ukkit/memcord

v2.4.2 Breaking

This release includes breaking changes for platform teams planning a safe upgrade.

Published 3mo MCP Data & Storage

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

ai-assistant ai-memory antigravity chat-history claude-desktop conversation-management

+11 more

developer-tools google-antigravity local-storage mcp-server memory-management memory-slots model-context-protocol model-context-protocol-server privacy-first privacy-focused python

Affected surfaces

rce_ssrf

Summary

AI summary

Fixed .memcord detection to use MCP client roots and improved file URI handling across platforms.

Full changelog

Fixed .memcord detection to use MCP client roots instead of server cwd
Proper file URI parsing with percent-decoding (spaces, special chars in paths)
Cross-platform URI-to-path conversion using urllib.parse (Windows & POSIX)
Slot name validation on .memcord files (rejects path traversal, injection chars)
Multiline .memcord files now read only the first line
Space-to-underscore normalization consistent across all detection paths
Removed debug logging left in _handle_memname handler
Replaced asyncio.iscoroutine with inspect.iscoroutinefunction for robust async detection
Added 25 new tests for URI parsing, roots detection, and edge cases

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track ukkit/memcord

Get notified when new releases ship.

About ukkit/memcord

A MCP server that keeps your chat history organized and searchable—with AI-powered summaries, secure memory, and full control.

All releases →

ukkit/memcord

Summary

Related context

Related tools