Skip to content

Releases: fabionfsc/nuzo-memory

Nuzo 1.1.0

Choose a tag to compare

@fabionfsc fabionfsc released this 14 Jul 17:42
5e73798

Added

  • A Registry-ready @nuzo/memory-mcp distribution now exposes one deterministic stdio entrypoint and canonical mcpName while reusing the shared MCP server implementation.
  • A version-aligned server.json, official publisher validation, staged npm continuity smoke, and maintainer publication runbook prepare Nuzo for the preview MCP Registry.

Changed

  • Public adoption guidance now includes a disposable 60-second demo, a decision guide for repository files and native memory, a dated comparison of adjacent agent-memory systems, focused installation feedback, and an executable launch playbook.
  • Dense capture-suggestion scopes now use an indexed exact-duplicate lookup and bounded SQLite FTS prefilter instead of materializing every active memory; non-exhaustive evidence continues to fail closed as uncertain.
  • Public presentation now uses a polished post-1.0 landing page, README, and package README narrative for clearer first-time evaluation.

Fixed

  • MCP challenge and relationship mutations now attribute audit events to the trusted server actor instead of accepting caller-supplied attribution, and read-only host hooks skip cleanly, staying fail-open for the host session, when they encounter a newer unsupported SQLite schema.
  • Codex and Claude Code plugin hooks now anchor published npm resolution at the plugin root, and the Codex MCP server uses its host-resolved plugin directory, preventing a user's npm workspace from shadowing the pinned Nuzo runtime.
  • Published host canaries now create and verify fixtures with the public CLI, avoiding false forward-schema failures after a newer SQLite migration lands on main.
  • GitHub Pages deploys now retry once inside the deploy job when the Pages backend returns a transient failure after accepting the artifact.
  • GitHub Pages deployments now use explicit Pages configuration and queue deploy attempts instead of canceling an in-progress Pages deployment.
  • Docker installer smoke tests now derive their pinned package version from the repository release instead of continuing to exercise the previous public version after a release bump.

The npm and MCP Registry release is bound to the retained dry-run artifact from workflow run 29312594381 at source commit 5e737986f28d09453d8fc012fc8eb1dd53e3583f.

Nuzo 1.0.0

Choose a tag to compare

@fabionfsc fabionfsc released this 05 Jul 21:41
ede98f7

Added

  • A release-blocking developer-experience gate now validates staged npm
    packages, CLI help and diagnostics, MCP startup, Codex and Claude Code
    plugin layouts, first-run setup guidance, and cross-session host behavior.
  • The documentation site now serves a one-line, npm-backed installer at
    https://nuzo.com.br/install.sh; it validates Node.js and npm, supports
    exact Nuzo versions, verifies the installed CLI, and leaves host changes to
    the explicit nuzo setup command.
  • Docker installer smoke coverage now exercises prerequisite failures, latest
    and pinned package selection, and real registry installs on supported
    Node.js 22 and 24 images across Debian and Alpine environments.

Changed

  • CLI commands, MCP handlers, runtime configuration parsing, core memory
    service internals, and benchmark harnesses are split into focused modules
    while preserving the stable public CLI, MCP, storage, and package contracts.
  • TypeScript test code now follows the same explicit typing and unused-code
    standards as production code.
  • Public release and operations guidance now reflects the completed 1.0.0
    readiness audit, the stable package boundary, and current installation and
    validation workflows.
  • GitHub Pages deployments now run only for site-relevant changes and cancel
    superseded deployments, avoiding unrelated and conflicting deploy jobs.

Fixed

  • Capture suggestions preserve an uncertain result when bounded candidate
    evaluation cannot establish an exhaustive duplicate or conflict decision.
  • Core use cases now validate identifiers, revisions, pagination inputs,
    import payloads, configuration limits, and scope boundaries before storage
    or policy execution.
  • Managed-host postinstall refresh resolves only trusted executables from the
    npm lifecycle environment and refuses unsafe or ambiguous command paths.
  • Lifecycle-hook stdin reads now enforce byte and time limits so malformed or
    stalled hosts cannot cause unbounded buffering or waiting.
  • Release preparation now updates packaged plugin instructions while
    preserving historical and stable 1.0.0 policy references during later
    patch releases.

Security

  • Secret scanning now detects fine-grained GitHub personal access tokens in
    direct writes and imports without weakening false-positive controls.
  • Backup, export, model, plugin, and managed-host writes now reject symlinked
    destinations and unsafe path components before replacing local files.

Nuzo 0.9.1

Choose a tag to compare

@fabionfsc fabionfsc released this 01 Jul 16:46
6625edd

Changed

  • Codex and Claude Code guidance now recognizes explicit durable-intent language such as "always do this", "from now on", and "remember this" as a trigger to propose the Nuzo capture flow, while keeping every inferred write behind a visible draft and explicit user confirmation.
  • When a request combines an immediate safe action with a durable instruction, host guidance now performs the immediate action and then proposes the reusable behavior for confirmed capture, including workflows such as creating AGENTS.<folder-name>.md in future directories.
  • Public installation guidance now separates the one-time nuzo setup path from native host marketplace installation more clearly and keeps routine upgrade instructions concise.
  • Hook documentation now identifies the expected SessionStart and UserPromptSubmit trust prompts and states that both hooks perform bounded, read-only recall and never write memory.

Packages

  • @nuzo/memory-core@0.9.1
  • @nuzo/memory@0.9.1

The legacy transition packages remain deprecated at their final 0.9.0 release.

Nuzo 0.9.0

Choose a tag to compare

@fabionfsc fabionfsc released this 01 Jul 01:07
e775e17

Added

  • The CLI now supports local store recovery commands:
    nuzo memory integrity, nuzo memory backup --path <file>, and
    nuzo memory restore <file> --yes, including WAL-safe SQLite online backup
    validation before restore.
  • nuzo memory doctor --json now exposes the same content-free store,
    integrity, Git tracking, warning, and status diagnostics in a stable
    machine-readable shape.
  • The Nuzo CLI now includes explicit host bootstrap commands:
    nuzo setup, nuzo host install codex, nuzo host install claude-code, and
    nuzo host install --all, with dry-run, JSON, and non-interactive
    confirmation support.
  • nuzo update and targeted nuzo host update commands now update only
    already-installed Codex and Claude Code plugins, preserve the Claude Code
    install scope, and avoid repeating first-time setup.
  • The shared runtime resolver now discovers ancestor project configuration,
    resolves canonical project roots, enforces trusted host authorization, and
    reports non-sensitive configuration provenance.
  • Repository marketplaces now expose the tracked Nuzo plugin as
    nuzo@nuzo-memory for Codex and Claude Code without a source checkout or a
    redundant global runtime install.
  • CI now validates native marketplace discovery and installation with pinned
    Codex and Claude Code CLIs on Node.js 24.
  • MCP and host hook doctor diagnostics now include the same content-free
    SQLite integrity summary as the CLI.
  • Deterministic public-documentation contracts now guard release versions,
    version-gated commands, MCP tool names and count, supported Node.js lines,
    npm package guidance, and user-versus-maintainer navigation in CI and Pages.
  • Supply-chain validation now requires GitHub Actions workflow uses: entries
    to be pinned to reviewed commit SHAs and release npm installation to use an
    exact reviewed version.
  • Documentation CI now validates Markdown links, anchors, bounded external
    links, shell snippet syntax, setup/update command drift, and core public
    terminology across user-facing entry points.
  • CI now validates staged npm and generated plugin artifacts across the
    supported Linux x64, macOS x64, and Windows x64 runtime matrix on Node.js 22
    LTS and 24 LTS.

Changed

  • nuzo memory doctor now reports SQLite store integrity status and surfaces
    integrity failures as warnings.
  • Host setup output now explains why each command runs and shows explicit
    non-interactive examples for Codex, Claude Code, and both hosts.
  • Published MCP and lifecycle-hook paths now default to the active project and
    user scopes in restricted mode, while the local CLI remains an explicit
    administrator workflow.
  • Public GitHub, npm, getting-started, CLI, and host documentation now define
    setup as a one-time operation and managed update as the routine upgrade path
    planned for 0.9.0.
  • Tracked host plugin sources now resolve the exact matching
    @nuzo/memory runtime and remain version-aligned through release tooling.
  • README, homepage, Getting Started, clean install, CLI, and host plugin pages
    now lead with tested user installation and cross-session verification paths.
  • Current 0.8.1 onboarding now excludes host-bootstrap and recovery commands
    until those capabilities are published, while the 0.9.0 release gate
    requires the new setup path to return to GitHub, Pages, and npm documentation.
  • @nuzo/memory-cli and @nuzo/mcp-server now identify 0.9.0 as their final
    planned release before npm deprecation in favor of @nuzo/memory.
  • npm staging, publish-target checks, and publish automation now derive from a
    shared package policy: 0.9.0 still includes the two legacy transition
    packages, while later versions publish only @nuzo/memory-core and
    @nuzo/memory and reject retired legacy staging.
  • Benchmark fixtures now distinguish portable JSON exports from operational
    SQLite backups.
  • MCP memory.list, memory.history, and memory.export responses are now
    bounded with explicit limit, next_cursor, and truncated pagination
    fields. The local CLI keeps full export as an explicit administrator action.

Fixed

  • Semantic model inspection now verifies pinned file digests and rejects
    missing, truncated, altered, unreadable, or symlinked model files before
    reporting ready or skipping provisioning repair.

Nuzo 0.8.1

Choose a tag to compare

@fabionfsc fabionfsc released this 29 Jun 14:31
f9147dc

Security and release-harness patch.

  • Enforces restricted-scope authorization before returning memory history metadata.
  • Keeps published NUZO-37 canaries strict while suppressing non-fatal npm warning noise.
  • Records the exact 0.8.0 post-release validation evidence.

All current Nuzo packages and generated host plugin manifests remain version-aligned at 0.8.1.

Nuzo 0.8.0

Choose a tag to compare

@fabionfsc fabionfsc released this 29 Jun 08:30
49336cf

Added

  • CI now gates the canonical recall benchmark, the historical capture baseline,
    and the current bounded capture relationship profile on every pull request.
  • A published optional-semantics smoke validates registry-installed fallback,
    optional peer installation, local sidecar rebuild, and semantic/hybrid recall
    against exact published packages.
  • The optional-semantics benchmark now includes a medium-store profile with
    scoped status, fallback, cold and warm hybrid recall, peak RSS, canonical row
    counts, vector row counts, and authorized vector count gates.
  • The NUZO-37 host canary proves the generated Codex and Claude Code artifacts
    deliver the same user:default autoload instruction across fresh hook
    invocations while preserving the untrusted-memory boundary.
  • An optional native host canary installs the Codex artifact through a temporary
    local marketplace and validates the Claude Code artifact with the npm
    distributed Claude Code CLI.

Changed

  • Release validation now explicitly includes the medium-store semantic gate,
    the NUZO-37 host canary, and a post-release issue-hunting pass for focused
    roadmap follow-up.
  • Repository layout documentation now states that tools/ is versioned
    repository automation, not a runtime npm package surface.

Fixed

  • MCP runtime shutdown now awaits optional semantic provider disposal before
    closing the SQLite database or exiting on signals.
  • Scoped semantic index status now queries only authorized vector scopes in SQL
    instead of loading all sidecar vectors and filtering unrelated scopes in
    JavaScript.
  • Host-hook fixtures now use explicit /example/... paths instead of
    host-looking /opt/... paths.

Nuzo 0.7.0

Choose a tag to compare

@fabionfsc fabionfsc released this 29 Jun 07:09
b8c1d82

Nuzo 0.7.0

Added

  • Optional local semantic retrieval with a core provider contract, disposable revision-aware SQLite sidecar, atomic rebuild/clear, cosine search, and hybrid reciprocal-rank fusion.
  • Pinned offline Transformers.js provider using all-MiniLM-L6-v2-ONNX q4 vectors, explicit checksum-verified provisioning, and local-files-only inference behind an optional peer.
  • CLI semantic status, provision, rebuild, clear, semantic/hybrid recall, JSON diagnostics, and fallback controls.
  • Additive MCP semantic/hybrid recall fields with machine-readable requested/effective mode and fallback diagnostics.
  • Public synthetic benchmark, real-provider evaluation, staged-artifact validation, and independently gated English quality and safety evidence.

Changed

  • Hybrid recall conservatively contributes only the strongest semantic candidate alongside bounded FTS results.
  • Default installs remain FTS-only and do not include Transformers.js or model files.

Fixed

  • JSON import now uses one no-follow descriptor for file type, size, and reading, closing a file-swap race.
  • Semantic freshness checks ignore unrelated unauthorized scope changes.

See the 0.7.0 release gates and optional semantics guide.

Nuzo 0.6.0

Choose a tag to compare

@fabionfsc fabionfsc released this 29 Jun 01:26
c469a3f

Nuzo 0.6.0

Added

  • Explicit confirmed capture decisions in core, MCP, and CLI through
    memory.confirm_capture / nuzo memory confirm-capture, routing confirmed
    creates and keep-separate choices through canonical remember behavior,
    confirmed replacements through revision-checked update behavior, and reject
    or clarify choices through zero-write results.
  • Opt-in bounded Capture Intelligence relationship evidence in core, MCP, and
    CLI for memory.suggest_capture, covering update, related, independent,
    uncertain, exact duplicate, policy-blocked, scope, archived, and evidence
    limit cases without writes.
  • MCP protocol and CLI output coverage for bounded Capture Intelligence
    relationship evidence, including compatibility defaults, policy errors,
    IDs, revisions, candidate limits, reasons, and zero-write invariants.
  • Deterministic Capture Intelligence benchmark with a reproducible v0.5.0
    baseline, English-primary relationship fixtures, and zero-write, policy,
    scope, archived, latency, and evidence-bound safety gates.

Nuzo 0.5.0

Choose a tag to compare

@fabionfsc fabionfsc released this 28 Jun 13:43
377df3e

Recall Quality

Nuzo 0.5.0 makes local recall quality measurable and improves SQLite FTS ranking using reproducible evidence.

Added

  • Deterministic public recall benchmark with 103 synthetic fixtures and 31 cases.
  • Primary English quality gate plus Portuguese, Unicode, multilingual, tag, scope, bounded-result, archived, global, and no-match coverage.
  • Reproducible comparison support for running the fixture harness against another built core revision.

Changed

  • SQLite recall filters weak single-term noise from specific multi-term prompts.
  • Exact topical tags and scoped unique terms remain strong, inspectable ranking evidence.

Evidence

  • v0.4.0: 96.8% top-1, 96.8% expected recall, 50.0% noise overall; English 92.3% top-1 and 64.3% noise.
  • 0.5.0: 100% top-1, 100% expected recall, 100% ranking-reason coverage, 0% noise.
  • Lifecycle hook matrix remains bounded and read-only across 75 memories and 53 scenarios.

v0.4.0

Choose a tag to compare

@fabionfsc fabionfsc released this 28 Jun 04:35
db8d87a

Summary

  • Adds store-wide audit queries across core, CLI, and MCP.
  • Documents source vs actor provenance and JSON export/import provenance behavior.
  • Defines legacy transition package lifecycle policy for @nuzo/memory-cli and @nuzo/mcp-server.

Validation

  • Node 22 and Node 24 CI passed.
  • Documentation validation passed.
  • CodeQL passed.
  • npm artifact validation and host plugin smokes passed locally before release preparation.