v1.1.16 — 85 PRs, 0.6.11 → 1.1.16: rootless track + privops authz + Wayland compositor

What's Changed

• release: 0.6.12 — man pages for crated(8) and crate-hub(8) by @click0 in #133
• release: 0.6.13 — WireGuard runtime (auto wg-quick up/down) by @click0 in #134
• release: 0.6.14 — crate migrate (orchestrate move via F2 API) by @click0 in #135
• release: 0.6.15 — datacenter grouping in crate-hub by @click0 in #136
• docs: scope datacenter admin UI to a separate repository by @click0 in #137
• release: 0.7.0 — crate backup/restore (incremental ZFS send) by @click0 in #138
• release: 0.7.1 — API tokens with TTL + scope by @click0 in #139
• release: 0.7.2 — crate replicate (ZFS storage replication via ssh) by @click0 in #140
• release: 0.7.3 — HA failover policy in hub by @click0 in #141
• release: 0.7.4 — Resource pools + per-token ACL by @click0 in #142
• release: 0.7.5 — ZFS warm-template caching (template warm subcommand) by @click0 in #143
• release: 0.7.6 — crate retune (live RCTL update without restart) by @click0 in #144
• release: 0.7.7 — crate throttle (dummynet token-bucket network shaping) by @click0 in #145
• release: 0.7.8 → 0.7.12 (5 features + CI 17× speedup) by @click0 in #146
• release: 0.7.13 → 0.7.19 (Hardening + Operator UX + Network/GUI DX) by @click0 in #147
• release: 0.8.0 → 0.8.5 (auto-fw + code-health + kqueue log-tail) by @click0 in #148
• 0.8.0 → main: enterprise readiness + audit closure (41 releases, 0.8.0–0.8.37) by @click0 in #149
• 0.8.42 — TODO: expand Rootless containers entry with honest setuid hardening status by @click0 in #150
• 0.8.43 — crate-hub schedule CLI helper (closes hub-scheduling loop) by @click0 in #151
• 0.8.44 — PipeWire socket bind in gui:auto (audio for desktop jails) by @click0 in #152
• 0.8.45 — crate doctor wayland-readiness check by @click0 in #153
• 0.8.46 — gui.mode: wayland explicit + resolution-ignored warning by @click0 in #154
• 0.8.47 — PulseAudio compat socket bind (sub-dir) by @click0 in #155
• 0.8.48 — fix env-sanitize XDG_RUNTIME_DIR wipe (silent Wayland no-op since 0.8.18) + compositor-ID hint by @click0 in #156
• release: 0.8.49 — LXQt 2.4 desktop examples by @click0 in #157
• 0.9.0 — rootless track opens: privops verb taxonomy by @click0 in #158
• 0.9.1 — rootless: JSON wire format on control socket by @click0 in #159
• 0.9.2 — rootless: set_rctl handler (first real verb) by @click0 in #160
• 0.9.3 — rootless: clear_rctl handler by @click0 in #161
• 0.9.4 — rootless: attach_zfs / detach_zfs handlers by @click0 in #162
• 0.9.5 — rootless: mount_nullfs / unmount_nullfs handlers by @click0 in #163
• 0.9.6 — rootless: configure_iface / teardown_iface handlers by @click0 in #164
• 0.9.7 — rootless: last 6 verbs (pf/ipfw + jail lifecycle) by @click0 in #165
• 0.9.8 — rootless: per-user runtime path scheme by @click0 in #166
• 0.9.9 — rootless: per-user ZFS dataset prefix by @click0 in #167
• 0.9.10 — rootless: per-user network sub-CIDR allocator by @click0 in #168
• 0.9.11 — rootless: per-user RCTL accounting groups by @click0 in #169
• 0.9.12 — rootless: migration doc + config schema + composer by @click0 in #170
• 0.9.13 — rootless: first wiring (per-user audit tail) by @click0 in #171
• 0.9.14 — rootless: libnv unix-socket transport by @click0 in #172
• 0.9.15 — rootless: client-side libnv wiring (crate retune first) by @click0 in #173
• 0.9.16 — hotfix: FreeBSD CI failure + LXQt nested docs by @click0 in #174
• 0.9.17 — rootless: crate stop wired to privops destroy_jail by @click0 in #175
• 0.9.18 — rootless: crate run ZFS attach/detach via privops by @click0 in #176
• 0.9.19 — rootless: nullfs mounts via privops (Mount class auto-route) by @click0 in #177
• 0.9.20 — rootless: vnet moveToVnet via privops + handler move-only mode by @click0 in #178
• 0.9.21 — rootless: removeJail via privops destroy_jail by @click0 in #179
• 0.9.22 — rootless: createJail via privops (parameters-string) by @click0 in #180
• 0.9.23 — rootless: set_iface_up + disable_iface_offload verbs by @click0 in #181
• 0.9.24 — rootless: bridge_add_member + bridge_del_member verbs by @click0 in #182
• 0.9.25 — rootless: set_iface_inet_addr verb by @click0 in #183
• 0.9.26 — rootless: create_epair (first response-data verb) by @click0 in #184
• 0.9.27 — rootless: per-user lease file path by @click0 in #185
• 0.9.28 — rootless: set/clear_loginclass_rctl verbs (umbrella primitives) by @click0 in #186
• 0.9.29 — rootless: RCTL umbrella auto-apply at create_jail by @click0 in #187
• 0.9.30 — flip rootless_per_user default to true by @click0 in #188
• 1.0.0 — remove setuid bit from Makefile install by @click0 in #189
• 1.0.1 — IPv6 lease file per-user (mirror of 0.9.27 v4 fix) by @click0 in #190
• 1.0.2 — spec registry per-user + restart wires through it by @click0 in #191
• 1.0.3 — stack DNS dirs per-user by @click0 in #192
• 1.0.4 — VM runtime + cloud-init paths per-user (closes path-leak track) by @click0 in #193
• 1.0.5 — reclaim_iface_from_vnet privops verb by @click0 in #194
• 1.1.0 — PfctlOps privops-wiring (closes audit's rootless track) by @click0 in #195
• 1.1.1 — query_jail_rctl read verb (closes audit's rootless track) by @click0 in #196
• 1.1.2 — backfill test coverage for recent verbs by @click0 in #197
• 1.1.3 — raise validateJailName ceiling from 64 to 200 by @click0 in #198
• 1.1.4 — raise validateAnchorName ceiling from 64 to 256 by @click0 in #199
• 1.1.5 — securelevel + children.max applied at jail creation under privops by @click0 in #200
• 1.1.6 — RCTL apply + cleanup wired through privops by @click0 in #201
• 1.1.7 — ipfw teardown wired through privops by @click0 in #202
• 1.1.8 — ipfw setup + ConfigureIpfwNat verb by @click0 in #203
• 1.1.9 — cpuset binding via new set_jail_cpuset privops verb by @click0 in #204
• 1.1.10 — apply_devfs_ruleset verb (terminal isolation) by @click0 in #205
• 1.1.11 — graceful jail stop via new signal_jail verb by @click0 in #206
• Trust model docs + privops authorize-before-dispatch (1.1.11) by @click0 in #207
• feat(privops): authorize-before-dispatch for per-user-ownable verbs by @click0 in #208
• fix(update): include <sys/wait.h> for WIFEXITED/WEXITSTATUS (Linux build) by @click0 in #209
• feat(gui): run a Wayland compositor inside a jail (gui.mode: compositor) by @click0 in #210
• feat(privops): jid→owner registry + authz for jid/name-scoped verbs (1.1.13) by @click0 in #211
• feat(privops): authz for path-scoped verbs via byPath lookup (1.1.14) by @click0 in #212
• feat(privops): create_jail path-prefix authz, completing the 1.1.x gate series (1.1.15) by @click0 in #213
• docs: on-hardware validation runbook + driver script for 1.1.10..1.1.15 by @click0 in #214
• fix(build): -lnv for FreeBSD nvpair API + lite CI link smoke + getpeereid design notes by @click0 in #215
• chore: bump --version to 1.1.15 + TODO audit (retire shipped entries) by @click0 in #216
• ci: make full FreeBSD build manual-only, lite gates every push (+ v1.2.0 bump) by @click0 in htt...

v0.6.11 — crate inspect TARGET (full JSON snapshot)

What's Changed

• release: 0.5.4 — passphrase-based encryption for .crate archives (+17 tests) by @click0 in #109
• docs: add encrypted export/import worked example to README by @click0 in #110
• release: 0.5.5 — fix pkg/add (was stub returning error) by @click0 in #111
• release: 0.5.6 — X11 shared-mode security hardening (+3 tests) by @click0 in #112
• release: 0.5.7 — capture pkg/chroot output to /var/log/crate/create-<jail>.log by @click0 in #113
• release: 0.5.8 — ed25519 signing for .crate archives (+13 tests) by @click0 in #114
• release: 0.5.9 — audit logging by @click0 in #115
• release: 0.6.0 — cross-device file shares by @click0 in #116
• release: 0.6.1 — crated F2: restart, snapshot CRUD, SSE stats by @click0 in #117
• release: 0.6.2 — crate top: live resource monitor by @click0 in #118
• release: 0.6.3 — auto-create bridge interfaces (opt-in) by @click0 in #119
• release: 0.6.4 — WebSocket console for crated (RFC 6455, IPv6 dual-stack) by @click0 in #120
• release: 0.6.5 — crated export/import endpoints (F2 complete) by @click0 in #121
• release: 0.6.6 — SNMP AgentX full Get/GetNext + RFC 2741 OID fix by @click0 in #122
• release: 0.6.7 — hub web dashboard (vanilla-JS) + /api/v1/aggregate by @click0 in #123
• release: 0.6.8 — host-wide inter-container DNS (.crate zone) by @click0 in #124
• release: 0.6.9 — WireGuard config rendering (crate vpn wireguard) by @click0 in #125
• release: 0.6.10 — IPsec config rendering (crate vpn ipsec) by @click0 in #126
• ci: install atf on FreeBSD runner so atf-sh shebang works by @click0 in #127
• ci: silence OpenSSL 3.0 SHA256_* deprecation warnings (EVP migration) by @click0 in #128
• ci: drop unused <openssl/sha.h> includes after EVP migration by @click0 in #129
• release: 0.6.11 — crate inspect TARGET (full JSON snapshot) by @click0 in #130
• ci: fix clang++ build errors on FreeBSD (private member, dead fn) by @click0 in #131
• todo: track unix-socket peer-credential verification as future work by @click0 in #132

Full Changelog: v0.5.3...v.0.6.11

v0.5.3 — Renderer extraction: xorg.conf + snapshot list now testable (+11 cases, 397 total)

What's Changed

• feat: restart policy retry loop + roadmap TODO cleanup by @click0 in #92
• fix: YAML syntax + missing vm_stack.cpp in Makefile by @click0 in #93
• test: 65 new unit tests + Makefile-driven CI build by @click0 in #94
• release: 0.4.0 — fix safePath + isLong, add cli_args tests, coverage target by @click0 in #95
• release: 0.4.1 — extract util_pure.cpp, link tests to real symbols by @click0 in #96
• release: 0.4.2 — every unit test now uses real production symbols by @click0 in #97
• ci: drive freebsd-build full unit-test build through Makefile target by @click0 in #98
• release: 0.4.3 — Args::validate test coverage + POSIX helpers extracted by @click0 in #99
• release: 0.4.4 — fix pathSubstituteVarsInString infinite loop, +22 tests by @click0 in #100
• release: 0.4.5 — fix toUInt overflow + parseCidr range, +36 tests (5 bugs found) by @click0 in #101
• release: 0.4.6 — Spec::validate() under test (+48 cases, 306 total) by @click0 in #102
• release: 0.4.7 — validateCrateSpec warning logic under test (+30 cases) by @click0 in #103
• release: 0.4.8 — extract autoname + run env helpers (+13 tests, 349 total) by @click0 in #104
• release: 0.5.0 — Bearer-token auth + crate list under test (+24, 373 total) by @click0 in #105
• release: 0.5.1 — VESA CVT modeline + resolution helpers under test by @click0 in #106
• release: 0.5.2 — xorg.conf + snapshot table renderers under test (+11) by @click0 in #107
• release: 0.5.3 — sync in-source version with release tag by @click0 in #108

Full Changelog: v0.3.15...v0.5.3

crate 0.3.15 — FreeBSD build rollup

What's Changed

• fix(build): SSLServer define + Request struct/class mismatch by @click0 in #88
• fix(build): final cross-reference audit — ODR, copy ctor, yaml refs by @click0 in #89
• fix: last two compiler warnings (misleading indent + const return) by @click0 in #90
• release: 0.3.15 (FreeBSD build rollup) by @click0 in #91

Full Changelog: v0.3.1...v0.3.15

Release 0.3.1 — Build fix + firewall rewrite

What's Changed

• Add stack orchestration features and Matrix deployment examples (Claude/crate all improvements g sxyj) by @click0 in #55
• Fix container examples and add GPU resolution fallback (Claude/crate container examples g sxyj) by @click0 in #56
• Fix Ukrainian text in English README by @click0 in #57
• Rewrite TODO: remove completed items, add production-readiness roadmap by @click0 in #58
• Implement all 6 phases: networking, resources, jail-VM, CLI, daemon API, optimization by @click0 in #59
• Fix build: replace non-existent Util::Fs::mkdirHier with execCommand … by @click0 in #60
• ci: update actions/checkout from v4 to v6 for Node 24 support by @click0 in #61
• tests: add Kyua/ATF test infrastructure and unit tests by @click0 in #62
• tests: add Kyua/ATF test infrastructure and unit tests by @click0 in #63
• Fix test compilation: add missing sys/socket.h, fix ATF_REQUIRE_THROW… by @click0 in #64
• tests: add ATF tests for NetOptDetails, isIpv6Address, Exception; add… by @click0 in #65
• Add FreeBSD port infrastructure with build OPTIONS by @click0 in #66
• port: fix MAINTAINER email address by @click0 in #67
• docs: update README with port OPTIONS, crated daemon, snmpd, tests, b… by @click0 in #68
• ci: split FreeBSD CI into lite (smoke) and full (gated) workflows by @click0 in #69
• Claude/phase 1 networking h vth f by @click0 in #70
• Claude/phase 2 resources h vth f by @click0 in #71
• fix+ci: wrap stoul/stoi/stoull leaks and add Linux unit CI by @click0 in #72
• fix+feat(firewall): consolidate pf/ipfw, neighbor safety, full IPv6 by @click0 in #73
• release: 0.3.0 by @click0 in #74
• fix(build): replace const class Spec forward decls causing gmake errors by @click0 in #75
• release: 0.3.1 (build fix rollup) by @click0 in #76
• ci: attach FreeBSD binaries to GitHub Releases on tag push by @click0 in #77
• fix(build): missing sys/param.h before sys/jail.h + compiler warnings by @click0 in #78
• fix(build): make_unique vs private constructors on FreeBSD 15.0 by @click0 in #79
• fix(build): AF_INET + yaml-cpp temp refs in stack.cpp by @click0 in #80
• fix(build): missing sys headers across all source files (batch audit) by @click0 in #81
• fix(build): ipfw ctxid compat + mac_ops headers by @click0 in #82
• fix(build): remove dead mac_bsdextended ioctl path by @click0 in #83
• fix(build): netgraph sa_family_t + unused vars by @click0 in #84
• fix(build): linker errors + X11 guard + init order warning by @click0 in #85
• fix(tests): ATF shell test shebang (crate_info_test broken) by @click0 in #86
• fix(build): add cpp-httplib to CI for crated daemon by @click0 in #87

Full Changelog: v0.2.5...v0.3.1

Release 0.2.5 — Native FreeBSD API wrappers

##Added

• Native FreeBSD API wrappers — replace fork+exec shell commands with direct library calls where available:
  lib/jail_query.{cpp,h} — libjail jailparam_* API replaces jls(8) parsing
  lib/zfs_ops.{cpp,h} — libzfs/libzfs_core replaces zfs(8) commands
  lib/ifconfig_ops.{cpp,h} — libifconfig replaces ifconfig(8) commands
  lib/pfctl_ops.{cpp,h} — libpfctl replaces pfctl(8) commands
  lib/mac_ops.{cpp,h} — ugidfw ioctl + sysctlbyname() replaces ugidfw(8)
  lib/ipfw_ops.{cpp,h} — ipfw wrapper (native IP_FW3 planned)
  lib/capsicum_ops.{cpp,h} — libcasper for cap_enter(), cap_dns, cap_syslog
  lib/netgraph_ops.{cpp,h} — PF_NETGRAPH socket replaces ngctl(8)
  lib/nv_protocol.{cpp,h} — libnv nvlist IPC over Unix socket
  lib/vm_spec.{cpp,h} — YAML parsing for type: vm (bhyve) spec
  lib/vm_run.{cpp,h} — libvirt bhyve driver for VM lifecycle
  lib/vnc_server.{cpp,h} — libvncserver embedded VNC (replaces x11vnc fork)
  lib/x11_ops.{cpp,h} — libX11/XRandR for display management
  lib/drm_session.{cpp,h} — libseat for DRM session without suid
• JailExec namespace — jail_attach() with automatic jexec(8) fallback
• Compile-time feature flags: HAVE_LIBZFS, HAVE_LIBIFCONFIG, HAVE_LIBPFCTL, HAVE_CAPSICUM, WITH_LIBVIRT, WITH_LIBVNCSERVER, WITH_X11, WITH_LIBSEAT
• All wrappers fall back to shell commands when compiled without optional flags

##Changed

list.cpp — use JailQuery::getAllJails() instead of jls -N parsing
info.cpp — use JailQuery for jail lookup + JailExec for in-jail commands
console.cpp — use JailQuery for container resolution
clean.cpp — use JailQuery::getAllJails() for running jail enumeration
export.cpp — use JailQuery for container resolution
run.cpp — use JailQuery, JailExec, ZfsOps, MacOps throughout
run_jail.cpp — use ZfsOps::jailDataset()/unjailDataset()
run_net.cpp — use IfconfigOps, NetgraphOps, PfctlOps
snapshot.cpp — use ZfsOps for all ZFS snapshot operations
util.cpp — delegate isZfsEncrypted()/isZfsKeyLoaded() to ZfsOps

• Makefile updated with optional library flags and P2-P4 source files