1.9.8

Install

Drop the attached .zip at your repo root without extracting it — the agent unpacks it as the first step. Then type this shortcut phrase as a chat message to your AI agent (Claude Code, Cursor, Codex, Junie, GitHub Copilot, Windsurf, Air, or Warp):

Install Wavefoundry

That is the only operator-typed command — the agent runs the rest of the install. Prerequisites: Python 3.11+, an MCP-aware agent host. Full walkthrough and host-specific notes in the README.

Upgrade

Already running Wavefoundry? Drop the attached .zip at your repo root without extracting it and type this shortcut phrase to your agent:

Upgrade Wavefoundry

The agent unpacks the zip, advances the framework, runs any required migrations and index rebuilds, and reloads the MCP server. Review the version notes below for anything that re-indexes or changes behavior on this upgrade.

---

Fixed

• Upgrades no longer abort when a pack-search location is sandboxed. The upgrade scans common pack-drop folders (including ~/Downloads) for a newer release zip; on macOS a privacy-sandboxed folder made that scan raise a permission error and stop the whole upgrade. A location it can't read is now logged, skipped, and listed under skipped_scan_locations in the upgrade summary — so you can grant access and re-run if a newer pack lives there, while the upgrade proceeds with the best pack it could reach.
• Shipped seeds no longer point at a wavefoundry-internal decision record. The stage-gate guidance added in 1.9.7 referenced an internal architecture-decision file that target repositories don't have, so an upgrading project's agent could cite a missing document. The references are removed (the rationale stays inline); the stage-gate reconciliation behavior is unchanged.

1.9.7

Install

Drop the attached .zip at your repo root without extracting it — the agent unpacks it as the first step. Then type this shortcut phrase as a chat message to your AI agent (Claude Code, Cursor, Codex, Junie, GitHub Copilot, Windsurf, Air, or Warp):

Install Wavefoundry

That is the only operator-typed command — the agent runs the rest of the install. Prerequisites: Python 3.11+, an MCP-aware agent host. Full walkthrough and host-specific notes in the README.

Upgrade

Already running Wavefoundry? Drop the attached .zip at your repo root without extracting it and type this shortcut phrase to your agent:

Upgrade Wavefoundry

The agent unpacks the zip, advances the framework, runs any required migrations and index rebuilds, and reloads the MCP server. Review the version notes below for anything that re-indexes or changes behavior on this upgrade.

---

Fixed

• The MCP server no longer hangs on the first model-loading call. Loading onnxruntime (for the GPU/provider probe behind wave_gpu_doctor, and for embedding/reranking on the first code_search / code_ask / docs_search) can make its native execution provider write diagnostics directly to the process's stdout file descriptor — which is the MCP JSON-RPC channel — corrupting the protocol on the first cold call after a host restart. The server now hands the protocol a private copy of stdout and points the real stdout file descriptor at the null device at startup, so no native library write can corrupt the channel; the GPU probe keeps an additional fd-level guard.
• uv dependency install no longer fails behind a corporate TLS proxy. When SSL_CERT_FILE pointed at a single corporate-root certificate (set so the embedding-model download trusts the proxy), uv treated that file as its exclusive trust anchor and rejected PyPI. Setup now runs uv with the certificate-file variables removed from its environment and native TLS enabled (OS trust store), and assembles a merged superset trust bundle for the certifi/requests consumers — so both dependency install and the model download succeed. The previous per-store model-download trust ladder is unchanged.
• The runtime .gitignore block is written programmatically and self-heals. The Wavefoundry runtime ignore entries (semantic index, logs, lock/state files, pack-drop archives) are now written by the surface renderer on every install / wf render-surfaces / upgrade, instead of relying on an agent following prose. A repository that wasn't a git repo at install time — or whose ignore step was skipped — now gets the block automatically on its next upgrade, with operator-authored entries preserved.
• Wave-close summaries no longer show stray dashes. A Markdown table separator row in a change doc's Decision Log no longer leaks a -------- entry into the generated close summary's key-decisions list.

Changed

• Secret-scan finding IDs: the legacy exc-### migration was removed. The one-release shim that auto-converted legacy exc-### finding IDs to the lifecycle <prefix>-sec form has been removed. The secrets gate keys on a finding's status, not its ID shape, so an existing ledger with old IDs still reads and gates correctly; new findings continue to mint <prefix>-sec IDs.
• The stage-gate sections stay a fixed contract on upgrade. Upgrade reconciliation now keeps the two named stage-gate sections in AGENTS.md (repository-code gate and product-code guard) as separate named sections rather than letting them be consolidated, because they're referenced by name across host entry docs and lifecycle prompts.

1.9.6

Install

Drop the attached .zip at your repo root without extracting it — the agent unpacks it as the first step. Then type this shortcut phrase as a chat message to your AI agent (Claude Code, Cursor, Codex, Junie, GitHub Copilot, Windsurf, Air, or Warp):

Install Wavefoundry

That is the only operator-typed command — the agent runs the rest of the install. Prerequisites: Python 3.11+, an MCP-aware agent host. Full walkthrough and host-specific notes in the README.

Upgrade

Already running Wavefoundry? Drop the attached .zip at your repo root without extracting it and type this shortcut phrase to your agent:

Upgrade Wavefoundry

The agent unpacks the zip, advances the framework, runs any required migrations and index rebuilds, and reloads the MCP server. Review the version notes below for anything that re-indexes or changes behavior on this upgrade.

---

Fixed

• No console windows flash on Windows. Framework subprocesses that don't need a console — the upgrade/index/graph pipeline spawns, the dashboard server, and the rendered hook bodies — now launch via pythonw.exe on Windows when their output is redirected. A console-subsystem python.exe could still flash a window despite CREATE_NO_WINDOW, especially for long-running detached or rapidly-spawned processes. POSIX and the MCP server launch are unchanged.
• The dashboard starts cleanly on Windows. The dashboard server now launches windowless, and the start path no longer false-reports url_not_ready or spawns duplicates that climb ports: it reconciles an already-serving dashboard before spawning and accepts a serving dashboard by URL reachability instead of requiring an exact recorded-PID match. The Windows lifetime lock was also moved off the byte the metadata occupies, so the dashboard can publish its URL while holding the lock (Windows mandatory byte-range locking had blocked that write).
• The dashboard renders horizontal rules. A --- (or ***/___) separator line now renders as a horizontal rule in the dashboard's document view instead of as literal dashes.

1.9.5

Install

Drop the attached .zip at your repo root without extracting it — the agent unpacks it as the first step. Then type this shortcut phrase as a chat message to your AI agent (Claude Code, Cursor, Codex, Junie, GitHub Copilot, Windsurf, Air, or Warp):

Install Wavefoundry

That is the only operator-typed command — the agent runs the rest of the install. Prerequisites: Python 3.11+, an MCP-aware agent host. Full walkthrough and host-specific notes in the README.

Upgrade

Already running Wavefoundry? Drop the attached .zip at your repo root without extracting it and type this shortcut phrase to your agent:

Upgrade Wavefoundry

The agent unpacks the zip, advances the framework, runs any required migrations and index rebuilds, and reloads the MCP server. Review the version notes below for anything that re-indexes or changes behavior on this upgrade.

---

Added

• wf gpu-doctor. The GPU/provider diagnostics previously reachable only through the wave_gpu_doctor MCP tool now have a wf gpu-doctor CLI subcommand, for CLI or no-MCP use. It reuses the same provider detection (no duplicated logic).

Changed

• wave_upgrade returns its structured summary on the primary call. The summary block (versions, files pruned, docs-gate result, index state, and the retired-surface reconciliation findings) is now emitted on the primary wave_upgrade() response, not only on the later cleanup phase — so agents read the computed fields, including the reconciliation list, directly from the main upgrade call.
• Retired-surface reconciliation runs on every upgrade. The reconciliation scan (stale .wavefoundry/bin/* references that should now be wf forms) now runs on any upgrade — including patch bumps and same-version build-successors — rather than only on major/minor bumps, since a patch can change or retire a surface during testing. The scan stays report-only and exclusion-aware.
• Secret-scan finding IDs now use the lifecycle format. docs/scan-findings.json findings use lifecycle-backed <prefix>-sec IDs (for example 1p8l0-sec) instead of the legacy exc-### sequence — new findings immediately, and existing findings are migrated once (idempotent and lossless) with a legacy_id recorded for traceability. New and migrated IDs are collision-safe against other lifecycle IDs and findings; the secrets-gate behavior and the file/rule/hash finding re-binding are unchanged, and legacy exc-### IDs are still tolerated.
• Reconciliation scan output is cleaner. Host permission/allow-rule files (e.g. .claude/settings.local.json) are now reported in a separate host_permission_flags channel in the wave_upgrade summary — operator-flagged, kept out of the auto-editable reconciliation list — and the scan no longer false-flags CHANGELOG.md (at any path) or the generated prompt-surface manifest.
• The secret scan always writes its ledger. A clean scan now writes docs/scan-findings.json as an empty [], so the file's presence confirms the scan ran; it changes only when findings change (no repeat-scan churn).

Fixed

• No more flashing console windows on native Windows. Every framework-spawned subprocess — including the indexing, graph, and secret-scanning multiprocessing pools (which the earlier per-spawn fix did not cover) — now runs window-free on Windows: the pools launch via the console-free pythonw.exe, falling back to serial execution when it is unavailable. No spawn inherits a blocking stdin, which previously could hang the upgrade.
• Native-Windows upgrade no longer crashes on encoding or paths. The upgrade uses the platform temp directory instead of a POSIX /tmp fallback (absent on Windows), forces UTF-8 on stdout at every CLI entry point so a non-ASCII glyph no longer raises a UnicodeEncodeError in a cp1252 console, and gives spawned indexer/graph/secrets children their own UTF-8 stdio — fixing the silent index-build failure and the garbled output.
• wave_install_audit validates artifacts correctly. The install-log parser no longer misreads an artifact's description text as a file path, so the install-state check verifies real on-disk artifacts again.
• MCP handler_not_ready during upgrade/reload. The server now lazily builds its handler from the known repository root, so a started server no longer reports handler_not_ready in the startup or post-reload window.

1.9.4

Install

Drop the attached .zip at your repo root without extracting it — the agent unpacks it as the first step. Then type this shortcut phrase as a chat message to your AI agent (Claude Code, Cursor, Codex, Junie, GitHub Copilot, Windsurf, Air, or Warp):

Install Wavefoundry

That is the only operator-typed command — the agent runs the rest of the install. Prerequisites: Python 3.11+, an MCP-aware agent host. Full walkthrough and host-specific notes in the README.

Upgrade

Already running Wavefoundry? Drop the attached .zip at your repo root without extracting it and type this shortcut phrase to your agent:

Upgrade Wavefoundry

The agent unpacks the zip, advances the framework, runs any required migrations and index rebuilds, and reloads the MCP server. Review the version notes below for anything that re-indexes or changes behavior on this upgrade.

---

Added

• New wf subcommands for agent-run framework scripts. wf codebase-map, wf render-surfaces, and wf secrets-scan join the cross-OS wf dispatcher so operators and agents stop guessing raw python3 .wavefoundry/framework/scripts/*.py invocations. Framework upgrade cleanup stays a manual python3 .wavefoundry/framework/scripts/prune_framework.py step — it needs the pre-upgrade MANIFEST that only the operator running the upgrade holds.
• Upgrade-time retired-surface reconciliation. A minor-or-major wf upgrade now scans the repository for stale references to retired framework surfaces (such as the per-command .wavefoundry/bin/* wrappers replaced by the cross-OS wf dispatcher) and reports an actionable file:line → suggested wf form list in place of generic recommend-only prose. The scan is report-only and exclusion-aware (it skips the framework pack, the generated index, historical records, and tests) and matches both forward-slash and backslash path references. Reconciliation guidance also names host permission/allow-rule files (for example .claude/settings.local.json) as a surface to flag for the operator rather than self-edit, and clarifies the gate-before-reload window during upgrade.
• Structured wave_upgrade summary. wave_upgrade now returns a parsed summary block (from/to version, files pruned, docs-gate result, index-update state, failed phase, and the reconciliation findings) plus a top-level next_step and next_tools, so agents read computed fields instead of scraping the raw output. The existing output and exit_code are unchanged and parsing is fail-safe.

Changed

• Committed MCP configs standardize on python3. Every generated host MCP config launches the server with command: "python3" and the repo-relative server.py, byte-identical across macOS, Linux, and native Windows. wf setup verifies python3 resolves to Python 3.11+ and, when it does not, fails closed with platform-aware guidance (install via Scoop/Microsoft Store on Windows, or your package manager / a symlink on macOS/Linux) plus the no-PATH per-machine fallback config. Setup does not modify your Python installation or PATH.

Fixed

• MCP helper subprocesses no longer contend with the host's JSON-RPC stdio. Server-side helper processes (docs-lint, gardener, sync-surfaces, upgrade phases, sensors) now run with stdin detached and intentional stdout/stderr handling — fixing wave_validate/docs-lint-over-MCP timeouts seen on some hosts — and suppress their console window on native Windows.
• Setup fails loudly instead of silently shipping a dead MCP config. When wf setup finds python3 does not resolve to Python 3.11+ on PATH, it reports the exact problem and exits non-zero with platform-aware guidance (make python3 resolve — Scoop/Microsoft Store on Windows, your package manager or a symlink on macOS/Linux — or use the per-machine absolute-venv-path fallback) rather than reporting success for a command: "python3" config the host cannot launch. Setup does not modify your Python installation or PATH.

1.9.3

Install

Drop the attached .zip at your repo root without extracting it — the agent unpacks it as the first step. Then type this shortcut phrase as a chat message to your AI agent (Claude Code, Cursor, Codex, Junie, GitHub Copilot, Windsurf, Air, or Warp):

Install Wavefoundry

That is the only operator-typed command — the agent runs the rest of the install. Prerequisites: Python 3.11+, an MCP-aware agent host. Full walkthrough and host-specific notes in the README.

Upgrade

Already running Wavefoundry? Drop the attached .zip at your repo root without extracting it and type this shortcut phrase to your agent:

Upgrade Wavefoundry

The agent unpacks the zip, advances the framework, runs any required migrations and index rebuilds, and reloads the MCP server. Review the version notes below for anything that re-indexes or changes behavior on this upgrade.

---

Changed

• MCP startup no longer starts model prewarm. The MCP handler no longer launches background embedding/reranker cache work while the host is still negotiating stdio and loading tool schemas; semantic search starts the optional prewarm after startup instead. Install guidance now reinforces the generated config contract: launch MCP with PATH python on server.py, not a hardcoded tool-venv Python path, and start a fresh host session after config/Python fixes. wf setup now smoke-tests the same python server.py --dry-run launch shape used by generated MCP configs.
• Model-fetch CA discovery honors Node's CA bundle env var. The setup/model-download trust-store fallback now recognizes NODE_EXTRA_CA_CERTS after CODEX_CA_CERTIFICATE / CLAUDE_CODE_CERT_STORE and before SSL_CERT_FILE / REQUESTS_CA_BUNDLE, so native Windows users launched from Node-based agent hosts can reuse the same corporate CA bundle the host process already trusts. Wave 1p7pk / native-Windows field follow-up.

1.9.2

Install

Drop the attached .zip at your repo root without extracting it — the agent unpacks it as the first step. Then type this shortcut phrase as a chat message to your AI agent (Claude Code, Cursor, Codex, Junie, GitHub Copilot, Windsurf, Air, or Warp):

Install Wavefoundry

That is the only operator-typed command — the agent runs the rest of the install. Prerequisites: Python 3.11+, an MCP-aware agent host. Full walkthrough and host-specific notes in the README.

Upgrade

Already running Wavefoundry? Drop the attached .zip at your repo root without extracting it and type this shortcut phrase to your agent:

Upgrade Wavefoundry

The agent unpacks the zip, advances the framework, runs any required migrations and index rebuilds, and reloads the MCP server. Review the version notes below for anything that re-indexes or changes behavior on this upgrade.

---

---

Changed

• Windows and no-PATH setup guidance leads with wf. Operator-facing install, upgrade, prompt index, framework-operator, dashboard, and install-seed guidance now treats wf setup and wf subcommands as the primary command surface, with repo-local wf.cmd / POSIX shim paths only as no-PATH fallbacks. This closes the guidance hole where agents guessed python .wavefoundry/bin/wf on native Windows. Wave 1p7pk / native-Windows field follow-up.

Fixed

• Native-Windows MCP stdio framing hardening. The MCP runner now configures stdin/stdout/stderr to UTF-8 with LF-only newlines before building the server and entering the stdio transport, with stdout/stderr write-through enabled. This keeps Wavefoundry's side of the JSON-RPC stdio boundary byte-stable on native Windows text streams while preserving stderr-only diagnostics. Wave 1p7pk / native-Windows field follow-up.

1.9.1

Install

Drop the attached .zip at your repo root without extracting it — the agent unpacks it as the first step. Then type this shortcut phrase as a chat message to your AI agent (Claude Code, Cursor, Codex, Junie, GitHub Copilot, Windsurf, Air, or Warp):

Install Wavefoundry

That is the only operator-typed command — the agent runs the rest of the install. Prerequisites: Python 3.11+, an MCP-aware agent host. Full walkthrough and host-specific notes in the README.

Upgrade

Already running Wavefoundry? Drop the attached .zip at your repo root without extracting it and type this shortcut phrase to your agent:

Upgrade Wavefoundry

The agent unpacks the zip, advances the framework, runs any required migrations and index rebuilds, and reloads the MCP server. Review the version notes below for anything that re-indexes or changes behavior on this upgrade.

---

[1.9.1] - 2026-06-26

Fixed

• Native-Windows MCP server reliability (broken pipe on startup). The tool venv is now activated in-process (site.addsitedir) instead of re-execing into the venv interpreter. The re-exec used a subprocess child on Windows (no in-place exec there), which became a second process holding the same stdout pipe the MCP host owns — causing an intermittent broken pipe when the tool list arrives and orphaned processes across reconnects. In-process activation keeps a single host-spawned process on every OS while preserving the byte-identical command: "python". If the venv was built for a different Python (major, minor) than the running interpreter (e.g. after a system Python upgrade), normal entries fail loud with a clear "run wf setup to rebuild" message, while wf setup bypasses activation and recreates the stale tool venv. Wave 1p7pk / 1p802.

1.9.0

Install

Drop the attached .zip at your repo root without extracting it — the agent unpacks it as the first step. Then type this shortcut phrase as a chat message to your AI agent (Claude Code, Cursor, Codex, Junie, GitHub Copilot, Windsurf, Air, or Warp):

Install Wavefoundry

That is the only operator-typed command — the agent runs the rest of the install. Prerequisites: Python 3.11+, an MCP-aware agent host. Full walkthrough and host-specific notes in the README.

Upgrade

Already running Wavefoundry? Drop the attached .zip at your repo root without extracting it and type this shortcut phrase to your agent:

Upgrade Wavefoundry

The agent unpacks the zip, advances the framework, runs any required migrations and index rebuilds, and reloads the MCP server. Review the version notes below for anything that re-indexes or changes behavior on this upgrade.

---

Native Windows (no WSL2), and a single runtime surface. Every committed launcher and config now names one byte-identical command: "python" and runs from a single checkout on macOS, Linux, and native python.org-Windows for CLI hosts. Upgrading retires the nine .wavefoundry/bin/* wrappers for one cross-OS wf CLI and flips the MCP/hook commands to python — so setup / upgrade makes python resolve: a ~/.local/bin/python → python3 symlink on macOS/Linux (a symlink, never a shell alias, and never clobbering an existing python), native on Windows. Drive the upgrade with wave_upgrade() (MCP) or wf upgrade. GUI-launched hosts that don't inherit the shell PATH use the printed absolute-venv-path fallback.

Added

• Native Windows support without WSL2 (CLI hosts). The MCP server, hooks, git hooks, and operator CLI run from a single committed checkout on native python.org-Windows. The committed command is the byte-identical python; the Windows re-exec into the tool venv uses a subprocess relay (never os.execv, which the CRT emulates as spawn-then-exit and would orphan the host's stdio pipe → an MCP crash); the venv layout (Scripts\python.exe vs bin/python) resolves in one place; rendered surfaces are written with byte-fixed line endings on every host; and a repo .gitattributes pins shebang-bearing files to LF (and wf.cmd to CRLF) so autocrlf can't corrupt them.
• Host-agent TLS CA discovery for model downloads. The model-fetch trust-store fallback now also honors the host coding agent's own CA bundle — CODEX_CA_CERTIFICATE (Codex) and CLAUDE_CODE_CERT_STORE (Claude Code) — ahead of SSL_CERT_FILE/REQUESTS_CA_BUNDLE, used proactively when set, with the OS platform stores and the certifi default as the ordered fallbacks. Verification stays on throughout; only the trusted CA bundle changes.

Changed

• One cross-OS wf operator CLI replaces the nine .wavefoundry/bin/* wrappers. The bash-only docs-lint, docs-gardener, wave-gate, update-indexes, lifecycle-id, wave-dashboard, upgrade-wavefoundry, setup-wavefoundry, and mcp-server launchers are retired in favor of a single self-bootstrapping wf dispatcher behind a wf (bash) + wf.cmd (Windows) shim pair, so the operator CLI runs identically on macOS, Linux, and native Windows. Use wf docs-lint, wf docs-gardener, wf gate open|close|status, wf dashboard, wf update-indexes, wf lifecycle-id, wf upgrade, and wf setup (run wf --help for the list). wf setup stays on the system interpreter pre-symlink so a fresh bootstrap still works.
• Single runtime execution surface. Every framework entry point — the MCP server, setup, upgrade, indexer, hooks, git hooks, and the wf CLI — self-bootstraps into the shared tool venv through one resolver; no config, launcher, hook body, or spawner re-derives the venv path (enforced by a standing scan). Inner spawns use the running interpreter, so the whole fleet stays on the venv Python.
• MCP-first upgrade routing. The upgrade guidance now leads with the wave_upgrade() MCP tool (poll/inspect with wave_upgrade_status()); the manual procedure is relabeled the no-MCP wf upgrade CLI fallback. wave_upgrade and wave_upgrade_status are now listed in the available-tools surface, and wave_upgrade_status is documented in the MCP tool spec.
• Minor-bump reconciliation recommendation. A major/minor framework upgrade now surfaces a recommendation to reconcile local surfaces that referenced a changed or retired framework surface (e.g. the .wavefoundry/bin/* → wf cutover); patch bumps do not surface it.
• Git hooks, line endings, and the dashboard daemon are cross-OS. The commit/merge incremental-reindex git hooks route through the shared bootstrap (so native-Windows git fires them), and the local dashboard self-daemonizes in Python with an OS-correct detach instead of a bash-only nohup.

1.8.1

Install

Drop the attached .zip at your repo root without extracting it — the agent unpacks it as the first step. Then type this shortcut phrase as a chat message to your AI agent (Claude Code, Cursor, Codex, Junie, GitHub Copilot, Windsurf, Air, or Warp):

Install Wavefoundry

That is the only operator-typed command — the agent runs the rest of the install. Prerequisites: Python 3.11+, an MCP-aware agent host. Full walkthrough and host-specific notes in the README.

Upgrade

Already running Wavefoundry? Drop the attached .zip at your repo root without extracting it and type this shortcut phrase to your agent:

Upgrade Wavefoundry

The agent unpacks the zip, advances the framework, runs any required migrations and index rebuilds, and reloads the MCP server. Review the version notes below for anything that re-indexes or changes behavior on this upgrade.

---

Upgrading runs a one-time graph re-extract. This release bumps the graph builder version (the call graph's edge/node shape changed), so the graph is re-extracted once after upgrade — graph-only and fast (~10–30 s), not a semantic re-embed (CHUNKER_VERSION is unchanged, so there is no re-chunk/re-embed). The upgrade's final index phase now does this automatically alongside the semantic update — version-aware, the same way it handles a chunker bump — so no manual step is required. (If the graph step is skipped, the first graph query still rebuilds it in-process as a safety net.)

Two behavior changes to know: CPU index builds now use a smaller default embedding batch (much lower peak memory — see below), and the local dashboard is now a read-only viewer that no longer runs index builds (the auto_index setting was removed; index updates come from the post-edit hook, the MCP server, and wave_index_build).

Added

• Config-key → reader edges. A code site that reads a config key by literal name now links to that key in the graph — Python .get("KEY")/cfg["KEY"] against JSON config, and Java/Spring @Value("${key}")/getProperty("key") against application.{yml,properties} keys (.properties/.yml/.yaml now contribute config-key nodes). Bounded to real config surfaces and unique, distinctive keys so ordinary dictionary access does not create false links.
• Instrumentation targets on advice classes. OpenTelemetry TypeInstrumentation classes carry an instruments property naming the types their typeMatcher() weaves into — including namedOneOf lists and matchers nested in implementsInterface/hasSuperType — so "what does this advice instrument" is answerable from the graph without hand-searching. Method/argument matchers are excluded.
• Model downloads fall back to the OS trust store. When a model download fails TLS verification (CERTIFICATE_VERIFY_FAILED) — common behind a corporate proxy whose root CA is in the OS trust store but not the bundled certifi — the fetch retries against the OS trust store (honoring a preset SSL_CERT_FILE/REQUESTS_CA_BUNDLE). Verification stays on throughout; only the trusted CA bundle changes.

Changed

• Cross-language call-confidence promotion. A call that resolves to a unique definition by construction (same-file, or an exact cross-file match) is now recorded at full confidence instead of the heuristic tier, across all languages — sharpening blast-radius and change-risk ranking. Only the confidence label changes; no edge target is altered.
• Transitive blast-radius confidence. code_risk_score propagates edge confidence along the whole path and reports transitive_extracted_fraction, so a blast radius reached only through low-trust edges is discounted rather than over-counted.
• Much lower memory for CPU index builds. The embedding forward batch is now per-model and defaults to 32 (down from 256), cutting peak RSS of the CPU embedding pass ~3.5–3.8× at equal-or-better throughput (measured on an M2 Max CPU path). Tune per model via indexing.code_embed_batch_size / docs_embed_batch_size. The GPU/CoreML path is unaffected. On a constrained low-RAM CPU/WSL2 host this is projected to bring the build well under the memory cap and clear the out-of-memory failure — field-confirmation on such a host is still pending.
• The local dashboard is a read-only viewer. It no longer triggers index builds; index freshness is owned by the post-edit hook, the MCP server's background refresh, and wave_index_build. The dashboard's build-status panel now reflects those builds.

Fixed

• Index health no longer hides a missing code layer. When code sources are in scope but the code index is absent (e.g. an interrupted or OOM-killed code embedding pass), wave_index_health now reports incomplete with the code layer in missing_layers and a remediation diagnostic, instead of ready.
• Out-of-memory index builds fail loudly. A code embedding pass killed by the OS OOM-killer now surfaces a clear out-of-memory error with remediation (lower the embedding batch, raise host/WSL2 memory) instead of appearing to succeed.

Removed

• Dashboard auto_index / auto_index_delay_seconds settings. The dashboard no longer runs index builds, so these settings were removed; index updates are background/MCP-owned.