Skip to content

v0.6.0 — Memory Atoms, Knowledge Graph, Audit Bridge & Hosted-API Gate

Choose a tag to compare

View all tags
@devin-ai-integration devin-ai-integration released this 27 Apr 00:27
v0.6.0
0a8790d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

v0.6.0 (2026-04-26)

Status: Released. Builds on the v0.5 offline-first build pipelines with
memory atoms, a knowledge-graph extraction pipeline, a descriptor → audit
event bridge, and an opt-in hosted-API policy gate. Epic
#52
landed in 11 sub-PRs (#64#75) under the v0.5 governance "one issue = one
PR, Closes #N on its own line" rule. Overall completion: ~88%.

Source of truth for these notes is the
v0.6.0 GitHub Release.

Added

  • docs/PIPELINE_GUIDE.md refreshed to v0.6: new §2.5 (memory_atoms),
    §2.6 (knowledge_graph), §3 (descriptor → audit bridge), §4
    (hosted-API opt-in policy gate). §6 author-a-pipeline checklist
    extended with the audit-bridge and hosted-API gate steps. §7 "what
    v0.6 deliberately is not" replaces the v0.5 equivalent. §8 references
    list now includes every v0.6 schema, module, and demo. (#62, this PR)
  • tools/test_pipelines.py extended into the umbrella driver for the
    full DLRS pipeline test suite. Per-pipeline tests (asr / text /
    vectorization / moderation / memory_atoms / knowledge_graph) and the
    v0.6 cross-cutting tests (descriptor → audit bridge, hosted-API
    opt-in policy gate, memory-graph end-to-end demo) are now dispatched
    from a single entry point. The CI pipelines matrix invokes
    python tools/test_pipelines.py once on each of Python 3.11 and
    3.12; tools/batch_validate.py invokes it as the pipelines step
    while still listing the cross-cutting tests individually so a
    failure surfaces against a meaningful step name. (#61, this PR)
  • examples/memory-graph-demo/ — fully runnable v0.6 walkthrough that
    exercises textmemory_atomsknowledge_graph end-to-end on a
    fictional 3-paragraph diary excerpt, prints the resulting
    hash-chained audit/events.jsonl, and demonstrates how each
    descriptor's audit_event_ref resolves to its line. Deterministic
    backends only (paragraph atomiser, regex extractor); zero hosted-API
    calls. tools/test_memory_graph_demo.py validates 8 expected
    artefacts, every descriptor, the 3-event hash chain, and back-fill
    consistency. Wired into tools/batch_validate.py (now 16 steps) and
    the pipelines CI matrix. (#60, this PR)
  • schemas/hosted-api-policy.schema.json + pipelines/_hosted_api.py
    per-record opt-in policy gate for hosted (online) AI APIs. Default DLRS
    remains offline-first; the only way to authorise a hosted-API code
    path is to commit a record-scoped policy/hosted_api.json document
    that declares opt_in: true, an allowed_providers whitelist, an
    allowed_pipelines whitelist, a consent_evidence_ref, and an
    [issued_at, expires_at) window. pipelines._hosted_api.assert_allowed
    refuses to authorise any combination outside the policy and raises
    HostedApiNotAllowed. Pipelines lazy-import the SDK inside the
    gated branch so the static tools/validate_pipelines.py ban on
    hosted-API imports continues to pass. (#59, this PR)
  • tools/test_hosted_api_policy.py covers schema golden + 6 negative
    schema cases, default-deny when no policy file, opt_in=false
    short-circuit, provider/pipeline whitelists, [issued_at, expires_at)
    bounds, malformed-JSON refusal, and list_allowed_providers
    consistency. Wired into tools/batch_validate.py (now 15 steps)
    and the pipelines CI matrix. (#59, this PR)
  • pipelines/_audit_bridge.py — descriptor → audit/events.jsonl bridge.
    Every pipeline (asr / text / vectorization / moderation / memory_atoms /
    knowledge_graph) now appends one derived_asset_emitted event per
    emitted descriptor and back-fills the descriptor's audit_event_ref
    with a stable audit/events.jsonl#L<n> reference. The bridge reuses
    the v0.4 emitter's hash-chain and schema validation, so audit
    integrity carries over unchanged. (#58, this PR)
  • --no-audit flag on every pipeline CLI for fixture / dry-run
    invocations that must not produce an audit log entry. (#58, this PR)
  • tools/test_descriptor_audit_bridge.py covering: event append, schema
    compliance, hash chain across two pipelines, descriptor back-fill,
    --no-audit skip, and silent-no-op when the record has no
    manifest.json. Wired into tools/batch_validate.py (14 steps) and
    the pipelines CI matrix. (#58, this PR)

Changed

  • schemas/audit-event.schema.json::event_type.enum extended with
    derived_asset_emitted. The eight v0.4 lifecycle events are unchanged;
    the new value is additive and additionalProperties: false on the
    enum still excludes any other custom strings. (#58, this PR)

Closes

  • #53 (housekeeping; PR #64)
  • #54 (memory-atom schema; PR #65)
  • #55 (entity-graph node + edge schemas; PR #66)
  • #56 (memory_atoms pipeline; PR #67)
  • #57 (knowledge_graph pipeline; PR #69)
  • #70 (knowledge_graph regex newline fix; PR #71)
  • #58 (descriptor → audit bridge; PR #72)
  • #59 (hosted-API opt-in policy gate; PR #73)
  • #60 (memory-graph demo; PR #74)
  • #61 (pipeline tests + CI integration; PR #75)
  • #62 (PIPELINE_GUIDE + GAP/STATUS/ROADMAP/CHANGELOG/README refresh; this PR)
Assets 2
Loading