Skip to content

Maekon v0.0.1-rc.6

Pre-release
Pre-release

Choose a tag to compare

View all tags
@github-actions github-actions released this 13 Jun 05:09
v0.0.1-rc.6
This tag was signed with the committer’s verified signature.
pseudotop
SSH Key Fingerprint: 2d2LWfU9RKrrw/d4ce9YuB7gkn0fsK1fgqdkNmDrmGo
Verified
Learn about vigilant mode.
29f3fce
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Maekon v0.0.1-rc.6 — Released June 13, 2026

Built: 2026-06-13 UTC · Commit: 29f3fce82

What's Changed

Added

  • Local symbolic memory-graph layer (ADR-023): SQLite claim substrate with
    digest-to-claim promotion, belief-revision orchestration, rule-seeded
    app-sequence edges, and accumulated claims in the digest export, all behind
    the egress-gated safety foundation.
  • Standalone local LLM support: llm_provider=Local routes to a real Ollama
    instance in every access mode, with host/model configuration respected,
    installed-model negotiation at chat session create, loopback embedding
    delegation in release builds, BYOK/OAuth direct adapters available outside
    the server feature, and a LocalModel access-mode selector in settings.
  • Codex/ChatGPT provider integration: app-server JSON-RPC invocation mode
    with initialize handshake, request timeout and idle policies, process-group
    reap, native thread continuity and resume, streaming event mapping,
    structured auth probes, a fail-closed approval loop with in-app approval
    UI, turn steer/interrupt, token-usage reporting, and graceful fallback to
    codex exec behind a rollout flag.
  • LAN sync activation: storage-backed sync server with client-side TLS and
    TOFU certificate-fingerprint pinning, persistent HLC clock infrastructure
    with HLC-stamped writes, and cross-device GDPR Art.17 erasure through a
    retained tombstone outbox with garbage collection and convergence coverage.
  • Consent foundation (GDPR): production consent IPC gating every collector,
    in-app consent UI with onboarding and withdraw-first delete-all, a separate
    microphone consent tier with push-to-talk re-gating, consent revoke → full
    local erasure with a structural drain barrier and restart-durable fire-once
    deletion events, an egress audit ledger with per-field gates and audit
    export, and explicit disclosure that exported/backup files survive erasure.
  • Keyword-first hybrid search: union RRF with an exact-phrase tier and
    keyword fallback when embeddings are unavailable, plus CJK bigram-shadow
    FTS so Japanese/Korean keyword search lights up.
  • Local suggestion surfacing funnel: desktop toast with overlay auto-refresh,
    a rule-suggestion live-queue bridge for zero-config first-session value,
    and SQLite fallbacks for the history/stats/daily/deferred IPCs.
  • Automation runtime revival: natural-language intent hint bar, seven
    previously dead IPCs rewired including the human-in-the-loop confirm modal,
    and a confirmation-policy knob wired into intent-hint execution.
  • Weekly Digest UI at /week, coaching habit streaks with an onboarding
    opt-in step, and a local activity_segments producer lighting six
    previously empty standalone surfaces.
  • Enterprise managed configuration: an enforced managed-config layer that
    blocks MDM user overrides, an update version window (min/max kill-switch),
    and a managed cloud-STT policy with data-residency controls and a consent
    audit sentinel.
  • Tamper-evident audit log: SHA-256 hash chain with verify_audit_chain.
  • CI coverage: the test suite now also runs on macOS and Windows
    (platform-gated), with dedicated cells for cloud-STT, local Whisper,
    Windows sandbox, and macOS keychain integration tests.

Changed

  • Storage ports converged on async end-to-end (ADR-026), including an
    object-safe ConsentManagerPort consumed as Arc<dyn>.
  • Native macOS active-window capture replaces the osascript path, with
    monitor throttling and opt-in OTLP metrics.
  • Supply-chain posture: cargo-vet exemptions retired in bulk through imported
    registries, self-audits, and publisher trust; GitHub Actions and container
    references SHA-pinned; cargo-deny gates and SBOM generation hardened.
  • Test rigor: value-blind assert!(..is_ok()) / assert!(..is_err()) hedges
    across the workspace strengthened to .expect() / .unwrap_err() with
    value and variant assertions, enforced by new workspace lint gates.
  • Identifiers moved to the prefix+ULID convention (ADR-022).
  • Dependency baselines updated, including jsonwebtoken 10.4 (MSRV 1.88),
    xcap 0.9, mdns-sd 0.20, and lockfile refreshes.

Fixed

  • Async-safety sweep: blocking SQLite, filesystem, and TLS I/O moved to
    spawn_blocking across IPC commands, scheduler loops, screen capture, and
    OCR; scheduler maintenance handles are awaited so panics surface; task
    handles gained Drop/cancellation lifecycles.
  • Scheduler durability: regime state now checkpoints every 30 minutes,
    bounding crash-window learning loss.
  • Vector search at scale: queries route through the IVF index with
    brute-force fallback and an unindexed-delta supplement, the dimension cache
    rehydrates after restart, and nprobe scales with cluster count.
  • Korean content no longer panics the suggestion enqueue path
    (char-boundary-safe fingerprint truncation), and local-date queries use UTC
    half-open windows so non-UTC midnight segments are no longer dropped.
  • Local Whisper STT compiles and runs against whisper-rs 0.16 again (segment
    and language-id API drift), with the model hash gate corrected.
  • Windows: Tauri live dashboard connectivity restored, installer branding and
    NSIS setup publication fixed, a suggestions shortcut collision fallback
    added, and pnpm frontend installs stabilized.
  • Linux: GTK4 compile ports for the capture path, tray icon PNG dependency,
    and quieter no-GTK menu fallbacks.
  • gRPC: Bearer auth on all unary RPCs (not just subscribe),
    SubscribeSuggestions exempted from the 30-second channel timeout,
    single-flight token auto-refresh, and TLS configuration errors surfaced
    instead of being silently swallowed.
  • OAuth refresh works across multiple providers without phantom reauth
    alerts; the sandbox permissive-noop no longer silently drops automation
    actions.
  • Vision hot path avoids full-frame RGBA copies in delta encoding and
    thumbnailing; the onboarding dashboard URL is never the 0.0.0.0 bind
    address.

Security

  • CodeQL baseline driven to zero (path-injection canonicalization guards at
    filesystem sinks, hard-coded crypto fixtures removed, cleartext findings
    cleared) and the release-alert acceptance records emptied.
  • Window titles masked in tracing logs with a content-free digest on macOS
    and Windows, AX scene text masked before storage, and a field-access blind
    spot in the masking guard closed.
  • PII sanitizer wired at all four STT provider construction sites, and chat
    egress guarded with fail-closed PII sanitization including attachments.
  • Platform egress and the telemetry exporter are bound to consent
    (fail-closed), with deterministic egress record ids for crash-retry dedup.
  • LAN sync rejects row-origin spoofing, the file secret store gains Windows
    ACL hardening, and the sync passphrase enforces a minimum length.
  • Constant-time comparison for integration auth tokens; BYOK API keys
    redacted from Debug output.
  • Production Tauri CSP tightened and sandbox worker lookup restricted.

Downloads

Maekon is the app display name. Release filenames intentionally retain
maekon-* for installer, updater, and checksum compatibility.

Platform Architecture File Format
macOS Universal (arm64 + x64) maekon-macos-universal.dmg DMG Installer (signed)
macOS Universal (arm64 + x64) maekon-macos-universal.pkg PKG Installer (signed)
macOS Universal maekon-macos-universal.tar.gz Binary
macOS Apple Silicon maekon-macos-arm64.tar.gz Binary
macOS Intel maekon-macos-x64.tar.gz Binary
Windows x64 maekon-*.msi MSI Installer
Windows x64 maekon-windows-x64.zip Binary
Linux x64 maekon-*.deb DEB Package
Linux x64 maekon-linux-x64.tar.gz Binary

Quick Install

This is a prerelease. GitHub's latest release endpoint does not include
prereleases, so install commands are pinned to v0.0.1-rc.6.

macOS / Linux:

curl -fsSL -o /tmp/maekon-install.sh \
  https://raw.githubusercontent.com/pseudotop/maekon-client/v0.0.1-rc.6/scripts/install.sh
MAEKON_VERSION=v0.0.1-rc.6 bash /tmp/maekon-install.sh --require-signature

Windows (PowerShell):

$tmp = Join-Path $env:TEMP "maekon-install.ps1"
Invoke-WebRequest -UseBasicParsing -Uri "https://raw.githubusercontent.com/pseudotop/maekon-client/v0.0.1-rc.6/scripts/install.ps1" -OutFile $tmp
powershell -ExecutionPolicy Bypass -File $tmp -Version v0.0.1-rc.6 -RequireSignature

Full changelog: CHANGELOG.md

Assets 44
Loading