v0.2.1
Released on 2026-04-03. Full changelog
Highlights
Section titled “Highlights”Deprecated: sandbox fs.writable/fs.deny replaced by fs.read/fs.write sub-sections (#236)
Section titled “Deprecated: sandbox fs.writable/fs.deny replaced by fs.read/fs.write sub-sections (#236)”The sandbox fs section now uses explicit read and write sub-sections instead of the flat writable/deny fields. The old format still works but emits a deprecation warning and will be removed in a future release.
# Deprecated (emits warning)fs: writable: ['.'] deny: ['.git']
# New formatfs: write: allow: ['.'] deny: ['.git']runok migrate command for automatic config migration (#252)
Section titled “runok migrate command for automatic config migration (#252)”Run runok migrate to automatically update deprecated config syntax to the latest format. Currently migrates legacy sandbox fs.writable/fs.deny fields to the new fs.write.allow/fs.write.deny structure. The deprecation warning now includes a hint to run this command.
# Migrate all config files discovered for the current directoryrunok migrate
# Migrate a specific config filerunok migrate -c path/to/runok.ymlSee runok migrate for details.
New Features
Section titled “New Features”Read access control in sandbox presets (#236)
Section titled “Read access control in sandbox presets (#236)”Sandbox presets now support denying read access to specific paths via fs.read.deny. Previously, sandboxing could only restrict write access and network access. With this change, sensitive files like ~/.ssh and ~/.gnupg can be made completely inaccessible to sandboxed commands.
definitions: sandbox: restricted: fs: read: deny: [~/.ssh, ~/.gnupg] write: allow: [., /tmp] deny: [.env, .envrc]See Sandbox Overview for details.
Bug Fixes
Section titled “Bug Fixes”Deprecation warnings now identify their source (#242)
Section titled “Deprecation warnings now identify their source (#242)”Deprecation warnings are now prefixed with runok warning: and include the config file path, making them distinguishable from warnings emitted by other tools in stderr.
runok warning: sandbox fs 'writable'/'deny' fields are deprecated, use 'write: { allow: [...], deny: [...] }' instead --> /path/to/runok.ymlRemove unused definitions.commands field (#235)
Section titled “Remove unused definitions.commands field (#235)”The definitions.commands configuration field has been removed. This field was parsed and merged but never referenced by the rule engine or command parser, so it had no effect at runtime. If your configuration includes definitions.commands, simply remove it — no other changes are needed.
Negated commands (! command) now evaluated correctly (#266)
Section titled “Negated commands (! command) now evaluated correctly (#266)”Commands prefixed with the shell negation operator ! (e.g., ! grep -q pattern file) were not being parsed correctly. The ! prefix caused the command to be treated as a single opaque string (\! grep -q pattern file), which failed to match rules. Now, ! command is recognized as a transparent shell construct, and the inner command is extracted and evaluated against rules as expected.
# Previously returned "ask" even with `allow: 'grep *'`runok check -- 'if ! grep -q test /dev/null; then echo no; fi'# Now correctly returns "allow"runok test no longer evaluates inline tests from remote presets (#227)
Section titled “runok test no longer evaluates inline tests from remote presets (#227)”Inline tests defined in remote presets (e.g., github:org/repo) are now stripped on load. Previously, these tests were collected and evaluated against the full merged config, causing them to fail when local rules overrode the same patterns with stricter actions. Remote preset inline tests are meant to be validated by the preset itself, not by downstream consumers.