l33tdawg/sage

v8.2.1 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 7d AI Agents & Assistants

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

agentic-ai artificial-intelligence bft-consensus bft-network distributed-systems governance

Affected surfaces

deps

ReleasePort's take

Moderate signal

editorial:auto 6d

The v8.2.1 release patches four Dependabot‑identified CVEs and upgrades the Go toolchain.

Why it matters: Addresses high‑severity (severity 90) security vulnerabilities by closing 4 dependabot CVEs; upgrade to v8.2.1 to mitigate risk.

Summary

AI summary

Updates Quick Start (sage-gui) ```bash, sage-gui, and lint across a mixed release.

Changes in this release

Type	Severity	Summary	CVE
Security	Critical	Closes 4 dependabot CVEs and bumps Go toolchain version. Closes 4 dependabot CVEs and bumps Go toolchain version. Source: llm_adapter@2026-05-28 Confidence: high	—
Security	High	Fixes 15 code‑scanning findings using CodeQL. Fixes 15 code‑scanning findings using CodeQL. Source: llm_adapter@2026-05-28 Confidence: high	—

Full changelog

SAGE v8.2.1

Sovereign Agent Governed Experience — persistent, governed memory for AI agents.

Quick Start (sage-gui)

# Download and extract for your platform, then:
./sage-gui setup    # Interactive setup wizard
./sage-gui serve    # Start your personal memory node

See the README for full documentation.

Changelog

2010dc3f1fde86a25c1a3051ba5e6ffa6d151a83 fix(lint): annotate cookie G124 false positive — r.TLS-derived Secure
0eb7bda1e315de5b063919d08bd9849a10eb13df release(v8.2.1): close 4 dependabot CVEs + bump Go toolchain
73177e354bed75d6bcf95ae397c95ef0b6ad2fe8 security(codeql): fix 15 code-scanning findings + check in CodeQL workflow

Security Fixes

dep: Four dependabot CVEs closed by bumping Go toolchain (details omitted).

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track l33tdawg/sage

Get notified when new releases ship.

About l33tdawg/sage

Institutional memory for AI agents with real BFT consensus. 4 application validators vote on every memory before it's committed — no more storing garbage. 13 MCP tools, runs locally, works with any MCP-compatible model. Backed by 4 published research papers.

All releases →