OpenShell - Browse /v0.0.37 at SourceForge.net

The interactive file manager requires Javascript. Please enable it or use sftp or scp.
You may still browse the files here.

Name	Modified	Size	InfoDownloads / Week
Parent folder
openshell-0.0.37-1.fc44.aarch64.rpm	2026-05-08	5.5 MB	0
openshell-0.0.37-1.fc44.x86_64.rpm	2026-05-08	5.6 MB	0
openshell-0.0.37-py3-none-macosx_13_0_arm64.whl	2026-05-08	15.1 MB	0
openshell-0.0.37-py3-none-manylinux_2_39_aarch64.whl	2026-05-08	18.5 MB	0
openshell-0.0.37-py3-none-manylinux_2_39_x86_64.whl	2026-05-08	19.3 MB	0
openshell-aarch64-apple-darwin.tar.gz	2026-05-08	14.4 MB	0
openshell-aarch64-unknown-linux-musl.tar.gz	2026-05-08	14.8 MB	0
openshell-checksums-sha256.txt	2026-05-08	1.6 kB	0
openshell-driver-vm-aarch64-apple-darwin.tar.gz	2026-05-08	26.8 MB	0
openshell-driver-vm-aarch64-unknown-linux-gnu.tar.gz	2026-05-08	22.4 MB	0
openshell-driver-vm-x86_64-unknown-linux-gnu.tar.gz	2026-05-08	23.3 MB	0
openshell-gateway-0.0.37-1.fc44.aarch64.rpm	2026-05-08	8.9 MB	0
openshell-gateway-0.0.37-1.fc44.x86_64.rpm	2026-05-08	9.1 MB	0
openshell-gateway-aarch64-apple-darwin.tar.gz	2026-05-08	11.7 MB	0
openshell-gateway-aarch64-unknown-linux-gnu.tar.gz	2026-05-08	11.9 MB	0
openshell-gateway-checksums-sha256.txt	2026-05-08	345 Bytes	0
openshell-gateway-x86_64-unknown-linux-gnu.tar.gz	2026-05-08	12.6 MB	0
openshell-sandbox-aarch64-unknown-linux-gnu.tar.gz	2026-05-08	6.5 MB	0
openshell-sandbox-checksums-sha256.txt	2026-05-08	233 Bytes	0
openshell-sandbox-x86_64-unknown-linux-gnu.tar.gz	2026-05-08	7.0 MB	0
openshell-x86_64-unknown-linux-musl.tar.gz	2026-05-08	15.9 MB	0
openshell.rb	2026-05-08	5.0 kB	0
openshell_0.0.37-1_amd64.deb	2026-05-08	41.7 MB	0
openshell_0.0.37-1_arm64.deb	2026-05-08	39.6 MB	0
OpenShell v0.0.37 source code.tar.gz	2026-05-08	1.9 MB	0
OpenShell v0.0.37 source code.zip	2026-05-08	2.3 MB	0
README.md	2026-05-08	21.5 kB	0
Totals: 27 Items		334.9 MB	0

v0.0.37 is a breaking release that moves OpenShell onto the new entity/object model and RFC-0001 compute-driver architecture. Gateway persistence now uses a shared entity schema with Kubernetes-style metadata and labels, and policy revisions plus draft policy recommendations now live in that object model instead of dedicated policy tables. This also changes public protobuf shapes for core resources like sandboxes, providers, and SSH sessions, so existing clients and gateway databases may need regeneration, migration, or recreation.

This release also introduces the experimental Helm chart for Kubernetes and OpenShift deployments, including chart packaging, PKI bootstrap, Gateway API support, and Kubernetes setup docs. On the runtime side, RFC-0001 is now substantially implemented with pluggable compute drivers for Docker, Podman, Kubernetes, and experimental MicroVM-backed sandboxes, plus related packaging, installer, and CI support.

Also new in this release: provider profiles and sandbox-provider attach lifecycle, OIDC/RBAC gateway auth, GraphQL L7 policy inspection, Kubernetes user namespace support, and expanded Debian/RPM/Homebrew packaging.

Quick install

:::bash
curl -LsSf https://raw.githubusercontent.com/NVIDIA/OpenShell/main/install.sh | OPENSHELL_VERSION=v0.0.37 sh

What's Changed

fix(driver-vm): preflight supervisor cross-compile toolchain in start.sh by @pimlock in https://github.com/NVIDIA/OpenShell/pull/931
fix(ci): E2E gate must verify work actually ran, not just top-level success by @pimlock in https://github.com/NVIDIA/OpenShell/pull/926
fix(ci): bump ci-image tooling versions to clear vendored CVEs by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/929
fix(ci): bump helm to 4.1.4 for plugin CVE fixes by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/928
fix(skills): remove --assignee @me from gh pr/issue create commands by @sjenning in https://github.com/NVIDIA/OpenShell/pull/937
chore(mise): replace deprecated ubi: prefix by github: prefix by @benoitf in https://github.com/NVIDIA/OpenShell/pull/923
fix(ci): rename mise --no-prepare to --no-deps by @pimlock in https://github.com/NVIDIA/OpenShell/pull/942
feat(server): add Prometheus metrics infrastructure and gRPC/HTTP request metrics by @sjenning in https://github.com/NVIDIA/OpenShell/pull/920
fix(ci): post E2E Gate check to the PR when workflow_run fires by @pimlock in https://github.com/NVIDIA/OpenShell/pull/938
chore(helm): remove unused ClusterRole and ClusterRoleBinding by @TaylorMutch in https://github.com/NVIDIA/OpenShell/pull/943
feat(ci): add shadow-shared-cpu-spike workflow for OS-49 Phase 2 by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/934
chore(ci): add ARC baseline collector for OS-49 runner migration by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/927
fix(ci): expose GHA sccache env in shadow-shared-cpu-spike by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/950
feat(ci): add driver input to setup-buildx action by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/941
fix(cli): preserve source directory on sandbox upload by @mjamiv in https://github.com/NVIDIA/OpenShell/pull/952
fix(sandbox): route console logs to stderr by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/949
fix(e2e): add /dev/urandom to provider test sandbox policy by @derekwaynecarr in https://github.com/NVIDIA/OpenShell/pull/948
test(e2e): fix rust upload path assertions by @drew in https://github.com/NVIDIA/OpenShell/pull/960
test(e2e): fix gitignore upload assertion path by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/962
fix(ci): partition GHA sccache cache per arch in shadow spike by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/961
Openshell driver podman by @maxamillion in https://github.com/NVIDIA/OpenShell/pull/904
feat(ci): add Markdown and Mermaid linting by @pimlock in https://github.com/NVIDIA/OpenShell/pull/933
feat(docker): add BINARY_SOURCE selector for prebuilt Rust binaries by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/945
test(e2e): fix filtered upload path assertion by @drew in https://github.com/NVIDIA/OpenShell/pull/963
feat(ci): add shadow-docker-build workflow for OS-49 Phase 3 by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/964
fix(ci): use nv-gha-runners buildkit mirror to avoid Docker Hub rate limit by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/966
fix(docs): scope fenced code language linting by @pimlock in https://github.com/NVIDIA/OpenShell/pull/965
fix(ci): make buildkitd-config opt-in for setup-buildx by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/970
fix(ci): ignore local artifacts in license checks by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/974
fix(scripts): handle docker cleanup when no containers are running by @derekwaynecarr in https://github.com/NVIDIA/OpenShell/pull/977
feat(server): add object meta convention to top-level objects by @derekwaynecarr in https://github.com/NVIDIA/OpenShell/pull/919
fix(ci): patch CI container vulnerability toolchain by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/959
docs(rfc): add core architecture RFC by @drew in https://github.com/NVIDIA/OpenShell/pull/836
fix(e2e): use high UID range to avoid host user conflicts by @derekwaynecarr in https://github.com/NVIDIA/OpenShell/pull/978
ci(e2e): add label dispatcher and contributor CI docs by @pimlock in https://github.com/NVIDIA/OpenShell/pull/975
ci(e2e): replace label dispatcher with comment-only helper by @pimlock in https://github.com/NVIDIA/OpenShell/pull/990
fix(deps): add missing cargo-zigbuild dependency for macOS cross-compilation by @benoitf in https://github.com/NVIDIA/OpenShell/pull/986
docs: weekly documentation refresh by @miyoungc in https://github.com/NVIDIA/OpenShell/pull/993
fix(sandbox): deny ambiguous socket ownership by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/958
chore(ci): relax agent diagnostic gate by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/1001
chore(mise): add lockfile with multi-platform support and version pin by @pimlock in https://github.com/NVIDIA/OpenShell/pull/946
fix(podman): use podman machine socket path on macOS by @benoitf in https://github.com/NVIDIA/OpenShell/pull/999
feat(server): add bundled docker compute driver by @drew in https://github.com/NVIDIA/OpenShell/pull/888
fix(ci): grant actions:read and contents:read to E2E label helper by @pimlock in https://github.com/NVIDIA/OpenShell/pull/995
chore(tools): sync mise version to v2026.4.25 by @TaylorMutch in https://github.com/NVIDIA/OpenShell/pull/1013
feat(ci): add shadow-rust-native-build workflow for OS-49 Phase 4 (PR 4a) by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/973
refactor(server): unify policy persistence in objects table by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/972
fix(cli): preserve directory basename for filtered uploads by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/1028
fix(net): catch IPv4-mapped blocked ranges in is_always_blocked_net by @mesutoezdil in https://github.com/NVIDIA/OpenShell/pull/1032
feat(openshell-vm): add tty support for exec by @benoitf in https://github.com/NVIDIA/OpenShell/pull/939
Adding qemu vm driver support with GPU pass-through by @vince-brisebois in https://github.com/NVIDIA/OpenShell/pull/992
ci(rust): enforce -D warnings on clippy by @drew in https://github.com/NVIDIA/OpenShell/pull/1008
fix(sandbox): log L7 parse denials by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/1072
fix(sandbox): preserve encoded slash policy from proto by @pimlock in https://github.com/NVIDIA/OpenShell/pull/1073
ci(docker): use prebuilt Rust binaries by default by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/1027
ci(rust): keep sccache stats non-blocking by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/1074
docs(examples): add multi-agent notepad demo by @zredlined in https://github.com/NVIDIA/OpenShell/pull/991
ci: add OS-49 phase 5 shadow workflows by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/1075
feat(auth): add OIDC/Keycloak authentication with RBAC and scope-based permissions by @mrunalp in https://github.com/NVIDIA/OpenShell/pull/935
chore(ci): update checkout action to v6 by @drew in https://github.com/NVIDIA/OpenShell/pull/1086
fix(docker): set apparmor=unconfined on sandbox containers by @elezar in https://github.com/NVIDIA/OpenShell/pull/1078
feat(docker): enable CDI GPU sandboxes by @elezar in https://github.com/NVIDIA/OpenShell/pull/1036
feat(server): add auto-detection of compute driver at startup by @sjenning in https://github.com/NVIDIA/OpenShell/pull/1088
test(e2e): skip docker gpu test in rust suite by @pimlock in https://github.com/NVIDIA/OpenShell/pull/1103
chore: sync Cargo.lock by @TaylorMutch in https://github.com/NVIDIA/OpenShell/pull/1084
ci: drop duplicate shadow e2e workflow by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/1104
chore(ci): label mon maintainer issues for triage by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/1102
feat(release): add Debian package publishing by @drew in https://github.com/NVIDIA/OpenShell/pull/1069
feat(driver-docker): use host networking for sandboxes by @drew in https://github.com/NVIDIA/OpenShell/pull/1080
fix(install): refresh dev gateway registration by @drew in https://github.com/NVIDIA/OpenShell/pull/1110
chore(ci): label maintainer issues by repo permission by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/1116
chore(ci): label non-maintainer issues for triage by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/1120
chore(openshell-core): discover proto files in build script by @ddurst-nvidia in https://github.com/NVIDIA/OpenShell/pull/1122
fix(sandbox): accept ENOENT in drop_privileges identity lookup tests by @ddurst-nvidia in https://github.com/NVIDIA/OpenShell/pull/1123
fix(sandbox): invalidate stale l7 tunnels after reload by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/1118
refactor(sandbox): remove dead relay_response_to_client wrapper by @mesutoezdil in https://github.com/NVIDIA/OpenShell/pull/1125
fix(helm): grant node read access for GPU capacity checks by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/1106
docs: fix broken link and capitalise GitHub correctly by @mesutoezdil in https://github.com/NVIDIA/OpenShell/pull/1135
docs: fix tutorial links pointing to wrong path by @mesutoezdil in https://github.com/NVIDIA/OpenShell/pull/1137
fix(docker): harden supervisor startup and gateway routing by @drew in https://github.com/NVIDIA/OpenShell/pull/1128
feat(vm): derive guest rootfs from sandbox images by @drew in https://github.com/NVIDIA/OpenShell/pull/957
fix(e2e): stabilize wildcard host DNS test by @drew in https://github.com/NVIDIA/OpenShell/pull/1144
fix(bootstrap): add no-progress timeout to image build by @laitingsheng in https://github.com/NVIDIA/OpenShell/pull/1109
feat(policy): add GraphQL L7 inspection by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/1083
ci: cut over non-release workflows to shared runners by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/1131
feat(driver-kubernetes): sideload supervisor binary via init container by @TaylorMutch in https://github.com/NVIDIA/OpenShell/pull/1154
fix(examples): repair multi-agent notepad uploads by @zredlined in https://github.com/NVIDIA/OpenShell/pull/1152
feat(server): add request-ID middleware for request correlation by @sauagarwa in https://github.com/NVIDIA/OpenShell/pull/1082
feat(providers): add profile-backed policy composition by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/1037
fix(ci): include provider profiles in macos docker builds by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/1163
ci(os-49): remove obsolete shadow PR workflows by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/1161
docs: update gateway deployment architecture by @drew in https://github.com/NVIDIA/OpenShell/pull/1108
chore: add new core maintainers to OpenShell by @drew in https://github.com/NVIDIA/OpenShell/pull/1167
ci(os-49): release runner cutover by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/1164
fix(examples): harden multi-agent notepad 409 retry and improve docs by @zredlined in https://github.com/NVIDIA/OpenShell/pull/1166
ci(os-49): fix release jobs on shared runners by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/1172
Two podman driver fixes by @cgwalters in https://github.com/NVIDIA/OpenShell/pull/1077
test(e2e): run suites against docker gateway by @drew in https://github.com/NVIDIA/OpenShell/pull/1153
feat(helm): add kubernetes local-dev environment by @TaylorMutch in https://github.com/NVIDIA/OpenShell/pull/1158
feat(cli): add openshell gateway list subcommand by @maxdubrinsky in https://github.com/NVIDIA/OpenShell/pull/1179
chore: Simplify codeowners rules by @TaylorMutch in https://github.com/NVIDIA/OpenShell/pull/1178
feat(rpm): add RPM packaging with Packit/COPR and GHA release publishing by @maxamillion in https://github.com/NVIDIA/OpenShell/pull/1126
fix(ci): sync mise lock header with CI by @drew in https://github.com/NVIDIA/OpenShell/pull/1187
fix(ci): harden packit rpm source prep by @drew in https://github.com/NVIDIA/OpenShell/pull/1182
ci(vm): cleanup vm build infra by @drew in https://github.com/NVIDIA/OpenShell/pull/1186
docs: add missing provider types to supported providers table by @mesutoezdil in https://github.com/NVIDIA/OpenShell/pull/1180
chore(ci): enable Dependabot for GitHub Actions with 48h cooldown by @fcanogab in https://github.com/NVIDIA/OpenShell/pull/1188
ci(vm): remove remaining EKS release assumptions by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/1195
fix(ci): allowlist dependabot for DCO by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/1202
fix(kube): add RBAC rule for sandbox finalizer updates by @sjenning in https://github.com/NVIDIA/OpenShell/pull/1203
fix(docker): copy providers/ into rust-builder stage by @TaylorMutch in https://github.com/NVIDIA/OpenShell/pull/1211
fix(bootstrap): stabilize release canary gateway startup by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/1210
test(e2e): add podman rust suite by @drew in https://github.com/NVIDIA/OpenShell/pull/1185
fix(release): stabilize dev build packaging by @drew in https://github.com/NVIDIA/OpenShell/pull/1213
fix(sandbox): add copy-self subcommand for scratch-image init container by @TaylorMutch in https://github.com/NVIDIA/OpenShell/pull/1208
docs: fix OpenCode capitalization in provider types table by @mesutoezdil in https://github.com/NVIDIA/OpenShell/pull/1205
feat(cli): add --gateway-insecure flag to skip TLS certificate verification by @sjenning in https://github.com/NVIDIA/OpenShell/pull/1212
ci(helm): add OCI chart release workflow by @TaylorMutch in https://github.com/NVIDIA/OpenShell/pull/1196
chore(deps): bump actions/upload-artifact from 4 to 7 by @dependabot[bot] in https://github.com/NVIDIA/OpenShell/pull/1201
chore(deps): bump docker/login-action from 3 to 4 by @dependabot[bot] in https://github.com/NVIDIA/OpenShell/pull/1200
docs: fix tutorials card link on index page by @mesutoezdil in https://github.com/NVIDIA/OpenShell/pull/1204
docs: replace generic Index link text with actual page titles by @mesutoezdil in https://github.com/NVIDIA/OpenShell/pull/1216
chore(deps): bump actions/github-script from 7 to 9 by @dependabot[bot] in https://github.com/NVIDIA/OpenShell/pull/1198
chore(deps): bump mozilla-actions/sccache-action from 0.0.9 to 0.0.10 by @dependabot[bot] in https://github.com/NVIDIA/OpenShell/pull/1199
chore(deps): bump Swatinem/rust-cache from 2.8.2 to 2.9.1 by @dependabot[bot] in https://github.com/NVIDIA/OpenShell/pull/1197
feat(installer): support macOS dev installs by @drew in https://github.com/NVIDIA/OpenShell/pull/1183
fix(cli): warn when env gateway overrides selection by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/1219
fix(scripts): eliminate xargs subshell dependency in docker-cleanup.sh by @derekwaynecarr in https://github.com/NVIDIA/OpenShell/pull/1207
fix(installer): install release formula from Homebrew tap by @drew in https://github.com/NVIDIA/OpenShell/pull/1222
docs(architecture): reset subsystem docs by @drew in https://github.com/NVIDIA/OpenShell/pull/1184
fix(ci): pin tag release reusable workflows by @drew in https://github.com/NVIDIA/OpenShell/pull/1235
fix(packaging): let gateway auto-detect package driver by @drew in https://github.com/NVIDIA/OpenShell/pull/1236
docs: consolidate documentation structure by @drew in https://github.com/NVIDIA/OpenShell/pull/1231
feat(helm): set nameOverride to openshell by @sjenning in https://github.com/NVIDIA/OpenShell/pull/1237
feat(providers): add custom profile registry by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/1170
feat(rpm): use :dev image tag for non-release Packit builds by @maxamillion in https://github.com/NVIDIA/OpenShell/pull/1218
refactor(cli): remove gateway lifecycle management by @drew in https://github.com/NVIDIA/OpenShell/pull/1221
ci(helm): add helm lint workflow and reorganize chart values under ci/ by @TaylorMutch in https://github.com/NVIDIA/OpenShell/pull/1223
refactor(vm): remove legacy openshell-vm crate by @drew in https://github.com/NVIDIA/OpenShell/pull/1239
docs(helm): add install instructions for OpenShift by @sjenning in https://github.com/NVIDIA/OpenShell/pull/1240
docs(kubernetes): add initial reference docs by @TaylorMutch in https://github.com/NVIDIA/OpenShell/pull/1243
docs(helm): fix overlay values paths after ci/ reorganization by @mesutoezdil in https://github.com/NVIDIA/OpenShell/pull/1247
docs: fix broken policy-engine anchor in policies page by @mesutoezdil in https://github.com/NVIDIA/OpenShell/pull/1246
docs(podman): restore driver architecture details by @drew in https://github.com/NVIDIA/OpenShell/pull/1244
docs(helm): add agent sandbox prerequisite to Helm README by @sjenning in https://github.com/NVIDIA/OpenShell/pull/1249
docs(helm): replace hard tabs with spaces in README OpenShift block by @TaylorMutch in https://github.com/NVIDIA/OpenShell/pull/1254
fix(installer): repair dev install package and service setup by @drew in https://github.com/NVIDIA/OpenShell/pull/1252
fix(docker): use supervisor image path directly by @drew in https://github.com/NVIDIA/OpenShell/pull/1259
fix(vm): harden compute driver socket by @drew in https://github.com/NVIDIA/OpenShell/pull/1248
ci(release): run package release canaries by @drew in https://github.com/NVIDIA/OpenShell/pull/1256
feat(install): add rpm dev installer support by @drew in https://github.com/NVIDIA/OpenShell/pull/1262
feat(sandbox): add Kubernetes user namespace isolation by @mrunalp in https://github.com/NVIDIA/OpenShell/pull/983
feat(server): add generate-certs subcommand; replace alpine PKI hook by @TaylorMutch in https://github.com/NVIDIA/OpenShell/pull/1257
fix(docs): constrain landing terminal height by @drew in https://github.com/NVIDIA/OpenShell/pull/1269
ci(os-132): remove stale remote buildx mode by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/1267
feat(providers): support sandbox provider attach lifecycle by @johntmyers in https://github.com/NVIDIA/OpenShell/pull/1242
ci(os-132): remove obsolete shadow workflows by @jtoelke2 in https://github.com/NVIDIA/OpenShell/pull/1273
fix(packaging): enable mTLS for local packages by @drew in https://github.com/NVIDIA/OpenShell/pull/1271
fix(installer): stop forcing Homebrew VM driver by @drew in https://github.com/NVIDIA/OpenShell/pull/1277
fix(helm): derive grpcEndpoint from chart context by @TaylorMutch in https://github.com/NVIDIA/OpenShell/pull/1241
fix(e2e): isolate kubernetes user namespace test by @drew in https://github.com/NVIDIA/OpenShell/pull/1276