Smart-AI-Memory/empathy-framework

v4.9.1 Security

This release includes 2 security fixes for security teams reviewing exposed deployments.

Published 4mo AI Coding Tools

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 2 known CVEs

Topics

ai ai-collaboration anthropic anticipatory-ai artificial-intelligence claude-code

+12 more

code-analysis debugging developer-productivity developer-tools developer-tools-monorepo fair-source healthcare-ai large-language-models llm memdocs python testing

Affected surfaces

deps

Summary

AI summary

Fixed two high-severity security vulnerabilities: CVE-2026-24486 and CVE-2026-23950.

Full changelog

📚 v4.9.1 - Documentation, Security & Version Sync

This patch release updates documentation, fixes security vulnerabilities, and synchronizes version numbers. No functional changes from v4.9.0.

🔒 Security Fixes

Fixed 2 high severity vulnerabilities:

CVE-2026-24486: python-multipart Arbitrary File Write (0.0.20 → 0.0.22)
CVE-2026-23950: node-tar Race Condition on macOS APFS (updated to >= 7.5.4)

📖 Documentation Updates

README Enhancements

Updated badges: 7,168 tests (99.9% pass rate), 18x faster performance
Added comprehensive v4.9.0 "What's New" section
Documented natural language workflow routing
Updated Command Hubs with /workflows and /plan split
Modernized Quick Start examples with natural language support

Version Synchronization

Fixed version mismatch between pyproject.toml and init.py
Both now correctly report v4.9.1

✨ Features (from v4.9.0)

All v4.9.0 performance improvements are included:

Performance (18x faster combined)

Redis Two-Tier Caching: 2x faster memory operations (37,000x for cached keys)
Generator Expressions: 99.9% memory reduction across 27 optimizations
Parallel Scanning: Multi-core processing (2-4x faster)
Incremental Scanning: Git diff-based updates (10x faster)

Natural Language Workflows

Use plain English instead of workflow names:

/workflows "find security vulnerabilities"  # → security-audit
/workflows "check code performance"         # → perf-audit
/plan "review my code"                      # → code-review

Improved Navigation

Split /workflow into /workflows (automated analysis) and /plan (planning/review)
Clearer hub organization
Intelligent routing matches intent to workflow

📊 Performance Benchmarks

Combined workflow: 3.59s → 0.2s (18x faster)
Full scan: 3,472 files in 0.98s (was 3.59s)
Redis cached operations: 37ms → 0.001ms

📦 Installation

pip install --upgrade empathy-framework

🔗 Links

Security Fixes

CVE-2026-24486 — python-multipart Arbitrary File Write (updated from 0.0.20 to 0.0.22)
CVE-2026-23950 — node-tar Race Condition on macOS APFS (updated to >= 7.5.4)

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Smart-AI-Memory/empathy-framework

Get notified when new releases ship.

About Smart-AI-Memory/empathy-framework

Five-level AI collaboration system with persistent memory and anticipatory capabilities. MCP-native integration for Claude and other LLMs with local-first architecture via MemDocs.

All releases →