agentmemory Files

[0.9.18] — 2026-05-17

Hardening + DX wave. Five fixes land together: lessons now flow into the auto-inject context payload (closes a half-finished loop from earlier releases — see [#381] / [#457]), the viewer drops data: from its img-src CSP by self-hosting its favicon, the filesystem watcher redacts PEM private-key blocks and standalone JWTs before transport, the mcp-standalone livez probe gets a dependency-injection seam that kills a flaky test, and the OpenAI timeout precedence is documented + tightened (strict integer parse, OPENAI_TIMEOUT_MS keeps its v0.9.17 meaning as an alias of the global AGENTMEMORY_LLM_TIMEOUT_MS). 1007/1007 tests pass.

Added

• Lessons auto-injected into mem::context payload (PR [#458], closes #457, surfaced in discussion #381). Lessons were generated + stored but only retrievable via an explicit memory_lesson_recall MCP call — agents rarely thought to invoke it, so the loop was half-done. mem::context now reads KV.lessons alongside slots + profile, ranks by (project-relevance × confidence) (project-scoped lessons get a 1.5× boost), filters tombstoned + cross-project entries, caps at top-10, and emits a ## Lessons Learned block competing fairly for the token budget. Block recency tracks the most-recent lastReinforcedAt || updatedAt, so hot lessons survive when budget tightens.

• Self-hosted viewer favicon (PR [#452], closes #447). The viewer's inline-SVG data: favicon (added in [#313]) required data: in img-src — a broader allowance than the viewer actually needed. The favicon now lives at /favicon.svg served by the viewer with Content-Type: image/svg+xml and Cache-Control: public, max-age=3600; build script copies the asset into dist/viewer/ alongside index.html. CSP reverts to bare img-src 'self'.

Changed

• OPENAI_TIMEOUT_MS is now an alias of AGENTMEMORY_LLM_TIMEOUT_MS (PR [#453], closes #446). v0.9.17 shipped OPENAI_TIMEOUT_MS as the OpenAI-scoped knob, then PR [#379] introduced the global AGENTMEMORY_LLM_TIMEOUT_MS shared across all raw-fetch providers. The OpenAI provider now resolves them in precedence order: OPENAI_TIMEOUT_MS → AGENTMEMORY_LLM_TIMEOUT_MS → 60_000ms default. v0.9.17 configs keep working unchanged; new configs should prefer the global. The provider's request also moved onto the shared fetchWithTimeout helper that owns AbortController + clearTimeout cleanup for every raw-fetch path (minimax, openrouter, gemini, embedding providers).

• Strict integer parse for timeout env vars (PR [#453], CodeRabbit catch). parsePositiveInt rejects values like "30ms", "1_000", "60s", "30abc", "-30", "0" via /^\d+$/ (after trim) instead of letting parseInt's lenience silently swallow trailing units / underscores / signs as a number. Malformed values fall back to the 60s default with no surprise truncation.

Fixed

• Filesystem watcher redacts PEM private-key blocks + standalone JWTs in previews (PR [#450], closes #448). Continues the redaction surface opened in PR [#332]. PEM blocks (-----BEGIN ... PRIVATE KEY----- through -----END ... PRIVATE KEY-----, including encrypted, RSA, EC, DSA, OpenSSH, PGP variants) get a state-machine pass that replaces the whole block with a single [REDACTED ... PRIVATE KEY] marker; standalone JWT-shaped tokens (three base64url segments separated by dots, length ≥ ~32 chars) are masked to their last 4 chars. Both run before any transport-layer write.

• mcp-standalone livez probe DI seam kills the test flake (PR [#451], closes #449). The standalone shim's livez probe used a fixed fetch against localhost:3111 which made the test suite depend on no other agentmemory instance running on the host. New setLivezProbe() injection seam lets tests provide a deterministic probe; default behaviour for production users is unchanged.

Infrastructure

• 91 test files (was 90), 1007 tests (was 992). New test/context-lessons.test.ts (8 cases) covers lessons-auto-inject inclusion, empty-state no-op, project ranking, cross-project isolation, soft-delete skip, top-10 cap, confidence rendering, optional context string append.

• Bundled the four follow-up issues filed during the v0.9.17 audit wave (#446, #447, #448, #449) plus the cross-project lesson-injection gap surfaced in discussion #381 into a single patch release — no behaviour changes for existing users beyond the hardening above.