Release v0.8.x

0.8.0 — 0.8.8 | 2026-02-28 to 2026-03-07

The 0.8 series built the telemetry, MCP, and performance foundations.

Highlights

• Unified audit database (capsem-logger) replacing three separate SQLite databases with a single session.db per VM session
• MCP Proxy Gateway with namespaced tools, per-tool dynamic policy, and built-in HTTP tools (fetch_http, grep_http, http_headers)
• Filesystem watcher (capsem-fs-watch) streaming inotify events to the host
• Squashfs rootfs — 81% smaller (2GB ext4 -> 382MB squashfs with zstd)
• In-VM benchmarks (capsem-bench) for disk I/O, rootfs reads, CLI startup, HTTP throughput
• apt-get support inside the VM via overlayfs with redirect_dir=on,metacopy=on

Added

• Dedicated writer thread with block-then-drain batching (up to 128 ops/tx)
• Inline SSE parsing in MITM proxy for Anthropic, OpenAI, and Google Gemini
• Per-call cost tracking with fuzzy model name matching and bundled pricing data
• Trace ID assignment linking multi-turn tool-use conversations
• SQL-driven session statistics, LLM Usage section, SQL-powered search
• Configurable VM CPU (1-8) and RAM (1-16 GB), 1 GB swap file
• Search settings (Google Search, Perplexity, Firecrawl), custom allow/block domain lists
• Active Policy debug panel in Network view
• capsem-mcp-server: NDJSON-over-vsock bridge for MCP JSON-RPC
• MCP server auto-detection from Claude and Gemini settings
• mcp_calls audit table, fs_events audit table
• OpenAI Responses API streaming, cached/reasoning token parsing, non-streaming response parsing
• Generic usage details tracking as extensible JSON map
• Settings tree UI with config_lint() validation, file analytics, setup wizard hook
• Unified SQL gateway (query_db) replacing 11 per-query Tauri commands
• apt-get install support, declarative apt-packages.txt, HTTPS apt sources
• Claude Code as native binary (replaces npm install)
• Ephemeral model preflight check and end-to-end persistence test
• just doctor, release preflight checks, CI preflight job
• Thin DMG distribution with first-launch rootfs download and blake3 verification
• Proxy throughput benchmark (~35 MB/s baseline on Apple Silicon)
• Notarization credential verification in CI preflight

Changed

• Terminal UI overhaul: borderless, inline session stats, reorganized sidebar
• Rootfs switched from 2GB ext4 to 382MB squashfs (zstd, 64K blocks)
• Boot uses overlayfs (immutable squashfs lower + ephemeral tmpfs upper)
• Settings UI auto-generated from TOML tree (6 hardcoded components -> 1 recursive renderer)
• Token details as flexible usage_details JSON column
• Justfile streamlined from 23 to 13 public + 5 internal recipes
• Release builds CI-only (push tag to trigger)

Fixed

• capsem-init aborts on tmpfs/overlayfs mount failure instead of degraded boot
• capsem-init creates /mnt/b before tmpfs mount
• MCP gateway handles notifications/initialized correctly
• Token metrics double-counting, non-streaming null tokens, HEAD check filtering
• 12 compilation warnings eliminated
• Apple certificate legacy 3DES format for CI
• CI notarization no longer hangs (--skip-stapling)

Security

• Ephemeral model invariants enforced by preflight + integration test
• Boot invariant enforcement: fatal-exit on mount failure
• File setting path validation (no .., must start with /)
• PRAGMA query_only = ON on user SQL execution