This release adds 1 notable feature for engineering teams evaluating rollout.
✓ No known CVEs patched in this version
Topics
+8 more
Affected surfaces
Summary
AI summaryEnforce SHA256 checksum verification for rclone downloads.
Full changelog
v1.4.0 (2026-03-01)
This release is published under the MIT License.
Bug Fixes
-
Integrate PRs #96, #92, #86, #80 (uuid randomness, dos protection, config security) (
4cd8aca) -
Multiple security and stability fixes (#120, #124, #125, #126) (
5b8a4e0) -
Update dependencies to address vulnerabilities (
8b0c819) -
db: Optimize tag filtering with sql json_each (
3ca620c)
Chores
-
Remove accidental .orig and .rej files (
4b013eb) -
deps: Update astral-sh/setup-uv action to v7 (#131,
795a29d) -
deps: Update rclone/rclone docker tag to v1.73.1 (#140,
f629bf4)
Features
Performance Improvements
-
Optimize export_jsonl to use memory-efficient tuple stream (#127,
8e1b050) -
db: Optimize
import_jsonlwith batched queries and bulk inserts (#136,d946de8)
Detailed Changes: v1.3.0...v1.4.0
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About n24q02m/mnemo-mcp
Persistent AI memory with SQLite hybrid search (FTS5 + semantic). Built-in Qwen3 embedding, rclone sync across machines. Zero config, no cloud, no limits.
Related context
Beta — feedback welcome: [email protected]