v0.14.1 - Governance and Retrieval Hardening

Agent Memory Bridge 0.14.1 hardens the 0.14 governed learning-candidate release and lays the Retrieval v2 foundation for safer BM25 + optional local semantic sidecars.

Thesis

0.14.1 = the 0.14 learning-candidate boundary made safer, while retrieval becomes inspectable, repairable, and ready for opt-in local embeddings without changing the 10-tool MCP surface.

What Changed

• Normalized empty optional text fields from static-schema MCP clients at the server and storage boundaries.
• Allowed durable kind="memory" writes to tolerate placeholder empty expires_at while keeping direct ttl_seconds misuse strict.
• Normalized empty claim_signal filters so placeholder signal_id, tags_any, or correlation_id values do not accidentally block eligible pending signals.
• Hardened schema migrations against SQL identifier injection by validating table and column identifiers before PRAGMA table_info(...).
• Made ensure_column(...) tolerate duplicate-column races from concurrent migration attempts.
• Added SQLite PRAGMA busy_timeout=5000 on bridge connections.
• Wrapped FTS table rebuild in a savepoint and added a concurrency smoke regression.
• Added an indexed is_learning_candidate visibility column and legacy backfill so learning-candidate suppression is exact and no longer depends on broad string scans.
• Blocked direct promote(...) on learning-candidate records and conservative forged record_type: learning-candidate content.
• Added MCP-boundary regressions for static-schema store, claim_signal, recall, and export behavior.
• Added a derived memory_embeddings sidecar table for optional semantic retrieval while keeping memories as the source of truth.
• Added lexical, semantic, and hybrid retrieval modes, with lexical still the default.
• Added a deterministic local hash embedding provider for safe shadow tests and an optional trusted command provider for local embedding gateways.
• Added index-health and index-rebuild CLI commands for FTS5 and embedding sidecar drift checks.
• Added hybrid retrieval benchmark reporting that keeps the canonical benchmark lexical-only and writes semantic/hybrid evidence to a separate snapshot.
• Documented the embedding command trust boundary and clarified that FTS/embedding indexes are derived caches, not durable authority.

Evidence

Current release snapshot:

• pytest: 261 passed
• canonical lexical benchmark: question_count = 11, memory_expected_top1_accuracy = 1.0, memory_mrr = 1.0, file_scan_expected_top1_accuracy = 0.636
• hybrid shadow benchmark: semantic_expected_top1_accuracy = 0.455, hybrid_expected_top1_accuracy = 1.0, hybrid_degraded_relevant_rank_count = 0
• live copied-index proof: FTS and embedding rebuilds preserved 2148 memories rows and the authoritative memory-row digest
• targeted hardening subset: 59 targeted checks passed in tests/test_v0141_hardening.py, tests/test_storage.py, and tests/test_learning_candidates.py
• release contract: passed
• public surface contract: passed
• onboarding contract: passed
• pip check: passed
• public MCP tools: 10

Boundaries

The public MCP surface remains unchanged at 10 tools:

• store, recall, browse, stats
• forget, promote, export
• claim_signal, extend_signal_lease, ack_signal

This release does not turn AMB into a scheduler, distributed lock service, hosted backend, or automatic durable writeback path. The FTS startup regression is a smoke-level concurrency check, not a proof of all multi-process lock interleavings.

Semantic and hybrid retrieval remain opt-in. The bundled hash provider is a deterministic local regression tool, not a claim of broad embedding quality. Command embeddings are trusted local code and receive memory text; they should be enabled only with reviewed local commands.