Releases: v-code01/ledge
Releases · v-code01/ledge
Release list
v0.1.0 — first tagged release
First tagged release of Ledge — Git-compatible, content-addressed storage infrastructure for agent-scale workloads. A stock git client clones/pushes/fetches against it over HTTP and SSH.
Install
Signed, multi-arch (linux/amd64 + linux/arm64) image:
docker run -p 3000:3000 ghcr.io/v-code01/ledge:0.1.0Verify the cosign signature (keyless — GitHub OIDC via Fulcio/Rekor, no keys):
cosign verify ghcr.io/v-code01/ledge:0.1.0 \
--certificate-identity-regexp 'https://github.com/v-code01/ledge/.github/workflows/release.yml@.*' \
--certificate-oidc-issuer https://token.actions.githubusercontent.comWhat's here
- Git smart-HTTP + SSH: clone / fetch / push, shallow + partial clone, LFS
- BLAKE3 content addressing; native git packfiles (OFS_DELTA, window-250)
- Sharded Raft replication: linearizable CAS, self-bootstrapping, TLA+-verified core
- Workspaces (lease-backed + GC), multi-tenancy, auth / quotas / TLS + mTLS with hot cert rotation
- S3 cold tier + disaster recovery; filesystem backup/restore runbook; webhooks; bidirectional GitHub sync
- Prometheus metrics + alerting rules + Grafana dashboard; native SDK over Cap'n Proto (Rust / TS / Python / Go)
- SBOM + SLSA build-provenance attestations on the image
Status (honest)
Early and source-available under BSL 1.1 (converts to Apache-2.0 in 2030) — not OSI "open source". Good for single-node / trusted-tenant deployments you operate; not yet for hosting untrusted multi-tenant code. See AUDIT.md for the first-party security & production-readiness review and the ranked residual risks (tracked as issues #1–#5).