Release Notes
Added
- Distribution: Homebrew formula publishing via cargo-dist (tap
radotsvetkov/homebrew-memora) for the CLI, alongside the existing shell installer and GitHub release binaries. crates.io readiness for the libraries (internal deps centralized in [workspace.dependencies] with versions; memora-llm and memora-core package cleanly). See RELEASING.md for both channels.
memora verify: verify an AI answer's citations against a vault and exit non-zero if any cannot be proven (reads a file or stdin, --json for machine output, --allow-superseded). Built on the Memora facade. Plus a reusable GitHub Action (.github/actions/verify) so a pipeline fails the build on an unprovable citation ("CI for hallucinations"). Verdict rendering is shared with memora demo via a single module.Memora::query_verified: the LLM-backed cited-answer path on the facade (cloud providers gated behind MEMORA_ENABLE_NETWORK_LLM). The CLI query command is now a thin wrapper over the facade, removing duplicated wiring; the network gate is centralized in memora_core::vault_config::network_llm_enabled.- Owned
Memora library facade (Memora::open, validate, search, claim) so the engine is embeddable from other Rust code without touching the lifetime-borrowed internals. memora-core gained crates.io metadata (description, keywords, categories).
- Supply-chain and contract gates in CI:
cargo-deny (advisories, licenses, bans, sources) via deny.toml, plus the deterministic citation-rejection benchmark now runs in CI so a regression in the core guarantee fails the build.
memora demo: a zero-config, no-API-key, offline command that builds an ephemeral vault and runs the real validator over an AI answer containing every failure mode (verified, hallucinated id, misquote, post-edit hash mismatch, superseded), rendering a terminal verdict and an optional HTML "Proof Report" (--open).- Type-enforced redaction choke-point (
RedactedPayload) at the LLM wire boundary: secret claim content cannot reach a cloud provider without passing through redaction, enforced across the challenger, answer, consolidate, contradiction, and extraction paths (forgetting to redact a new egress site is now a compile error).
Superseded citation status: a cited claim whose valid_until has expired is surfaced as superseded rather than asserted as current. Exposed via the validator, CitedAnswer.superseded_count, and MCP memora_verify_claim (superseded + valid_until).- Deterministic, no-API-key citation-rejection benchmark (
make bench → bench_citation_rejection): measures fabricated-citation rejection rate and valid-citation preservation rate over a labeled fixture, exits non-zero on regression (CI gate for the core contract).
Changed
- Citation fingerprints are now full-width blake3 (256-bit) instead of 64-bit truncated. Legacy 64-bit fingerprints from older indexes still verify until the vault is re-indexed.
- Cloud embedding providers (
[embed] provider = "openai") are gated behind MEMORA_ENABLE_NETWORK_LLM=1 in memora-core (covering both CLI and MCP), and the real OpenAiEmbedder is now wired (it previously fell through to deterministic local vectors).
- CLI cloud LLM and embedding calls are gated behind
MEMORA_ENABLE_NETWORK_LLM=1 (parity with MCP); a config line can no longer silently route content off-machine.
- Secret-claim subjects are redacted (not only predicate/object) before cloud calls.
- Repositioned README, docs, and landing page around verifiable citation rejection; dropped the "cognitive memory" framing; added an explicit "provenance integrity, not entailment" boundary; rewrote the comparison to confront Mem0/Zep/Letta/Cognee and the Anthropic Citations API honestly.
- Rebuilt the landing page with a cleaner, professional design (sans body type, restrained palette, accurate copy, an honest static render of
memora demo) and polished the README to feature the demo and read more naturally.
Fixed
- Staleness propagation is now transitive: editing a source claim marks its derivatives and their derivatives in turn (A → B → C marks both B and C), with cycle protection. Previously only direct (single-hop) derivatives were marked.
- First-run
database is locked noise: establish WAL mode on a single connection before the pool opens connections concurrently, so they don't race the journal-mode switch on a fresh db.
- The challenger now routes all prompts through the privacy filter (it previously embedded raw secret claims and note spans into cloud prompts).
- Removed fabricated placeholder benchmark numbers:
bench_personal_vault printed hardcoded metrics (0.94/0.88/0.00) and bench_locomo returned retrieval@k = 1.0 for any non-empty fixture; both are now honest.
Install memora-cli 0.1.29
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/radotsvetkov/memora/releases/download/v0.1.29/memora-cli-installer.sh | sh
Install prebuilt binaries via Homebrew
brew install radotsvetkov/memora/memora-cli
Download memora-cli 0.1.29
