|
| 1 | +CHANGELOG |
| 2 | +========= |
| 3 | + |
| 4 | +All notable changes to rots are documented here. |
| 5 | + |
| 6 | +The format is based on `Keep a |
| 7 | +Changelog <https://keepachangelog.com/en/1.1.0/>`__, and this project |
| 8 | +adheres to `Semantic |
| 9 | +Versioning <https://semver.org/spec/v2.0.0.html>`__. |
| 10 | + |
| 11 | +.. raw:: html |
| 12 | + |
| 13 | + <!--scriv-insert-here--> |
| 14 | + |
| 15 | +.. _changelog-0.4.0: |
| 16 | + |
| 17 | +0.4.0 — 2026-03-02 |
| 18 | +================== |
| 19 | + |
| 20 | +Added |
| 21 | +----- |
| 22 | + |
| 23 | +- Surface container health in ``instances list`` — combined status like "active (healthy)" |
| 24 | +- Add ``instances ps`` subcommand for podman-native container view |
| 25 | +- Add ``proxy push`` command for remote Caddyfile template deployment |
| 26 | +- Add ``_path_exists`` and ``_copy_template`` helpers in init module |
| 27 | + |
| 28 | +- Unified image reference parsing with ``parse_image_reference()`` supporting registry ports and digest refs |
| 29 | +- Positional ``reference: ImageRef`` parameter on deploy, redeploy, run, shell, and config-transform commands |
| 30 | +- Precedence chain: positional ref > --tag flag > IMAGE/TAG env vars > @current alias > defaults |
| 31 | + |
| 32 | +Changed |
| 33 | +------- |
| 34 | + |
| 35 | +- Skip SSH connection for local-only ``build`` command |
| 36 | +- Print immediate context feedback showing project dir and config mode during build |
| 37 | + |
| 38 | +- Remove ``--remote`` flag from instance run/shell/config-transform; always use config-based image lookup |
| 39 | +- Replace hardcoded image names with config-driven resolution throughout |
| 40 | + |
| 41 | +- Rename package from ots-containers to rots across source, tests, CI, and pyproject.toml |
| 42 | +- Add ots-shared as co-located workspace package under ``packages/ots-shared/`` |
| 43 | +- Add uv workspace config so ots-shared resolves from local path |
| 44 | + |
| 45 | +Fixed |
| 46 | +----- |
| 47 | + |
| 48 | +- DRY ``_get_error_stderr()`` helper in assets.py to deduplicate exception handling (#20) |
| 49 | +- Replace fragile ``type(exc).__name__`` string matching with ``isinstance()`` and lazy paramiko import |
| 50 | +- Fix Caddyfile.template to valkey.conf entry in manifest |
| 51 | + |
| 52 | +Security |
| 53 | +-------- |
| 54 | + |
| 55 | +- Fix credential exposure in ``podman login`` — use ``--password-stdin`` instead of CLI flag |
| 56 | +- Wire ``Config.validate()`` into ``__post_init__`` (was dead code) |
| 57 | +- Reject path traversal in IMAGE_RE and REGISTRY_RE patterns |
| 58 | +- Add OTS_REGISTRY hostname validation |
| 59 | +- Add MEMORY_MAX/CPU_QUOTA newline injection prevention |
| 60 | +- Add VALKEY_SERVICE systemd unit name validation |
| 61 | +- Add defense-in-depth checks in quadlet.py |
| 62 | + |
| 63 | +Documentation |
| 64 | +------------- |
| 65 | + |
| 66 | +- Add ADR-002: Split scheduler into rufus (in-process) and systemd timers (batch) |
| 67 | + |
| 68 | +- Update repository URLs and stale references from ots-containers to rots |
| 69 | + |
| 70 | +AI Assistance |
| 71 | +------------- |
| 72 | + |
| 73 | +- Security analysis, test coverage development, and implementation for image reference overhaul |
0 commit comments