v0.9.7

What's Changed

• feat: strengthen testing trust, profile guards, and diagnostics by @mark-e-deyoung in #24
• fix: harden Group A correctness paths (race/idempotency/resource caps) by @mark-e-deyoung in #27
• fix: enforce lifecycle/control transition contracts by @mark-e-deyoung in #30
• Add configurable resource-allocation guardrails and bounded caches by @mark-e-deyoung in #33
• Temporal correctness Wave 1: budgets, liveness ops, rollback, heartbeat by @mark-e-deyoung in #36
• Harden recording action contract across API, CLI, and docs by @mark-e-deyoung in #37

Full Changelog: v0.9.6...v0.9.7

v0.9.6: The Hardened Foundation

Release v0.9.6: The Hardened Foundation. Includes modernized dependencies, migration to SemperSupra, unified lifecycle tool, and extensive security/correctness hardening.

v0.9.5

v0.9.5 release with full stability fixes and verified image signatures.

v0.9.3 - Optimized Build & Stable CI

WineBot Status - 2026-02-13

Current State

• Branch: main
• Latest stable release: v0.9.3
• Repositories: Local and Remote synced.

Accomplishments This Session

1. Wine Prefix Warm-up Optimization:

   • Refactored docker/Dockerfile to include a build-time "Warm-up" stage.
   • Pre-initializes the Wine prefix, applies registry tweaks (font smoothing, XInput, Managed WM), and installs the WineBot theme during the build process.
   • Stores the initialized prefix as a template at /opt/winebot/prefix-template.
   • Updated scripts/init/20-setup-wine.sh to populate /wineprefix from the template if empty, enabling instant startup.

2. Major Lint Debt Reduction (Python):

   • Cleaned up the api/ directory, resolving hundreds of flake8 warnings.
   • Standardized imports and function spacing.

3. Shell Script Hardening:

   • Fixed shellcheck warnings in core scripts (smoke-test.sh, run-app.sh, etc.) with robust quoting.

4. Release v0.9.3:

   • Created v0.9.3 release on GitHub.
   • Verification: Local smoke test passed.
   • Production Images: Successfully pushed v0.9.3-rel, v0.9.3-rel-runner, and latest tags to GHCR.

Session Resume Notes

• New Feature: Build-time prefix template (/opt/winebot/prefix-template).
• CI Issue: GitHub Actions runners struggle with the window detection timeout in the smoke test. This is likely a resource/timing constraint specific to the runner environment.
• Verification: Local smoke test passed.

Next Steps

1. Investigate CI Failure: Debug the "Wait for Windows" timeout on GitHub runners. Consider using a larger runner or adjusting the smoke test wait logic further.
2. Expand Template: Consider adding core Windows dependencies (via winetricks) to the build-time template.
3. mDNS Discovery: Begin implementation of Issue #3: mDNS/DNS-SD Discovery.

0.9.2

Full Changelog: 0.9.1...0.9.2

0.9.1

Full Changelog: v0.9.0...0.9.1

v0.9.0 - Control & Visibility (Refactored)

WineBot Status - 2026-02-08

Current State

• Architecture: Major modularization of the API (api/server.py split into routers/core/utils) and Entrypoint logic (scripts/init/*.sh).
• Policy: "User Always Wins" Interactive Policy is hardened and verified. The InputBroker manages control leases effectively.
• Security: Strict version pinning implemented for OS (Digest), Python (Requirements), and Windows Tools (Versioned URLs). Configuration persistence hardened via /wineprefix/winebot.env with 0600 permissions.
• CI/CD: Refactored .github/workflows/release.yml into granular capability-based stages (Boot, API, Automation, Tracing, Recording).
• Diagnostics: diagnose-master.sh is now the primary internal engine for verification, supporting phased execution.

Accomplishments Today

1. API Modularization: Split 2800-line monolith into a clean package structure.
2. CI Pipeline: granularized tests to provide fail-fast feedback and clear visibility into feature breakage.
3. Hardening: Fixed gosu privilege dropping, restricted /wineprefix permissions, and secured the winebotctl config stack.
4. Agent Map: Created AGENTS.md to assist future coding agents in navigating the codebase efficiently.
5. Session ID Fixes: Dashboard now supports historical artifact visibility across container restarts.

Next Steps

1. Merge & Release: Merge release/v0.9.0 into main and tag the release.
2. Expansion: Investigate multi-monitor/Xinerama support for expanded automation canvas.
3. Observability: Enhance the Dashboard with real-time trace visualization (moving from crosshair to event stream).

Session Relevant Items

• Branch: release/v0.9.0
• Verification: All tests passed (Unit, Smoke, CV) after fixing import and permission gaps.
• Environment: Resolution standardized at 1280x720x24.

v0.8.0 - Session Recording + Annotations

First-class support for recording WineBot sessions to video with togglable annotations.

v0.7.0 - Agent-Ready Platform

Status Report - 2026-02-02

Milestone: Agent-Ready API & Enhanced Headless Support

We have completed a major overhaul of the automation layer, introducing an internal HTTP API and robust helper scripts to make WineBot easily controllable by autonomous agents and external scripts.

1. New Features

• Internal API (port 8000):
  • Vision: /screenshot with labeling and window targeting.
  • Control: /input/mouse/click, /windows/focus.
  • State: /windows (list), /windows/active, /health.
  • Automation: /run/ahk, /run/autoit, /run/python, /apps/run.
• Headless Helpers:
  • automation/x11.sh: Unified wrapper for xdotool/xprop interactions.
  • scripts/run-ahk.sh & run-autoit.sh: Robust script runners that handle Wine bootstrapping and logging.
  • automation/screenshot.sh: Hardened capture tool with environment auto-detection.
• Security:
  • Authentication: API_TOKEN environment variable enforces X-API-Key verification.
  • Input Validation: File paths restricted to safe directories (/apps, /wineprefix, /tmp).

2. Improvements & Maintenance

• Dependencies:
  • Upgraded Windows Python from 3.12.8 to 3.13.11.
  • Aligned with Linux container Python version.
• Cleanup:
  • Removed obsolete scripts (click_xy.sh, run-headless.sh).
  • Standardized on docker compose workflows.
• Documentation:
  • Created AGENTS.md: Definitive guide for automated interaction.
  • Updated README.md, architecture.md, api.md.

3. Verification

• Smoke Tests: scripts/smoke-test.sh passes successfully.
  • Validates X11 desktop, API endpoints (health, execution), and tool installation.
  • 11 Unit Tests (pytest) pass.

4. Next Steps / Future Work

• Security Hardening (Strategy B):
  • Implement network isolation profiles in Compose.
  • Enforce VNC password requirements in entrypoint.
  • Read-only volume mounts.
• Feature Expansion:
  • Add /clipboard endpoints (get/set text).
  • Add file upload/download via API.

5. Recommendation

• Release: Ready for v0.5.0.

v0.6.0 - Trixie & Python 3.12 Upgrade

Major Upgrades

• Base Image: Switched to debian:trixie-slim (Debian 13 Testing). This upgrade is critical for accessing modern Wine versions (10.0+) and newer system libraries compared to the previous Bookworm base.
• Python: Upgraded the internal Windows embedded Python environment from 3.11.9 to 3.12.8.

Improvements

• Validated with internal smoke tests (AutoIt, AHK) and Python-based UI automation (Notepad).