MentisDB 0.10.3.48
MentisDB 0.10.3.48 — HNSW Vector Search by Default, Hardened Security, and 16 Critical Fixes
June 20, 2026
This release ships HNSW approximate-nearest-neighbor vector search enabled by default, a comprehensive security and correctness audit that fixed 16 critical issues, and a hotfix ensuring the auto-updater preserves local-embeddings (fastembed-minilm) support across updates.
Hotfix: Auto-Update Preserves local-embeddings
The auto-updater's cargo install command now includes --features local-embeddings, so updating MentisDB preserves the fastembed-minilm ONNX embedding provider instead of silently regressing to local-text-v1 (text hashing). This affects the interactive TUI update prompt, the non-interactive terminal message, and the make install target.
HNSW Vector Backend (Headline Feature)
MentisDB now ships with a Hierarchical Navigable Small World (HNSW) graph backend for approximate nearest-neighbor search, enabled by default via the hnsw-backend Cargo feature. The existing exact f32 cosine scan remains the fallback for small sidecars; once a managed vector sidecar exceeds MENTISDB_HNSW_THRESHOLD vectors (default 50,000), MentisDB switches to HNSW automatically.
Benchmark Results
| Corpus | Backend | Query Latency (100 queries) | Recall@10 | Speedup |
|---|---|---|---|---|
| 10k × 128d | Exact (linear scan) | 95.1 ms | 100.0% | — |
| 10k × 128d | HNSW | 8.75 ms | 91.4% | 10.9× |
| 50k × 128d | HNSW | 4.23 ms/query | 100.0% | — |
LoCoMo Regression Check
| Category | Baseline (0.9.9) | 0.10.3.48 | Delta |
|---|---|---|---|
| Overall R@10 | 72.64% | 72.53% | −0.11pp (within variance) |
| Single R@10 | 76.77% | 76.77% | 0.00pp (identical) |
| Multi R@10 | 57.45% | 56.97% | −0.48pp (borderline) |
HNSW Runtime Tuning
MENTISDB_HNSW_THRESHOLD— corpus size to trigger HNSW (default 50,000)MENTISDB_HNSW_EF_CONSTRUCTION— build-time search width (default 200)MENTISDB_HNSW_EF_SEARCH— query-time search width (default 100)MENTISDB_HNSW_BACKGROUND_BUILD— build off-thread with Exact placeholder (default true)
Security & Correctness Audit — 16 Critical Fixes
- REST bearer auth scope bypass — middleware now extracts chain keys from body + query
- Dashboard settings injection — setting names validated against whitelist; newline values rejected
- Webhook SSRF defense — URL validation rejects loopback, private, link-local, CGNAT IPs
- Constant-time PIN —
subtle::ConstantTimeEqfor all PIN checks; session cookie is random UUID - TLS dynamic cert expiry — now−1day to now+2years instead of hardcoded 2025–2027
- TLS key 0600 permissions — prevents other local users from reading the private key
- BearerTokenStore mutex — prevents concurrent token creation from silently losing tokens
- Integration config 0600 — bearer token files created with restrictive permissions
- thought_count fix — agent/entity-type counts no longer double on chain reopen
- Atomic skill registry migration — temp file + rename prevents corruption on crash
- Lemma -ed fix — "hoped" → "hope" (was "hop")
- Lemma -ing denylist — common nouns (thing, string, morning, etc.) not stripped
Upgrade
cargo install mentisdb --force --features local-embeddings