This release includes 1 security fix for security teams reviewing exposed deployments.
Published 3mo
MCP Developer Tools
✓ No known CVEs patched
This release patches 1 known CVE
Topics
agent-memory
ai-assistant
ai-coding
ai-coding-assistant
ai-memory
ai-tools
+14 more
chromadb
claude-code
coding-assistant
developer-tools
llm
long-term-memory
mcp
mcp-server
memory
model-context-protocol
opencode
persistent-memory
python
semantic-search
Summary
AI summarySidecar becomes sole scorer for OpenCode and fixes a race condition injecting recent exchanges.
Full changelog
Sidecar-only scoring, cold start recovery, CLI sidecar setup
- Sidecar is sole scorer for OpenCode (main LLM no longer prompted to score)
roampal sidecar setupCLI command for one-command scorer configuration- Init-time sidecar model selection with auto-detection
- Wilson-only ranking for memory_bank facts with 3+ uses
- CLI polish: NO_COLOR, --no-input, --json, exit codes, cached update checks
- Security: bare excepts fixed, cache TTL eviction, collection prefix safety
- Package weight: ~280 MB lighter (removed scipy, nltk)
- Fixed recent exchanges injection race in OpenCode plugin
Breaking Changes
- Main LLM no longer prompted to score; sidecar is sole scorer for OpenCode
Security Fixes
- Fixed bare excepts, cache TTL eviction issues, and collection prefix safety
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About roampal-ai/roampal-core
Outcome-based persistent memory for AI coding tools. Memories that help get promoted, memories that mislead get demoted. Works with Claude Code and OpenCode via hooks + MCP.
Related context
Beta — feedback welcome: [email protected]