Memory Vault releases

Security release — fixes from the M8 CodeQL pass. No API or behavioral changes; drop-in replacement for v1.0.1.

What's fixed

| CodeQL alert | Severity | File | Fix |
|---|---|---|---|
| alert 2 + 3 py/path-injection | High | src/api/app.py | New _safe_static_path helper |
| alert 1 py/stack-trace-exposure | Medium | src/api/routers/chat.py | Generic error message |

Path traversal in SPA fallback (High). The unauthenticated SPA fallback route accepted user-controlled paths and composed them with the static directory, allowing requests like GET /../../etc/passwd to escape. Fixed via _safe_static_path using os.path.commonpath + os.path.realpath plus pre-composition rejection of empty / null-byte / leading-slash / explicit-traversal inputs. Three independent layers of defense.

Information exposure in chat stream (Medium). The inner SSE error handler in /api/chat/stream interpolated raw exception text into the response. Fixed: server-side logger.exception(...), generic client message.

Out of scope

CodeQL flagged 3 partial-SSRF findings on the llm_url field in ChatRequest. These were dismissed as architectural — Memory Vault is single-tenant self-hosted with bearer-token auth; the llm_url field is intentional operator configuration. Hardening guidance for non-default deployments (publicly exposed cloud VMs, multi-user environments) is tracked in #18 for v1.1.

Full PR with test plan: #19.

Upgrade

docker compose pull
docker compose up -d

Or pin explicitly:

docker pull ghcr.io/mihaibuilds/memory-vault:1.0.2

170 tests passing in CI.

Patch release — fixes the bundled docker-compose.yml to use the published multi-arch image instead of building from source.

What changed

• docker-compose.yml now references ghcr.io/mihaibuilds/memory-vault:1.0.1 instead of build: .
• First-run on a fresh clone is now ~30 seconds (image pull) instead of ~5 minutes (local build)
• The README's "one-command Docker" promise is now actually one command

Recommended starting point

Use v1.0.1 — it's the same code as v1.0.0 with a faster install path. If you've already cloned v1.0.0, run:

git pull
docker compose pull && docker compose up -d

Quick start (fresh clone)

git clone https://github.com/MihaiBuilds/memory-vault
cd memory-vault
cp .env.example .env
docker compose up -d

Open http://localhost:8000 and you're running.

v1.0 capabilities

Same as v1.0.0 — no functionality changes.

Memory Vault v1.0 — first stable release.

A long-term memory layer for AI assistants and the apps you build on top of them. Postgres + pgvector underneath, hybrid search on top, MCP server so Claude can read and write directly, knowledge graph without an LLM bill, local LLM chat with retrieved-source citations. Self-hosted. MIT-licensed. No API keys, no cloud, no telemetry.

What's in v1.0

• Hybrid search — pgvector HNSW + tsvector GIN, merged with Reciprocal Rank Fusion
• MCP server — recall, remember, forget, status for Claude Desktop / Claude Code
• Knowledge graph — spaCy NER + co-occurrence, no LLM cost, Cytoscape visualization
• Local LLM chat — LM Studio with a sources panel showing retrieved chunks per answer
• REST API — FastAPI, bearer auth, OpenAPI at /docs
• Memory spaces — namespacing for different contexts (work, personal, projects)
• One-command Docker — multi-arch image (linux/amd64 + linux/arm64)
• 163 tests passing in CI against a real Postgres + pgvector service container

Quick start

git clone https://github.com/MihaiBuilds/memory-vault
cd memory-vault
cp .env.example .env
docker compose up -d

Open http://localhost:8000 and you're running.

Docs

• README — quick start, MCP setup, REST API, dashboard
• ARCHITECTURE.md — schema, hybrid search internals, design decisions
• Launch blog post — the full v1.0 writeup with architectural reasoning

Known limitation

The bundled docker-compose.yml in v1.0.0 builds the image from source instead of pulling the published image. First-run is slower than the README implies. Fixed in v1.0.1 — recommended starting point.