ltcai 3.4.1 → 3.6.0

package/README.md

@@ -3,11 +3,11 @@
 
   # Lattice AI
 
-  **Lattice AI v3 — Local-First AI Workspace Platform.**
+  **A local-first Digital Brain Platform. Your Knowledge Graph is the durable asset; models just read it.**
 
-  Work across Personal and Organization workspaces with Knowledge Graph,
-  Vector Index, Hybrid Search, Native Chat, agents, files, models, and
-  Basic / Advanced / Admin modes.
+  Every source — files, folders, web pages, browser tabs — converges into one
+  Knowledge Graph on your own machine. Connect models, agents, and search to that
+  graph instead of placing your work inside any single model.
 </div>
 
 <div align="center">
@@ -23,7 +23,107 @@
 
 </div>
 
-![Lattice AI — local-first AI workspace](docs/assets/v3.4.0/home.png)
+![Lattice AI — local-first AI workspace home](docs/assets/v3.4.0/home.png)
+
+> **Lattice AI is not a model-personalization system. It is a Digital Brain Platform.**
+> The Knowledge Graph is your durable asset. **Models are replaceable. Knowledge is durable.**
+
+It isn't another chat window, and it isn't a way to "fine-tune a model on you." The
+purpose of Lattice AI is to **connect models to your Knowledge Graph** — your digital
+brain — not to place you inside a model. AI reads your knowledge; you own it.
+
+- **Models are replaceable.** Swap MLX, Ollama, LM Studio, or a cloud LLM at will.
+- **Agents, RAG, and the UI are replaceable.** They are implementations, not the asset.
+- **Your Knowledge Graph is durable.** It outlives every model and is yours to export,
+  import, and back up locally — no cloud required.
+
+Local-first by default; cloud only when you choose. (The Vercel site is a
+landing/download/demo surface only — never the runtime. Lattice AI runs on your
+machine over local SQLite.)
+
+## Why install Lattice AI?
+
+Most AI tools only answer questions in a chat window. Lattice AI gives you a
+workspace around the work itself:
+
+- **Keep everything in one place** — files, notes, chats, and decisions live
+  together instead of scattered across tabs and apps.
+- **Turn documents into knowledge** — uploads and connected folders become
+  searchable, linked context you can reuse.
+- **Search the way you think** — fuse keyword, vector, and knowledge-graph
+  signals in a single query.
+- **Stay private and offline-capable** — run local models through MLX, Ollama, or
+  LM Studio; nothing leaves your machine unless you opt in.
+- **Use cloud models only when you choose** — bring an API key for cloud LLMs
+  when you want them, not by default.
+- **Automate with agents you can inspect** — workflows leave behind plans,
+  reviews, retries, and results you can replay.
+
+Lattice AI is not a clone of ChatGPT, Claude, Cursor, Obsidian, or Notion. It
+sits in a different place: a **workspace** that ties local/self-hosted AI, your
+files, project knowledge, hybrid search, local and optional cloud models, agents,
+and workflows together — and runs on your own hardware.
+
+## What can you do with it?
+
+- Build a private AI workspace for a project, scoped to your machine.
+- Chat with your local files, images, and workspace memory.
+- Upload documents — or connect a folder — and turn them into searchable knowledge.
+- Explore how files, decisions, conversations, and entities connect in a
+  Knowledge Graph.
+- Run local models through MLX, Ollama, or LM Studio, and use cloud LLMs only when
+  you want to.
+- Create repeatable agent workflows for research, coding, analysis, and
+  documentation.
+- Separate personal work from organization work.
+- Switch between Basic, Advanced, and Admin modes depending on your role.
+
+## Product Tour
+
+### Start from the workspace home
+
+![Lattice AI workspace home — readiness, model state, and retrieval status](docs/assets/v3.4.0/home.png)
+
+The home view shows workspace readiness, model state, retrieval status, and the
+main entry points — derived from real local state, never placeholder counters.
+
+### Chat with files, images, and workspace context
+
+![Lattice AI chat connected to files, graph context, and vision input](docs/assets/v3.4.0/chat.png)
+
+Chat is wired to your files, graph context, memory, and model routing — including
+vision-capable image input by attach, drag-and-drop, or paste.
+
+### Bring documents into the workspace
+
+![Lattice AI files view — uploaded documents and connected folders](docs/assets/v3.4.0/files.png)
+
+Uploads and connected folders become indexed workspace context, searchable from
+chat and hybrid search.
+
+### Understand knowledge visually
+
+![Lattice AI knowledge graph of files, decisions, conversations, and entities](docs/assets/v3.4.0/knowledge-graph.png)
+
+The Knowledge Graph shows how files, decisions, conversations, and entities
+connect — context that stays useful even when you switch models.
+
+### Run agent workflows
+
+![Lattice AI agent run with roles, logs, review, and retry](docs/assets/v3.4.0/agent-run.png)
+
+Agents turn a goal into an inspectable run — roles, logs, review, and retry — that
+you can read back step by step.
+
+### Extend with hooks and the local runtime
+
+![Lattice AI hooks dispatch with a recent-execution log](docs/assets/v3.4.0/hooks-dispatch.png)
+
+![Lattice AI local agent status, handshake, and folder watching](docs/assets/v3.4.0/local-agent.png)
+
+Advanced users wire lifecycle hooks into runs, tools, workflows, uploads, and
+indexing — and see the on-device local runtime's real status, handshake, and
+folder-watch activity.
 
 ## Install
 
@@ -65,279 +165,138 @@ Then open:
 http://127.0.0.1:4825/app
 ```
 
-Development checkout:
+Working from a development checkout:
 
 ```bash
 npm install
 npm run dev
 ```
 
-Useful validation commands:
-
-```bash
-npm run check:python
-npm run test:unit
-npm run build
-```
-
-## What Is Lattice AI?
-
-Lattice AI v3 is a local-first AI workspace platform for people and teams who
-want their files, models, graph context, retrieval, and agent workflows in one
-place.
-
-- **Primary app shell**: `/app` is the default product experience with Chat,
-  Files, Hybrid Search, Knowledge Graph, Memory, Models, Settings, Advanced
-  agent/workflow tooling, and Admin areas. Classic pages remain compatibility
-  routes only; normal workflows stay in `/app`.
-- **Local-first AI Workspace**: work starts on your machine, with local data and
-  workspace state by default.
-- **AI Pipeline Platform**: plan, execute, review, retry, and replay work across
-  local models, cloud models, tools, files, and generated artifacts.
-- **Knowledge Graph Platform**: documents, images, screenshots, notes,
-  conversations, and decisions become linked entities, relationships, evidence,
-  and reusable context.
-- **Multi-Agent Workflow Platform**: agents hand off structured context, review
-  work, retry with reasons, and keep timelines inspectable.
-- **Personal / Organization Workspace**: move between personal work and team
-  workspaces with role-aware views and Basic / Advanced / Admin modes.
-- **Vector Index and Hybrid Search**: local vector rows are derived from the
-  Knowledge Graph and fused with keyword and graph signals.
-- **Local Model Management**: choose current multimodal local models with source
-  disclosure, hardware-aware recommendations, and cloud fallback options.
-- **Community-first workspaces**: Personal and Organization workspaces ship in
-  the local product; enterprise SSO/SCIM/governance remain future extensions.
-
-## Why Lattice AI?
-
-Most AI tools split your work across a chat window, a model picker, loose files,
-and disconnected automations. Lattice AI keeps those parts together:
-
-- files and conversations become graph context;
-- graph context feeds pipelines and coding actions;
-- model cards disclose country, company, run mode, internet usage, and model
-  identity;
-- personal and organization workspaces keep team workflows separate from local
-  work;
-- multi-agent workflows leave behind replayable plans, reviews, retries, and
-  outcomes.
-
-## v3.4.1 Highlights
-
-Lattice AI v3.4.1 is the **runtime completion** release: it makes the v3.4.0
-runtime systems verifiably complete and corrects the v3.4.0 overclaims an
-implementation audit found. Every item is verified by a **live end-to-end run**
-against a booted server (see `docs/assets/v3.4.1/e2e_runtime_log.txt`).
-
-- **Hooks — full lifecycle.** One shared tool-dispatch path fires `pre_tool`/
-  `post_tool` across the HTTP, agent, and workflow tool paths (v3.4.0 only fired
-  on the HTTP path); workflow hooks fire from both the designer and platform
-  paths; the upload pipeline fires granular upload + index hooks; **all 7
-  built-in hooks have real runners**, and non-executable hooks are flagged
-  `advisory`.
-- **Local Agent — real probes.** `online`/`handshake`/`health`/
-  `filesystem_access` are no longer hardcoded — they are probed (real filesystem
-  write, live graph reachability, derived `mode`, `pid`, handshake latency).
-- **Connect Folder — proven end-to-end.** A real local folder is connected,
-  indexed, and visible in the Files table, retrieval, and hybrid search.
-- **Folder Watch — proven end-to-end + restore.** Creating a file triggers a
-  debounced reindex (`watchdog` installed); the watch is restored after restart.
-
-See [RELEASE_NOTES_v3.4.1.md](RELEASE_NOTES_v3.4.1.md) and the evidence-traced
+## Core Features
+
+- **Local-first workspace** — your data, models, and workspace state live on your
+  machine by default; cloud is opt-in.
+- **Files and connected folders** — upload documents or connect a local folder;
+  Lattice indexes them and watches connected folders for changes.
+- **Chat with workspace context** — conversations are grounded in your files,
+  knowledge graph, and memory, with vision-capable image input.
+- **Knowledge Graph** — files, images, notes, conversations, and decisions become
+  linked entities and relationships you can explore.
+- **Hybrid Search** — keyword, vector, and graph signals are fused into one ranked
+  result set.
+- **Local model support** — run multimodal models locally via MLX, Ollama, or LM
+  Studio, with hardware-aware recommendations and source disclosure.
+- **Optional cloud model routing** — add OpenAI-compatible or other cloud models
+  when you choose; model cards disclose origin, run mode, and internet use.
+- **Multi-agent workflows** — turn goals into runs with roles, handoffs, review,
+  retries, and replayable timelines.
+- **Skills, hooks, tools, and MCP** — extend the workspace with skills, lifecycle
+  hooks, a governed tool registry, and Model Context Protocol servers.
+- **Personal / Organization workspaces** — keep personal work separate from team
+  work with role-aware views.
+- **Basic / Advanced / Admin modes** — show only what each role needs, from core
+  workflows to agent tooling to administration.
+
+## Latest Release
+
+### v3.6.0 — Knowledge Graph First
+
+- **Unified ingestion pipeline** — one entrypoint normalizes every source
+  (file, folder, web URL, browser tab, text/markdown/code) into the graph,
+  idempotent by content hash and bracketed by the `pre_tool`/`post_tool` hook
+  lifecycle.
+- **Formalized entity/relationship model** — first-class `Source`, `Repository`,
+  `Meeting`, `Organization`, `Workflow`, `Agent` entities and `indexed_from`,
+  `modified_by`, `belongs_to_project`, `part_of`, `discussed_in`, `decided_by`,
+  `generated_by`, `used_by_agent` relationships.
+- **Browser & web ingestion** — `POST /api/browser/read-url` and
+  `/ingest-current-tab`, plus a local Manifest V3 extension that posts only to
+  `127.0.0.1`.
+- **Portability** — local Knowledge Graph export/import (versioned JSON) and
+  binary backup/restore (DB + blobs, integrity-checked). No cloud required.
+- **Provenance** — every node records where it came from; a queryable audit trail
+  makes the graph explainable.
+- **Knowledge Graph as the primary surface** — the view becomes your digital brain
+  with Status, Sources, Capture, and Backup tabs.
+
+See [RELEASE_NOTES_v3.6.0.md](RELEASE_NOTES_v3.6.0.md),
+[docs/kg-schema.md](docs/kg-schema.md),
+[docs/RUNTIME_HOOK_COVERAGE_v3.6.0.md](docs/RUNTIME_HOOK_COVERAGE_v3.6.0.md), and
 [FEATURE_STATUS.md](FEATURE_STATUS.md).
 
-## v3.4.0 Highlights
-
-Lattice AI v3.4.0 is the **platform completion** release: it closes the remaining
-non-enterprise functionality gaps the v3.3.0 honesty audit flagged, so the
-local-first workspace is complete and demonstrable end-to-end. Each item below is
-runtime-verified on a live server, not only wired in source.
-
-- **Hooks now execute.** A real dispatch engine (`run_hook` / `run_hooks` /
-  `fire_hook` + `HookContext` / `HookResult`) runs hooks at genuine lifecycle
-  points — agents (pre/post-run), workflows (start/end), tools (pre/post-tool),
-  and the upload pipeline. `pre_*` hooks can gate (block) an action; every
-  dispatch is recorded to a persisted run log surfaced in the Hooks view.
-- **Uploads appear in Files.** Uploaded documents are listed with live ingest →
-  index state (`/knowledge-graph/documents`), completing upload → Files →
-  Knowledge Graph → Hybrid Search → Chat.
-- **Vision (VLM) image input.** The Chat composer accepts images by attach,
-  drag-and-drop, or paste, with a preview and a **Vision Enabled / Disabled**
-  badge driven by the active model's capability.
-- **Run agents from the Agents view.** A Run console (goal + roles → Run / Stop /
-  Status / Queue / Logs) executes the multi-agent pipeline locally; it runs
-  without a model and fires its pre/post-run hooks.
-- **On-device Local Agent + Connect Folder + Folder Watch.** My Computer reports
-  the real local-runtime agent status and handshake; folders can be connected and
-  watched (debounced reindex on change) through the existing on-device endpoints.
-- **Enterprise stays honestly disabled.** SSO, SCIM, DLP, Private VPC, SIEM, and
-  enterprise RBAC remain off with honest "not available in this build" states.
-
-See [RELEASE_NOTES_v3.4.0.md](RELEASE_NOTES_v3.4.0.md),
-[PLATFORM_COMPLETION_REPORT_v3.4.0.md](PLATFORM_COMPLETION_REPORT_v3.4.0.md), and
-the evidence-traced [FEATURE_STATUS.md](FEATURE_STATUS.md).
-
-## v3.3.1 Highlights
-
-Lattice AI v3.3.1 rebuilds the visible `/app` product experience while
-preserving the existing local-first runtime. The app now presents Chat, Files,
-Search, Knowledge, Memory, Models, Settings, Advanced tooling, and Admin
-workflows with clearer navigation and honest live/unavailable states.
-
-- **Visual product rebuild** — compact rail navigation, quieter topbar,
-  command-palette search, retrieval readiness footer, and denser controls.
-- **Truthful Home dashboard** — backend, model, retrieval, memory, source, and
-  trace readiness are derived from real endpoints instead of fabricated counts.
-- **Basic / Advanced / Admin navigation** — Basic focuses on core workspace
-  workflows; Advanced exposes agents, workflows, skills, hooks, and MCP; Admin
-  keeps organization controls separate.
-- **Files and Settings clarity** — manual upload is available immediately,
-  folder watching is explicitly tied to the desktop local agent, and Settings
-  shows backend, agent, model, telemetry, and embedding readiness.
-- **Design system refresh** — cooler neutral light/dark tokens, tighter 8px
-  radius discipline, compact cards/tables/stats/buttons, and regenerated
-  hashed v3 assets.
+## How it works — every source converges into the graph
 
-The v3.2.0 platform remains the feature-complete foundation: multi-agent
-collaboration, Agent Registry, Marketplace templates, Workflow Agents,
-Autonomous Planning, Long-Term Memory, Skills, Hooks, Tool Registry, MCP
-Manager, production embedding profiles, and hash-manifested `/app` assets.
-Release audit: [docs/V3_2_AUDIT.md](docs/V3_2_AUDIT.md).
-
-## Screenshots
-
-All screenshots are the v3.4.0 `/app` shell. Live model output (VLM inference,
-agent-generated text) requires a loaded local model and is not depicted.
-
-### Home
-
-![Home — local-first workspace at a glance](docs/assets/v3.4.0/home.png)
-
-### Chat with Vision (VLM) image input
-
-![Chat — image attach + Vision Enabled badge](docs/assets/v3.4.0/chat.png)
-
-### Files — uploaded documents + Connect Folder
-
-![Files — uploaded documents with index state](docs/assets/v3.4.0/files.png)
-
-### Run agents from the Agents view
-
-![Agent run — goal, roles, and live timeline logs](docs/assets/v3.4.0/agent-run.png)
-
-### Hooks dispatch + run log
-
-![Hooks — per-hook Run and recent executions](docs/assets/v3.4.0/hooks-dispatch.png)
-
-### Local Agent (on-device runtime)
-
-![My Computer — Local Agent status and handshake](docs/assets/v3.4.0/local-agent.png)
-
-### Knowledge Graph
-
-![Knowledge Graph](docs/assets/v3.4.0/knowledge-graph.png)
-
-## Knowledge Graph Flow
+As of v3.6.0, all data sources flow through **one unified ingestion pipeline** into
+the Knowledge Graph — no source bypasses it, none becomes an isolated silo:
 
 ```text
-files / documents / images / screenshots / conversations / decisions
-  -> multimodal understanding
-  -> entity and relationship extraction
-  -> evidence and artifact storage
-  -> Knowledge Graph update
-  -> AI pipeline context
-  -> coding actions / analysis / documents / team workflows
+source (file · folder · PDF · web URL · browser tab · text)
+  -> extraction -> normalization -> content hash (idempotent)
+  -> chunking -> entity detection -> relationship detection -> embedding
+  -> Knowledge Graph  (Source -[indexed_from]- content -[contains]- chunks)
+  -> RAG / agents / memory / hybrid search
 ```
 
-The graph keeps useful workspace context available even when you change models.
-
-## v3 Backend Retrieval
+- **Every node is explainable.** Each ingested item carries provenance — where it
+  came from, when, how it was processed, whether it was embedded or linked.
+- **The graph is the asset.** Memory, search, and agents are views over it; models
+  read it. Swap a model and your knowledge is unchanged.
+- **Portable, no cloud.** Export/import the graph as JSON, or take a full local
+  binary backup (DB + blobs) and restore it.
+- **Local-first protects the graph.** It lives in local SQLite on your machine.
 
-The v3 backend adds a local-first retrieval stack that combines the Knowledge
-Graph, a SQLite vector index, and hybrid result fusion. It preserves existing
-graph data while adding derived vector rows that can be rebuilt at any time.
+For the deeper design, see [ARCHITECTURE.md](ARCHITECTURE.md) and
+[docs/architecture.md](docs/architecture.md).
 
-Embedding status: production profiles are exposed through
-`GET /api/embeddings/providers`, while `lattice-local-hash-v1` remains a
-deterministic fallback for offline indexing and tests. It is never presented as
-a production semantic embedding model.
-
-Core API contracts:
+## Documentation
 
-- `POST /api/search/hybrid`
-- `GET /api/search/keyword?q=...`
-- `GET /api/search/vector?q=...`
-- `GET /api/graph`
-- `GET /api/graph/node?node_id=...`
-- `GET /api/graph/relationship`
-- `GET /api/index/status`
-- `POST /api/index/rebuild`
+### Product and principles
 
-See [docs/V3_BACKEND_ARCHITECTURE.md](docs/V3_BACKEND_ARCHITECTURE.md) for the
-storage model, search model, migration behavior, and API response shape.
+- [PROJECT_PRINCIPLES.md](PROJECT_PRINCIPLES.md) — product principles
+- [AI_PHILOSOPHY.md](AI_PHILOSOPHY.md) — how AI is used in the workspace
+- [MODEL_POLICY.md](MODEL_POLICY.md) — local model recommendation policy
 
-## Local Model Policy
+### Architecture
 
-Lattice AI recommends current-generation multimodal models for local use and
-keeps local model choices explicit.
+- [ARCHITECTURE.md](ARCHITECTURE.md) — workspace, graph, pipeline, and model overview
+- [docs/architecture.md](docs/architecture.md) — full architecture reference
+- [docs/V3_BACKEND_ARCHITECTURE.md](docs/V3_BACKEND_ARCHITECTURE.md) — backend storage, search, and retrieval
 
-| Family | Default role | Example recommendation |
-| --- | --- | --- |
-| Gemma 4 | Default Google multimodal family | `mlx-community/gemma-4-12b-it-4bit` |
-| Gemma 4 large | Higher-quality local multimodal work | `mlx-community/gemma-4-31b-it-4bit` |
-| Qwen3-VL | Smaller, balanced multimodal options | `mlx-community/Qwen3-VL-4B-Instruct-4bit` |
-| Llama 4 | Meta multimodal option | `mlx-community/Llama-4-Scout-17B-16E-Instruct-4bit` |
+### Knowledge and retrieval
 
-Every recommended model card shows maker country, maker company, run mode,
-internet requirement, and model name. See [MODEL_POLICY.md](MODEL_POLICY.md).
+- [KNOWLEDGE_GRAPH.md](KNOWLEDGE_GRAPH.md) — graph model and behavior
 
-## Architecture
+### Agents and workflows
 
-```text
-Personal / Organization Workspace
-  -> files, chats, screenshots, model choices, workflow events
-  -> Knowledge Graph
-  -> AI Pipeline
-  -> Multi-Agent Workflow
-  -> coding actions, documents, analysis, team handoffs
-```
+- [docs/MULTI_AGENT_RUNTIME.md](docs/MULTI_AGENT_RUNTIME.md) — multi-agent workflow runtime
+- [docs/WORKFLOW_DESIGNER.md](docs/WORKFLOW_DESIGNER.md) — AI pipeline designer
 
-Core areas:
+### Extensions
 
-- FastAPI local workspace app
-- Knowledge Graph storage and graph APIs
-- AI pipeline and workflow designer
-- Multi-agent handoff, review, retry, and replay records
-- Local model management and model recommendation catalog
-- VS Code / Cursor / VSCodium extension surface
-- Personal and organization workspace boundaries
+- [docs/PLUGIN_SDK.md](docs/PLUGIN_SDK.md) — plugin SDK
 
-## Documentation
+### Releases
 
-- [ARCHITECTURE.md](ARCHITECTURE.md) — workspace, graph, pipeline, and model-management overview
-- [docs/architecture.md](docs/architecture.md) — full architecture reference
-- [PROJECT_PRINCIPLES.md](PROJECT_PRINCIPLES.md) — product principles
-- [AI_PHILOSOPHY.md](AI_PHILOSOPHY.md) — how AI is used in the workspace
-- [MODEL_POLICY.md](MODEL_POLICY.md) — local model recommendation policy
-- [KNOWLEDGE_GRAPH.md](KNOWLEDGE_GRAPH.md) — graph model and behavior
-- [docs/MULTI_AGENT_RUNTIME.md](docs/MULTI_AGENT_RUNTIME.md) — multi-agent workflow runtime
-- [docs/WORKFLOW_DESIGNER.md](docs/WORKFLOW_DESIGNER.md) — AI pipeline designer
-- [docs/REALTIME_COLLABORATION.md](docs/REALTIME_COLLABORATION.md) — realtime workspace events
-- [docs/ENTERPRISE.md](docs/ENTERPRISE.md) — organization workspaces and SSO
-- [docs/PLUGIN_SDK.md](docs/PLUGIN_SDK.md) — plugin SDK
-- [RELEASE_NOTES.md](RELEASE_NOTES.md) and [docs/CHANGELOG.md](docs/CHANGELOG.md)
+- [RELEASE_NOTES.md](RELEASE_NOTES.md) — current release notes
+- [RELEASE_NOTES_v3.6.0.md](RELEASE_NOTES_v3.6.0.md)
+- [RELEASE_NOTES_v3.5.0.md](RELEASE_NOTES_v3.5.0.md)
+- [RELEASE_NOTES_v3.4.1.md](RELEASE_NOTES_v3.4.1.md)
+- [RELEASE_NOTES_v3.4.0.md](RELEASE_NOTES_v3.4.0.md)
+- [CHANGELOG.md](CHANGELOG.md) and [docs/CHANGELOG.md](docs/CHANGELOG.md)
 
-## Release history
+## Release History
 
 | Version | Theme |
 | --- | --- |
-| **3.4.1** | Runtime completion — hooks full lifecycle (shared tool dispatch across HTTP/agent/workflow, all built-ins real), Local Agent real probes (no hardcoded readiness), Connect Folder + Folder Watch proven live end-to-end + restore-on-restart; corrects v3.4.0 overclaims |
-| 3.4.0 | Platform completion — hooks execution engine, uploads visible in Files, VLM image input, agent run trigger, on-device Local Agent / Connect Folder / Folder Watch; Enterprise stays honestly disabled; refreshed v3.4.0 public assets |
-| 3.3.1 | Visual product rebuild — rebuilt `/app` shell, Basic/Advanced/Admin navigation, cooler token palette, compact component system, Home readiness dashboard, Files local-agent truthfulness, Settings runtime status, and v3.3.1 design notes |
-| **3.3.0** | Product quality & honesty release — evidence-based feature audit (`FEATURE_STATUS.md`), single-source version truth, working manual document upload in Files, fixed document-generation streaming, truthful Home retrieval status, documented design system (`STYLE_SYSTEM.md`) |
-| 3.2.0 | Feature-complete platform — multi-agent collaboration, agent registry, marketplace + templates, workflow agents, autonomous planning, long-term memory + manager, skills/hooks/tool registries, MCP manager, all operable from `/app` |
-| 3.1.0 | Mainline platform completion — native `/app` workflows, Classic retired from normal paths, production embedding profiles, AgentRuntime/registries, hashed v3 assets |
-| 3.0.1 | Release-blocker remediation — provider-backed embeddings (Hash/MLX/Ollama/OpenAI/Custom), unified AgentRuntime boundary, every v3 surface connected or clearly unavailable |
+| **3.6.0** | Knowledge Graph First — unified ingestion pipeline, formalized entity/relationship model, browser/web ingestion, local export/import/backup, provenance, KG as the primary surface |
+| 3.5.0 | Foundation stabilization & verification — OIDC verifier, trusted-proxy gating, runtime hook coverage, `tools/` package, reproducible artifacts |
+| 3.4.1 | Runtime completion — full hooks lifecycle, real Local Agent probes, Connect Folder and Folder Watch verified end-to-end |
+| 3.4.0 | Platform completion — hooks execution, uploads in Files, vision image input, agent run trigger, on-device Local Agent / Connect Folder / Folder Watch |
+| 3.3.1 | Visual product rebuild — rebuilt `/app` shell, Basic/Advanced/Admin navigation, refreshed design system |
+| **3.3.0** | Product quality & honesty release — evidence-based feature audit, single-source version truth, working document upload, documented design system |
+| 3.2.0 | Feature-complete platform — multi-agent collaboration, agent registry, marketplace + templates, workflow agents, long-term memory, skills/hooks/tool registries, MCP manager |
+| 3.1.0 | Mainline platform completion — native `/app` workflows, production embedding profiles, AgentRuntime/registries, hashed v3 assets |
+| 3.0.1 | Release-blocker remediation — provider-backed embeddings, unified AgentRuntime boundary, every v3 surface connected or clearly unavailable |
 | 3.0.0 | v3 local-first AI workspace platform — `/app`, Native Chat, Knowledge Graph, Vector Index, Hybrid Search, workspace modes |
 | 2.2.7 | Visual system stabilization — cohesive dark/light screens, crisp chat composer, dark graph canvas, Workspace OS polish |
 | 2.2.6 | Token-native CSS foundation |

package/docs/CARRYOVER_AUDIT_v3.6.0.md

@@ -0,0 +1,61 @@
+# v3.5.0 → v3.6.0 Carry-Over Audit
+
+**Date:** 2026-06-09
+**Baseline:** v3.5.0 (tag published, GitHub Release live, CI + Visual Smoke green on `main`)
+**Purpose:** Classify every open v3.5.0 carry-over risk as **blocking**, **non-blocking**, or
+**obsolete** before starting v3.6.0 Knowledge Graph First work.
+
+## Headline
+
+**No carry-over item blocks v3.6.0.** v3.5.0 was a stabilization/verification release that added no
+product surface. Every documented limitation is either an intentional, honestly-labeled scope
+boundary or a closed issue. KG work can start immediately on the existing local SQLite store.
+
+## Verified baseline state
+
+| Check | Result | Evidence |
+|---|---|---|
+| `v3.5.0` git tag | exists | `git tag` |
+| GitHub Release `v3.5.0` | published, not draft | `gh release view v3.5.0` |
+| CI on `main` | success | `gh run list --branch main` (run 27155690240) |
+| Visual Smoke on `main` | success | run 27155690270 |
+| VSIX reproducibility fix | merged | commit `78deb95` |
+
+## Classified carry-over items
+
+### Blocking
+*(none)*
+
+### Non-blocking
+
+| Item | Why it does not block | Evidence |
+|---|---|---|
+| OIDC is RSA-only (RS256/384/512); ES*/HS*/`alg:none` rejected fail-closed | v3.6.0 KG work does not touch the SSO callback. EC support is additive when a provider needs it. | `latticeai/core/oidc.py:36` |
+| Memory/KG maintenance endpoints (`/api/memory/{prune,compact,rebuild,clear}`) sit outside `pre_tool`/`post_tool` | Intentional, documented decision; these ops carry their own audit events. v3.6.0 follows the same convention and adds a coverage row rather than routing maintenance through `dispatch_tool`. | `docs/RUNTIME_HOOK_COVERAGE_v3.5.0.md:47` |
+| Knowledge Graph is config-dependent on `LATTICEAI_ENABLE_GRAPH`, backed by a large `knowledge_graph.py` | This is the surface v3.6.0 builds on. Size/coupling is refactor context, addressed additively (new service modules, not a rewrite). | `FEATURE_STATUS.md:257-263` |
+| Memory project/graph/vector tiers PARTIAL; prune/clear API-only (no UI) | KG-adjacent tiers v3.6.0 completes; honestly labeled, not broken. v3.6.0 adds the ingestion/export/provenance UI. | `FEATURE_STATUS.md:280-286` |
+| Hybrid-search "fusion" explainer renders illustrative bars | Cosmetic placeholder; orthogonal to KG-first ingestion work. | `FEATURE_STATUS.md:249-251` |
+| Chat grounding chips set state but `ChatRequest` drops them | Wiring grounding into generation is a natural KG-first feature; additive, not a blocker. | `FEATURE_STATUS.md:131-138` |
+| CI action versions inconsistent (`ci.yml` `checkout@v4` vs `release.yml` `@v5`) | None are currently deprecated. Aligning is hygiene; addressed opportunistically. | `.github/workflows/ci.yml` |
+| Live MCP tool calls + VLM inference PARTIAL (env/model dependent) | Honestly badged; orthogonal to KG-first work. | `FEATURE_STATUS.md:169-178,392` |
+
+### Obsolete
+
+| Item | Why it is closed |
+|---|---|
+| "Hooks registered but not executing" (v3.3.0 issue) | v3.4.1 added real runners for all built-ins; v3.5.0 closed the last tool-path bypasses at 100% coverage. |
+| Legacy `/account` `/admin` glassmorphism | Blur removed in v3.5.0 (`account.css:120`, `admin.css:48`). Remaining "not restyled" note is a deliberate scope boundary — these pages are outside the v3 SPA view set. |
+| Vercel deployment returns HTTP 500 | Settled posture: Vercel is **landing/download/demo only, never runtime**. Lattice AI is local-first; the KG runs on local SQLite. Do not present any Vercel URL as a product surface. |
+| CI syntax-gate staleness | Fixed in v3.5.0 by `scripts/check_python.py` (discover-based via `rglob`); new v3.6.0 modules are covered automatically with zero maintenance. |
+
+## v3.6.0 posture decisions taken from this audit
+
+1. **Build additively on the existing store.** Mirror the proven `tools.py → tools/` decomposition
+   pattern: preserve the import surface, add focused modules (`services/ingestion.py`,
+   `services/kg_portability.py`, `api/browser.py`, `api/portability.py`) rather than rewriting
+   `knowledge_graph.py`.
+2. **Route new ingestion paths through `dispatch_tool`** so `pre_tool`/`post_tool` fire — this is the
+   one v3.5.0 gap (no ingest path fired hooks). Maintenance ops stay audit-only by the documented
+   convention.
+3. **Keep Vercel landing-only and OIDC RSA-only** — settled, out of v3.6.0 scope.
+4. **Leave legacy `/account` `/admin` pages alone** — out of the local-first KG scope.

package/docs/CHANGELOG.md

@@ -1,5 +1,37 @@
 # Changelog
 
+## [3.6.0] - 2026-06-10
+
+> Knowledge Graph First. The Knowledge Graph becomes the primary architecture:
+> every data source converges into it through one unified ingestion pipeline, with
+> formalized entities/relationships, browser/web inputs, local portability, and
+> per-node provenance. Lattice AI is a Digital Brain Platform — the graph is the
+> durable asset; models read it and are replaceable.
+
+### Added
+
+- Unified ingestion pipeline (`latticeai/services/ingestion.py`): one entrypoint
+  for files, folders, web URLs, browser tabs, and text — idempotent by content
+  hash, bracketed by `pre_tool`/`post_tool`.
+- Knowledge Graph entities `Source`/`Repository`/`Meeting`/`Organization`/
+  `Workflow`/`Agent` and relationships `indexed_from`/`modified_by`/
+  `belongs_to_project`/`part_of`/`discussed_in`/`decided_by`/`generated_by`/
+  `used_by_agent` (additive, lossless `from_legacy`).
+- Browser & web ingestion routes (`/api/browser/read-url`, `/ingest-current-tab`)
+  and a Manifest V3 extension scaffold that posts only to `127.0.0.1`.
+- Knowledge Graph export/import (versioned JSON) and binary backup/restore
+  (`latticeai/services/kg_portability.py`,
+  `/api/knowledge-graph/{export,import,backup,restore,portability,provenance}`).
+- Provenance trail (`ingestion_provenance` table + query API) — every node is
+  explainable.
+- Knowledge Graph UI tabs: Status, Sources, Capture, Backup.
+
+### Changed
+
+- KG ingestion now fires the tool hook lifecycle (closes the v3.5.0 gap);
+  coverage documented in `docs/RUNTIME_HOOK_COVERAGE_v3.6.0.md`.
+- README repositioned as a Digital Brain Platform; Vercel remains landing-only.
+
 ## [3.3.1] - 2026-06-08
 
 > v3.3.1 — Visual Product Rebuild. The `/app` frontend keeps the same runtime