v1.6.0

What's Changed

• fix: ANSI-aware table column alignment using console::pad_str by @dean0x in #57

Full Changelog: v1.5.1...v1.6.0

v1.5.1

What's Changed

• fix: EROFS on cache volumes, Claude Code native install, dynamic workdir by @dean0x in #56

Full Changelog: v1.5.0...v1.5.1

v1.5.0

What's Changed

• feat: improve version awareness UX with interactive prompts by @dean0x in #47
• feat: persistent per-project home volumes by @dean0x in #49
• feat: move runtimes and CLI tools to user-level installs by @dean0x in #51
• fix(images): fix aarch64 build failures for CLI tool downloads by @dean0x in #54
• fix(docker): fix aarch64 builds, use npm for Claude install by @dean0x in #55

Full Changelog: v1.4.1...v1.5.0

v1.4.1

What's Changed

• fix: restore terminal state and improve layer selection UX by @dean0x in #45

Full Changelog: v1.4.0...v1.4.1

v1.4.0

What's Changed

• test: add MockRuntime and unit tests for command modules by @dean0x in #41
• feat(exec): add mino exec subcommand for running commands in sessions by @dean0x in #42

Full Changelog: v1.3.0...v1.4.0

v1.3.0

What's Changed

• refactor: decompose run.rs into focused modules by @dean0x in #35
• feat(cli): add shell completion generation by @dean0x in #36
• feat: add Python language layer with uv, ruff, pytest by @dean0x in #37
• feat: add --read-only filesystem mode by @dean0x in #38
• feat: parallelize volume queries + Linux/presets/audit docs by @dean0x in #39
• refactor: deduplicate volume operations between runtimes by @dean0x in #40

Full Changelog: v1.2.2...v1.3.0

v1.2.2

What's Changed

• fix: cache finalization writes sidecar state for immutable caches by @dean0x in #33
• fix(cli): bug fixes for config comments, negatable flags, credential warnings by @dean0x in #34

Full Changelog: v1.2.1...v1.2.2

v1.2.1

What's Changed

• feat: trust gate for local .mino.toml config injection by @dean0x in #16
• fix: redact credentials from debug log output by @dean0x in #17
• security: harden trust gate — gate workdir and vm.* fields by @dean0x in #18
• security: remove default_project_dir to eliminate trust gate bypass by @dean0x in #19

Full Changelog: v1.2.0...v1.2.1

v1.2.0: Container Security Hardening

Highlights

Mino v1.2.0 brings defense-in-depth container hardening, network presets for common workflows, and automatic container cleanup to prevent credential leakage.

Breaking Changes

• Default network mode changed from host to bridge. Containers are now isolated from host localhost by default. Use --network host or set container.network = "host" in config to restore previous behavior.
• All containers now run with --cap-drop ALL. Custom images requiring specific Linux capabilities may fail. Allowlist mode (--network-allow) automatically adds CAP_NET_ADMIN.
• Container processes limited to 4096 PIDs (--pids-limit 4096).

Added

• --network-preset dev|registries flag with built-in allowlists for common services (GitHub, npm, crates.io, PyPI, AI APIs).
• Interactive network mode prompt on first run — saves choice to config so it never prompts again.
• --security-opt no-new-privileges on all containers to prevent privilege escalation.
• Container removal after all sessions (interactive and detached) to prevent credential persistence via podman inspect. Detached containers use --rm for automatic cleanup on process exit.
• capsh --drop=cap_net_admin after iptables setup in allowlist mode — irrecoverably drops the capability before running user commands.
• libcap added to base Dockerfile for capsh binary.

Fixed

• Detached containers (mino run -d) now auto-removed on exit via --rm, closing credential leakage gap where stopped containers exposed env vars via podman inspect.
• mino stop now tolerates already-removed containers gracefully.

Security

• Defense-in-depth: capability dropping, privilege escalation prevention, PID limits.
• Allowlist mode now irrecoverably drops CAP_NET_ADMIN before executing user commands.
• All containers cleaned up after exit to prevent credential leakage (interactive via explicit removal, detached via --rm).

Full Changelog: v1.1.0...v1.2.0

What's Changed

• feat: container security hardening by @dean0x in #14
• fix: auto-remove detached containers to prevent credential leakage by @dean0x in #15

Full Changelog: v1.1.0...v1.2.0

v1.1.0

What's Changed

• fix: rootless Podman autoconfig, cache clear, layer build UX by @dean0x in #11
• feat: interactive layer selection, MINO_LAYERS env, progress UX by @dean0x in #12
• chore: pre-release prep for v1.1.0 by @dean0x in #13

Full Changelog: v1.0.0...v1.1.0