This release includes 1 breaking change for platform teams planning a safe upgrade.
✓ No known CVEs patched in this version
Topics
+8 more
Affected surfaces
Summary
AI summaryCredential resolution now relays only when no local credentials are present.
Full changelog
v1.13.0 (2026-03-27)
This release is published under the MIT License.
Bug Fixes
-
Credential resolution order -- relay only when no local credentials (
6d8977b) -
Pin Docker base images to SHA digests (
6c30030) -
Pin pre-commit hooks to commit SHA (
dec810c) -
Resolve ty type check errors (
84210e6) -
Send complete message to relay page after config saved (
89f731f) -
cd: Remove empty env blocks from OIDC migration (
76124bb) -
cd: Replace GH_PAT with GitHub App installation token (
f90d67f) -
cd: Use PyPI OIDC trusted publishing instead of PYPI_TOKEN (
8610942) -
ci: Consolidate SMTP_USERNAME and NOTIFY_EMAIL into one secret (
a2a5e7f) -
ci: Consolidate SMTP_USERNAME+PASSWORD into SMTP_CREDENTIAL (
fac7205) -
ci: Remove CODECOV_TOKEN, use tokenless upload (
66d2ce1) -
ci: Use Vertex AI WIF instead of GEMINI_API_KEY for code review (
5b6bbb7) -
tests: Clear env vars before testing ensure_config file/relay paths (
1015f30) -
tests: Update mock paths for lazy imports (
3ed82a9) -
tests: Use Any type to satisfy ty 0.0.25 stricter checking (
e21c383)
Chores
Features
-
Relay-first startup — always show relay URL (
da342d6) -
Replace rclone with Google Drive API for sync (
0607fca)
Detailed Changes: v1.12.0...v1.13.0
Breaking Changes
- Credential resolution changed: relays only when no local credentials are available.
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About n24q02m/mnemo-mcp
Persistent AI memory with SQLite hybrid search (FTS5 + semantic). Built-in Qwen3 embedding, rclone sync across machines. Zero config, no cloud, no limits.
Related context
Beta — feedback welcome: [email protected]