From 1927cc88285977eebc80311986c1c1bf772c0e3d Mon Sep 17 00:00:00 2001 From: Ralph Chang Date: Mon, 27 Apr 2026 22:00:04 +0800 Subject: [PATCH] chore: prepare v1.3.1 release --- CHANGELOG.md | 43 +++++++++++++++++++++++++++++++------------ RELEASE_NOTES.md | 37 +++++++++++++++++++++++++++++++++++++ package.json | 2 +- 3 files changed, 69 insertions(+), 13 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e256449..d97cb05 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,36 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [1.3.1] - 2026-04-27 + +### Added + +- Pending journal retention: max 50 entries, 30-day TTL, automatic pruning on save. +- Plugin capability test to catch missing OpenCode hooks before release. +- CI workflow for weekly OpenCode plugin API compatibility testing. +- Indirect prompt-injection filtering for workspace memory candidates. +- Expanded credential redaction for common API key, token, secret, credential, auth, and private-key labels. + +### Fixed + +- Pending memory journal entries are now bounded and pruned instead of growing indefinitely. +- Adversarial memory candidates that try to override system instructions are rejected before storage. +- Broader credential-like labels are redacted from workspace memory text. + +### Changed + +- Memory dedupe is now repo-agnostic: project/reference entries use exact canonical text plus generic URL/path identity, while decision/feedback entries no longer use repository-specific topic heuristics. +- OpenCode plugin compatibility is documented and declared as `>=1.2.0 <2.0.0`. +- README limitations now concisely document compatibility, secret handling, semantic-memory scope, plugin ordering, and multi-process write boundaries. + +### Known Limitations + +- Compatibility is tested against OpenCode plugin API `>=1.2.0 <2.0.0`. +- Credential redaction is best-effort; do not store secrets. +- This is working memory, not semantic search. +- Other prompt or compaction plugins may conflict depending on plugin order. +- Multi-process writes to the same workspace are not fully serialized. + ## [1.3.0] - 2026-04-27 ### Added @@ -16,11 +46,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Remove absorbed/superseded keys from rejected set to avoid duplicate rejection tracking. - Memory quality evaluation fixtures covering accepted durable facts and rejected noisy facts. - Sharper compaction memory extraction prompt with concrete good/bad memory examples. -- Pending journal retention: max 50 entries, 30-day TTL, automatic pruning on save. -- Plugin capability test to catch missing OpenCode hooks before release. -- CI workflow for weekly OpenCode plugin API compatibility testing. -- Indirect prompt-injection filtering for workspace memory candidates. -- Expanded credential redaction for common API key, token, secret, credential, auth, and private-key labels. ### Fixed @@ -32,18 +57,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Changed +- Deferred pending journal safety cap implementation (see TODO in `src/pending-journal.ts`). - Clarified superseded accounting semantics: P0 emits events only, does not archive newly superseded records. - README structure was streamlined around the automatic memory flow and ongoing memory-quality work. - Architecture docs now describe `Memory candidates:` as the primary extraction format and XML candidate blocks as legacy. - Superpowers implementation plans are no longer tracked in git. -### Known Limitations - -- Compatibility is tested against OpenCode plugin API `>=1.2.0 <2.0.0`. -- Credential redaction is best-effort; do not store secrets. -- This is working memory, not semantic search. -- Multi-process writes to the same workspace are not fully serialized. - ## [1.2.3] - 2026-04-26 ### Added diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index bf9428e..5db9fba 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -1,5 +1,42 @@ # Release Notes +## 1.3.1 (2026-04-27) + +### Security and Reliability Patch + +This patch release keeps the v1.3 memory-consolidation model intact while tightening storage safety, compatibility checks, and repository-agnostic dedupe behavior. + +### What Changed + +- **Bounded pending journal**: pending memories are capped at 50 entries and pruned after 30 days. +- **Security hardening**: workspace memory candidates now reject indirect prompt-injection attempts, and redaction covers broader token, secret, credential, auth, and private-key labels. +- **Compatibility coverage**: plugin capability tests and weekly OpenCode plugin API compatibility CI help catch hook drift before release. +- **Repo-agnostic dedupe**: long-term memory dedupe no longer depends on hardcoded project-specific topic rules; project/reference memories use generic URL/path identity plus exact canonical matching. +- **Clearer limitations**: README and changelog now document compatibility, best-effort secret redaction, working-memory scope, plugin ordering, and multi-process write boundaries. + +### Thanks + +- Thanks @StevenChoo for the security hardening contribution in #3. + +### Upgrade Notes + +- No user migration is required. +- Existing workspace memory and pending journal files remain compatible. +- The OpenCode config entry stays the same: + +```json +{ + "plugin": ["opencode-working-memory"] +} +``` + +### Validation + +- `npm test` +- `npm run typecheck` + +--- + ## 1.3.0 (2026-04-27) ### Better Memory Consolidation diff --git a/package.json b/package.json index d1f4d7c..e7e21f8 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "opencode-working-memory", - "version": "1.3.0", + "version": "1.3.1", "description": "Three-layer memory architecture for OpenCode with workspace memory and hot session state", "type": "module", "main": "index.ts",