The current release. v0.6.3 shipped the three-pillar grand slam — hierarchy, knowledge graph, performance budgets. v0.6.3.1 (Patch 1) ships 16 PRs resolving issue #487: cold-start AI sessions auto-load memory context. Schema v19, seven new CLI surfaces, 17 documented integrations.
Patch 1 closes issue #487 — every AI session now starts memory-aware. 16 PRs land seven new CLI surfaces, the v15→v19 schema ladder, and the integration matrix that gets ai-memory into Claude / Cursor / Codex / Cline / Continue / Windsurf / OpenClaw / Aider / Gemini / Cody and 7 more — all with one command.
ok / info-fallback / info-empty / warn) — never silent. text / json / toon output.claude-code, openclaw, cursor, cline, continue, windsurf. Idempotent marker block, --dry-run default with unified-diff, --apply opt-in, --uninstall round-trip.SystemFlag / SystemEnv / MessageFile / Auto. Same binary on macOS / Linux / Windows / Docker / Kubernetes.tail / cat / archive / purge with --since / --until / --level / --namespace / --actor filters. Default-OFF (privacy).0 on integrity, 2 on tamper detection. Append-only at the OS level (chattr +a / fs_chflags UF_APPEND).0/1/2.0.6.3+patch.1 (SemVer build metadata; crates.io rejects 4-segment versions).cargo llvm-cov --features sal --no-fail-fast --fail-under-lines 93.db field does not expand ~ to $HOME. Workaround: use absolute path. Fix scheduled for v0.6.3.2. CLI flag --db already expands correctly.brew install ai-memory && ai-memory install claude-code --apply
Restart Claude Code. Every fresh session now starts memory-aware. Run ai-memory boot from any shell to see the diagnostic manifest. For other agents, see the per-host recipes in docs/integrations/.
The v0.6.3 GA was scoped as six work-streams, each independently shippable but compounding when released together. All six landed; campaign closed at 93.08% line coverage / 1,809 tests. v0.6.3.1 (Patch 1, see above) builds on this baseline, raising coverage to 93.84% and adding the seven CLI surfaces.
/-delimited tree paths. Recall walks ancestors. memory_get_taxonomy returns the full tree with per-node memory counts.ai-memory bench subcommand with canonical workload + p50/p95/p99 reporting. --baseline regression detection.After streams A-F shipped for v0.6.3, a parallel-agent coverage campaign drove ai-memory from 56.7% line coverage to 93.08% across nine waves. 26 closers in total. ~1,200 net new tests. Two production SSRF defects discovered + fixed during the work. v0.6.3.1 added 281 net new lib tests on top of this baseline (final: 1,886 lib + 49+ integration), raising line coverage to 93.84%.
Closer L10b was tasked with adding SSRF tests to subscriptions::validate_url_dns. The tests revealed two production defects. Both were fixed in commit 9eeb453 before the rc1 tag — un-ignored tests pass cleanly.
Both defects allowed webhook URLs to bypass the SSRF guard and hit internal addresses. Severity: Medium. Discovered during routine test-coverage work; fixed before tag.
http://[fe80::1]/ produced resolv_target = "[fe80::1]" (no port). to_socket_addrs() errored "invalid port value" and the production DNS-failure fallback returned Ok(()) — letting link-local IPv6 through.
FIXED · 9eeb453
is_private() didn't check is_unspecified(), so attacker-controlled hostnames resolving to 0.0.0.0 hit the local box (most kernels route 0.0.0.0 to localhost listeners).
FIXED · 9eeb453
// is_private — DEFECT-2 path
fn is_private(ip: IpAddr) -> bool {
match ip {
IpAddr::V4(v4) => {
v4.is_private() ||
v4.is_link_local() ||
v4.is_multicast() ||
v4.is_broadcast()
// ← missing is_unspecified()
}
IpAddr::V6(v6) => {
let segs = v6.segments();
v6.is_multicast()
// ← missing is_unspecified()
|| (segs[0] & 0xfe00) == 0xfc00
|| (segs[0] & 0xffc0) == 0xfe80
}
}
}
fn is_private(ip: IpAddr) -> bool {
match ip {
IpAddr::V4(v4) => {
v4.is_private() ||
v4.is_link_local() ||
v4.is_multicast() ||
v4.is_broadcast() ||
v4.is_unspecified() // ← FIX
}
IpAddr::V6(v6) => {
let segs = v6.segments();
v6.is_multicast() ||
v6.is_unspecified() // ← FIX
|| (segs[0] & 0xfe00) == 0xfc00
|| (segs[0] & 0xffc0) == 0xfe80
}
}
}
The SSRF fixes shipped with rc1. Both #[ignore] tests are un-ignored and passing. Zero ignored tests in the v0.6.3 1,809-test baseline; the v0.6.3.1 suite stands at 1,886 lib + 49+ integration tests, also zero ignored.
v0.6.3.1 numbers are from the release notes (published 2026-04-30). v0.6.3 GA baseline numbers are from the W12 consolidated coverage measurement and remain frozen on the evidence page. Hardware: Apple M4 / 32 GB / NVMe SSD.
SQLite migration is idempotent. The schema ladder v15→v17→v18→v19 runs automatically at first daemon start. Existing flat namespaces become single-segment hierarchical paths losslessly. Postgres backend has a manual procedure documented in MIGRATION-v0.6.3-to-v0.6.3.1.md.
migrations/sqlite/0010_v063_hierarchy_kg.sql (v15: KG temporal-validity columns + entity_aliases)migrations/sqlite/0012_governance_inherit.sql (v17: governance.inherit backfill)migrations/sqlite/0011_v0631_data_integrity.sql (v18: embedding_dim guard + archive lossless)migrations/sqlite/0013_webhook_event_types.sql (v19: subscriptions.event_types column + index)schema_version to 19Known issue (#507): if your ~/.config/ai-memory/config.toml has a tilde-prefixed db path (db = "~/..."), CLI subcommands can't expand it; the MCP server is unaffected. Workaround: switch to an absolute path until v0.6.3.2.
db field tilde-expansion. CLI flag --db already expands; only the config-file path is affected. Tracked at #507. Not blocking the v0.6.3.1 ship-gate.memory_reflection capabilities theater (planned-vs-shipped honesty).See at-a-glance.html roadmap or the public ROADMAP.md.