Releases: geanatz/curion
Release list
v0.3.6 — CLI help and version flags
v0.3.6 — CLI help and version flags
Highlights
curion --help/-handcurion --version/-vflag interception. Flag invocations print to stdout and exit 0 before any storage or MCP transport startup, never create or touch the project-local.curion/directory, and never write to stderr. Normal MCP stdio behaviour for unflagged invocations is unchanged.- Runtime server version now syncs from
package.json. The McpServerserverInfo.versionfield is sourced from a generatedsrc/version.tsconstant regenerated byscripts/sync-version.mjson everyprebuild/pretest. The previous hardcoded"0.2.0"fallback is gone, so the MCPinitializeresponse, the--versionCLI output, and the npm tarball version all stay in lock-step withpackage.json#version. - 15 unit and end-to-end subprocess tests in
tests/cli-flags.test.tscoveringbuildHelpText, theVERSIONconstant,buildServerusingVERSION, and the four flag invocations plus combined-flag argv-order precedence and a no-flag regression guard.
Not changed
- Public MCP API (
remember,recall,text/structuredContent,clarification_needed). - Storage, detector, controller, projection layers.
- npm package name (
@geanatz/curion), binary name (curion), Trusted Publishing / OIDC provenance path.
Install
npm install -g @geanatz/curion
curion --version # 0.3.6
curion --helpv0.3.5
v0.3.5 — 2026-06-30
Documentation-only patch release. No source-code, runtime, MCP-surface, or release-engineering changes. npm Trusted Publishing + provenance unchanged.
Changed
- README top-level file links are now absolute GitHub URLs. The License badge target and License body link, plus the Contributing section's
CONTRIBUTING.md,CODE_OF_CONDUCT.md, andSECURITY.mdlinks, now point athttps://github.com/geanatz/curion/blob/main/<file>. GitHub renders both forms identically; the absolute form is required on the npm registry because onlyLICENSE,README.md, andpackage.jsonship at the top of the npm tarball, so the relativeCONTRIBUTING.md,CODE_OF_CONDUCT.md, andSECURITY.mdlinks silently 404'd for consumers reading the README from the npm page.
Fixed
.mcp.jsonis now gitignored. Claude Code'sclaude mcp add --scope projectwrites a project-scoped.mcp.jsonthat may contain environment-variable bindings and must not be committed.
Verification
- npm:
npm view @geanatz/curion version→0.3.5,dist-tags.latest→0.3.5. - npm tarball top-level files:
LICENSE,README.md,package.json(noCHANGELOG.md/CONTRIBUTING.md/CODE_OF_CONDUCT.md/SECURITY.mdshipped — README links now absolute). - Provenance: SLSA v1 attestation present.
- Publish workflow:
https://github.com/geanatz/curion/actions/runs/28436276404→ success.
v0.3.4
v0.3.4
Documentation-only patch release. No runtime, source, detector, storage,
controller, projection, MCP-surface, or release-engineering change versus
v0.3.3. The npm package remains @geanatz/curion and the Trusted
Publishing / provenance path is unchanged.
What this release does
- Fixes npm README documentation links. The v0.3.3 README shipped
to the npm registry with relativedocs/*.mdlinks that 404 on
npmjs.org because thedocs/directory is not included in the npm
tarball — onlyREADME.md,LICENSE, and the package contents are.
v0.3.4 re-publishes the README with absolute
https://github.com/geanatz/curion/blob/main/docs/<page>.mdURLs
(with the same fragment anchors the relative links used), so the
"MCP client setup", "Configuration", "API reference", and
"Privacy & storage" links from the README resolve correctly when the
README is read from the npm registry. The docs/ pages themselves,
the install command, the MCP server identity, and the public API
surface are unchanged. - No stale references re-introduced. No
v0.2.0 is taggedframing,
nogpt-5.5model placeholder, no unscopednpm install curion
install line. The npm README and the GitHub README continue to match.
Install
npm install -g @geanatz/curionThe curion binary on PATH is the MCP stdio server entrypoint. Always
start it through an MCP client that manages the stdio transport.
Publishing
Published to npm with provenance attestation via Trusted Publishing
(OIDC) — no long-lived NPM_TOKEN secret is read or required. Verify
the attestation with npm audit signatures or the npm registry's
"Provenance" panel on the package page.
See CHANGELOG.md for the full v0.3.4 section.
v0.3.3
v0.3.3
Documentation-only patch release. No runtime, source, detector, storage,
controller, projection, MCP-surface, or release-engineering change versus
v0.3.2. The npm package remains @geanatz/curion and the Trusted
Publishing / provenance path is unchanged.
What this release does
- Syncs the npm README with the GitHub README. The README shipped to
the npm registry is now the same focused "What / Why / Install / Quick
start / Other clients / Features / Privacy / Config / Docs /
Contributing / License" form that renders on the GitHub project page. - Splits long-form docs into
docs/. Per-client MCP setup
(docs/mcp-clients.md), the full environment-variable reference
(docs/configuration.md), the full tool / status / output reference
(docs/reference.md), and the privacy / storage deep dive
(docs/privacy-storage.md) now live as separate pages linked from the
README. The public MCP API surface is unchanged. - Removes stale strings. No
v0.2.0 is taggedframing, nogpt-5.5
model placeholder, no unscopednpm install curioninstall line. The
npm README and the GitHub README match.
Install
npm install -g @geanatz/curionThe curion binary on PATH is the MCP stdio server entrypoint. Always
start it through an MCP client that manages the stdio transport.
Publishing
Published to npm with provenance attestation via Trusted Publishing
(OIDC) — no long-lived NPM_TOKEN secret is read or required. Verify
the attestation with npm audit signatures or the npm registry's
"Provenance" panel on the package page.
See CHANGELOG.md for the full v0.3.3 section.