feat: rust kernel sidecar

[NathanFlurry]

feat: rust kernel sidecar

feat: ARC-001 - Internalize the legacy kernel source into this repo

feat: ARC-002 - Internalize the legacy native runtime and sidecar source into this repo

feat: ARC-003 - Import the legacy kernel tests into this repo

feat: ARC-004 - Import the legacy sidecar and runtime-driver tests into this repo

feat: ARC-005 - Migrate registry test helpers off legacy runtime imports

feat: ARC-006 - Migrate TerminalHarness and external test fixtures into this repo

feat: ARC-007 - Remove Python from AgentOs.create and other active runtime boot paths

feat: ARC-008 - Remove Python packages, dev dependencies, and parity gates from scope

feat: ARC-009 - Rename the public JS package and native runtime binary to Agent OS names

feat: ARC-010 - Remove remaining Secure-Exec naming from manifests, env vars, and docs

feat: ARC-011 - Scaffold the kernel, execution, sidecar, and sidecar-browser crates

feat: ARC-012 - Scaffold the host-side Agent OS sidecar client

feat: ARC-013 - Define the versioned Agent OS sidecar protocol schema and codec tests

feat: ARC-014 - Define the method-oriented bridge traits

feat: ARC-015 - Port VFS to Rust with scoped tests

feat: ARC-016 - Port the FD table to Rust with scoped tests

feat: ARC-017 - Port the command registry and user subsystems to Rust with scoped tests

feat: ARC-018 - Port process table, device layer, and pipe manager to Rust with scoped tests

feat: ARC-019 - Port permissions, PTY, resource accounting, and kernel integration to Rust

feat: ARC-019A - Verify the main-branch test baseline and eliminate current regressions on this branch

feat: ARC-020 - Implement guest JavaScript execution in crates/execution

feat: ARC-021 - Implement guest WebAssembly execution through V8 in crates/execution

feat: ARC-021A - Add V8 code-cache reuse for Node import compilation in the execution path

feat: ARC-021B - Benchmark and profile the Node import and isolate startup path for additional optimizations

feat: ARC-021C - Add safe sidecar-scoped resolution and module-metadata caches for Node imports

feat: ARC-021D - Prewarm builtin wrapper and polyfill preparation for the Node import path

feat: ARC-022 - Implement timing mitigation and warm-pool support in the execution path

feat: ARC-023 - Compose kernel and execution into native sidecar VM lifecycle and host callbacks

feat: ARC-024 - Restore native sidecar hardening, isolation, and payload-limit coverage

feat: ARC-025 - Cut packages/core over to the new sidecar client

feat: ARC-026 - Add sidecar placement APIs and remove the public AgentOs.kernel escape hatch

feat: ARC-027 - Restore command discovery and execution on the new runtime path

feat: ARC-028 - Restore software injection and projected package roots on the new runtime path

feat: ARC-029 - Bring up the browser sidecar model on the main thread

feat: ARC-030 - Implement the parity-safe browser sync bridge for filesystem and module loading

feat: ARC-031 - Restore browser timing mitigation, control-channel hardening, and deterministic cleanup

feat: ARC-032 - Delete legacy runtime code and make parity the only acceptance bar

feat: ARC-014A - Move bridge contracts into a dedicated crate and remove kernel-to-execution coupling

feat: ARC-019A - Verify the main-branch test baseline and eliminate current regressions on this branch

feat: ARC-025 - Cut packages/core over to the new sidecar client

feat: ARC-028A - Restore packages/core ACP, session, event, and lifecycle parity on the sidecar path

feat: ARC-028B - Restore packages/core software projection, module resolution, and package-scope parity

feat: ARC-028C - Restore packages/core headless integration parity and eliminate remaining runtime errors

feat: [ARC-032A] - [Delete the standalone agent-os-v8-runtime crate and remove its dependents]

feat: ARC-032B - Audit migration leftovers and delete dead runtime code

feat: ARC-032C - Restore a low-level @rivet-dev/agent-os-core facade for compatibility wrappers

feat: ARC-032D - Add the public secure-exec compatibility package on top of Agent OS primitives

feat: [ARC-032E] - Add the public @secure-exec/typescript compatibility package

feat: ARC-032F - Reduce the standalone secure-exec repo to docs-only and align docs with the maintained package scope

feat: [ARC-032] - [Delete legacy runtime implementation code and make parity the only acceptance bar]

feat: ARC-031A - Add a real-browser Playwright harness for packages/browser

feat: ARC-031B - Port browser runtime-driver integration coverage to real Chromium Playwright specs

feat: ARC-031C - Delete the Node worker shim browser tests and make Playwright the package/browser gate

feat: ARC-032G - Lay the native filesystem plugin foundations

feat: ARC-032H - Move root overlay and root filesystem bootstrap into Rust

feat: [ARC-032I] - [Move the host-dir filesystem driver into a native Rust plugin]

feat: [ARC-032J] - [Move the sandbox-backed filesystem driver into a native Rust plugin]

feat: ARC-032K - Move the S3 filesystem storage driver into Rust

feat: ARC-032L - Move the Google Drive filesystem storage driver into Rust

feat: ARC-032 - Delete legacy runtime implementation code and make parity the only acceptance bar

feat: ARC-033 - Prevent guest env var override of sandbox-critical control variables

feat: ARC-034 - Fix filesystem permission deny-by-default inversion in Rust kernel

feat: ARC-035 - Server-generate connection IDs and validate auth tokens in sidecar

feat: ARC-036 - Remove workspace root from guest read paths and restrict entrypoint parent write

feat: ARC-037 - Register process exit cleanup callback in Rust kernel

feat: ARC-038 - Implement component-by-component symlink resolution in VFS resolve_path

feat: ARC-039 - Fix ScopedHostFilesystem prefix-stripping and realpath recursion bugs

feat: ARC-040 - Fix symlink permission mapping and exists() permission swallowing

feat: ARC-041 - Replace /dev/urandom xorshift PRNG with cryptographically secure randomness

feat: ARC-042 - Fix overlay rename for directories and symlinks, and add remove_dir ENOTEMPTY check

feat: ARC-043 - Fix readlink error code, mode parsing edge case, and default CWD mismatch

feat: ARC-044 - Fix FrozenDate without new, encode_json_string for non-BMP, and frozen_time_ms consistency

feat: ARC-045 - Implement kill_process in sidecar and add connection/session cleanup

feat: [ARC-046] - [Fix PTY set_termios/set_discipline partial update semantics and pipe close behavior]

feat: ARC-047 - Cap ResponseTracker completed set, add S3 manifest size validation, and fix snapshot mode encoding

feat: ARC-048 - Replace per-zombie OS threads with a single reaper and reduce lock poisoning blast radius

feat: ARC-049 - Add missing kernel API surface: FD-level operations, exec, openShell, process introspection

feat: ARC-050 - Reduce S3 plugin persist-on-every-mutation to batched or dirty-tracking persistence

feat: ARC-051 - Cut AgentOs runtime over from the TypeScript kernel to the Rust kernel sidecar

feat: ARC-051 - Cut AgentOs runtime over from the TypeScript kernel to the Rust kernel sidecar

feat: ARC-051 - Cut AgentOs runtime over from the TypeScript kernel to the Rust kernel sidecar

feat: ARC-051 - Cut AgentOs runtime over from the TypeScript kernel to the Rust kernel sidecar

feat: ARC-051A - Audit and harden the Rust kernel cutover: fix gaps, add missing coverage, remove fakes

feat: ARC-052 - Delete the TypeScript kernel, Node.js runtime, and POSIX packages and purge all legacy runtime code

[NathanFlurry]

• feat: rust kernel sidecar #1430 👈 (View in Graphite)
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.