Skip to content

Releases: geanatz/curion

v0.3.6 — CLI help and version flags

Choose a tag to compare

@geanatz geanatz released this 30 Jun 10:57

v0.3.6 — CLI help and version flags

Highlights

  • curion --help / -h and curion --version / -v flag interception. Flag invocations print to stdout and exit 0 before any storage or MCP transport startup, never create or touch the project-local .curion/ directory, and never write to stderr. Normal MCP stdio behaviour for unflagged invocations is unchanged.
  • Runtime server version now syncs from package.json. The McpServer serverInfo.version field is sourced from a generated src/version.ts constant regenerated by scripts/sync-version.mjs on every prebuild / pretest. The previous hardcoded "0.2.0" fallback is gone, so the MCP initialize response, the --version CLI output, and the npm tarball version all stay in lock-step with package.json#version.
  • 15 unit and end-to-end subprocess tests in tests/cli-flags.test.ts covering buildHelpText, the VERSION constant, buildServer using VERSION, and the four flag invocations plus combined-flag argv-order precedence and a no-flag regression guard.

Not changed

  • Public MCP API (remember, recall, text / structuredContent, clarification_needed).
  • Storage, detector, controller, projection layers.
  • npm package name (@geanatz/curion), binary name (curion), Trusted Publishing / OIDC provenance path.

Install

npm install -g @geanatz/curion
curion --version   # 0.3.6
curion --help

v0.3.5

Choose a tag to compare

@geanatz geanatz released this 30 Jun 10:06

v0.3.5 — 2026-06-30

Documentation-only patch release. No source-code, runtime, MCP-surface, or release-engineering changes. npm Trusted Publishing + provenance unchanged.

Changed

  • README top-level file links are now absolute GitHub URLs. The License badge target and License body link, plus the Contributing section's CONTRIBUTING.md, CODE_OF_CONDUCT.md, and SECURITY.md links, now point at https://github.com/geanatz/curion/blob/main/<file>. GitHub renders both forms identically; the absolute form is required on the npm registry because only LICENSE, README.md, and package.json ship at the top of the npm tarball, so the relative CONTRIBUTING.md, CODE_OF_CONDUCT.md, and SECURITY.md links silently 404'd for consumers reading the README from the npm page.

Fixed

  • .mcp.json is now gitignored. Claude Code's claude mcp add --scope project writes a project-scoped .mcp.json that may contain environment-variable bindings and must not be committed.

Verification

  • npm: npm view @geanatz/curion version0.3.5, dist-tags.latest0.3.5.
  • npm tarball top-level files: LICENSE, README.md, package.json (no CHANGELOG.md / CONTRIBUTING.md / CODE_OF_CONDUCT.md / SECURITY.md shipped — README links now absolute).
  • Provenance: SLSA v1 attestation present.
  • Publish workflow: https://github.com/geanatz/curion/actions/runs/28436276404 → success.

v0.3.4

Choose a tag to compare

@geanatz geanatz released this 30 Jun 09:53

v0.3.4

Documentation-only patch release. No runtime, source, detector, storage,
controller, projection, MCP-surface, or release-engineering change versus
v0.3.3. The npm package remains @geanatz/curion and the Trusted
Publishing / provenance path is unchanged.

What this release does

  • Fixes npm README documentation links. The v0.3.3 README shipped
    to the npm registry with relative docs/*.md links that 404 on
    npmjs.org because the docs/ directory is not included in the npm
    tarball — only README.md, LICENSE, and the package contents are.
    v0.3.4 re-publishes the README with absolute
    https://github.com/geanatz/curion/blob/main/docs/<page>.md URLs
    (with the same fragment anchors the relative links used), so the
    "MCP client setup", "Configuration", "API reference", and
    "Privacy & storage" links from the README resolve correctly when the
    README is read from the npm registry. The docs/ pages themselves,
    the install command, the MCP server identity, and the public API
    surface are unchanged.
  • No stale references re-introduced. No v0.2.0 is tagged framing,
    no gpt-5.5 model placeholder, no unscoped npm install curion
    install line. The npm README and the GitHub README continue to match.

Install

npm install -g @geanatz/curion

The curion binary on PATH is the MCP stdio server entrypoint. Always
start it through an MCP client that manages the stdio transport.

Publishing

Published to npm with provenance attestation via Trusted Publishing
(OIDC) — no long-lived NPM_TOKEN secret is read or required. Verify
the attestation with npm audit signatures or the npm registry's
"Provenance" panel on the package page.

See CHANGELOG.md for the full v0.3.4 section.

v0.3.3

Choose a tag to compare

@geanatz geanatz released this 29 Jun 23:43

v0.3.3

Documentation-only patch release. No runtime, source, detector, storage,
controller, projection, MCP-surface, or release-engineering change versus
v0.3.2. The npm package remains @geanatz/curion and the Trusted
Publishing / provenance path is unchanged.

What this release does

  • Syncs the npm README with the GitHub README. The README shipped to
    the npm registry is now the same focused "What / Why / Install / Quick
    start / Other clients / Features / Privacy / Config / Docs /
    Contributing / License" form that renders on the GitHub project page.
  • Splits long-form docs into docs/. Per-client MCP setup
    (docs/mcp-clients.md), the full environment-variable reference
    (docs/configuration.md), the full tool / status / output reference
    (docs/reference.md), and the privacy / storage deep dive
    (docs/privacy-storage.md) now live as separate pages linked from the
    README. The public MCP API surface is unchanged.
  • Removes stale strings. No v0.2.0 is tagged framing, no gpt-5.5
    model placeholder, no unscoped npm install curion install line. The
    npm README and the GitHub README match.

Install

npm install -g @geanatz/curion

The curion binary on PATH is the MCP stdio server entrypoint. Always
start it through an MCP client that manages the stdio transport.

Publishing

Published to npm with provenance attestation via Trusted Publishing
(OIDC) — no long-lived NPM_TOKEN secret is read or required. Verify
the attestation with npm audit signatures or the npm registry's
"Provenance" panel on the package page.

See CHANGELOG.md for the full v0.3.3 section.