v1.12.3

What's Changed

• Fix gitleaks license gate and macOS test TMPDIR in CI by @TeoSlayer in #312
• Harden daemon IPC/transport correctness and DoS sizing by @TeoSlayer in #314
• Use writable /tmp TMPDIR for tests on both CI runners by @TeoSlayer in #316
• Fix config and CLI correctness/safety bugs in pilotctl by @TeoSlayer in #313
• Harden app-store install path and cap-state reads by @TeoSlayer in #315
• catalogue: publish Smol Machines (io.pilot.smolmachines v1.2.0) [needs re-sign] by @Alexgodoroja in #319
• appstore: carry install.json/install.sh on install + wire trust anchor by @Alexgodoroja in #318
• daemon: drop PILOT_TRUSTED_PUBLISHERS wiring (catalogue is the trust anchor) by @Alexgodoroja in #320
• chore(release): CHANGELOG for v1.12.0 by @TeoSlayer in #300
• docs: staged TLS+pinning rollout for registry transport (H1) by @TeoSlayer in #310
• Update README.md by @TeoSlayer in #299
• go.mod: bump app-store to the proc.exec version by @Alexgodoroja in #317
• Pin app-store to v1.0.1 release tag by @TeoSlayer in #321
• Fan out release to PyPI, npm, and Homebrew by @TeoSlayer in #322
• Drop push-based downstream fan-out in favor of self-polling by @TeoSlayer in #323
• daemon: anchor catalogue apps to the catalogue publisher pin (companion to app-store#25) by @Alexgodoroja in #324

Full Changelog: v1.12.2...v1.12.3

v1.12.2

Round-2 security audit fixes + CI/supply-chain hardening.

Client/daemon fixes:

• Fix daemon rotate-key data race: old Ed25519 private key was zeroed while a concurrent signer could still read it (use-after-zero on signing material).
• pilotctl recovery now backs up identity.json before overwriting it.
• Auto-updater: fail closed when gh is absent (SLSA attestation can no longer be silently skipped); bump updater to v0.2.3; add --skip-attestation / PILOT_UPDATER_SKIP_ATTESTATION opt-out.
• Repoint dead changelog/MOTD feed URLs to the pilot-protocol org.

Security CI + evals:

• Add CodeQL, gosec, govulncheck, gitleaks, dependency-review gating and adversarial fuzz/eval suites (badge IPC, keyexchange frames, node-binding).
• Bump toolchain to go 1.25.11 (stdlib advisory fixes).

What's Changed

• Add pilotctl auto-update control surface (off by default) by @TeoSlayer in #304
• catalogue: sixtyfour v2 bundles map (fix macOS + Linux install) by @Alexgodoroja in #306
• Security hardening batch: updater attestation opt-out, recovery backup, feed repoint, trust-pin TODO by @TeoSlayer in #307
• Fix data race between key rotation and registry signer by @TeoSlayer in #308
• Bump updater to v0.2.3 for fail-closed attestation by @TeoSlayer in #309
• Add supply-chain CI gates and adversarial fuzz evals by @TeoSlayer in #311

Full Changelog: v1.12.1...v1.12.2

v1.12.1

What's Changed

• Fix NAT keepalive dropped by src-binding; flow poll retry; recover test by @TeoSlayer in #303

Full Changelog: v1.12.0...v1.12.1

v1.12.0

What's Changed

• test(daemon): isolate HOME to fix flaky ~/.pilot test contention by @TeoSlayer in #252
• test(registry): reconcile stale WAL torn-tail test with current contract by @TeoSlayer in #251
• feat(pilotctl): agent-first CLI overhaul — bounded output, filters, styling by @TeoSlayer in #247
• Signed app-store catalogue + Pages catalogue site by @TeoSlayer in #249
• ci: validate app-store catalogue entries on PR by @Alexgodoroja in #259
• fix(pilotctl): reject non-all skill ids in disable/enable (PILOT-394) by @matthew-pilot in #260
• chore: remove app-store catalogue CI from platform repo by @Alexgodoroja in #272
• feat(appstore): catalogue list shows name+headline only with view pointer (PILOT-404, PILOT-405) by @TeoSlayer in #275
• feat(pilotctl): add review command with subject+rating validation (PILOT-410) by @TeoSlayer in #276
• fix(install): add consent disclosure section (PILOT-393) by @matthew-pilot in #271
• feat(pilotctl): add pilotctl update command (PILOT-396) by @matthew-pilot in #262
• feat(telemetry): consent-gated telemetry client with Ed25519 signing (PILOT-400) by @matthew-pilot in #263
• fix(appstore): random output interception for review prompts (PILOT-409) by @matthew-pilot in #268
• feat(telemetry): emit install, catalogue-view, and detail-view events (PILOT-401, 402, 406, 407) by @TeoSlayer in #277
• fix(telemetry): add missing consent gates to appstore telemetry events by @TeoSlayer in #278
• feat(consent+sandbox): broadcasts gate, review consent, skillinject modes, sandbox flag, install disclaimers by @TeoSlayer in #279
• docs: update README — fix errors, add app store, messaging, consent, env vars by @TeoSlayer in #280
• fix: inject nodeID into telemetry events and add catalogue_viewed payload by @TeoSlayer in #281
• fix: populate nodeID in telemetry events; add broadcast consent test by @TeoSlayer in #282
• fix(security): replace math/rand with crypto/rand in 3 daemon files (PILOT-417) by @matthew-pilot in #283
• chore: update module path TeoSlayer/pilotprotocol → pilot-protocol/pilotprotocol by @TeoSlayer in #287
• feat(motd): source banners from pilot-changelog feed-motd.json by @Alexgodoroja in #285
• fix(security): add decompression bomb protection to untarUnder (PILOT-418) by @matthew-pilot in #288
• Bind inner packet Src to authenticated peerNodeID by @TeoSlayer in #294
• Add verified-badge client layer: daemon, IPC, pilotctl by @TeoSlayer in #295
• fix(telemetry): default daemon to production endpoint; emit app_usage on pilotctl call by @TeoSlayer in #293
• chore(deps): bump github.com/pilot-protocol/rendezvous from 0.2.5-0.20260615154750-f09cf1a708b0 to 0.2.5 by @dependabot[bot] in #291
• Add pilotctl verify status with offline check and how-to by @TeoSlayer in #297
• Bump common to v0.5.3 (pinned badge issuer key) by @TeoSlayer in #298
• catalogue: io.pilot.sixtyfour v0.1.0 by @Alexgodoroja in #289
• appstore: per-platform bundles (v3 catalogue) by @Alexgodoroja in #296
• chore(deps): bump github.com/coder/websocket from 1.8.14 to 1.8.15 by @dependabot[bot] in #290
• chore(deps): bump actions/checkout from 4 to 7 by @dependabot[bot] in #286
• Add self-service verify device-flow via the verifier by @TeoSlayer in #301

Full Changelog: v1.11.2...v1.12.0

v1.11.2

What's Changed

• feat(motd): message-of-the-day banner on every pilotctl command by @Alexgodoroja in #253
• release: v1.11.2 — message of the day by @Alexgodoroja in #258

Full Changelog: v1.11.1...v1.11.2

v1.11.1

What's Changed

• docs: add skill-injection transparency disclaimers by @Alexgodoroja in #248
• fix(deps): bump rendezvous to fix accept rate-limiter data race by @TeoSlayer in #250
• feat(appstore): view detail command + catalogue v2 metadata by @Alexgodoroja in #255
• docs(changelog): release 1.11.1 by @Alexgodoroja in #257

Full Changelog: v1.11.0...v1.11.1

v1.11.0

What's Changed

• catalogue: bump io.pilot.wallet 0.3.0 → 0.3.1 by @TeoSlayer in #237
• catalogue: bump io.pilot.wallet 0.3.1 → 0.3.2 (multichain) by @TeoSlayer in #238
• catalogue: bump io.pilot.wallet 0.3.2 → 0.3.3 by @TeoSlayer in #239
• feat(appstore): pilotctl install --local for sideloaded apps by @TeoSlayer in #240
• catalogue: add io.pilot.cosift v0.1.0 by @Alexgodoroja in #241
• catalogue: io.pilot.cosift v0.1.1 (no-config default) by @Alexgodoroja in #242
• catalogue: io.pilot.cosift v0.1.2 (cosift.help discovery) by @Alexgodoroja in #243
• catalogue: host io.pilot.cosift on the apps repo (decouple from platform releases) by @Alexgodoroja in #245
• fix(pilotctl): configurable appstore call timeout (default 120s, was hardcoded 8s) by @Alexgodoroja in #244
• docs: CHANGELOG for v1.11.0 by @Alexgodoroja in #246

Full Changelog: v1.10.9...v1.11.0

io.pilot.cosift v0.1.2

Adds cosift.help — a self-describing discovery endpoint (per-method params, kind, and fast/med/slow latency class).

v1.10.9

What's Changed

• feat(daemon): always-on app-store supervisor by @TeoSlayer in #231
• feat(pilotctl): appstore gen-key + sign for app publishers by @TeoSlayer in #234
• feat(pilotctl): one-command install + canonical catalogue.json + live smoke test by @TeoSlayer in #235
• catalogue: pin io.pilot.wallet bundle_sha256 to wallet-v0.3.0 release by @TeoSlayer in #236

Full Changelog: v1.10.8...v1.10.9

Wallet bundle v0.3.3 — multichain default

Default --evm-chains expands to 8453,1,137 so daemon-supervised wallets get all three USDC mainnets out of the box. PILOT_EVM_CHAINS env overrides.

Bundle sha256: 8d30b4331bc025c327dd2d8610362984cc9365843176e21b96a2637d8e18ff54