Skip to content

MentisDB 0.10.3.48

Choose a tag to compare

@gubatron gubatron released this 20 Jun 18:28

MentisDB 0.10.3.48 — HNSW Vector Search by Default, Hardened Security, and 16 Critical Fixes

June 20, 2026

This release ships HNSW approximate-nearest-neighbor vector search enabled by default, a comprehensive security and correctness audit that fixed 16 critical issues, and a hotfix ensuring the auto-updater preserves local-embeddings (fastembed-minilm) support across updates.

Hotfix: Auto-Update Preserves local-embeddings

The auto-updater's cargo install command now includes --features local-embeddings, so updating MentisDB preserves the fastembed-minilm ONNX embedding provider instead of silently regressing to local-text-v1 (text hashing). This affects the interactive TUI update prompt, the non-interactive terminal message, and the make install target.

HNSW Vector Backend (Headline Feature)

MentisDB now ships with a Hierarchical Navigable Small World (HNSW) graph backend for approximate nearest-neighbor search, enabled by default via the hnsw-backend Cargo feature. The existing exact f32 cosine scan remains the fallback for small sidecars; once a managed vector sidecar exceeds MENTISDB_HNSW_THRESHOLD vectors (default 50,000), MentisDB switches to HNSW automatically.

Benchmark Results

Corpus Backend Query Latency (100 queries) Recall@10 Speedup
10k × 128d Exact (linear scan) 95.1 ms 100.0%
10k × 128d HNSW 8.75 ms 91.4% 10.9×
50k × 128d HNSW 4.23 ms/query 100.0%

LoCoMo Regression Check

Category Baseline (0.9.9) 0.10.3.48 Delta
Overall R@10 72.64% 72.53% −0.11pp (within variance)
Single R@10 76.77% 76.77% 0.00pp (identical)
Multi R@10 57.45% 56.97% −0.48pp (borderline)

HNSW Runtime Tuning

  • MENTISDB_HNSW_THRESHOLD — corpus size to trigger HNSW (default 50,000)
  • MENTISDB_HNSW_EF_CONSTRUCTION — build-time search width (default 200)
  • MENTISDB_HNSW_EF_SEARCH — query-time search width (default 100)
  • MENTISDB_HNSW_BACKGROUND_BUILD — build off-thread with Exact placeholder (default true)

Security & Correctness Audit — 16 Critical Fixes

  1. REST bearer auth scope bypass — middleware now extracts chain keys from body + query
  2. Dashboard settings injection — setting names validated against whitelist; newline values rejected
  3. Webhook SSRF defense — URL validation rejects loopback, private, link-local, CGNAT IPs
  4. Constant-time PINsubtle::ConstantTimeEq for all PIN checks; session cookie is random UUID
  5. TLS dynamic cert expiry — now−1day to now+2years instead of hardcoded 2025–2027
  6. TLS key 0600 permissions — prevents other local users from reading the private key
  7. BearerTokenStore mutex — prevents concurrent token creation from silently losing tokens
  8. Integration config 0600 — bearer token files created with restrictive permissions
  9. thought_count fix — agent/entity-type counts no longer double on chain reopen
  10. Atomic skill registry migration — temp file + rename prevents corruption on crash
  11. Lemma -ed fix — "hoped" → "hope" (was "hop")
  12. Lemma -ing denylist — common nouns (thing, string, morning, etc.) not stripped

Upgrade

cargo install mentisdb --force --features local-embeddings

Links