2026年05月18日 Release v0.2.2

🛡️ Security Fixes

• hypervisor: vmm-sys-util bumped 0.11.x → 0.12.1 (CVE-2023-50711, GHSA-875g-mfp6-g7f9): FamStructWrapper::deserialize previously failed to verify that the header length matched the flexible-array length, allowing out-of-bounds memory access from safe Rust code. Pinned to the workspace version already used by every other hypervisor crate.
• agent / hypervisor: bytes and env_logger security bumps — additional dependency refreshes from the same CVE-fix pass (CVE fix #267 ).
• Reverted time crate bump (CVE-2026-25727 / GHSA-r6v5-fh4h-64xc) (Revert "deps(rust): bump time to 0.3.47 to fix CVE-2026-25727" #286 ): Analysis confirmed that CubeSandbox only uses time::format_description::well_known::Rfc3339 for outbound timestamp formatting and never invokes Rfc2822 parsing on untrusted input — the affected attack vector is not reachable. The upgrade was rolled back because it requires an MSRV bump and will be addressed separately when the project is ready.

🚀 Critical Fixes

• Fixed duplicate template-image job creation (CubeMaster) (fix(template_image): add request_id field to prevent duplicate job creation #227 ): A new request_id column with a unique index on (request_id, operation) makes job submissions idempotent. Migration logic handles existing records with legacy IDs. Eliminates the race where concurrent or retried API calls could enqueue the same build twice.
• Fixed cubecli exec nil-deref panic on stdin EOF (fix(cubecli): nil-deref panic in exec StdinCloser on stdin EOF #188 ): StdinCloser.Read previously triggered a nil-pointer dereference when stdin reached EOF, silently aborting the exec lifecycle. The fix correctly handles EOF and switches to errors.Is(err, io.EOF) for proper error-wrapping compatibility. Shim logs now emit the expected paired exec req / wait container ... exit code entries.
• Fixed ext4 artifact runtime file materialization for PVM templates (Fix ext4 artifact runtime file materialization for PVM templates #282 ): RefreshArtifactRuntimeFiles, validateArtifactRuntimeFilesPresent, and ensureArtifactRuntimeFiles are simplified to handle only kernel files; copyKernelFileAtomically is renamed to CopyFileAtomically for reuse outside the package. Unit tests are updated and pruned accordingly.

✨ Enhancements

• E2B-compatible default exposed port (Change default exposed port to 49983 for E2B compatibility #207 ): The default sandbox exposed port is changed from 8080/32000 to 49983 to match the E2B sandbox protocol. CubeMaster is now the single authoritative source of default exposed ports — hardcoded defaults and port-seeding logic are removed from Cubelet and network-agent, preventing silent divergence.
• cubelet: cmdTimeout configurable via storage plugin config (storage: make cmdTimeout configurable via plugin config #236 ): A new optional cmd_timeout field in the storage plugin TOML config replaces the hardcoded 3 s default. Multi-GiB ext4 operations on the live-create slow path under concurrent load can exceed 3 s; operators can now raise the limit without recompiling. Default behavior is unchanged when the field is absent.
• cubelet: richer diagnostics on newExt4RawByReflinkCopy failures (cubelet: add diagnostic context to newExt4RawByReflinkCopy errors #237 ): Error messages now include elapsed time, target/base file stats, and free space in the format [step=N/4 cmd="..." elapsed=...ms target=size=... base=size=... free=...B]. Stat/statfs errors are reported inline. Unit tests are added for describeStorageFailure / describeFile / describeFreeBytes.
• Deploy: sync CubeMaster custom ports with .env config (feat(deploy): sync cubemaster custom ports with .env config #210 ): cubemaster.yaml now uses __CUBE_SANDBOX_MYSQL_PORT__ and __CUBE_SANDBOX_REDIS_PORT__ placeholders; install.sh substitutes them from the .env file, enabling non-default MySQL/Redis ports without manual YAML edits.

⚙️ Engineering Improvements

• cubecli: removed dead listmd command (fix(cubecli): remove dead listmd command #181 ): The unreachable listmd subcommand and its 128-line implementation (metadata.go) are deleted, reducing dead-code surface.

🤖 CI / DevOps

• Claude-powered code review and issue triage automation (feat(ci): add Claude-powered code review and issue triage automation #255 ): Five AI reviewer agents are introduced under .agents/agents/ (code quality, performance, security, test coverage, documentation accuracy). Automated workflows handle PR code review, duplicate issue detection, and issue label triage. A secure GitHub App token flow is wired up for CI actions, and helper scripts gh.sh and edit-issue-labels.sh are added under scripts/.
• gh.sh: issue comment support (feat: add issue comment support to gh.sh and restrict workflow tools to scripts #262 ): gh.sh gains comment-issue to post comments via stdin heredoc, and workflow tool paths are restricted to the new scripts directory for consistency.
• CI model configuration update (ci: update model configuration and add show_full_output option #259 ): Model name and show_full_output option updated for the AI review workflow.

📚 Documentation

• Chinese translation of CONTRIBUTING.md (docs: add Chinese translation of CONTRIBUTING.md #276 ): CONTRIBUTING_zh.md added as a full Chinese translation of the contribution guide.
• Community doc PR requirements relaxed (docs: update community doc PR requirements in CONTRIBUTING.md #279 , Docs/fix contributing zh pr requirements #280 ): Both CONTRIBUTING.md and CONTRIBUTING_zh.md now allow single-language submissions; bilingual docs are encouraged but optional, with clear nested requirements.
• Network port allocation ranges documented (docs(network): Document compute-node port allocation ranges #205 ): docs/architecture/network.md (EN & ZH) now explicitly documents the three port-range buckets on compute nodes: 10000–19999 (network-agent ip_local_port_range), 20000–29999 (CubeProxy sandbox access), 30000–65535 (CubeVS SNAT).
• Community docs: troubleshooting / use-cases / integrations sections (feat(docs): add community docs channels with bilingual CI check #238 ): New bilingual doc sections added to VitePress with template files and index pages; a GitHub Actions workflow enforces bilingual parity for community docs. CONTRIBUTING.md and READMEs updated with contribution links.
• Domain update: CNAME switched from docs.cubesandbox.ai to cubesandbox.com (chore: update CNAME domain from docs.cubesandbox.ai to cubesandbox.com #271 ).
• Fixed browser-sandbox example: Added missing load_dotenv() call and python-dotenv dependency so .env variables are loaded before the script runs.
• WeChat group QR code refreshed (Add files via upload #208 ): Updated to a valid group code.
• v0.2.1 changelog entries (docs: add v0.2.1 changelog entry (EN/ZH) #281 ): EN and ZH changelog pages updated with the v0.2.1 release notes.

🙏 Contributors

Thanks to everyone who contributed to v0.2.2: @fslongjin, @foxywang, @cocovs, @WaylandYang, @chenggui53, @luzhixing12345, @turtlemoji, @QingqLin, @chenhengqi, @Dafeigy.

Full Changelog: v0.2.1...v0.2.2