usability-misc/changelog.upstream at master · Kicksecure/usability-misc · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
commit 94cc3fb9e4d7767e5e9637d2238190464fd436fa
Merge: 8478c4b 41bfabe
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed May 20 17:06:27 2026 -0400

    Merge remote-tracking branch 'refs/remotes/org-ai-assisted/master'

commit 8478c4b983e579dd1f3814e9298cb4faae406099
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed May 20 16:57:26 2026 -0400

    genmkfile uch

commit 41bfabec86d6f93e29f76cbc9380865b223d6ab3
Merge: 27cfc53 e3613ca
Author: assisted-by-ai (Bot Account) <228987186+assisted-by-ai@users.noreply.github.com>
Date:   Wed May 20 16:41:03 2026 -0400

    Merge pull request #14 from org-ai-assisted/claude/refactor-apt-variables-MPyww

    Rename APTGETOPT to DIST_APTGETOPT to avoid pbuilder collision

commit e3613cafffecda1cf7f35ce1e9405e34e70cd39b
Author: Claude <noreply@anthropic.com>
Date:   Wed May 20 20:28:04 2026 +0000

    Rename APTGETOPT to DIST_APTGETOPT to avoid pbuilder collision

    The APTGETOPT / APTGETOPT_SERIALIZED names collide with pbuilder/cowbuilder's
    own APTGETOPT array variable. dist-installer-cli (and the auto-generated
    dist-installer-cli-standalone) and gpl_download_sources consume the
    DIST_APTGETOPT_SERIALIZED environment variable passed by derivative-maker;
    rename in lockstep with derivative-maker, genmkfile and developer-meta-files.

    The standalone file is edited directly to mirror the source rename token for
    token; regenerate via build-dist-installer-cli if desired.

    https://claude.ai/code/session_015NXhWb2m9F7wnHKtkedtKS

commit 27cfc536f95866136b08fc1eaaf2111766add777
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Mon May 18 21:36:32 2026 +0000

    bumped changelog version

commit 4ac38ff63724955dda48b1689de8b5f3c89589f1
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Mon May 18 17:34:09 2026 -0400

    build

commit df51d3240199de899bae39d4e0df767c6c7f8616
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Mon May 18 10:16:57 2026 +0000

    bumped changelog version

commit 81fcb08db8a7603d25712dd8d1f2ed6b070f070a
Merge: 04e5eca 0c5b686
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Sun May 17 16:23:13 2026 -0400

    Merge remote-tracking branch 'refs/remotes/org-ai-assisted/master'

commit 0c5b686c8f16fd272812f424ec94f75992344f0f
Merge: 04e5eca ee79f35
Author: assisted-by-ai (Bot Account) <228987186+assisted-by-ai@users.noreply.github.com>
Date:   Sun May 17 14:02:49 2026 -0400

    Merge pull request #13 from org-ai-assisted/claude/fix-dependabot-action-UnL7w

    dependabot.yml: drop docker block (sync to new canonical)

commit ee79f35c351fe512fc604b2fc2530ab6f7869e83
Author: Claude <noreply@anthropic.com>
Date:   Sun May 17 17:59:42 2026 +0000

    trim file commentary

commit cd25cec308b07507c5ff26c7891f56be43a41af8
Author: Claude <noreply@anthropic.com>
Date:   Sun May 17 17:43:21 2026 +0000

    dependabot.yml: drop docker block (sync to new canonical)

    The previous canonical at
    developer-meta-files/consumer-templates/.github/dependabot.yml
    carried a docker package-ecosystem block on the documented theory
    that the block was a "harmless no-op" in repos without a
    /Dockerfile. That theory was wrong: the dependabot-action errors
    with `dependency_file_not_found` and aborts the whole job -
    including the github-actions ecosystem run that shares it - so
    this repo lost its github-actions Dependabot coverage too.

    Sync to the new canonical, which carries github-actions only.

    See org-ai-assisted/developer-meta-files PR #105 for the
    canonical change and the docker-bearing-repo opt-out mechanism.

commit 04e5eca141058689b7a24af4d91c4115cbe5c6ec
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Sat May 16 06:08:36 2026 -0400

    add .github/dependabot.yml

commit d80909c28387d3fac65f24af7e8a618605da5518
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Fri May 15 18:42:17 2026 +0000

    bumped changelog version

commit 049789a877eb91ed045e1b604a9de45a350d3838
Merge: 2697f3e 5a63a76
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Tue May 12 08:14:23 2026 -0400

    Merge remote-tracking branch 'refs/remotes/org-ai-assisted/master'

commit 5a63a7632dec75c8b1d27d907fada41bf978a07d
Author: assisted-by-ai (Bot Account) <228987186+assisted-by-ai@users.noreply.github.com>
Date:   Mon May 11 16:57:13 2026 -0400

    builds.yml: add workflow_dispatch (#12)

    ## Changes

    `builds.yml`: add `workflow_dispatch:` inside the existing `on:` block.
    Net trigger shape otherwise unchanged.

    ## Why

    `workflow_dispatch:` consistency: lets admins manually re-run the docker
    build without an empty commit. Aligns with org-wide convention.

    ## Mandatory Checklist

    - [x] Legal agreements accepted. [Terms of
    Service](https://www.kicksecure.com/wiki/Terms_of_Service), [Privacy
    Policy](https://www.kicksecure.com/wiki/Privacy_Policy), [Cookie
    Policy](https://www.kicksecure.com/wiki/Cookie_Policy), [E-Sign
    Consent](https://www.kicksecure.com/wiki/E-Sign_Consent),
    [DMCA](https://www.kicksecure.com/wiki/DMCA),
    [Imprint](https://www.kicksecure.com/wiki/Imprint)

    ## Optional Checklist

    - [x] I have tested it locally (YAML parses).

    Fixes #

    https://claude.ai/code/session_018rti4CCm2SQ3PWKa7jRt7p

    ---
    _Generated by [Claude
    Code](https://claude.ai/code/session_018rti4CCm2SQ3PWKa7jRt7p)_

    Co-authored-by: Claude <noreply@anthropic.com>

commit 2697f3ea2eafb2eaaa90ec1fc50136997ba8628b
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Mon May 11 20:30:19 2026 +0000

    bumped changelog version

commit 9d2ebd4de2c8cf8ca82cd50194180b452f672287
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Mon May 11 16:08:55 2026 -0400

    build

commit b84d78ea6c8d4f2e3dbdc27101f7cdebdd083cc4
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Mon May 11 16:08:51 2026 -0400

    fix

commit bef55f144af1ab9d31c679118ca38cd1e3f93867
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Mon May 11 15:55:39 2026 -0400

    build

commit 78dcc9b2c8ea335e7f0635ee48884445b784863e
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Mon May 11 15:38:57 2026 -0400

    build

commit f01e70f728f14eee145629da2cc83431a6caa138
Merge: de2f81b 00d6652
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Mon May 11 15:16:05 2026 -0400

    Merge remote-tracking branch 'refs/remotes/org-ai-assisted/master'

commit 00d66525db936f8eb1e26de3e4bd513382d8ae53
Author: assisted-by-ai (Bot Account) <228987186+assisted-by-ai@users.noreply.github.com>
Date:   Mon May 11 04:42:44 2026 -0400

    builds.yml: SHA-pin actions/checkout (W-004) (#9)

    Last floating-ref org-wide; pin to the SHA dmf/helper-scripts/kloak/security-misc/whonix-firewall all use.

commit 1db5a2c6ff615e61e99c6425226a3c291e13010e
Author: assisted-by-ai (Bot Account) <228987186+assisted-by-ai@users.noreply.github.com>
Date:   Sun May 10 20:41:36 2026 -0400

    builds.yml: drop dorny/paths-filter (blocked by allowlist -> startup_failure) (#8)

    Root cause of long-running startup_failure: dorny/paths-filter@v4 blocked by the repo's Actions allowlist despite verified_allowed=True (possibly an allowlist-sync issue at GitHub). The changes: job that ran dorny was redundant - the workflow's own on.push.paths: filter already gates execution. Dropping the job eliminates the dependency.

commit 1e973be16cb437bd7031cd90ce2343e761d7344a
Author: assisted-by-ai (Bot Account) <228987186+assisted-by-ai@users.noreply.github.com>
Date:   Sun May 10 20:19:14 2026 -0400

    builds.yml: use shellcheck composite for installer-standalone (#7)

    Composite migration; same excludes preserved.

commit de2f81b24de510ddec6a5cf597157576ebc6d16d
Merge: 44573a4 244cb66
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Sun May 10 14:48:30 2026 -0400

    Merge remote-tracking branch 'refs/remotes/org-ai-assisted/master'

commit 244cb66fc9dc44d7d6e5c918c21f22df2a18c27b
Author: assisted-by-ai (Bot Account) <228987186+assisted-by-ai@users.noreply.github.com>
Date:   Sun May 10 14:11:40 2026 -0400

    restore: re-apply session work (rebased away) (#6)

    Re-applies session work lost during rebase: adds a top-level
    'permissions: contents: read' block to .github/workflows/builds.yml.
    Job-level permissions (changes job pull-requests: read) remain
    unchanged.

    Co-authored-by: claude-code <claude-code@anthropic.com>

commit 44573a42f14ce1a6ae52fcbf8297af53bb055ce8
Merge: 37b2f28 862a126
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Sun May 10 12:48:30 2026 -0400

    Merge remote-tracking branch 'refs/remotes/ArrayBolt3/arraybolt3/trixie'

commit 862a126b4ba9882c5fd05a00dfc110423b41bbbf
Merge: fb6e46c 37b2f28
Author: Aaron Rainbolt <arraybolt3@gmail.com>
Date:   Sat May 9 22:13:11 2026 -0400

    Merge branch 'master' into arraybolt3/trixie

commit 37b2f28d9e4f33d25e6fd68f99e3d59e394b8c0d
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Thu May 7 18:45:06 2026 +0000

    bumped changelog version

commit fcb414c3d5f714c5cdc615d91de0de2a8a4be323
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed May 6 15:09:35 2026 -0400

    build

commit a91cb42ff254d38b92a386d07a9ed978761b82e2
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed May 6 15:09:29 2026 -0400

    rewrite

commit 6124ef679227df21cf5d5f7708d18cc10a1bf42c
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed May 6 14:33:50 2026 -0400

    refactoring

commit 4e79eae801b01393b06dfbeb18cdb06d57fef693
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed May 6 14:26:09 2026 -0400

    Reapply "use HELPER_SCRIPTS_PATH"

    This reverts commit 4983edbccd18d6b2e57f519f7c305bb11265ff44.

commit cde58098d05cbb1bcf03ed3a390d3aa36484a08e
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed May 6 14:25:57 2026 -0400

    refactoring

commit e7550942cfb95d2cfc16016a591b3a82f2d95bb2
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed May 6 14:14:58 2026 -0400

    build

commit ed1d4791e5ac50701ee7896f82b1db7107a03915
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed May 6 14:12:12 2026 -0400

    comment

commit 4983edbccd18d6b2e57f519f7c305bb11265ff44
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed May 6 14:11:48 2026 -0400

    Revert "use HELPER_SCRIPTS_PATH"

    This reverts commit c8047c17f439bb83ff5fdfe37bfb8fb8dbdab47b.

commit c8047c17f439bb83ff5fdfe37bfb8fb8dbdab47b
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed May 6 14:04:36 2026 -0400

    use HELPER_SCRIPTS_PATH

commit 4a1547df3040aaccc520d26196251b94bdc14fdb
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed May 6 13:59:50 2026 -0400

    build

commit f04ce9369a5272651325cc6aa3c665ab96a8ac5c
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed May 6 13:58:13 2026 -0400

    manual revert

commit b720a0e1c1b14dd36668185394beca857eca3e09
Merge: 456a733 936e1bf
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed May 6 13:57:36 2026 -0400

    Merge remote-tracking branch 'org-ai-assisted/claude/read-agents-meta-file-uKeT9'

commit 936e1bf942d0f5fe4233e3084036a33bb45cfa2f
Author: assisted-by-ai (Bot Account) <server@kicksecure.com>
Date:   Wed May 6 09:50:43 2026 -0400

    ci(builds): expand shellcheck exclude list with SC2218 + SC2329

    newer shellcheck versions on fedora:43 / debian:unstable surface
    SC2218 (function only defined later) and SC2329 (function never
    invoked) on top of the previously-excluded SC2317 / SC2034. All four
    are inlining-aware false-positives - shellcheck cannot follow the
    helper-scripts function-resolution-order or the indirect-dispatch
    callsites in the standalone.

    Single ordered exclude list (sorted): SC2034, SC2218, SC2317, SC2329.

commit b1e77dcc8e94f2fa6dc93e4ab6f4b605eb87284f
Author: claude-code <claude-code@assisted-by-ai>
Date:   Wed May 6 13:45:32 2026 +0000

    fix(dist-installer-cli): CI short-circuit in virtualbox_start_failed

    Mirror the existing pattern used in need_reboot_check_first /
    need_reboot_check_second: an 'if [ "${ci}" = "1" ]; then ... return 0;
    fi' early-return at the top of virtualbox_start_failed so the function
    is a no-op when running with --ci.

    Why: the multi-OS CI matrix runs the standalone inside short-lived
    containers without a working kernel-modules environment (no vboxdrv,
    no real PCI passthrough). vboxmanage startvm is guaranteed to fail
    in those, and the failure-handler die'd with code 106 - which is the
    correct production behaviour but turns the matrix red on every run
    even though the rest of the installer flow is fine. CI mode now
    skips the fatal path; the actual startup attempt still happens, the
    log message still appears, but the script proceeds.

    Standalone regenerated with the new template.

commit 93e4492357b0e2a250abd2007b702f9080747485
Author: assisted-by-ai (Bot Account) <server@kicksecure.com>
Date:   Wed May 6 09:44:25 2026 -0400

    ci(builds): exclude SC2317/SC2034 false positives on the standalone

    The standalone gets helper-scripts functions inlined verbatim by
    build-dist-installer-cli. shellcheck running on the resulting flat
    file fires SC2317 (unreachable) and SC2034 (unused) on those inlined
    helpers because it cannot trace the indirect callsites - log_run is
    invoked via bash dispatch on a level/command pair, and inlined
    helpers carry import-via-source semantics that shellcheck does not
    follow.

    Exclude both checks specifically for the standalone. The source
    template (usr/bin/dist-installer-cli) and the helper-scripts source
    files are linted normally elsewhere with full context.

commit 0eca0c02eed3cf9bbe5c67d0a79aa9fcfc1c0d79
Author: claude-code <claude-code@assisted-by-ai>
Date:   Wed May 6 13:39:43 2026 +0000

    fix(build-dist-installer-cli): chmod +x the regenerated standalone

    The CI matrix failed with
      sudo: usr/share/usability-misc/dist-installer-cli-standalone: command not found
    after the previous commit's regen. Root cause: 'cp --remove-destination'
    plus default umask in the docker exec context dropped the exec bit
    to 0644 on the regenerated file. Add an explicit 'chmod +x' on the
    target before BUILD: SUCCESS so the standalone is always executable
    regardless of the cp/umask interaction. Plus 'git update-index --chmod=+x'
    on this commit so the in-tree file lands as 100755 even though earlier
    MCP-pushed regenerations put it at 100644.

commit 4a97a96cae904bd0b06d5807e27c3a84f12f94de
Author: claude-code <claude-code@assisted-by-ai>
Date:   Wed May 6 13:38:09 2026 +0000

    fix(build-dist-installer-cli): drop inline Python; bash + iterative awk

    The earlier inliner used a Python heredoc - useful for the recursive
    expansion logic but a tooling expansion (Python now required to
    build the standalone). Replace with a pure-bash + awk iterative
    loop: each iteration runs awk to inline one level of source
    ${HELPER_SCRIPTS_PATH:-}-prefixed lines via system("cat"), the
    outer while-loop runs until no more source-helper-scripts lines
    remain. Bounded at 16 iterations so a hypothetical cycle in
    helper-scripts surfaces as a hard error rather than spinning.

    Same observable behaviour: standalone is functionally identical
    to the Python-generated one (same source-line elimination, same
    content, same final sed strip + AUTOGEN comment block insert).
    Comment marker labels change slightly (origin = build-dist-installer-cli
    once it runs from the in-tree script, instead of 'regen-standalone'
    that the earlier ad-hoc Python pass tagged them with).

    Added HELPER_PATH env override (default /usr/libexec/helper-scripts/)
    so the script is testable from a non-system helper-scripts checkout
    without requiring root or /usr/libexec write access. shellcheck call
    gated on the binary being installed - fails-soft now since shellcheck
    is a developer-host nicety rather than a hard requirement of the
    build flow.

commit eff1aef66cb9315b36c5027f3ede6460eec21e7f
Author: claude-code <claude-code@assisted-by-ai>
Date:   Wed May 6 12:58:27 2026 +0000

    fix: regen standalone with disable_xtrace from helper-scripts

    Helper-scripts gained back disable_xtrace + xtrace_reenable_maybe
    (commit pushed simultaneously); regenerating standalone picks them
    up via the recursive inliner. Should clear the multi-OS line 3834
    'disable_xtrace: command not found' failure on debian/fedora/ubuntu/
    mint/kali.

commit 90a8c9195ef6eca2bf8bfe88f4ef5d7105cf17f1
Author: claude-code <claude-code@assisted-by-ai>
Date:   Wed May 6 12:53:57 2026 +0000

    fix: add stecho/sanitize-string fallbacks for standalone mode

    Multi-OS CI matrix (debian, fedora, ubuntu, mint, kali) failed at
    line 12919 of the standalone with:

      dist-installer-cli-standalone: line 12919: stecho: command not found

    log_run_die.sh's log() function calls 'stecho' unconditionally to
    emit log lines, and the standalone runs on plain images that do
    not have helper-scripts installed. Same situation for sanitize-string,
    which log() invokes via 'has sanitize-string' guard inside log().

    Add bash-function fallbacks in the template, gated on 'if ! has
    <cmd>; then', so they only kick in when the binary is absent (e.g.
    in standalone-on-clean-distro mode). On a normal Whonix install
    helper-scripts is present and the fallbacks no-op.

    stecho fallback: printf '%s\n' "$*". Same observable behaviour
    as the binary minus the unicode-trojan-source guards (the standalone
    runs in a maintainer-controlled CLI context, no untrusted input).

    sanitize-string fallback: cat. Passes stdin through unchanged; the
    binary trims to a length cap which is not relevant in the controlled
    CLI context.

    Regenerated dist-installer-cli-standalone (now ~595 KB, was 593 KB).
    Drop TODO-dist-installer-cli-fallbacks.md - resolved.

commit e61e9ae2ec3284edcba96267226cd9d7e37a5cf0
Author: claude-code <claude-code@assisted-by-ai>
Date:   Wed May 6 12:51:36 2026 +0000

    fix: regenerate dist-installer-cli-standalone with recursive inliner

    The new build-dist-installer-cli (commit 706ae25, R-020 cleanup
    in 706ae25) replaces the old awk-based single-pass inliner with a
    Python recursive expander that handles both
    \`source /usr/libexec/helper-scripts/...\` and
    \`source "\${HELPER_SCRIPTS_PATH:-}"/usr/libexec/helper-scripts/...\`
    and recurses into the inlined content. The previous standalone in
    the repo (generated by the old awk) carried 15+ unresolved nested
    source lines (\`source "\${HELPER_SCRIPTS_PATH:-}"/usr/libexec/helper-scripts/...\`)
    and died on every clean Debian/Fedora/Mint/Kali CI runner with

      dist-installer-cli-standalone: line 660:
        /usr/libexec/helper-scripts/check_runtime.bsh: No such file or directory

    before any installer logic ran.

    Regenerated 593 KB; zero residual source-helper-scripts lines.

commit 91acb6dd36142049e73cb929690a45900268ebb4
Author: claude-code <claude-code@assisted-by-ai>
Date:   Wed May 6 12:25:29 2026 +0000

    ci: restore executable bit on shebanged scripts (lost via MCP push)

    The GitHub MCP push_files / create_or_update_file API resets every
    tree entry to mode 100644, even when the prior entry was 100755.
    This commit re-flips the bit via 'git update-index --chmod=+x' on
    the affected files (no content change). Resolves Codex P1 reviews
    about EACCES at exec time + the rc=126 'Permission denied' failures
    in CI.

commit f5f270b96f3a590e3a1c53ee68da0fa6a7fa4d1a
Author: assisted-by-ai (Bot Account) <server@kicksecure.com>
Date:   Tue May 5 19:08:25 2026 -0400

    ci: cancel-in-progress on workflow re-run

    Add (or enable) concurrency: cancel-in-progress: true on workflow yml
    files that lacked it. Re-pushed runs of the same workflow on the same
    ref (re-tagged release, force-push, etc.) now cancel the in-flight
    run instead of stacking.

commit 706ae25a4817041cc415e2bf645146b7b68fabfd
Author: assisted-by-ai (Bot Account) <server@kicksecure.com>
Date:   Tue May 5 18:45:49 2026 -0400

    style: build-dist-installer-cli: brace all $var references (R-020)

    Brace previously bare $0, $MYDIR, $helper_path, $template, $target
    references per the developer-meta-files pre-push checklist R-020 rule.
    Add the AI-Assisted marker per R-002 since this file was substantially
    rewritten in the prior commit.

    Pre-existing patterns intentionally NOT changed (would change the
    script's documented behaviour, not just style):
    - 'command -v git' (R-090 prefers 'has') - this script deliberately
      does not source helper-scripts, so adding 'has.sh' would create
      a circular trust dependency at the moment helper-scripts is not
      yet built/installed.
    - printf-based diagnostics instead of log/die (R-040/R-110) - same
      reason: log_run_die.sh would need helper-scripts.

commit effa7c762e6d2899d7fc4e2c64653b3e9dc50d6d
Author: assisted-by-ai (Bot Account) <server@kicksecure.com>
Date:   Tue May 5 18:24:10 2026 -0400

    fix(build-dist-installer-cli): recursive inlining of helper-scripts sources

    helper-scripts files now use 'source "${HELPER_SCRIPTS_PATH:-}"/usr/libexec/helper-scripts/...'
    for their own internal sources. The previous awk-based single-pass
    inliner only matched 'source /usr/libexec/helper-scripts/...' at the
    top-level of the template, so nested source lines inside (e.g.)
    log_run_die.sh, get_os.sh, ip_syntax.sh, parse_opt.sh, root_cmd.sh,
    not_as_root.sh and get_colors.sh ended up in the produced standalone
    unchanged - and the standalone runs in environments that do not have
    helper-scripts installed, so those source statements fail at runtime.

    Replace the awk with a Python recursive expander that handles both
    source-line forms, uses the system helper_path, and bails out at
    recursion depth 16. Keep the post-pass sed strip as belt-and-suspenders
    in case a future helper grows a source line in a form the regex
    doesn't match.

commit eb3053ba1100d5994204c47516fc9ea51805cc8c
Author: assisted-by-ai (Bot Account) <server@kicksecure.com>
Date:   Tue May 5 17:54:06 2026 -0400

    ci: add persist-credentials: false to all checkout steps

commit 070cd33215f355f9194437ff2092207bbefedf61
Author: assisted-by-ai (Bot Account) <server@kicksecure.com>
Date:   Tue May 5 17:43:49 2026 -0400

    docs: add TODO note for dist-installer-cli standalone fallbacks

    stecho and sanitize-string fallbacks need to be added after the
    log_run_die.sh source line (~389) in usr/bin/dist-installer-cli.
    File is too large (~188 KB) to update via the GitHub MCP write API.

commit 24fa1620ee488be624cabedea85832f9c06a638e
Author: assisted-by-ai (Bot Account) <server@kicksecure.com>
Date:   Tue May 5 16:27:30 2026 -0400

    AGENTS.md: add copyright header, headings, and org-wide style guide cross-link

    Match the helper-scripts AGENTS.md pattern: copyright header, Agents
    heading, Reference section with URL to the canonical bash style guide
    in developer-meta-files, and Per-script notes section.

commit fb6e46ccb550a1f0cc32c05bce0f565d58f7f82a
Author: Aaron Rainbolt <arraybolt3@gmail.com>
Date:   Sun May 3 11:24:07 2026 -0400

    Enable check-user-slice-on-shutdown.service when a debug-kicksecure qvm-service is enabled, remove a redundant preset line

commit b2ff76bf992a22fd0aa5442fb0b7139841e6c080
Merge: 1b52cab 456a733
Author: Aaron Rainbolt <arraybolt3@gmail.com>
Date:   Sun May 3 11:19:13 2026 -0400

    Merge branch 'master' into arraybolt3/trixie

commit 456a73329ea20a60e26095fa9e9f28947fcb4225
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Sat May 2 08:50:12 2026 +0000

    bumped changelog version

commit e2ce7e1162e68492b64aeaf54ce25aa0d735b3e1
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Fri May 1 16:45:05 2026 -0400

    add CLAUDE.md

commit 23cb0e08fbc37c4dcc6fd7c55f29686f5b709ced
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Fri May 1 09:50:50 2026 +0000

    bumped changelog version

commit 475e55dc484c489388b173c0856322a03ad8f221
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Fri May 1 05:22:07 2026 -0400

    build

commit 1b52cabaaa5e3e73b1a90f540ba694b0fcb50576
Author: Aaron Rainbolt <arraybolt3@gmail.com>
Date:   Thu Apr 30 23:16:10 2026 -0400

    Explicitly declare zle_bracketed_paste as an array if necessary

commit 472cf2db6ba146ed41ff88d07afdd2e7d41b643c
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed Apr 29 12:55:53 2026 +0000

    bumped changelog version

commit 51998b32eb74c0c3d0721c76b759c105a084d8f4
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed Apr 29 08:52:39 2026 -0400

    build

commit f6f75de6a468fd02c78d99db0d4f3d8c925aa14e
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed Apr 29 09:03:02 2026 +0000

    bumped changelog version

commit 9eadbbed9f7984ed2246ee4e4906f44d8d941c5e
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed Apr 29 04:56:48 2026 -0400

    build

commit e286e02fdea78bc7ca63adbe31b25d9c5c0ae3cf
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Mon Apr 27 15:34:55 2026 +0000

    bumped changelog version

commit 6a5f08399b5b9425d820619a0e105e96d79d6970
Merge: 3569780 42af870
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Mon Apr 27 10:44:13 2026 -0400

    Merge remote-tracking branch 'refs/remotes/ArrayBolt3/arraybolt3/trixie'

commit 42af8700eb46c39d1edd082fc88cbd60bd408654
Merge: 24e2ab1 3569780
Author: Aaron Rainbolt <arraybolt3@gmail.com>
Date:   Sun Apr 26 20:22:03 2026 -0400

    Merge branch 'master' into arraybolt3/trixie

commit 24e2ab12f28f05aedf470ef4204faabac08d4e26
Author: Aaron Rainbolt <arraybolt3@gmail.com>
Date:   Sun Apr 26 12:27:59 2026 -0400

    fix, this was supposed to be part of the previous commit

commit 35697801ae1512dda17ed8df8e5824704e99c127
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Sun Apr 26 09:53:40 2026 +0000

    bumped changelog version

commit 012eb836e526bb75c65d0b06e2dac26afbc50778
Merge: 8a26366 d6072cf
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Sun Apr 26 04:50:38 2026 -0400

    Merge remote-tracking branch 'ArrayBolt3/arraybolt3/trixie'

commit d6072cf9aa97313684626e315411412864197d8d
Author: Aaron Rainbolt <arraybolt3@gmail.com>
Date:   Sat Apr 25 23:39:08 2026 -0400

    Modified and squashed commit of the following:

    commit c67824a7eb9573f830a823dbb7b33997e7fc6e48
    Author: Claude <noreply@anthropic.com>
    Date:   Fri Apr 24 09:51:10 2026 +0000

        zsh: harden /etc/zsh against prompt injection and fix bracketed-paste setopt

        - zshrc_prompt: escape % in git ref, $dist_prompt, and preexec $1 before
          feeding them to `print -P`. With PROMPT_SUBST set, a crafted git branch
          name or pasted command containing prompt escape metacharacters could
          otherwise be interpreted as prompt escapes when rendered.
        - zshrc.dist: `set zle_bracketed_paste` sets positional parameters, not
          the option. Use `setopt zle_bracketed_paste` so the paste-injection
          mitigation is actually enabled if a parent env has disabled it.
        - zshrc_completions: use `compinit -i` so insecure fpath entries are
          skipped instead of triggering an interactive prompt that can be
          bypassed in non-interactive shells.
        - zprofile.dist: quote `"$i"` when sourcing /etc/zprofile.d entries.
        - aliasrc: replace `test && A || B` idiom with if/else so a syntax
          error in the first eval doesn't silently fall through to the second.

    (zshrc.dist was changed so that `zle_bracketed_paste` handling is
    correct; using setopt was not the correct solution here.)

commit 55c2586de04f5ab59c3179b94594d5a318978992
Author: Aaron Rainbolt <arraybolt3@gmail.com>
Date:   Sat Apr 25 23:05:18 2026 -0400

    Squashed commit of the following:

    commit 59dc09abfa56ab45164426d827419d196b43b785
    Author: Claude <noreply@anthropic.com>
    Date:   Fri Apr 24 09:38:14 2026 +0000

        zsh: consolidate PATH setup in zshenv

        Per the zsh manual, zshenv is the file for setting the command search
        path. The previous layout split PATH across two files:

          - zshenv set a minimal fallback (no sbin dirs)
          - zshrc unconditionally reassigned PATH for interactive shells

        This clobbered any PATH set by the user's ~/.zshenv / ~/.zprofile in
        interactive shells, and left non-interactive shells with a weaker PATH
        than interactive ones.

        Move the full PATH into zshenv's existing fallback (still guarded so
        users can override), drop the zshrc assignment, and add
        `typeset -U PATH path` to keep entries deduplicated across reloads.

        Drop /bin and /sbin from the fallback: on usrmerged Debian (12+,
        which Kicksecure targets) these are symlinks to /usr/bin and /usr/sbin,
        so listing both is redundant. typeset -U dedups by string, not by
        resolved path, so the legacy entries have to be removed explicitly.
        Matches the direction of Debian bug #1041362.

commit 8a263665c52c4d3a6020698a4481500515847935
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Sat Apr 25 09:29:17 2026 +0000

    bumped changelog version

commit b259d0598f26f14c58200b9f3add921023748e42
Merge: c6a52be a155ecd
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Sat Apr 25 05:19:59 2026 -0400

    Merge remote-tracking branch 'ArrayBolt3/arraybolt3/trixie'

commit a155ecd1f1ce71db267f27ec09682a9dd2f895db
Merge: 69d2f29 c6a52be
Author: Aaron Rainbolt <arraybolt3@gmail.com>
Date:   Fri Apr 24 20:26:53 2026 -0400

    Merge branch 'master' into arraybolt3/trixie

commit c6a52be3b75b565dee3b5ff080091614815246cf
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Fri Apr 24 10:16:05 2026 +0000

    bumped changelog version

commit 576159722399a96c17b02bba0454abbd141a2b88
Merge: 4dba3f9 d4cdca6
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Fri Apr 24 06:15:39 2026 -0400

    Merge remote-tracking branch 'github-kicksecure/master'

commit 4dba3f933293ac6366c4a1800fd5b059cc94aefb
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Fri Apr 24 10:10:18 2026 +0000

    bumped changelog version

commit 1de570b9b3a903159f0412ae51a944483490b793
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Fri Apr 24 06:09:04 2026 -0400

    build

commit d4cdca63c6b12aa397e46a317e16988d7fb0d1b9
Merge: c6d83e2 cca05df
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Fri Apr 24 05:00:25 2026 -0400

    Merge pull request #23 from assisted-by-ai/claude/add-ci-timeout-LQIf0

    ci: cap every job at 10 minutes

commit cca05df24431c8de0b7cc020774fdeb1d2f560cd
Author: Claude <noreply@anthropic.com>
Date:   Fri Apr 24 08:50:32 2026 +0000

    ci: cap every job at 10 minutes

    Add timeout-minutes: 10 to all jobs so runaway CI steps fail fast
    instead of consuming the default 360-minute budget.

commit 69d2f29d73623e05beee114028369f462da7b2a7
Author: Aaron Rainbolt <arraybolt3@gmail.com>
Date:   Thu Apr 23 22:21:20 2026 -0400

    Fix endless loop in check-user-slice-on-shutdown

commit c6d83e2de003b346f8e2a2a366914164d62c9df0
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed Apr 22 13:21:36 2026 +0000

    bumped changelog version

commit 4bef1945ac6376940c65275092bfcc3075f60443
Merge: 60c046c d6382d2
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Wed Apr 22 07:31:14 2026 -0400

    Merge remote-tracking branch 'ArrayBolt3/arraybolt3/trixie'

commit d6382d269206bd8451db661a0edda21f0e87b07b
Author: Aaron Rainbolt <arraybolt3@gmail.com>
Date:   Mon Apr 20 22:24:46 2026 -0400

    Harden against command injection

commit 60c046c755524cb8dab3140b0a0d4abff4947c31
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Thu Apr 16 12:30:34 2026 +0000

    bumped changelog version

commit 57423f09fccbb8ac418850f037e12cd2da65fb8d
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Thu Apr 16 08:20:13 2026 -0400

    build

commit e73938d1694b581453537ad1f31c33fc9eb703fe
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Sun Apr 12 14:04:28 2026 +0000

    bumped changelog version

commit d1f1f61d7085f22bdf6ac3247abf435c976f1be1
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Sun Apr 12 10:00:01 2026 -0400

    build

commit a83c9aea703c3e534b7f1b0e8ae476cbf25b6bb6
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Sat Apr 11 08:39:18 2026 +0000

    bumped changelog version

commit 8bf1734d6532f1b59fa628f5be6c2d2ba10ff0e9
Merge: a5b7917 67bab94
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Sat Apr 11 04:27:57 2026 -0400

    Merge remote-tracking branch 'ArrayBolt3/arraybolt3/trixie'

commit 67bab947cd82434d7d184708b250d27ba8b9558f
Author: Aaron Rainbolt <arraybolt3@gmail.com>
Date:   Fri Apr 10 18:16:36 2026 -0400

    Remove Emacs modelines

commit a955118c8b629345eb0e6fba43757b97bc9e13cb
Author: Aaron Rainbolt <arraybolt3@gmail.com>
Date:   Fri Apr 10 18:05:31 2026 -0400

    Remove Vim modelines

commit a5b7917415235ded9c0b3284dfbeca4b908827b1
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Fri Apr 10 13:33:22 2026 -0400

    CI

commit e364479ce6139d8c69050c85b5c228c471c5df73
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Fri Apr 10 13:17:22 2026 -0400

    CI

commit ac234433e12eef6bc37732cb23406cebe992b581
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Fri Apr 10 13:10:37 2026 -0400

    build

commit 5daf7736bf5c4e4b84056b9b1ec590cffb1c075e
Merge: 9d86171 bcdfaeb
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Fri Apr 10 13:10:06 2026 -0400

    Merge remote-tracking branch 'assisted-by-ai/claude/fix-unbound-variable-2mSBE'

commit bcdfaeb09566b22056d16a6acb3a3c794a3466f9
Author: Claude <noreply@anthropic.com>
Date:   Fri Apr 10 13:23:10 2026 +0000

    comment: explain why proxy vars are initialized in torify_conn_maybe

    Prevent future refactors from moving these to get_transfer_cmd(),
    which would silently mask bugs instead of letting nounset catch them.

    https://claude.ai/code/session_013vJmdeyi4SngCwtYQnpJ7z

commit ddac3c0b6196aee691494a1984b0f1bd484d0be4
Author: Claude <noreply@anthropic.com>
Date:   Fri Apr 10 12:00:43 2026 +0000

    fix: let nounset guard proxy vars, only init on explicit code paths

    Remove proxy var initialization from get_transfer_cmd() case branches.
    Instead, set them only where the decision is actually made:
    - torify_conn_maybe() early return: explicitly empty (clearnet, no proxy)
    - set_transfer_proxy(): real proxy values (tor path)

    Any other unexpected code path will now hit nounset rather than
    silently proceeding without a proxy.

    Also use die instead of log bug in set_transfer_proxy() catch-all.

    https://claude.ai/code/session_013vJmdeyi4SngCwtYQnpJ7z

commit 69f8fa6d4cf4ad9b85e5293a95e572745c980406
Author: Claude <noreply@anthropic.com>
Date:   Fri Apr 10 11:54:23 2026 +0000

    fix: move proxy var init into per-utility case branches, add catch-all

    Move transfer_proxy_prefix, transfer_proxy_suffix, curl_transfer_proxy
    initialization from a blanket assignment into each case branch of
    get_transfer_cmd(). This way, adding a new transfer_utility without
    handling proxy vars will fail loudly instead of silently proceeding
    with empty arrays.

    Also add a catch-all to set_transfer_proxy() for unsupported utilities.

    https://claude.ai/code/session_013vJmdeyi4SngCwtYQnpJ7z

commit 9d86171a4e824f771f026e2c2d2d7ea67c6a39b4
Merge: cdc3e03 e362801
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Fri Apr 10 07:53:38 2026 -0400

    Merge remote-tracking branch 'github-kicksecure/master'

commit e362801056c48af3565ecc60b6a104829cea92e0
Merge: cdc3e03 86b05e7
Author: Patrick Schleizer <adrelanos@whonix.org>
Date:   Fri Apr 10 07:35:52 2026 -0400

    Merge pull request #22 from assisted-by-ai/claude/fix-unbound-variable-2mSBE

    Add documentation and initialize tracking variables in dist-installer-cli

commit 86b05e78354d771409ee7801444baed50fd5906a
Author: Claude <noreply@anthropic.com>
Date:   Fri Apr 10 11:05:24 2026 +0000

    fix: preserve pre-set APTGETOPT while still initializing when unset

    The previous commit unconditionally set APTGETOPT=(), which would
    clobber any value passed in from the environment. Restore the
    [[ -v APTGETOPT ]] guard but add an else branch to initialize it
    when not already set, preventing the unbound variable error.

    https://claude.ai/code/session_013vJmdeyi4SngCwtYQnpJ7z

commit 13951bd556bdc552c554118524489fe1010967e1
Author: Claude <noreply@anthropic.com>
Date:   Fri Apr 10 11:01:55 2026 +0000