Release 2.1.0 (2026-06-02)¶
Bug fixes¶
- list live sessions named only in the VM roster vrg-vm list --sessions derived its set of sessions solely from transcript agent-name events, so a live session that had not yet written one was invisible — even though it was fully recorded in the VM roster with an authoritative name. A freshly created session (zero turns) has no transcript at all, hence no agent-name event, hence no row.
The roster already carries each live session name but was read only for liveness and updatedAt. Seed the session set from the roster name too:
- vrg_vm_resolve._read_state now unions roster_names() with the transcript-derived names (roster authoritative for live sessions), so the resolver list-json and slot selection both see transcript-less live sessions.
- vrg_vm._list_sessions adopts the VM-reported name for any active session the host has no transcript for, since the roster is VM-local and the host never reads it directly.
Documentation¶
-
rewrite onboarding docs to pure GitHub App identity model Reconcile the identity/onboarding docs to the pure GitHub App model that the runtime already implements. Every AI agent is a GitHub App named
-vergil- ; the App installation is the only credential and its permission shape is the security boundary. There are no agent user accounts, classic PATs, or collaborator grants. -
account-setup.md: rewritten as a dual-App guide (user + audit), with inverted permission tables, App ID + Client ID recording, key generation, installation, and the identities.toml dual stanza.
- identity-architecture.md: rewritten to the per-role App model, inverted shapes, and what each agent can and cannot do.
- credential-management.md: rewritten from the deprecated classic-PAT / gh-auth-discovery model to installation-token minting (App ID JWT, /app/installations, short-lived tokens).
- permission-model.md: server-side boundary section now describes App permission shapes instead of outside-collaborator access levels.
- design spec: App naming and pure-App-model language fixes.
The
Features¶
- add identity-aware allowlists, agent denials, and gh api gating
- detect workflow permission errors on push with identity-aware guidance
Refactoring¶
- use plain human-maintainer wording in messages; rename Race Director to Chief Steward in specs
Styling¶
- apply ruff format and simplify push error handling