Muyue/MuyueWorkspace
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 141 Wiki Activity
Files
v0.2.1-beta.1
MuyueWorkspace/CHANGELOG.md
Augustin 3494f6b40d
All checks were successful
CI / build (push) Successful in 2m37s
Details
feat: security hardening, tests, doctor command, CI update, CHANGELOG 
- Add AES-256-GCM encryption for API keys (internal/secret)
- Add dangerous command detection in terminal
- Add muyue doctor command for system health checks
- Add scanner TTL cache, orchestrator history mutex, shared HTTP client
- Deduplicate MCP config generation, refactor skills YAML parser
- Add XDG-compliant config dir with legacy migration
- Add cleanup on all TUI quit paths
- Add 8 test files (config, workflow, skills, orchestrator, version,
  platform, scanner, secret)
- Update CI to actions/setup-go@v5
- Add CHANGELOG.md, update README and Makefile

🤖 Generated with Crush

Assisted-by: GLM-5.1 via Crush <crush@charm.land>
2026-04-20 19:56:07 +02:00

2.1 KiB
Raw Permalink Blame History

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog.

[0.2.0] - 2026-04-20

Added

  • Security: AES-256-GCM encryption for API keys stored in config (internal/secret). Per-machine random key at ~/.muyue_key with 0600 permissions.
  • Security: Dangerous command detection in integrated terminal (rm -rf, mkfs, dd, fork bombs, shutdown/reboot, redirects to system dirs).
  • Security: MCP config files now written with 0600 permissions, directories with 0700.
  • Command: muyue doctor — checks config, API key, tools, LSP/MCP servers, and skills installation.
  • Config: XDG-compliant config directory via os.UserConfigDir() with automatic migration from legacy ~/.muyue.
  • Performance: Scanner results cached with 5-minute TTL and InvalidateCache() for forced refresh.
  • Performance: Shared HTTP client for orchestrator and updater (10s timeout, connection pooling).
  • Tests: 8 test files covering config, workflow, skills, orchestrator, version, platform, scanner, and secret packages.
  • CI: Updated to use actions/setup-go@v5 instead of manual Go download.
  • Makefile: Added test-short (with -short -timeout 60s) and vet targets.

Changed

  • Architecture: MCP config generation deduplicated — shared writeMCPConfig() with mcpEntry type replaces two near-identical functions.
  • Architecture: Skills YAML frontmatter parser now uses gopkg.in/yaml.v3 instead of manual line-by-line parsing.
  • Concurrency: Orchestrator history protected by sync.Mutex to prevent races from tea.Cmd goroutines.
  • TUI: cleanup(m Model) now called on all quit paths (confirm, ctrl+c force, ctrl+c in quit overlay) to stop daemon, preview server, and proxy agents.
  • README: Complete rewrite documenting all CLI commands, LSP/MCP/Skills management, security, and XDG paths.

[0.1.0] - 2026-04-18

Added

  • Initial release with Bubble Tea TUI, AI chat orchestration, system scanning, tool installation, LSP/MCP management, skills system, and multi-platform CI/release pipeline.
Reference in New Issue View Git Blame Copy Permalink