch session history migration writes by @niceIrene in #6021
- feat(sandbox): add restricted token based windows sandbox by @ustc-mkh in #5931
- feat(approval): use toolSource instead of executionLevel to control Always Allow button by @zhijianma in #6095
- fix(goal): reset stop gates on /new and /clear commands by @rayrayraykk in #6094
- fix(download_catalog): handle gzip-encoded JSON responses in _fetch_json function by @zhijianma in #6106
- feat(memory): improve ReMe reliability, observability, and CJK embedding safety by @jinliyl in #6098
- fix(governance): honor sandbox_enabled switch in OFF-mode sandbox path by @vanwaals in #6109
Full Changelog: v2.0.0.post1...v2.0.0.post2