Skip to content
Capsem

v0.16

0.16.0 | 2026-04-02

A reliability release focused on observability, build tooling, and security hardening.

Highlights

Section titled “Highlights”

Revert Telemetry

Section titled “Revert Telemetry”

Snapshot reverts now log a restored file event to the session DB, including the source checkpoint (e.g., "src/main.py (from cp-3)"). New FileAction::Restored variant in capsem-logger with a FileEventStats.restored counter in reader queries.

Boot Audit Logging

Section titled “Boot Audit Logging”

Comprehensive [boot-audit] tracing throughout the GUI and CLI boot paths. Every step from session cleanup through hypervisor boot is timestamped, making hangs immediately diagnosable via RUST_LOG=capsem=debug.

Section titled “Symlink Safety”

Fixed a hang where .venv/lib64 -> lib symlink loops caused infinite recursion in disk_usage_bytes(). Switched to symlink_metadata() throughout. Documented a broader VirtioFS symlink sandbox escape risk with 6 additional code paths identified for hardening.

Cross-Arch Build Fix

Section titled “Cross-Arch Build Fix”

Docker’s legacy builder shared intermediate layer cache across --platform values, silently reusing arm64 layers for x86_64 builds. Fixed by requiring Docker BuildKit (buildx), which properly includes platform in cache keys. just doctor and scripts/bootstrap.sh now check for buildx and Colima Rosetta.

Snapshots Tab

Section titled “Snapshots Tab”

The snapshots tab now queries session.db directly instead of calling the MCP gateway, consistent with all other stats tabs. Each snapshot event stores a self-contained event ID range for efficient per-snapshot change counts.

Other Changes

Section titled “Other Changes”
  • just clean reports freed space; just clean-all prunes docker volumes
  • Automatic incremental cache trimming when target/ exceeds 20 GB
  • just smoke-test recipe for fast end-to-end validation
  • just doctor validates asset manifest, B3SUM integrity, and guest binaries
  • Wizard no longer flashes briefly on app launch
  • KVM boot path compile errors fixed (renamed method references)

0.16.1 | 2026-04-02

KVM diagnostics and error reporting for restricted Linux environments.

  • KVM boot failures now run automatic diagnostic probes (kernel version, nested KVM, capabilities, no-IRQCHIP vCPU test) and log results at ERROR level
  • Actionable error messages for /dev/kvm missing, permission denied, and EEXIST on vCPU creation
  • Platform-specific boot failure guidance (Linux: KVM troubleshooting, macOS: entitlement info)
  • Standalone scripts/kvm-diagnostic.py for manual debugging
  • Fixed stale LATEST_RELEASE.md (was showing v0.15.1)