Releases: WZ/agent-gate
Releases · WZ/agent-gate
agent-gate v0.3.4
agent-gate v0.3.4
Single-user audit gate for AI agent HTTPS traffic. See the
README for
what this is and how to get started.
Install
macOS — Homebrew:
brew tap WZ/tap
brew install agent-gate
Other platforms — binary download: grab the archive for your
platform below, extract, and put agent-gate on your PATH. On
macOS without Homebrew, you may need to clear the quarantine
attribute the first time:
xattr -d com.apple.quarantine ./agent-gate
Either way, finish with:
agent-gate init
Changelog
- 9b742a7 feat(run): consolidate --permissive/--airtight-fail into --mode + Advanced Flags section
Full Changelog: v0.3.3...v0.3.4
agent-gate v0.3.3
agent-gate v0.3.3
Single-user audit gate for AI agent HTTPS traffic. See the
README for
what this is and how to get started.
Install
macOS — Homebrew:
brew tap WZ/tap
brew install agent-gate
Other platforms — binary download: grab the archive for your
platform below, extract, and put agent-gate on your PATH. On
macOS without Homebrew, you may need to clear the quarantine
attribute the first time:
xattr -d com.apple.quarantine ./agent-gate
Either way, finish with:
agent-gate init
Changelog
- 6b6fb62 chore(review): tighten dashboard probe + type the stage enum
- 3d90449 docs(readme): surface
brew upgrade agent-gatemore clearly - 2d81f1e feat(run): reuse an already-running dashboard instead of failing the bind
- 01db36b fix(init): list hosts in summary, default Install, Y/N gate custom hosts, back nav
- 838937c fix(init): show running tally on the custom-hosts loop
- f72f73e fix(init): teach the host-multiselect with a hint and a confirm step
Full Changelog: v0.3.2...v0.3.3
agent-gate v0.3.2
agent-gate v0.3.2
Single-user audit gate for AI agent HTTPS traffic. See the
README for
what this is and how to get started.
Install
macOS — Homebrew:
brew tap WZ/tap
brew install agent-gate
Other platforms — binary download: grab the archive for your
platform below, extract, and put agent-gate on your PATH. On
macOS without Homebrew, you may need to clear the quarantine
attribute the first time:
xattr -d com.apple.quarantine ./agent-gate
Either way, finish with:
agent-gate init
Changelog
- 97030f9 docs(readme): lead Quick Start with brew install on macOS
- 5e2dbd8 feat(ui): banner for
agent-gate initand shield favicon for the dashboard
Full Changelog: v0.3.1...v0.3.2
agent-gate v0.3.1
agent-gate v0.3.1
Single-user audit gate for AI agent HTTPS traffic. See the
README for
what this is and how to get started.
Install
macOS — Homebrew:
brew tap WZ/tap
brew install agent-gate
Other platforms — binary download: grab the archive for your
platform below, extract, and put agent-gate on your PATH. On
macOS without Homebrew, you may need to clear the quarantine
attribute the first time:
xattr -d com.apple.quarantine ./agent-gate
Either way, finish with:
agent-gate init
Changelog
- e85266f build: publish a Homebrew formula on every stable v* tag
Full Changelog: v0.3.0...v0.3.1
agent-gate v0.3.0
agent-gate v0.3.0
Single-user audit gate for AI agent HTTPS traffic. See the
README for
what this is and how to get started.
Install
Download the archive for your platform below, extract, and put
agent-gate on your PATH. Then:
agent-gate init
On macOS, you may need to clear the quarantine attribute the first
time:
xattr -d com.apple.quarantine ./agent-gate
Or install from source:
go install agent-gate/cmd/agent-gate@v0.3.0
Changelog
- 5ccf184 feat(agentdetect, doctor): codex chatgpt.com default + WS pinning advisory
- e5a3cd8 feat(launcher): plumb HijackHosts through both proxy.Run callsites
- b873d33 feat(parser): decode zstd request bodies + Session_id header fallback
- 9ffb69d feat(policy): ws_pinned_upstream rule for empty 101 upgrades
- edd40c9 feat(proxy): forward non-WS HTTP through hijack handler
- ce3add4 feat(proxy): hijack handler for frame-aware WebSocket capture
- aef3dac fix: address PR 24 review findings
- 27b3735 fix: review-driven hardening for Plan 5 Stream B
- cc2e4b2 fix: wire hijack hosts through netns proxy
- fd2147b test(codex): fixtures for HTTP fallback path + pinned WS upgrade
- 0abbf9f ui: open Headers section by default on event detail
Full Changelog: v0.2.0...v0.3.0
agent-gate v0.2.0
agent-gate v0.2.0
Single-user audit gate for AI agent HTTPS traffic. See the
README for
what this is and how to get started.
Install
Download the archive for your platform below, extract, and put
agent-gate on your PATH. Then:
agent-gate init
On macOS, you may need to clear the quarantine attribute the first
time:
xattr -d com.apple.quarantine ./agent-gate
Or install from source:
go install agent-gate/cmd/agent-gate@v0.2.0
Changelog
- 793b006 Address init onboarding feedback
- 03c85bf Include denied host in allowlist errors
- 5698e45 Initial commit
- f694951 Merge main into explore-page (resolve Plan 7 conflicts)
- f49fc46 Merge remote-tracking branch 'origin/main' into feat/plan5-codex-fixture
- dae3b55 Merge remote-tracking branch 'origin/main' into fix/dashboard-badge-polish
- a5a764f Polish init wizard onboarding
- ff50816 Polish init wizard: Continue button + custom-host copy fixes
- 2469392 build: gitignore docs/superpowers (local working notes)
- 00614bd build: inject version/commit/date ldflags from git in Makefile
- 672e43d build: populate version/commit/date from runtime/debug.ReadBuildInfo
- f86fefe build: trust ldflags-set commit and skip runtime/debug dirty check
- 56e363f ca: expose leaf tls config builder
- 3953d68 ci: bump Go to 1.25, add gofmt gate, fail-fast=false on matrix
- 714f10e ci: run go vet and go test on linux, macos, windows
- e2ae93d dashboard: collapse Explore PII chips into the event row
- b7fe7c6 dashboard: friendlier flag labels + correct severity color in session view
- 7b93a46 docs(claude): project memory file for AI assistants
- f1bf192 docs(claude): require worktree for all execution
- b3d3337 docs(plan7): post-ship doc-rot sweep
- f70729b docs(plan7): reorder TODOS, add Plan 6+7 to CLAUDE.md, install via release binaries
- 6a1b417 docs(readme): airtight launcher setup, flags, threat-model boundaries
- c08edcc docs(readme): build-from-source ldflags incantation; ignore skill state dirs
- 247e495 docs(readme): document Plan 1 features and getting started
- 59c13b7 docs(readme): document Plan 3 surface — CLI, host buttons, upstream-CA, stop
- ad19311 docs(readme): document policy + dashboard
- aea2188 docs(readme): rewrite First-time setup + add Upgrading section for v0.6.0
- 5843470 docs(readme): use neutral placeholder hostname in upstream-ca example
- 624ee7c docs(readme): visual uplift with hero banner, system diagram, and live screenshots
- 0e1d68e docs(runtime): document SetNow constraints; modernize test context
- 082fa24 docs(secrets): correct comment on FindAll dedup behavior
- cefbae1 feat(agentdetect): detect installed agents via PATH + env vars
- cde4c23 feat(allowlist): add Remove(host) for dashboard untrust
- 504cb55 feat(allowlist): file-backed host allowlist with atomic add
- b7029f6 feat(ca): add Installer interface + Smallstep + Mock impls
- 9951cbf feat(ca): root CA generation, persistence, leaf signing
- bbec8e5 feat(cert): truststore-backed install/uninstall, drop manual instructions
- 678702c feat(cli): add agent-gate run subcommand (permissive mode functional)
- 3df18df feat(cli): agent-gate dashboard subcommand
- eead390 feat(cli): agent-gate init bootstraps config + CA + windows WFP install
- 72196c9 feat(cli): agent-gate reindex command
- 4fa7b3e feat(cli): cert install (macOS) + cert path
- dcdeab8 feat(cli): cobra skeleton with version, proxy, cert, tail subcommands
- 6d6778f feat(cli): dashboard auto-reindexes PII on first launch
- e61a462 feat(cli): dispatch __netns-helper hidden subcommand from main
- a3995ed feat(cli): polling tail subcommand
- 82ba6fd feat(cli): run policy on every captured flow before persisting
- 05157d3 feat(cli): wire agent-gate proxy to proxy+parser+store pipeline
- 313950b feat(cmd): add 'agent-gate doctor' subcommand
- 8de1231 feat(cmd): add help topics + group commands in --help
- 3f4a7ad feat(config): TOML config loader with defaults and tilde expansion
- bf393d7 feat(dashboard): /explore empty state with Reset filters
- 9f677fe feat(dashboard): /explore free-text body+url+host search
- f9a587e feat(dashboard): /explore page with all-events table
- a256372 feat(dashboard): /explore pagination
- 81e8f98 feat(dashboard): POST /api/dismiss + /api/trust actions
- 3c85bdb feat(dashboard): Passthrough button + denylist > passthrough priority fix
- 6cd2c6c feat(dashboard): SSE /api/live emits new event ids on a poll
- f22b8f8 feat(dashboard): add POST /api/untrust to remove hosts from allowlist
- 8906967 feat(dashboard): add Untrust button on trusted-host event detail
- 39a9420 feat(dashboard): clear-all-events button (wipes data, keeps config)
- 7e8d47f feat(dashboard): clickable risk feed + mobile-stacked sessions table
- f57c391 feat(dashboard): collapsible SSE event blocks
- bd8c7db feat(dashboard): event detail with redacted/raw toggle (raw is audit-logged)
- 2b46224 feat(dashboard): filter chips for host + time range on sessions list
- 9143a14 feat(dashboard): flag PII in payload bodies
- 88d4e16 feat(dashboard): host filter chips on /explore
- 97da8b2 feat(dashboard): kind filter chips on /explore
- 525c2fb feat(dashboard): payload inspection polish
- c27f284 feat(dashboard): per-row PII chip strip on /explore
- 2872a86 feat(dashboard): port to Investigator's Desk visual system
- 3faf658 feat(dashboard): pretty-print JSON + SSE bodies in event detail
- 034c6bd feat(dashboard): redesign SOC overview
- aebdd22 feat(dashboard): redesign event inspection
- 5efa611 feat(dashboard): redesign session timeline
- d0cc950 feat(dashboard): restore Trust host + Dismiss flag buttons on event detail
- b7d702e feat(dashboard): server skeleton with embedded assets + base layout
- 58904fe feat(dashboard): session detail view listing events oldest-first
- 0c27844 feat(dashboard): sessions list view grouping events by session id
- 87b4fca feat(dashboard): syntax-color JSON + SSE bodies in event detail
- a949a97 feat(dashboard): time preset filter on /explore
- 60b8345 feat(dashboard): top-bar Operations/Explore nav
- 69e06f2 feat(dashboard): two-tier PII coloring (sensitive vs identifying)
- b37bb83 feat(denylist): add Remove(host) mirroring allowlist
- 40dfbb6 feat(denylist): hard-block button + denylist file (always wins, no enforce needed)
- 7d96e60 feat(dismissals): JSON-backed audit log with three scopes
- 9d6292e feat(doctor): add Check primitives + 5 checks (CA, ports, data-dir, lockfile, host-list)
- bc7578b feat(doctor): add Repair (safe/aggressive) and human/JSON output
- 14d6381 feat(doctor): add config-valid, agents-detected, ca-trusted checks
- 849795b feat(idgen): goroutine-safe monotonic ULID generator
- 3fa1534 feat(init): rewrite as initwizard-driven onboarding command
- f33729e feat(init): write inline-commented config.toml on bootstrap
- f7f289b feat(initwizard): add huh-backed HuhPrompter (interactive)
...