Skip to content

Releases: vouchdev/vouch

Claude Code session auto-capture

Choose a tag to compare

@github-actions github-actions released this 03 Jul 08:25

Added

  • auto-capture: claude code sessions are harvested via hooks and filed as a
    single pending session-summary proposal for human approval. a PostToolUse
    hook (vouch capture observe) appends compact tool-use observations to an
    ephemeral, gitignored .vouch/captures/<session>.jsonl buffer; a
    SessionEnd hook (vouch capture finalize) rolls the buffer plus a git-diff
    backstop into one session page proposal — mechanical, no llm, and never
    auto-approved. a SessionStart banner (vouch capture banner) nudges the
    next session when captured summaries await review. opt out with
    capture.enabled: false in .vouch/config.yaml.
  • session-start recall: a SessionStart hook (vouch recall) injects a digest
    of every live approved claim ([id] text) plus approved page titles into a
    new claude session's context, so it starts aware of the reviewed KB. only
    approved knowledge is emitted; archived / superseded / redacted claims are
    excluded; size-guarded by recall.max_chars with an explicit truncation
    notice. opt out with recall.enabled: false.
  • vouch install-mcp claude-code now merges its hooks and read-only permission
    allowlist into an existing .claude/settings.json (a json_merge install
    strategy) instead of skipping it, so the capture / recall hooks land on
    projects that already have a settings file. idempotent; user entries are
    preserved.
  • GitHub PR auto-labeling: a pull-request metadata-only labeler workflow now
    applies vouch surface labels from .github/labeler.yml, keeps those labels
    in sync as files change, and adds OpenClaw-style size: XS through
    size: XL labels based on non-doc changed lines. Maintainers can also run
    it manually to backfill labels on already-open PRs.
  • vouch detect-themes — cross-session pattern detection via deterministic
    entity co-occurrence scoring. kb.detect_themes is read-only (returns
    ranked clusters); kb.propose_theme routes synthesis pages through the
    review gate so they appear in kb.list_pending. Supports --propose for
    one-shot propose-all and --json for machine-readable output. Configurable
    via themes.min_sessions, themes.min_claims, themes.top_k, and
    themes.enabled in config.yaml (#311).
  • dual-solve JSON, review-ui job, and choose responses now include
    changed_files for each candidate and the kept branch, so desktop and browser
    clients can show the resulting files without parsing unified diffs.

Changed

  • vouch dual-solve --sandbox default docker image is now
    vouch/coder:latest (was amika/coder:latest).

Fixed

  • vouch pending (and every bulk list_* path) no longer crashes when a
    single artifact file is unreadable — a corrupt or mojibake yaml is skipped
    with a warning instead of aborting the whole listing.
  • all text-mode file i/o under src/vouch/ now pins encoding="utf-8", so a
    non-utf-8 locale (e.g. latin-1) can no longer mangle non-ascii claim text
    into raw control bytes that the yaml loader rejects, nor crash on write.

Packaging

  • restored the tag-triggered release.yml workflow that was accidentally
    deleted alongside unrelated files in the #95 squash. It publishes to PyPI
    via Trusted Publishing (OIDC) exactly as before, and now also creates the
    GitHub release for the tag with the built sdist and wheel attached and the
    matching CHANGELOG section as the release body.
  • restored the vouch-kb distribution name in pyproject.toml — the same
    #95 squash had reverted it to vouch, which PyPI rejects (the name belongs
    to an unrelated project, and the trusted publisher is registered for
    vouch-kb). The installed command is still vouch.
  • container image: every release now also pushes ghcr.io/vouchdev/vouch
    (linux/amd64 + linux/arm64, tagged X.Y.Z, X.Y, and latest). The
    entrypoint is the vouch CLI with the stdio MCP server as the default
    command; bind-mount the project root at /data. Built from the new
    repo-root Dockerfile; installs the web extra, leaves embeddings out.
  • the [1.0.0] section below was restored: a merge after the release folded
    its entries back under [Unreleased], dropping the version header.

Docs

  • example KBs now carry their own screenshots: examples/README.md and the
    tiny/ + decision-log/ READMEs embed terminal renders of vouch status,
    search, show, audit, and a supersession diff against the shipped
    fixtures, so a reader can see what vouch looks like before installing it.
    Images live under docs/img/examples/ and are generated deterministically
    from the fixtures by docs/img/examples/render.py (make examples-screenshots); tests/test_example_screenshots.py asserts the
    committed SVGs stay reproducible (#286).

v0.1.0

v0.1.0 Pre-release
Pre-release

Choose a tag to compare

@plind-junior plind-junior released this 26 May 15:55

[0.1.0] — 2026-05-26

Packaging

  • Published to PyPI as vouch-kb (the vouch name was already taken by an
    unrelated project); the installed command is still vouch. Install with
    pipx install vouch-kb. A tag-triggered release workflow publishes via PyPI
    Trusted Publishing (OIDC).

Added

  • Seed a cited starter source and claim during vouch init, print first-run
    next steps, and document a 30-second onboarding tour (#54).

Fixed

  • Add put_relation_idempotent() to KBStore and use it in supersede() and contradict() so retrying after a partial failure converges to a consistent state instead of raising ValueError.
  • Raise ProposalError("forbidden_self_approval") in proposals.approve() when approved_by == proposal.proposed_by, enforcing the review-gate guarantee documented in the README and CONTRIBUTING.
  • crystallize() now sets review.approver_role: trusted-agent context so single-agent sessions can be crystallized without hitting the forbidden_self_approval guard (#47).
  • Bundle import rejects tar members whose path escapes kb_dir (CVE-2007-4559, #9). Previously a crafted .tar.gz with a member named ../../evil.txt could write outside .vouch/; the manifest allow-list did not prevent this because the manifest lives inside the same tarball. import_apply, import_check, and export_check now validate every member path and raise on unsafe names.
  • Fix vouch search CLI: assign backend label per code path so substring fallback results are no longer mislabelled as fts5; update stale docstring to reflect multi-backend search surface (#52).
  • vouch crystallize now indexes its session-summary page into FTS5 so it surfaces from vouch search / kb.search / kb.context without a vouch index rebuild (#60).
  • Bundle export uses POSIX / separators in manifest.json and tar member names on every platform (Windows previously produced self-invalid bundles). Windows bundles produced before this fix should be re-exported.
  • bundle.import_check and bundle.import_apply now verify each tar member's sha256 against manifest.json (#74), so a tampered tarball with an unchanged manifest can no longer land attacker-controlled content; import_apply re-verifies at write time and refuses to record a bundle.import audit event on mismatch.