@oomkapwn/enquire-mcp 3.9.0-rc.7 → 3.9.0-rc.8

package/CHANGELOG.md

@@ -2,6 +2,48 @@
 
 All notable changes to this project will be documented here. The format follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), and the project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [3.9.0-rc.8] — 2026-05-28
+
+> **TL;DR:** **Integrity-batch #2 from the exhaustive file-by-file audit** (every `src/` module, every doc, every workflow, every script re-read on Opus 4.8). Closes the cheap-but-real drift the audit surfaced and adds the FIRST structural defense for the "claimed-guarantee vs code-guard" class introduced in rc.7: a new **OIA Check 4d** that reads `.github/workflows/release.yml`, computes the SLSA Build Level it actually earns, and fails CI if any doc claims a higher level. Also: a bench-harness honesty fix (a 5-sample "p99" that always returned the max — relabeled `max`), determinism fix (`Date.now()` tag → stable), the privacy-test soft-skips made VISIBLE via `ctx.skip()` + a CI tripwire that fails loudly if the native deps that gate them ever go missing in CI, two stale test-title positioning claims, a benchmarks rounding drift, a biome binary/schema unification (2.4.14/2.4.15 → 2.4.16), and a stale Node placeholder in the bug template. **Docs/tests/scripts/config only — zero `src/` runtime logic changed. 926 → 927 tests (+1 CI tripwire).**
+
+**Patch — audit-driven integrity (Tier 0, batch 2).**
+
+### Fixed
+
+- **S2 — OIA Check 4d: SLSA-level code-guard (structural defense for the rc.7 #15 class).** rc.7 *corrected* the SLSA-3→L2 overclaim by hand; this rc makes the regression **structurally impossible**. New `scripts/oia-walk.mjs` Check 4d Part A statically reads `release.yml`: `earnsL3 = /slsa-framework\/slsa-github-generator/`, `doesProvenance = /npm publish[^\n]*--provenance/` → `earnedLevel = earnsL3 ? 3 : doesProvenance ? 2 : 0`. It then greps the claim surfaces (README, package.json, llms.txt, COMPARISON, STABILITY) for an L3 claim (`/\bSLSA[-\s]?3\b|…L(?:evel\s*)?3\b|levels#build-l3/i`) and fails if any claim exceeds the earned level — with a roadmap-context skip so "L3 on the roadmap" stays legal. Part B (opt-out via `--skip-network`) checks the published attestation. This is the first concrete instance of the rc.7-promised "enforcement-verb code-guard" defense.
+- **S1 — bench "p99" was always the max (honesty fix).** `scripts/bench.mjs` runs `RUNS=5` then took `quantile(samples, 0.99)`, which on 5 sorted samples is unconditionally `samples[4]` = the maximum. Reporting it as "p99" overstated tail rigor. Relabeled to `max` in the return object, the table header, and `bench/results.md` (the *values* were always the max — only the label was wrong, so no number moved).
+- **M3 — bench determinism.** The write-path micro-bench used `#new-tag-${Date.now()}`, making every run mutate a different note and defeating run-to-run comparability. Pinned to `#new-tag-stable`.
+- **T1 — privacy tests: visible skips + a CI tripwire (the silent-skip class).** `tests/cli-privacy-filters.test.ts` guarded 6 security-critical privacy assertions behind `if (!distExists() || !canRunFts5) return;` — a SILENT pass when the build or `better-sqlite3` was absent, exactly the failure mode that hides regressions. Converted all 6 to `(ctx) => { if (…) return ctx.skip(); … }` so a skip is *visible* in the reporter, and added one **CI GUARD** test that hard-asserts (when `process.env.CI`) that the dist build AND a live FTS5 query both work — so if the native-dep preconditions ever vanish in CI, the suite fails loudly instead of silently skipping the privacy coverage. The single guard transitively protects every other native-dep soft-skip (same CI preconditions). **This is the +1 test (926 → 927).**
+- **W1 — stale positioning in test titles.** `tests/github-metadata-invariant.test.ts` had two `it(...)` titles still describing the pre-v3.7.8 "Memory layer for AI agents" lead and "v3.6.3 hype keywords" — while the assertions already pinned `ABOUT_LEADS_WITH = /^The most advanced Obsidian MCP/i`. Titles realigned to what the code actually checks (α-class TSDoc-drift sibling, but in test descriptions).
+- **S4 — benchmarks rounding drift.** `docs/benchmarks.md` line 30 said "+25 MRR / +16 NDCG@10" (rounded) while every other surface uses the precise measured "+24.7 MRR / +15.5 NDCG@10". Unified to the precise figures.
+- **C1 — biome binary/schema unification.** Installed binary was 2.4.14, `biome.json` `$schema` pinned 2.4.15, `package.json` devDep `^2.4.15`. Bumped all three to **2.4.16** (latest). Clean bump — `lint:fix` reformatted one long line I'd added to `oia-walk.mjs`; zero new rule violations.
+- **bug_report.yml Node placeholder.** `.github/ISSUE_TEMPLATE/bug_report.yml` example was `v20.11.0`, below the `engines.node >= 22.13.0` floor — a reporter copying it would file an unsupported version. → `v22.13.0`.
+
+### Why these are batched
+
+All nine are state-driven findings from re-reading the repo file-by-file (the methodology gap CLAUDE.md documents: change-driven sweeps miss files not actively edited). None touch `src/` runtime behavior — they harden the *audit apparatus* (S2), *measurement honesty* (S1/M3/S4), *test visibility* (T1/W1), and *toolchain/template hygiene* (C1/bug_report). Higher-risk items stay sequenced per plan: **#16 OCR offline enforcement → rc.9; H1 watcher per-file serialization → rc.10.**
+
+### Files changed
+
+- `scripts/oia-walk.mjs` — Check 4d SLSA-level guard (Part A static + Part B network) + honest header enumeration of all 8 checks / 11 blocks.
+- `scripts/bench.mjs` — `p99`→`max` (return obj + header); `Date.now()` tag → `#new-tag-stable`.
+- `bench/results.md` — `p50 / p99` → `p50 / max` column label.
+- `tests/cli-privacy-filters.test.ts` — 6 soft-skips → `ctx.skip()`; +1 CI GUARD tripwire.
+- `tests/github-metadata-invariant.test.ts` — 2 stale test titles realigned to assertions.
+- `docs/benchmarks.md` — +25/+16 → +24.7/+15.5.
+- `biome.json` + `package.json` — biome 2.4.15 → 2.4.16.
+- `.github/ISSUE_TEMPLATE/bug_report.yml` — Node placeholder v20.11.0 → v22.13.0.
+- `ROADMAP.md` — re-sequenced #16 OCR offline (rc.8 → rc.9) + Tier 1 watcher/H1 (rc.9 → rc.10) since rc.8 became the integrity-batch; noted Check 4d as partial progress on the structural drift-class item.
+- `README.md`, `docs/COMPARISON.md`, `llms.txt`, `AGENTS.md`, `package.json` — test count 926 → 927.
+- version bump 3.9.0-rc.7 → 3.9.0-rc.8 (7 surfaces).
+
+### Stats
+
+- **927 unit tests** (+1 CI tripwire) — all passing.
+- Lint clean (biome 2.4.16, 0 warnings). `tsc` strict clean. OIA clean (8 checks incl. new 4d). scope-completeness clean.
+
+---
+
 ## [3.9.0-rc.7] — 2026-05-25
 
 > **TL;DR:** **Tier 0 integrity batch from a full project audit** (deep code audit of all 31 src/ modules + docs/workflows/config audit + competitive survey of the Obsidian-MCP / AI-memory / RAG-MCP landscapes). Fixes the two brand-critical overclaims the audit surfaced — **#15 SLSA-3** (badge linked to the slsa.dev **L3** spec + 8+ surfaces claimed "SLSA-3", but `release.yml` only runs `npm publish --provenance` = SLSA Build **L2**) and corrects pervasive version/RC drift + an undersold reranker number. Adds a public **ROADMAP.md**, gitignores the stray `false/` npm-cache tree, adds `CITATION.cff` version field, and documents a new overclaim anti-pattern (the "claimed-guarantee vs code-guard" class behind #15 + #16). **Docs/config-only; 926 tests unchanged. The OCR-offline-enforcement overclaim (#16, "implement" decision) ships in rc.8; the watcher live-update race (H1) in rc.9.**

package/README.md

@@ -13,7 +13,7 @@
 [![CI](https://github.com/oomkapwn/enquire-mcp/actions/workflows/ci.yml/badge.svg)](https://github.com/oomkapwn/enquire-mcp/actions/workflows/ci.yml)
 [![npm](https://img.shields.io/npm/v/@oomkapwn/enquire-mcp.svg?label=npm&color=cb3837)](https://www.npmjs.com/package/@oomkapwn/enquire-mcp)
 [![downloads](https://img.shields.io/npm/dm/@oomkapwn/enquire-mcp.svg?color=cb3837)](https://www.npmjs.com/package/@oomkapwn/enquire-mcp)
-[![tests](https://img.shields.io/badge/tests-926%20passing-brightgreen.svg)](#trust)
+[![tests](https://img.shields.io/badge/tests-927%20passing-brightgreen.svg)](#trust)
 [![stable](https://img.shields.io/badge/v3.8.x-stable-brightgreen.svg)](./STABILITY.md)
 [![build provenance](https://img.shields.io/badge/build_provenance-SLSA_L2-blue.svg)](https://slsa.dev/spec/v1.0/levels#build-l2)
 [![MCP](https://img.shields.io/badge/MCP-1.29-8A2BE2.svg)](https://modelcontextprotocol.io/)
@@ -38,7 +38,7 @@ Your Obsidian vault becomes **persistent, queryable long-term memory** for any M
 > 2. **Best-in-class retrieval.** Hybrid BM25 + multilingual embeddings + BGE cross-encoder reranker fused via RRF, scaled with HNSW + int8 quantization. The same IR stack a search startup would build — open-sourced, in one binary.
 > 3. **Zero cloud calls during serve.** Models cached locally (one-time download from HuggingFace). Your vault content never leaves your machine. Air-gap-safe by default.
 
-**44 tools · 19 MCP prompts · 926 unit tests · 50+ languages · v3.8.x stable · semver-bound · MIT · npm build provenance (SLSA L2).**
+**44 tools · 19 MCP prompts · 927 unit tests · 50+ languages · v3.8.x stable · semver-bound · MIT · npm build provenance (SLSA L2).**
 
 ---
 
@@ -176,7 +176,7 @@ Auto-generated **[API reference at oomkapwn.github.io/enquire-mcp](https://oomka
 | **GraphRAG-light** (wikilink community detection via Louvain modularity) | ✅ **only here** | ❌ | ❌ |
 | **Standalone `.base` query execution** (works without Obsidian running) | ✅ **only here** | ❌ | ❌ delegates to Obsidian |
 | **HyDE retrieval** (Gao et al 2023) + sub-question decomposition | ✅ **only here** | ❌ | ❌ |
-| **926 unit tests · 9 required + 4 advisory CI gates per PR** | ✅ | n/a | rare |
+| **927 unit tests · 9 required + 4 advisory CI gates per PR** | ✅ | n/a | rare |
 | **Signed build provenance** (npm + Sigstore, SLSA Build L2) | ✅ | n/a | ❌ |
 | **Semver-bound public surface** ([STABILITY.md](./STABILITY.md)) | ✅ | n/a | ❌ |
 | Standalone (no Obsidian plugin needed) | ✅ | ❌ requires Obsidian | varies |
@@ -184,7 +184,7 @@ Auto-generated **[API reference at oomkapwn.github.io/enquire-mcp](https://oomka
 
 <sub>Comparison based on each project's public capabilities as of v3.8.x stable (initial snapshot v3.7.0 / 2026-05-15; refreshed in v3.8.4). Smart Connections is a paid Obsidian plugin (not an MCP server). "Other Obsidian-MCPs" refers to public open-source Obsidian-MCP servers on GitHub at time of writing. Public end-to-end retrieval benchmarks for enquire-mcp are published in <a href="./docs/benchmarks.md"><code>docs/benchmarks.md</code></a> — measured `rerank-bge` delta is +24.7 MRR / +15.5 NDCG@10 over plain hybrid on a 60-query ablation.</sub>
 
-> Strategic claim: enquire-mcp is the open-source backend for [Karpathy-style LLM Wikis](https://gist.github.com/karpathy/442a6bf555914926e9891c11519de94f) on top of your existing Obsidian vault. Knowledge that compounds, traceable to sources.
+> Strategic claim: enquire-mcp is the open-source backend for [Karpathy-style LLM Wikis](https://gist.github.com/karpathy/442a6bf555914927e9891c11519de94f) on top of your existing Obsidian vault. Knowledge that compounds, traceable to sources.
 
 ---
 
@@ -286,7 +286,7 @@ Channel: `npm install @oomkapwn/enquire-mcp` → latest stable (`@latest` = v3.8
 ```bash
 git clone https://github.com/oomkapwn/enquire-mcp.git
 cd enquire-mcp && npm install
-npm test       # full suite (926 tests, ~5s)
+npm test       # full suite (927 tests, ~5s)
 npm run lint   # zero warnings
 npm run build  # tsc → dist/
 ```

package/dist/index.d.ts

@@ -7,7 +7,7 @@
  * + `McpServer({version})`) and `src/tool-registry.ts` (used in the
  * `vault-info` resource payload).
  */
-export declare const VERSION = "3.9.0-rc.7";
+export declare const VERSION = "3.9.0-rc.8";
 export { main } from "./cli.js";
 export { buildEmbedText, buildMcpServer, formatReadyBanner, prepareServerDeps, type ServeOptions, type ServerDeps, startServer } from "./server.js";
 export { parsePositiveInt, parseQuantizationMode } from "./tool-registry.js";

package/dist/index.js

@@ -40,7 +40,7 @@ import { main } from "./cli.js";
  * + `McpServer({version})`) and `src/tool-registry.ts` (used in the
  * `vault-info` resource payload).
  */
-export const VERSION = "3.9.0-rc.7";
+export const VERSION = "3.9.0-rc.8";
 // Re-exports — preserve the v3.5.x public surface so http-transport.ts and
 // tests don't need to know about the new module layout. The set below
 // exactly matches the v3.5.x `export` declarations: `main`,

package/docs/COMPARISON.md

@@ -43,7 +43,7 @@ The four axes the external audit (#3, 2026-05) called out as decisive — **REST
 | Read open editor state, active note, etc.     | **No**              | **Yes**          | Limited          | No               | No               |
 | Zero outbound network calls in serve mode     | **Yes** (default)   | Local-only (REST)| Local-only (REST)| Yes              | Yes              |
 | Signed build provenance on releases (SLSA L2) | **Yes**             | No               | No               | No               | No               |
-| Test count (public)                           | **926**             | (varies)         | (varies)         | (varies)         | (varies)         |
+| Test count (public)                           | **927**             | (varies)         | (varies)         | (varies)         | (varies)         |
 | Tool count                                    | 44                  | ~25              | ~8               | ~10              | 3–5              |
 | MCP prompt count                              | 19                  | 0                | 0                | 0                | 0                |
 | License                                       | MIT                 | Apache-2.0       | MIT              | MIT              | (varies)         |

package/docs/benchmarks.md

@@ -27,7 +27,7 @@ reproducible from this repository — there are no hand-edited numbers.** Run
 **Headline takeaways:**
 
 - The cross-encoder reranker is the single biggest top-K-precision win:
-  **+25 MRR points** and **+16 NDCG@10 points** vs. plain hybrid RRF — at a
+  **+24.7 MRR points** and **+15.5 NDCG@10 points** vs. plain hybrid RRF — at a
   ~290 ms latency cost per query on M-series CPU.
 - Hybrid retrieval maximizes **recall** (every relevant note is somewhere
   in the top-10 96 % of the time) but base RRF without a reranker has weak

package/package.json

@@ -1,9 +1,9 @@
 {
   "$schema": "https://json.schemastore.org/package.json",
   "name": "@oomkapwn/enquire-mcp",
-  "version": "3.9.0-rc.7",
+  "version": "3.9.0-rc.8",
   "mcpName": "io.github.oomkapwn/enquire-mcp",
-  "description": "MCP server giving AI agents (Claude Code, Claude Desktop, Cursor, ChatGPT, Codex, OpenClaw) persistent long-term memory backed by your local Obsidian markdown vault. Hybrid retrieval (BM25 + ML embeddings + BGE reranker, RRF-fused), HNSW + int8 quantization, agentic RAG (HyDE + sub-question decomposition), GraphRAG-light (Louvain), standalone Obsidian Bases, PDFs + Tesseract OCR. Vendor-neutral memory layer for any MCP-compatible agent. 44 tools, 19 MCP prompts, 926 tests, signed npm build provenance (SLSA L2), semver-bound, MIT, zero cloud calls during serve.",
+  "description": "MCP server giving AI agents (Claude Code, Claude Desktop, Cursor, ChatGPT, Codex, OpenClaw) persistent long-term memory backed by your local Obsidian markdown vault. Hybrid retrieval (BM25 + ML embeddings + BGE reranker, RRF-fused), HNSW + int8 quantization, agentic RAG (HyDE + sub-question decomposition), GraphRAG-light (Louvain), standalone Obsidian Bases, PDFs + Tesseract OCR. Vendor-neutral memory layer for any MCP-compatible agent. 44 tools, 19 MCP prompts, 927 tests, signed npm build provenance (SLSA L2), semver-bound, MIT, zero cloud calls during serve.",
   "type": "module",
   "bin": {
     "enquire-mcp": "dist/index.js"
@@ -183,7 +183,7 @@
     "zod": "^4.4.3"
   },
   "devDependencies": {
-    "@biomejs/biome": "^2.4.15",
+    "@biomejs/biome": "^2.4.16",
     "@huggingface/transformers": "^4.2.0",
     "@types/better-sqlite3": "^7.6.13",
     "@types/node": "^25.6.2",