Skip to content

Releases: yamantaka520/Agent-Memory-OS

v1.1.0 — Secure federation transport

Choose a tag to compare

@yamantaka520 yamantaka520 released this 14 Jul 15:21

Encrypted federation transport + sync-scoped token tier

Two additions for secure multi-node memory sharing:

🔐 App-layer sync encryption

Set a shared mesh key and sync bundles are wrapped in an authenticated AMOSENC1: envelope (Fernet — AES-128-CBC + HMAC-SHA256). The key is a separate secret from the bearer token and never crosses the wire, so memory content stays confidential even over plain HTTP or through a TLS-terminating proxy. Bundles encrypted under an unknown key are rejected, never merged.

agent-memory sync genkey                # mint a mesh key (needs the [secure-sync] extra)
export AGENT_MEMORY_SYNC_KEY=amos_sk_…   # set the SAME value on every node

Encryption is opportunistic — it engages only when a key is configured, so meshes upgrade smoothly.

🎫 Sync-scoped token tier

agent-memory token create --sync mints a federation-only bearer token (amos_sync_…) that authorizes only GET /api/node, GET /api/sync/export, POST /api/sync/import. Hand this to a peer instead of the admin token — a peer credential can no longer read or mutate memory through the API.

Also

  • Explicit certificate-verifying TLS context for https:// peer URLs
  • agent-memory-mcp console entry point (zero-install: uvx --from "agent-memory-os[mcp]" agent-memory-mcp)
  • doctor reports the new secure-sync extra
  • Docs updated throughout: SECURITY.md, THREAT_MODEL, USER_GUIDE, README (en/zh), INSTALLATION, DOCKER, SPEC, ROADMAP

Tests: 332 passed (10 new in test_secure_sync.py). An independent adversarial security review of the auth-scope and crypto paths found no defects.

Install: pip install -U "agent-memory-os[full]"

v1.0.5 — MCP shareable memories

Choose a tag to compare

@yamantaka520 yamantaka520 released this 13 Jul 23:43

MCP could only create private memories — so the team-memory value prop was unreachable through the primary interface. Fixed:

  • memory_add gains share: private (default) | global | team/team:<id> | project/project:<id> | agent:<id>. Bare team/project resolve to the caller's own membership when unambiguous.
  • New memory_share tool changes an existing memory's visibility (owner-only; propagates over sync).

Two agents (e.g. Claude Code + Codex) pointed at the same home now share team:/project: memory the moment it's written. Also marked Production/Stable.

pip install 'agent-memory-os[mcp]'

🤖 Generated with Claude Code

v1.0.4 — rich MCP tool descriptions

Choose a tag to compare

@yamantaka520 yamantaka520 released this 11 Jul 22:58

All 11 memory_* MCP tools now carry full docstrings (purpose, when-to-use, behaviour, ACL note, return shape) and a description on every parameter — self-describing tools for every MCP client. No behaviour change.

pip install 'agent-memory-os[mcp]'

🤖 Generated with Claude Code

v1.0.3 — complete Docker image

Choose a tag to compare

@yamantaka520 yamantaka520 released this 11 Jul 21:59

Docker packaging release. No engine/SDK changes from 1.0.2.

  • The published Docker image is now the complete AgentMemoryOS — Web console + MCP server + turbovec + CLI in one image — and dispatches by argument:
    • docker run -p 8000:8000 -v amos-data:/data yamantaka520/agent-memory-os:1.0.3 — web console
    • docker run -i --rm yamantaka520/agent-memory-os:1.0.3 mcp — stdio MCP server
    • docker run --rm yamantaka520/agent-memory-os:1.0.3 check — any CLI command
  • docker-compose (single + mesh) build the complete image too.

Verified end to end, including a real MCP introspection handshake against the container.

🤖 Generated with Claude Code

v1.0.2 — revocation fix, examples, governance, MCP Registry

Choose a tag to compare

@yamantaka520 yamantaka520 released this 11 Jul 21:02

The 1.x maturity pass. Highlights:

  • Fix (revocation staleness): client membership changes now invalidate the recall cache immediately — a removed member can no longer see a revoked team/project memory for a previously-cached query.
  • Runnable example: examples/team_memory.py — three agents, one store, hard ACL.
  • Importers: agent-memory import --from mem0|zep|chatgpt.
  • Security & governance: SECURITY.md, THREAT_MODEL.md, COMPATIBILITY.md (1.x SemVer promise), CONTRIBUTING.md + issue/PR templates.
  • Embeddings & scale guide; unencrypted-peer warning.
  • Now on the MCP Registry (io.github.yamantaka520/agent-memory-os).

pip install 'agent-memory-os[full]' · docker pull yamantaka520/agent-memory-os:1.0.2

🤖 Generated with Claude Code

v1.0.1 — docs refresh

Choose a tag to compare

@yamantaka520 yamantaka520 released this 11 Jul 19:49

Docs-only release. No code changes — the engine is identical to v1.0.0.

Published to refresh the PyPI project page (its description is frozen per version):

  • README status badges (PyPI / Python / CI / Docker pulls / License), a top navigation bar, and a fact-based "How it compares" table vs Mem0 and Zep/Graphiti (architecture positioning, not a benchmark).
  • New 繁體中文 README (README.zh-Hant.md) with an English⇄中文 language switch.
  • Web console dashboard screenshot in the README and the Docker Hub overview.

pip install 'agent-memory-os[full]' · docker pull yamantaka520/agent-memory-os:1.0.1

🤖 Generated with Claude Code

v1.0.0 — first stable release

Choose a tag to compare

@yamantaka520 yamantaka520 released this 11 Jul 18:45

First stable release of AgentMemoryOS — a local-first memory engine for AI-agent teams.

Install: pip install 'agent-memory-os[full]' · Docker: docker pull yamantaka520/agent-memory-os:1.0.0

Highlights

Trust model & revocation — post-hoc share/revoke now propagate across the mesh via an independent ACL clock (migration 15), so revoking access actually retracts already-synced memory. Per-peer policy is an enforced authorization scope: untrusted peers can only shrink visibility, never escalate, and can't rewrite org structure they don't own.

Observability & operabilityGET /healthz (integrity-aware readiness), GET /metrics (Prometheus), doctor stale-process detection; agent-memory update self-updater (upgrade + console restart via pidfile), service restart, backup --keep N (safe rotation), read-only web token tier, one-click ops maintenance.

Web console — version badge, token-usage dashboard cards (agent/team/project/total), self-update button, membership-audit viewer, graph scope filter — across 5 locales.

Quality — 300+ tests on a 3-OS CI matrix plus a migration upgrade-path job; two rounds of fan-out code + security review (reports under docs/reviews/); verified at 10k memories (add 0.17 ms, search <1 ms).

See CHANGELOG.md for the full list.

🤖 Generated with Claude Code

v0.14.0 — Federated org structure, ops tooling & team positioning

Choose a tag to compare

@yamantaka520 yamantaka520 released this 11 Jul 15:56

The team layer becomes correct end to end: the org structure federates so project:<id> means the same thing on every node, plus ops tooling for the messy realities (orphaned memory, reindex, updates).

Federated org structure (migration 14)

  • Convergent org sync: bundle v3 carries each team/project with an updated_at + full member set; import applies last-writer-wins and REPLACES the member set, so additions AND removals converge. Deletions propagate via org_tombstones (a reused id can't resurrect a deleted scope). Org export is scoped like memory; the subset invariant is preserved on import.
  • Membership audit (org_audit): every create/delete + member add/remove is recorded (actor + timestamp); client.org_audit_log() / GET /api/org/audit.

Ops & maintenance tooling

  • Orphan memories — a memory scoped to a team/project with no members is visible to nobody. agent-memory maintenance orphans [--delete], /api/maintenance/*, and a console Maintenance panel find and clean them; removing a member warns when it orphaned memory.
  • agent-memory maintenancescan / orphans / reindex / vacuum.
  • agent-memory update — detects host (pip) vs Docker + OS, checks PyPI, and upgrades via pip or prints the docker pull steps.

Also

  • README repositioned around AI-agent team operation.
  • Ships the v0.13.0 review fixes (create_project team-repoint, register_agent membership-preservation, project sharing in the API, CLI error handling, deleted-scope grant revocation).

245 tests; migrations 13 & 14 self-apply; validation PASS. Two-node org convergence verified.

Install / upgrade

pip install -U 'agent-memory-os[full]'   #  or: docker pull yamantaka520/agent-memory-os:0.14.0
agent-memory update                      #  <- the new self-updater

🤖 Generated with Claude Code

v0.13.0 — Teams & Projects

Choose a tag to compare

@yamantaka520 yamantaka520 released this 11 Jul 14:59

Agent Memory OS is built for AI-agent teams: teams and projects are now first-class, with membership as the ACL authority, so team-shared and project-shared memory are scoped and synced correctly.

First-class Teams & Projects (migration 13)

  • Membership modelteams, team_members, projects (each belongs to a team), project_members. The join tables are the ACL authority. A project's members must be a subset of its team's; leaving a team cascades out of its projects; deleting a team removes its projects; removing an agent clears its memberships. Existing flat agent.teams are backfilled.
  • project:<id> ACLvisibility: ["team:apollo"] reaches every team member; visibility: ["project:apollo-web"] reaches only that project's members. Recall, resonance, and re-indexing all follow membership changes automatically (query-time ACL).
  • Scoped syncexport_bundle(project=…) and a project:<id> peer policy bundle only a project's shared memory (to project members' nodes). share_memory/revoke_share gain to_project.
  • Manage it anywhere — WebUI Teams tab (create a team → pick node members; create projects → pick members from the team; fully translated across 5 locales), CLI agent-memory team|project …, and /api/teams + /api/projects.

233 tests; migration 13 self-applies; validation harness PASS. Verified end-to-end in the browser.

Install / upgrade

pip install -U 'agent-memory-os[full]'   #  or: docker pull yamantaka520/agent-memory-os:0.13.0

🤖 Generated with Claude Code

v0.12.1 — Web console login fix

Choose a tag to compare

@yamantaka520 yamantaka520 released this 11 Jul 14:02

Fixes the Web console login: it now shows a proper in-page token form instead of relying on a browser prompt() dialog (which browsers could suppress and which stacked up under the page's parallel API calls, leaving users unable to log in).

  • A 401 clears the stored token and reveals the login form.
  • Entering the token stores it in localStorage and reloads — no more prompt() popups.

Verified end-to-end in the browser. Docker image auto-published to yamantaka520/agent-memory-os:0.12.1.

Upgrade

pip install -U 'agent-memory-os[full]'

🤖 Generated with Claude Code