@oomkapwn/enquire-mcp 3.10.0-rc.2 → 3.10.0-rc.3

package/CHANGELOG.md

@@ -2,6 +2,35 @@
 
 All notable changes to this project will be documented here. The format follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), and the project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [3.10.0-rc.3] — 2026-06-02
+
+> **TL;DR:** **Gate-gap closure — two structural defenses, zero `src/` runtime change.** A post-rc.2 self-audit caught two places where the apparatus was weaker than CLAUDE.md implies. **(1) smoke-from-manifest:** `scripts/smoke.mjs` hardcoded the expected read-tool set + count, so every new tool (rc.2's `obsidian_stale_notes` among them) silently broke smoke until hand-patched — a hidden coupling the `smoke` CI gate masked as a real failure. It now **derives the expected set from `TOOL_MANIFEST`** (single source of truth), so adding a tool never requires editing smoke again. **(2) enforcement-guard taxonomy:** the META-audit's #3 uncovered behavioral dimension (the **#15/#16 "claimed-guarantee vs code-guard" overclaim class**) had only two surface-specific verifiers (OIA 4d for SLSA, 4e for OCR-offline). New `tests/enforcement-guard-invariant.test.ts` is the **generalized** defense: a curated 10-entry inventory mapping each `SECURITY.md` enforcement claim → the exact code-guard symbol that backs it, failing CI if either the marker or the guard goes missing. **1056 → 1059 tests.**
+
+**Minor (pre-release) — v3.10 line; gate-gap / structural-defense increment.**
+
+### Added
+
+- **`tests/enforcement-guard-invariant.test.ts`** (+3 source `it()`) — the generalized enforcement-verb→code-guard taxonomy (closes the last open Tier-0 item: "a GENERALIZED enforcement-verb grep beyond the SLSA/OCR specifics"). A curated `GUARANTEES` manifest pins 10 `SECURITY.md` claims to their backing symbols (`resolveSafePath`, `assertOcrLangsInstalled`, `cacheMethod`, `MAX_OCR_CANVAS_DIM`, `DEFAULT_OCR_MAX_PAGES`, `0o600`, `0o700`, `SAFE_SCHEMA`, `sweepIdle`, `Allow-Credentials`); `checkGuarantee()` fails if the claim's marker is absent from SECURITY.md **or** the guard symbol is absent from `src/`. 1 positive + 2 NEGATIVE controls (missing guard symbol; missing SECURITY.md marker). This is the inventory-based form of the #15/#16 class — the META-audit's prescription: convert "did we remember to back claim X with a guard?" into a self-checking gate.
+
+### Changed
+
+- **`scripts/smoke.mjs`** — the expected read-tool set + count are now **derived from `TOOL_MANIFEST`** (`gating === "always" || "--diagnostic-search-tools" || (withFts && includes("--persistent-index"))`) instead of a hardcoded `baseTools` array + `expectedCount`. Closes the rc.2 gate-gap where a new tool broke `smoke` until the spec was hand-edited; the smoke gate now self-updates with the manifest. Two checks: derived-count match + exact name-set match (`JSON.stringify` equality against the sorted derived set).
+
+### Method note
+
+Both fixes are the same shape as the rc.36 meta-audit conclusion — **the apparatus is drift/claim-driven and was blind to two structural gaps**: (1) a test-fixture that duplicated a single source of truth (smoke's tool list vs `TOOL_MANIFEST`) and silently required manual sync, and (2) a claim-class (#15/#16 enforced-guarantee) that had only point defenses, not an inventory invariant. Per the rule "when an external lens finds a behavioral bug, internalize THAT LENS as an inventory invariant," the enforcement-guard test generalizes the two surface-specific OIA checks into one extensible manifest. **Zero `src/` runtime change** — scripts + tests only. **Deferred to rc.4:** plumb `age_days`/`stale` into the hybrid `SearchHybridHit` (the primary search surface — needs a path→mtime map across the multi-stage RRF fusion incl. `path#chunk-N` rows).
+
+### Tests (1059)
+
+`tests/enforcement-guard-invariant.test.ts` +3 source `it()`. 1056 → 1059; claims synced (README ×4 incl. tests badge, package.json, llms.txt, AGENTS, COMPARISON, ROADMAP). `scripts/smoke.mjs` is a script (no `it()`), so the smoke refactor does not change the count.
+
+### Files changed
+
+- `scripts/smoke.mjs` (derive from `TOOL_MANIFEST`), `tests/enforcement-guard-invariant.test.ts` (new), test-count claims → 1059.
+- version bump 3.10.0-rc.2 → 3.10.0-rc.3.
+
+---
+
 ## [3.10.0-rc.2] — 2026-06-01
 
 > **TL;DR:** **v3.10 staleness increment 2 — the `obsidian_stale_notes` tool (the flagship forgetting-aware capability).** A new always-on read tool (the **45th** tool): "what's gone stale in my vault?" — lists notes not edited in N days (default 365), oldest first, so an agent can proactively flag or refresh aged facts instead of recalling them as if current (the Memora frontier). Cheap **mtime-only** scan (`vault.listMarkdown()` + rc.1's `computeStaleness` — NO `readNote`, so it's not a whole-vault content scan and isn't a resource-bound scanner). Self-contained — zero change to the critical search path. The tool-count cascade (44 → 45, always-on read 33 → 34) is fully gate-verified by `docs-consistency` against `TOOL_MANIFEST`. **1050 → 1056 tests.**

package/README.md

@@ -13,7 +13,7 @@
 [![CI](https://github.com/oomkapwn/enquire-mcp/actions/workflows/ci.yml/badge.svg)](https://github.com/oomkapwn/enquire-mcp/actions/workflows/ci.yml)
 [![npm](https://img.shields.io/npm/v/@oomkapwn/enquire-mcp.svg?label=npm&color=cb3837)](https://www.npmjs.com/package/@oomkapwn/enquire-mcp)
 [![downloads](https://img.shields.io/npm/dm/@oomkapwn/enquire-mcp.svg?color=cb3837)](https://www.npmjs.com/package/@oomkapwn/enquire-mcp)
-[![tests](https://img.shields.io/badge/tests-1056%20passing-brightgreen.svg)](#trust)
+[![tests](https://img.shields.io/badge/tests-1059%20passing-brightgreen.svg)](#trust)
 [![stable](https://img.shields.io/badge/v3.9.x-stable-brightgreen.svg)](./STABILITY.md)
 [![build provenance](https://img.shields.io/badge/build_provenance-SLSA_L2-blue.svg)](https://slsa.dev/spec/v1.0/levels#build-l2)
 [![MCP](https://img.shields.io/badge/MCP-1.29-8A2BE2.svg)](https://modelcontextprotocol.io/)
@@ -46,7 +46,7 @@ Your Obsidian vault becomes **persistent, queryable long-term memory** for any M
 > 2. **Best-in-class retrieval.** Hybrid BM25 + multilingual embeddings + BGE cross-encoder reranker fused via RRF, scaled with HNSW + int8 quantization. The same IR stack a search startup would build — open-sourced, in one binary.
 > 3. **Zero cloud calls during serve.** Models cached locally (one-time download from HuggingFace). Your vault content never leaves your machine. Air-gap-safe by default.
 
-**45 tools · 19 MCP prompts · 1056 unit tests · 50+ languages · v3.9.x stable · semver-bound · MIT · npm build provenance (SLSA L2).**
+**45 tools · 19 MCP prompts · 1059 unit tests · 50+ languages · v3.9.x stable · semver-bound · MIT · npm build provenance (SLSA L2).**
 
 ---
 
@@ -184,7 +184,7 @@ Auto-generated **[API reference at oomkapwn.github.io/enquire-mcp](https://oomka
 | **GraphRAG-light** (wikilink community detection via Louvain modularity) | ✅ **only here** | ❌ | ❌ |
 | **Standalone `.base` query execution** (works without Obsidian running) | ✅ **only here** | ❌ | ❌ delegates to Obsidian |
 | **HyDE retrieval** (Gao et al 2023) + sub-question decomposition | ✅ **only here** | ❌ | ❌ |
-| **1056 unit tests · 9 required + 4 advisory CI gates per PR** | ✅ | n/a | rare |
+| **1059 unit tests · 9 required + 4 advisory CI gates per PR** | ✅ | n/a | rare |
 | **Signed build provenance** (npm + Sigstore, SLSA Build L2) | ✅ | n/a | ❌ |
 | **Semver-bound public surface** ([STABILITY.md](./STABILITY.md)) | ✅ | n/a | ❌ |
 | Standalone (no Obsidian plugin needed) | ✅ | ❌ requires Obsidian | varies |
@@ -294,7 +294,7 @@ Channel: `npm install @oomkapwn/enquire-mcp` → latest stable (`@latest` = v3.9
 ```bash
 git clone https://github.com/oomkapwn/enquire-mcp.git
 cd enquire-mcp && npm install
-npm test       # full suite (1056 tests, ~12s)
+npm test       # full suite (1059 tests, ~12s)
 npm run lint   # zero warnings
 npm run build  # tsc → dist/
 ```

package/dist/index.d.ts

@@ -7,7 +7,7 @@
  * + `McpServer({version})`) and `src/tool-registry.ts` (used in the
  * `vault-info` resource payload).
  */
-export declare const VERSION = "3.10.0-rc.2";
+export declare const VERSION = "3.10.0-rc.3";
 export { main } from "./cli.js";
 export { buildEmbedText, buildMcpServer, formatReadyBanner, prepareServerDeps, type ServeOptions, type ServerDeps, startServer } from "./server.js";
 export { parsePositiveInt, parseQuantizationMode } from "./tool-registry.js";

package/dist/index.js

@@ -40,7 +40,7 @@ import { main } from "./cli.js";
  * + `McpServer({version})`) and `src/tool-registry.ts` (used in the
  * `vault-info` resource payload).
  */
-export const VERSION = "3.10.0-rc.2";
+export const VERSION = "3.10.0-rc.3";
 // Re-exports — preserve the v3.5.x public surface so http-transport.ts and
 // tests don't need to know about the new module layout. The set below
 // exactly matches the v3.5.x `export` declarations: `main`,

package/docs/COMPARISON.md

@@ -43,7 +43,7 @@ The four axes the external audit (#3, 2026-05) called out as decisive — **REST
 | Read open editor state, active note, etc.     | **No**              | **Yes**          | Limited          | No               | No               |
 | Zero outbound network calls in serve mode     | **Yes** (default)   | Local-only (REST)| Local-only (REST)| Yes              | Yes              |
 | Signed build provenance on releases (SLSA L2) | **Yes**             | No               | No               | No               | No               |
-| Test count (public)                           | **1056**             | (varies)         | (varies)         | (varies)         | (varies)         |
+| Test count (public)                           | **1059**             | (varies)         | (varies)         | (varies)         | (varies)         |
 | Tool count                                    | 44                  | ~25              | ~8               | ~10              | 3–5              |
 | MCP prompt count                              | 19                  | 0                | 0                | 0                | 0                |
 | License                                       | MIT                 | Apache-2.0       | MIT              | MIT              | (varies)         |

package/package.json

@@ -1,9 +1,9 @@
 {
   "$schema": "https://json.schemastore.org/package.json",
   "name": "@oomkapwn/enquire-mcp",
-  "version": "3.10.0-rc.2",
+  "version": "3.10.0-rc.3",
   "mcpName": "io.github.oomkapwn/enquire-mcp",
-  "description": "MCP server giving AI agents (Claude Code, Claude Desktop, Cursor, ChatGPT, Codex, OpenClaw) persistent long-term memory backed by your local Obsidian markdown vault. Hybrid retrieval (BM25 + ML embeddings + BGE reranker, RRF-fused), HNSW + int8 quantization, agentic RAG (HyDE + sub-question decomposition), GraphRAG-light (Louvain), standalone Obsidian Bases, PDFs + Tesseract OCR. Vendor-neutral memory layer for any MCP-compatible agent. 45 tools, 19 MCP prompts, 1056 tests, signed npm build provenance (SLSA L2), semver-bound, MIT, zero cloud calls during serve.",
+  "description": "MCP server giving AI agents (Claude Code, Claude Desktop, Cursor, ChatGPT, Codex, OpenClaw) persistent long-term memory backed by your local Obsidian markdown vault. Hybrid retrieval (BM25 + ML embeddings + BGE reranker, RRF-fused), HNSW + int8 quantization, agentic RAG (HyDE + sub-question decomposition), GraphRAG-light (Louvain), standalone Obsidian Bases, PDFs + Tesseract OCR. Vendor-neutral memory layer for any MCP-compatible agent. 45 tools, 19 MCP prompts, 1059 tests, signed npm build provenance (SLSA L2), semver-bound, MIT, zero cloud calls during serve.",
   "type": "module",
   "bin": {
     "enquire-mcp": "dist/index.js"