github always-further/nono v0.18.0
on GitHub

latest releases: v0.46.0, v0.45.0, v0.44.0...
one month ago

What's Changed

  • feat(profile): add composable policy patch configuration by @lukehinds in #351
  • feat: add default profile with base group configuration by @lukehinds in #352
  • fix: inject nono sandbox instructions via Claude Code system… by @lukehinds in #354
  • feat(policy): add extends field to embedded profiles by @lukehinds in #355
  • feat(policy): use default profile groups for runtime policy resolution by @lukehinds in #356
  • feat(policy): deprecate security.trust_groups in favor of policy.exclude_groups by @lukehinds in #357
  • refactor(policy): deprecate base_groups in favor of default profile by @lukehinds in #358
  • refactor(policy): remove deprecated base_groups and trust_groups fields by @lukehinds in #359
  • refactor(supervisor): remove never_grant in favor of protected roots by @lukehinds in #360
  • fix(exec): prevent implicit cwd access under restrictive profiles by @lukehinds in #363
  • fix(config): remove hardcoded dangerous commands list by @lukehinds in #366
  • feat(capability): remove exact file caps when deny patch overrides grant by @lukehinds in #367
  • fix(policy): honor excluded dangerous command groups for direct exec by @lukehinds in #368
  • fix(main): move cwd resolution before pre-fork sandbox setup by @lukehinds in #370
  • fix: change CI release to ubuntu 22 by @lukehinds in #373
  • feat(macos): gate open shim installation behind launch services flag by @lukehinds in #374
  • docs(profiles-groups): expand built-in profiles and add policy overri… by @lukehinds in #376
  • feat(profile): add profile-level override_deny for deny group exceptions by @lukehinds in #380
  • feat(cli): add nono policy introspection subcommand by @lukehinds in #382
  • feat(policy): extract git config paths into reusable group by @lukehinds in #383
  • feat(cli): add nono profile scaffolding and authoring tooling by @lukehinds in #385
  • refactor(setup): move banner printing to main.rs by @lukehinds in #386
  • fix(hooks): use resolved path in capability display by @lukehinds in #387
  • feat(trust): skip well-known heavy directories in instruction file walk by @lukehinds in #388
  • docs(profiles): simplify group-based profile creation guide by @lukehinds in #390
  • feat: restyle --help output with grouped sections and bold headings by @scp7 in #345
  • fix: remove linux warns and LandLock info by @lukehinds in #392

Full Changelog: v0.17.1...v0.18.0

Check out latest releases or
releases around always-further/nono v0.18.0

Don't miss a new nono release

NewReleases is sending notifications on new releases.

Get notifications