Skip to content

Releases: arcboxlabs/arcbox

v0.4.16

Choose a tag to compare

@arcbox-labs arcbox-labs released this 02 Jul 02:06
3b7516c

0.4.16 (2026-07-01)

Features

  • core: define VmLifecycle statig HSM (states/superstate/events/effects) (8f02e34)

Bug Fixes

  • core: guard lifecycle actor against stale completions and blocking removal (4c1c42f)
  • core: start persisted machines without recreate after daemon restart (fddd45c)

Code Refactoring

  • core: drive VmLifecycleManager via a statig lifecycle actor (2c5cc85)

Miscellaneous Chores

  • core: add statig(async) state-machine dependency (c3407f5)

v0.4.15

Choose a tag to compare

@arcbox-labs arcbox-labs released this 01 Jul 21:45
8b13b5c

0.4.15 (2026-07-01)

Features

  • docker: reconcile host networking against guest container state (5a9bb29)
  • docker: refresh host DNS on network connect/disconnect (cebd282)
  • fleet: Docker-based Linux runner support (4d66d34)
  • fleet: verify docker by pulling the runner image at startup (51557fb)

Bug Fixes

  • core,docker: address adversarial-review findings on the proxy series (4b57fbf)
  • docker: harden proxy edge paths (4df8daf)
  • docker: only tear down host networking on a terminating kill signal (b6d3ae9)
  • docker: proxy method-mismatched /containers/{id} instead of 405 (f7b6e9a)
  • fleet: admit jobs per capacity pool to match gateway reservation (3605e14)
  • fleet: always route linux jobs through Docker for isolation (2a5e6b5)
  • fleet: connect to ArcBox socket on macOS, fix comments (33c953d)
  • fleet: don't probe docker during enrollment (baff099)
  • fleet: remove orphaned container before reusing its name (e34be79)
  • fleet: use pullable actions-runner image as default (e5578c4)

Performance Improvements

  • core,docker,daemon: resolve teardown IDs from a host registry (91620cb)

Code Refactoring

  • docker,daemon: consolidate guest dockerd queries (93985d7)
  • docker: classify guest transport errors; gate readiness invalidation (a683af5)
  • docker: move proxy transport state into proxy/state.rs (f928469)
  • docker: share the proxy pool with the host reconciler (5bf19de)
  • fleet: drop max_concurrent from DockerCapabilities (7d6fa7b)
  • fleet: replace DockerCapabilities with plain arch list (b877391)

Tests

  • docker: handler-path API tests that run in CI (8c19580)
  • docker: mock-guest canned routes for offline handler tests (c9f41a8)
  • docker: router-level routing coverage that runs in CI (8600087)

Styles

  • docker: rustfmt kill-signal gate tests (c18648f)

v0.4.14

Choose a tag to compare

@arcbox-labs arcbox-labs released this 01 Jul 00:18
adab2e6

0.4.14 (2026-07-01)

Features

  • core,vmm,docker: switchable HV/VZ backend for a single System VM (a7362d2)
  • fleet: cross-platform runner agent skeleton (f7e8113)
  • fleet: read enrollment token from file or stdin, not just argv (8906c39)
  • fleet: stop runners cleanly on SIGTERM/SIGINT (659d7b4)

Bug Fixes

  • core: address backend-switch review findings (a0cd06b)
  • core: commit switched backend durably last; correct switch docs (515ea6b)
  • core: ensure System VM is running on a same-backend switch (8e4789d)
  • docker: drain guest connection pool on System VM restart (3243401)
  • docker: invalidate proxy readiness on System VM restart (cc72404)
  • docker: reset proxy endpoint via VM incarnation, not an async event (8b11b45)
  • fleet: create credential temp file 0600 from the start (54a7ef8)
  • fleet: kill the whole runner process group on cancel (329afd3)
  • fleet: make ProvisionRunner handling idempotent on job_id (3196ab6)
  • fleet: persist runner supervisor across attach reconnects (ef30bee)
  • fleet: reconnect backoff reset, reject max_concurrent=0, atomic credential write (9a7c96b)
  • fleet: refuse insecure credential storage on non-Unix (add1fdf)
  • xtask: use non-colliding xtask-kit package (#344) (8fb7d35)

Documentation

  • fleet: sync vendored proto + correct enroll token help (4916374)

Styles

  • core,vmm: apply rustfmt (ad5b8ca)

Continuous Integration

  • release: sync shipped issues to Linear Releases (#343) (4e74a93)

v0.4.13

Choose a tag to compare

@arcbox-labs arcbox-labs released this 27 Jun 20:35
aefa0f5

0.4.13 (2026-06-27)

Features

  • agent: run under busybox init as a supervised child (9f58b19)
  • cli: make 'disk compact' trigger an on-demand trim (f34657f)
  • profile: add development runtime profile (7038d70)
  • virtio-blk: punch holes on DISCARD to reclaim host disk (a2fa7c5)
  • virtio-blk: share punch helper, gate DISCARD on writable devices (9c15a13)
  • vmm: honor WRITE_ZEROES in the HV block worker (8cdd8ef), closes #337
  • vmm: punch holes on DISCARD in the HV block worker (fa0c22a)

Bug Fixes

  • agent: fail fast when init can't mount the writable layers (0c90c65)
  • api: surface guest fstrim failures from CompactDisk (70b0913)
  • boot: gate PL011 earlycon to HV and preserve readiness errors (c7a902d)
  • boot: pin earlycon to PL011 base so HV early-boot logs are captured (f4874e8)
  • boot: retry guest readiness instead of aborting on transient early-eof (d614c68)
  • daemon: capture guest console output by default (4ae966b)
  • net: cache raw DNS responses (bff8b34)
  • net: honor DNS cache hit metadata (da91b77)
  • net: widen DNS cache record count sum (2d88142)
  • storage: drop upfront docker.img preallocation, keep image sparse (#334) (5a93974)
  • virtio-blk: fall back to pwrite when WRITE_ZEROES punch fails (877d9fa)
  • virtio-blk: harden discard range handling (e95f865)
  • vmm: preserve block io ordering (52489da)
  • vmm: preserve block worker capacity after rebase (f2cc061)
  • vsock: use non-blocking read in remove_closes_fd test (66b0ffc)

Code Refactoring

  • agent: report fstrim failure via agent error, not text parsing (10e5ba8)
  • blk: split virtio block device (282efb5)
  • core: consolidate agent unary rpc (12c237b)
  • core: move machine tests out of manager (110e229)
  • core: split agent client internals (2436197)
  • core: split boot asset module (0dc0c7c)
  • core: split runtime helpers (566adcc)
  • core: split vm lifecycle types (6e80f9d)
  • core: split vm types and tests (c5bcbd7)
  • fs: split fuse dispatcher (cfd1ebc)
  • fs: split passthrough filesystem (2af0443)
  • fs: split virtio fs device (1cfd756)
  • hypervisor: split darwin vm (9779325)
  • hypervisor: split linux vm (91f620f)
  • net: split darwin datapath loop (e2a5990)
  • net: split virtio net device (f5f880e)
  • oci: split runtime config (03e81c0)
  • packet: split ethernet helpers (dae1f03)
  • splicetcp: split tcp bridge (6c559ff)
  • vmm: split darwin hv backend (0be28c2)
  • vmm: split device manager (0416c4b)
  • vmm: split irq chip (59538d3)
  • vmm: split manager core (585255d)
  • vmm: split snapshot manager (6648135)
  • vm: split sandbox manager (d61fed2)
  • vsock: split connection manager (a46ba93)
  • vsock: split virtio device internals (1060d7c)
  • xtask: fully adopt shared xtask utilities (7e1c545)
  • xtask: reuse shared xtask utilities (b088a11)

Tests

  • hv_e2e: prove busybox-init agent supervision end-to-end (1a855e7)
  • vsock: assert EOF on peer end in remove_closes_fd (edcbd5a)

Styles

  • fs: format virtio fs device tests (2c5e63d)
  • vsock: rustfmt the remove_closes_fd assertion (99b893d)

Build System

  • rust: bump workspace toolchain to 1.96 (a30d30e)

Miscellaneous Chores

  • assets: pin boot assets to 0.6.0 (busybox-init rootfs) (c5e5ba2)
  • assets: re-pin boot assets to 0.6.1 (rcS init fail-fast) (703b563)

v0.4.12

Choose a tag to compare

@arcbox-labs arcbox-labs released this 25 Jun 08:42
fc7ed03

0.4.12 (2026-06-25)

Bug Fixes

  • daemon: scan image holders after interrupted VM runs (fdc38ea)
  • docker: cache guest HTTP readiness in proxy (#302) (80d3318)
  • vmnet: match vmpktdesc ABI so vmnet_read/vmnet_write stop failing EINVAL (#303) (685bab7)

Performance Improvements

  • boot: stream guest readiness events (a49ddeb)
  • core: tighten boot readiness polling for fast vsock probes (51d7123)
  • daemon: skip docker.img holder scan on clean lock acquisition (742a788)

v0.4.11

Choose a tag to compare

@arcbox-labs arcbox-labs released this 25 Jun 06:14
994c70a

0.4.11 (2026-06-25)

Features

  • fakeip: add DnsResolutionLog clear / remove / len (7ed5176)
  • splicetcp: support configurable fast-path mtu (371f4a1)

Bug Fixes

  • daemon: embed Sentry DSN in release builds (919149d)
  • daemon: reconcile vmnet routes after restart (#330) (d617ba3)
  • docker: address proxy review feedback (b323595)
  • fakeip: use map_or in DnsResolutionLog::len (531f2cf)
  • proxy: reject unknown guest authorities (273a401)

Performance Improvements

  • proxy: reuse guest http sessions (f684680)

Code Refactoring

  • context: move tests out of module (f56592b)
  • context: split docker context types (407fa9c)
  • docker: centralize proxy pass-through routing (5c3bb4b)
  • docker: group api routes by resource (1be1066)
  • docker: group proxy state (073963c)
  • docker: remove unused api model types (bc95c7c)
  • handlers: prepare container module split (728e9d4)
  • handlers: split proxy role helpers (0bb9913)
  • proxy: model forward request shapes (55d56ed)
  • proxy: share vsock stream transport (e39f265)
  • proxy: use hyper client pooling (338ba48)
  • tests: move e2e runner out of xtask (d6b5ce3)
  • tests: split docker api integration suites (046c797)
  • tests: use standard harness for e2e (297cf64)
  • workload: split registry internals (e8cda2e)
  • xtask: migrate boot assets test (b5b9791)
  • xtask: migrate repo scripts into xtask (07e90c4)

Documentation

  • docker: describe proxy architecture (2aea78c)
  • docker: diagram proxy routing (7210248)

Continuous Integration

  • exclude arcbox-hv from workspace publish (6c3c5df)

Miscellaneous Chores

  • docker: add structured proxy tracing (3e3c0a7)
  • tests: use tracing in e2e runner (05be85e)

v0.4.10

Choose a tag to compare

@arcbox-labs arcbox-labs released this 19 Jun 16:52
de71a75

0.4.10 (2026-06-19)

Features

  • splicetcp: add FlowObserver seam for per-flow byte accounting (95d0fe8)
  • splicetcp: add tokio fast-path frame sink (394670d)

Bug Fixes

  • splicetcp: harden tokio frame sink (cdd5072)

v0.4.9

Choose a tag to compare

@arcbox-labs arcbox-labs released this 18 Jun 05:36
d0e2788

0.4.9 (2026-06-18)

Continuous Integration

  • release: publish all workspace crates to crates.io (#323) (94a3263)

v0.4.8

Choose a tag to compare

@arcbox-labs arcbox-labs released this 18 Jun 04:19
dd0beca

0.4.8 (2026-06-18)

Features

  • net: host-tunnel endpoint — UtunFrameSource/Sink + SOCKS5-aware tcp_bridge + tun_proxy harness (814bba9)
  • proxy: SOCKS5 UDP ASSOCIATE client + route guest UDP through it (e844538)
  • splicetcp: parameterize FrameClassifier packet-pool capacity (#316) (ec34f16)
  • tcpstack: standalone l3_to_l2 for callback-driven (no-fd) ingest (#313) (283716f)

Bug Fixes

  • bundle: drop vm.networking from dev entitlements (8913c02)
  • devenv: pin apple-sdk_26 so arcbox-daemon links locally (#305) (f43baec)
  • net: correct DarwinTun utun AF-header byte order (a0ec942)
  • proxy: harden SOCKS5 UDP client per review (dedb863)
  • splicetcp: apply rustfmt + correct utun AF-header byte-order module doc (1358fcc)
  • tcpstack: proxy IP-literal / domain-less dsts when a system proxy is set (236fb30)
  • tcpstack: utun AF-header byte order; make tun_proxy functional (Gate C verified) (88b230a)

Code Refactoring

  • net: extract datapath pool/ring/frame-buf/stats into arcbox-datapath crate (1f92e3f)
  • net: extract dns_log/proxy_detect into arcbox-fakeip crate (49c26d3)
  • net: extract NAT engine into arcbox-conntrack crate (Gate A) (c9a5465)
  • net: extract packet/ethernet/checksum into arcbox-packet crate (7e70b33)
  • net: extract proxy_tunnel/socket_proxy/inbound_relay into arcbox-proxy crate (5caa5b5)
  • net: extract tcp_bridge/classifier/direct_rx into arcbox-tcpstack + FrameSource ingest seam (b68ffa3)
  • net: rename arcbox-tcpstack crate to splicetcp (57f0f6d)
  • net: sever arcbox-virtio dependency via arcbox-net-virtio crate (Gate B) (8358bed)
  • net: share utun AF-header framing across endpoints (e835cdd)
  • proxy: split proxy_tunnel + socket_proxy into focused modules (e2505f4)
  • tcpstack: address #314 review (set_dns_log + Tcp-only EgressConn) (8836cfc)
  • tcpstack: build synthetic Ethernet via arcbox-packet helpers (b36e429)
  • tcpstack: extract EgressResolver seam from tcp_bridge (behavior-preserving) (e66723e)

Tests

  • proxy: mock SOCKS5 / HTTP-CONNECT round-trips for proxy_tunnel (0b6739f)
  • small_pool_capacity_classifies_and_falls_back_to_heap. (ec34f16)

Continuous Integration

  • release: publish the library crates to crates.io (#321) (14d73d7)

v0.4.7

Choose a tag to compare

@arcbox-labs arcbox-labs released this 15 Jun 04:48
39cf86b

0.4.7 (2026-06-15)

Features

  • vmm: vsock-io worker for event-driven host-to-guest injection (2c987e1)
  • vsock: doorbell hook on host-to-guest RX work in connection manager (9f6814b)

Bug Fixes

  • core: raise agent-wait startup timeout to 90s (#304) (1a74b8c)
  • vmm: set running before spawning HV worker threads (e23bdb7)