- Atomic fact extraction —
same reindex --extract-factsextracts searchable facts from notes via LLM. Facts are independently searchable and boost source notes in search results. The right answer surfaces even when the fact is buried in an unrelated conversation. same factscommand — view, search, and manage extracted facts.- Fact-boosted search — hybrid search now includes fact matching as an additional signal.
same web --mcpenables HTTP MCP endpoint — MCP clients can connect over HTTP instead of stdio. Bearer token authentication. Ready-to-copy config snippets for Claude Code and Cursor.- Unlocks Open WebUI and LobeChat — previously blocked by stdio-only transport.
- Turn-level chunking — conversational content (User/Assistant patterns) is now chunked by turn-pair instead of by heading, making individual facts in chat logs independently searchable.
- Keyword boost in hybrid search — literal text matches get a 1.5x score boost, preventing strong keyword matches from being buried by semantically similar but wrong results.
same config set— set config values from CLI using dot notation:same config set ollama.url http://host.docker.internal:11434.- Global config —
~/.config/same/config.tomlapplies to all vaults. Set Ollama endpoint once. same config edit --global— edit global config directly.
mem_restore— undomem_forget(unsuppress a previously hidden note).mem_list_suppressed— show all suppressed notes in the vault.
same indexaliased tosame reindex— one canonical command.--content-type,--relationship,--directionflag aliases — clearer naming.--sourcesflag onsame add— CLI provenance tracking.same displayshows current mode — no-arg invocation prints state.- Improved search fallback messaging — actionable instructions when using keyword mode.
- Ollama retry gating — prevents redundant retries when Ollama is unavailable.
host.docker.internalallowed as Ollama endpoint — container users (Docker, OrbStack, Codespaces, devcontainers) can now point SAME at the host machine's Ollama.
SAME_CHAT_MODELenv var now works — override the chat model for consolidation, ask, and brief commands.[chat] modelconfig key — set a persistent chat model override in.same/config.toml. Precedence: env var > config > auto-detect.- Consolidation progress display — shows which model is being used at start, and per-group elapsed time during processing.
same importdetects Claude Code memory files — auto-scans~/.claude/memory/(global) and.claude/projects/*/memory/(project-scoped). Imports with SAME frontmatter, provenance tracking, andtrust_state: unknown. Skips MEMORY.md index files and de-duplicates on re-import.- Provenance pipeline for imported notes —
provenance_sourceandprovenance_hashfrontmatter fields are now parsed by the indexer and recorded innote_sources. - Auto-index after import — imported files are immediately searchable via keyword index without needing a separate
same reindex.
- Vault feedback on every command — prints "Using vault: ()" so you always know which vault is active.
- Ambiguity warning — when cwd has multiple vault children, shows a clear warning with options instead of silently picking one.
- Single child auto-select — if cwd isn't a vault but has exactly one child vault, auto-selects it.
same config showdisplays sources — shows both global and vault config file paths with effective merged values.
- Build hash in version output —
same versionnow showssame 0.12.5+abc1234so different builds from the same version are distinguishable. - Binary shadowing detection —
same doctorwarns when multiplesamebinaries exist in PATH with different checksums. - Embedding errors logged — embedding provider failures now print the actual error to stderr instead of silently degrading to keyword search.
- Graph LLM errors logged — graph extraction initialization failures now explain why regex fallback is active.
- MCP JSON error handling — 8
json.MarshalIndentcalls now return proper error responses instead of potentially sending corrupt JSON. - Resolved URL in config show —
same config showdisplays the effective Ollama URL after raw config values. - Reindex lockfile — prevents concurrent
same reindexruns from overloading Ollama. Stale locks from dead processes are automatically reclaimed. - Demo improvements — clearer demo flow and error handling.
- Health grace period — avoids false positives on recently indexed vaults.
- Doctor warning improvements — clearer messaging for common issues.
- Provenance trust boundary —
provenance_sourcefrontmatter is only trusted for notes in theimports/directory (created bysame import). MCPsave_notecannot write toimports/and cannot plant external provenance. - Agent ownership on mem_forget — when called with an agent parameter, only the creating agent can suppress a note. Vault owner (no agent) can still suppress anything.
- Context usage path validation — auto-injected provenance paths from
context_usageare now validated against vault boundaries before reading or hashing. - Import file permissions — imported files use
0600and import directories use0700. - Provenance cleanup on delete —
DeleteByPathnow removesnote_sourcesrows in the same transaction, preventing stale provenance from persisting across note replacements. - 28 credential detection patterns — AI APIs, cloud providers, git tokens, payment keys, observability tools.
- Guard on MCP save_note — warns on detected credentials before write.
- Path validation hardening — URL-encoded traversal, Unicode fullwidth, and symlink escape detection.
- MCP error sanitization — no internal paths leaked in error responses.
- Note sources cleanup — stale provenance records cleaned up properly.
- Consolidation sanitization — user input in consolidation is sanitized before LLM processing.
- Stale note timing now shows source file modification time —
same healthand staleness hooks previously showed "just now" for all stale notes after reindex. Now correctly shows when the source file was actually modified. - CHANGELOG.md excluded from indexing — added to default
.sameignorepatterns to prevent oversized chunks. - Decision attribution preserved on append —
save_decisionno longer rewrites file-level agent frontmatter when appending. - Dimension mismatch handling — graceful fallback when embedding dimensions don't match stored vectors.
- Lint CI —
golangci-lintintegrated into CI pipeline. - npm-publish graceful skip — no longer fails when the version already exists on npm.
- GitHub Actions upgraded to Node.js 24 — all actions pinned to Node.js 24-compatible versions.
- Metadata search filters — filter search results by trust state, content type, domain, and tags via CLI flags (
--trust stale,--type decision,--tag auth) and MCP parameters same stalecommand — convenience command to list all stale notes in your vault- Content-type search boosting — queries mentioning "session" or "handoff" automatically boost handoff results; "decided" or "decision" boost decision results. Subtle 1.2-1.3x multiplier breaks ties without overriding strong semantic matches
- Trust-aware search display — all CLI search results now show color-coded trust state (green validated, yellow stale, red contradicted). Hidden for unknown.
- 93.3% Recall@5 on held-out validation set (30 blind test cases, semantic search, nomic-embed-text). Evaluation methodology documented in
eval/METHODOLOGY.md
.sameignorefile — gitignore-style patterns for excluding files from indexing. Auto-created onsame initwith smart defaults (node_modules, .git, binaries, lock files, IDE config, build artifacts)same ignorecommand — view current patterns,same ignore add "*.log",same ignore reset- Integrated into both the indexer and the file watcher
- Tag-based graph connections — notes sharing frontmatter tags are automatically connected via entity nodes. No LLM required. If note A has
tags: [auth, api]and note B hastags: [auth, security], they're connected through the shared "auth" entity. Domain field also creates connections. - Interactive graph visualization — Cytoscape.js force-directed graph in the web dashboard. Nodes colored by type (decision=teal, handoff=purple, entity=amber), sized by edge count. Hover highlights connections, click navigates to notes. Layout switcher (cose, circle, grid). Mini-graph on dashboard page.
- Trust-aware briefing —
same briefnow includes trust state annotations and provenance sources. Stale decisions are flagged with warnings. Validated notes get checkmarks. --no-llmmode — structured data-only briefing without LLM dependency. Shows current focus, key decisions with trust tags, stale context, recent activity.- Graceful LLM fallback — if the LLM is unavailable, brief automatically falls back to the structured view instead of erroring.
- Index-now-embed-later — FTS5 keyword indexing happens instantly (sub-second for 100 notes). Vector embeddings are backfilled in the background. Search works immediately via keyword fallback while embeddings process. Progress display: "Embedding: 15/35 notes (keyword search active)".
- Ollama model unloading — after reindex completes, SAME sends
keep_alive: 0to Ollama to free the embedding model from memory. Prevents stale runner processes consuming CPU.
- Complete visual redesign — DaisyUI + Tailwind CSS dark theme. Glassmorphism cards, gradient stat numbers, trust badges on every note.
- Trust Overview section — 4-card grid showing validated/stale/contradicted/unknown counts with color-coded numbers.
- Sidebar + content layout — proper side-by-side layout with fixed 220px sidebar, sticky navigation.
- Confidence bars on note cards showing confidence level.
- Freshness indicators and keyboard shortcut hints.
- Safe force reindex —
same reindex --forceno longer deletes the existing index before re-indexing. Notes are deleted individually before their replacements are inserted. A failed reindex preserves existing data. - Brief empty vault message — when noteCount=0 but markdown files exist on disk, shows "X files not indexed, run same reindex" instead of the misleading "vault is empty"
- RawToSearchResult refactor — replaced 8 manual SearchResult construction sites with a single helper function, preventing field omission bugs (7 sites were missing TrustState)
- Three-tier evaluation methodology — internal eval (68 tuning cases), held-out eval (30 blind cases), MemoryAgentBench adapter (external benchmark). Documented in
eval/METHODOLOGY.md. - Eval suite — 35-note curated vault, 68 test cases, bash + Go runners, Recall@5 and MRR metrics
- MemoryAgentBench adapter — Python adapter for ICLR 2026 benchmark (146 test cases, 4 splits)
- Graph extraction training data — 30 training + 10 validation examples for fine-tuning
- npm-publish graceful skip — no longer fails when the version already exists on npm
- GitHub Actions upgraded to Node.js 24 — all actions (checkout, setup-go, upload-artifact, download-artifact, setup-node) pinned to Node.js 24-compatible versions
- Smoke test updated — accepts both
liteandprogressiveindex modes
note_sourcestable for provenance tracking — records what files/notes each note was derived from, with SHA256 hashes at capture timetrust_statefield on notes: validated, stale, contradicted, unknownsame healthnow shows Trust section: validated/stale/unknown counts with specific stale sources listed- Health score updated to 5-factor model (added trust factor)
- MCP
save_noteacceptssourcesparameter for explicit provenance tracking - Graph extraction records discovered file references as provenance sources
- Staleness hook enhanced to detect source file divergence
- Reindex serializes graph extraction after embeddings (fixes Ollama timeout on constrained machines)
- Fixed
NewClientWithURLtimeout (10s → 120s) for production Ollama usage
- Trust penalty in search scoring — stale notes rank 25% lower, contradicted notes 60% lower. Validated and unknown notes are unaffected.
trust_statefield returned on all search results (vector, keyword, hybrid, FTS5, federated) — MCP clients and agents can caveat answers based on trust- Context surfacing tags stale/contradicted notes visibly in injected context so agents know when retrieved knowledge may be outdated
- Graph 1-hop expansion — top vector results are expanded through graph edges to surface related notes (decisions, references, dependencies). Max 2 supplemental results at 60% dampened score.
same kaizencommand for continuous improvement tracking — log friction, bugs, and ideas as you worksave_kaizenMCP tool for agent-driven improvement logging with provenance tracking- Kaizen items shown in
same healthrecommendations
- PreCompact hook wired for session checkpointing — handoff notes are saved before context compaction, not just on session stop
- Separate debounce (2min) for checkpoint vs full handoff (5min)
same tipscommand with vault hygiene, security, and model selection guidancesame graph enable/same graph disablecommands to toggle graph mode without editing config files- Automatic container environment detection (Docker, Kubernetes, Codespaces, Gitpod) — surfaces in status and doctor output
- Graceful Ctrl+C cancellation during reindex and init — first press stops cleanly with partial progress, second press force-quits (Mac, Linux, Windows)
- Human-readable error messages for common embedding failures: connection refused, timeout, auth errors, dimension mismatches
- Graph LLM recommendation surfaced across
init,demo,status,doctor, andtipswhen a capable model is detected but graph mode is off - Thinking model compatibility:
stripThinkingTokens()utility strips<think>,<reasoning>,<reflection>tags from LLM responses - Graph extraction:
[graph] modelconfig key andSAME_GRAPH_MODELenv var for choosing a non-thinking model - Graph extraction:
--abort-on-errorflag (continue-on-error is now the default) - Graph extraction: Ollama structured output with JSON schema for more reliable parsing
- Dockerfile: Multi-stage build, non-root user, OCI labels
- Command aliases:
same s(search),same st(status),same vault ls(vault list) - Port-in-use detection for
same web - Platform shown in
same versionoutput same consolidatecommand: merge related notes into structured knowledge using LLM [experimental]same briefcommand: orientation briefing of what matters right now [experimental]same healthcommand: vault health score with actionable recommendations [experimental]- MCP tools:
mem_consolidate,mem_brief,mem_health,mem_forgetfor autonomous memory management - Note suppression:
mem_forgetMCP tool marks notes as suppressed (hidden from search, not deleted) - Reconsolidation dynamics: frequently accessed notes rank higher in search results
- Windows ARM64 release binary
- Windows self-update no longer fails when a stale
.oldbackup file is locked from a previous update — uses fallback rename chain - Migration failure upgrading from v0.9.1 to v0.10.0 —
entry_kindindex no longer created before the column exists same graph statsnow reads from config.toml instead of only checking the environment variable- Graph LLM extraction now works with thinking/reasoning models (DeepSeek-R1, QwQ, etc.)
same ask, demo, and tutorial commands no longer display thinking tokens- Ollama and OpenAI response paths strip thinking tags at the transport layer
- URL redirect vulnerability fixed with page whitelist in web dashboard
- MCP SDK bumped to v1.4.0 (security fix)
- Demo rewritten with 5 realistic sample notes and a narrative arc (search, decisions, handoff recall) — transitions into init with a single prompt
- Init onboarding redesigned: detects project language, AI tools, and git state; adds teaching moments during directory creation; suggests seed vaults based on project type
install.shmessaging updated to honestly communicate Ollama's role in semantic search- Output consistency polish: standardized checkmarks, hint capitalization, footer formatting
- README overhauled: conversion-focused, 270 lines, collapsible reference sections
- Search results now factor in access frequency (subtle log-scaled boost)
- Schema migration v8: adds
suppressedcolumn to vault_notes - All search paths filter suppressed notes by default
- Batch embedding requests: Ollama switched from
/api/embeddingsto/api/embed, OpenAI batching added — 50 chunks per request instead of 1 - SQLite pragmas: 64 MB page cache, 256 MB mmap, temp_store in memory
- Covering index added for incremental reindex hash comparison
- ReindexLite parallelized with 4-worker goroutine pool (was sequential)
- Windows build failure (
Setpgidis Unix-only) — background web process attributes now resolve via platform-specific helpers so Windows cross-compiles no longer fail - Graph extraction junk decision nodes from code blocks — decision extraction now ignores fenced code block content to avoid shell/example noise
- Graph extraction treating URLs as local files — URL-like references are filtered out from file-node extraction
- Graph extraction placeholder/template path nodes — placeholder and template-style paths are excluded so graph nodes reflect real vault references
- Cross-compile CI check for Windows and Linux — CI now runs
GOOS={windows,linux} GOARCH=amd64 CGO_ENABLED=0 go build ./cmd/sameon every push/PR - Linux CI test runner — CI now executes
go test ./... -count=1onubuntu-latestwithCGO_ENABLED=1
- Graph LLM extraction policy controls — new
SAME_GRAPH_LLM=off|local-only|onsetting gates optional LLM-based graph enrichment during reindex (offby default,local-onlyfor localhost-only chat endpoints) - Manual CI release gate (
Release Candidateworkflow) — maintainers can now run baseline release checks (and optional full provider matrix) on demand via GitHub Actions workflow dispatch - Verified self-update downloads —
same updatenow requiressha256sums.txtfrom releases and verifies the downloaded binary checksum before install piadvanced profile preset (same profile use pi) — tuned memory retrieval thresholds for Raspberry Pi / low-resource setups, with CLI guidance for lightweight embedding choices- Provider-agnostic chat routing for
same ask+ graph LLM extraction — newSAME_CHAT_*controls supportauto,ollama,openai, andopenai-compatibleproviders with optional fallback queues - Knowledge graph command group (
same graph) — new CLI for graph traversal and diagnostics:same graph stats— node/edge counts by type and relationshipsame graph query— depth-limited recursive traversal from a start nodesame graph path— shortest path between two nodessame graph rebuild— clear and fully rebuild graph links from indexed notes (references/decisions/agents)
- Schema migration v6 (
graph_nodes,graph_edges) — graph tables are now first-class in the versioned migration pipeline - Incremental graph sync test coverage — added regression coverage for graph cleanup on note delete/force clear and lite single-file updates
- Web graph APIs (
/api/graph/stats,/api/graph/connections/{path}) — dashboard can now read graph density/relationship stats and fetch per-note traversal paths with input validation + private-path filtering - Web dashboard graph UX — added a graph highlights section (nodes, edges, avg degree, top relationship types) and a note-level “Knowledge Connections” panel that renders relationship-labeled paths
- Tutorial graph lesson (
same tutorial graph) — onboarding now includes a hands-on relationship traversal lesson showing how links become graph paths - Example configuration files — added
examples/reference configs for Ollama, OpenAI, OpenAI-compatible, keyword-only, and Raspberry Pi setups, plus MCP integration examples for Claude Code and Cursor - Shell completion command (
same completion) — added CLI generation for bash, zsh, and fish completion scripts via Cobra's completion support - Docker support artifacts — added multi-stage Dockerfile,
.dockerignore, anddocs/docker.mdusage guide (keyword-only by default with optional external Ollama) make linttarget +.golangci.yml— added project lint configuration and Makefile integration forerrcheck,govet,staticcheck,misspell,goimports, and related checks- Man page generation (
same gendocs) — added hidden CLI command +make mantarget to generate man pages from the Cobra command tree
- Provider-neutral diagnostics and status UX —
same status/same doctornow report embedding/chat/graph runtime state acrossollama,openai,openai-compatible, andnonemodes instead of Ollama-only assumptions same watchrename/delete consistency — watcher now removes stale indexed paths on file rename, cleans up entries when files vanish before debounce flush, and rejects out-of-vault relative-path escapessame init --providerinput validation — invalid provider names now fail fast with a clear error instead of falling into confusing runtime fallback paths- Seed manifest/cache parity checks — cached manifests now enforce the same seed name/path validation as fresh downloads (including rejection of embedded
./..traversal segments), preventing trust gaps when falling back to local cache same seed removeconsistency safeguards — destructive path checks now run before registry mutation, root seed-dir deletion is explicitly refused, and delete failures trigger best-effort registry rollbacksame seed install --forcepath safeguards — install now refuses dangerous destinations (filesystem root, home directory, or seed root parent), preventing accidental high-impact deletes on forced reinstall- Seed extraction path normalization — tar extraction now normalizes leading
./manifest seed paths (compatibility with normalized relative paths) and surfaces directory-creation failures instead of silently skipping them - Seed extraction declared-size enforcement — extraction now rejects payloads larger than a tar entry’s declared size and propagates file close/write failures explicitly
- Seed extraction containment checks — archive extraction boundary validation now uses path-relative containment checks to avoid prefix-confusion edge cases
- Vault feed containment checks — source/destination path enforcement now uses
filepath.Rel-based boundary checks instead of raw prefix matching for safer cross-platform behavior - Vault subpath guard strictness —
SafeVaultSubpathnow rejects absolute subpath inputs and uses boundary-safe containment checks before writing handoff/decision files - Guard allowlist path matching — file allowlist entries now require exact path matches (no basename-only fallback), preventing nested-file bypasses like
docs/README.md - MCP hidden-path write guard —
safeVaultPathnow rejects dot-prefixed segments anywhere in the path (for examplenotes/.hidden/file.md), not only at root level - MCP path containment checks —
safeVaultPathnow usesfilepath.Rel-based vault-boundary checks for absolute/symlink containment instead of separator prefix matching - Web API path validation parity — note/related/graph connection endpoints now share a single path safety guard that rejects traversal, hidden-dot segments, and Windows drive-prefix absolute paths
- Filesystem write error handling — config saves, registry writes, MCP note/decision appends, handoff + decision-log generation, init
.gitignoreupdates, tutorial/demo setup cleanup, seed config path rewrites/install rollback cleanup, verbose-log rotation/appends, and index stats persistence now handle write/cleanup failures explicitly instead of silently ignoring them - Self-update cleanup hardening —
same updatenow surfaces temp-file cleanup failures explicitly and validates Windows backup-path cleanup before binary replacement - Web JSON response diagnostics — dashboard API JSON encode failures now emit explicit server-side warnings instead of failing silently
- Init lock fallback diagnostics —
same initnow warns when lock enforcement is bypassed due lockfile/permission failures, instead of failing silently - Seed manifest cache write diagnostics — cache directory/file write failures are now surfaced as explicit warnings instead of being silently ignored after successful manifest fetches
- Budget report export reliability —
SaveBudgetReportnow fails clearly when report directories cannot be created, with regression coverage for parent-path failure - Vault registry lock cleanup hardening — config lock handling now surfaces stale-lock removal and cleanup failures instead of silently swallowing them
- Init lock stale-recovery hardening — stale init lock removal failures now return explicit errors, and lockfile cleanup paths now warn on removal failures
- Graph consistency on deletes and force-clear — deleting notes now removes related graph nodes/edges and prunes orphan non-note graph nodes; force-clear now resets graph tables as well
- Graph freshness during
same watch— watcher now updates graph data in both semantic and keyword-only (provider = "none") modes - Keyword-only reindex UX —
same reindexnow reliably falls back to lite mode when embeddings are disabled (provider = "none"), with clear next-step messaging - Semantic reindex resilience — when embedding calls fail for every file (e.g., Ollama unavailable),
same reindexnow auto-falls back to lite indexing instead of finishing with an empty index - Reindex fast-fail preflight —
same reindexnow probes embedding availability once before full-file processing, reducing noisy per-file embed failures when the provider is down --vaultprecedence — CLI--vaultnow correctly overrides env/config vault paths, preventing accidental indexing/querying of the wrong vault- Graph path lookup ergonomics —
same graph pathnow resolves note/file type mismatches (for paths that exist as file nodes but were requested as note nodes, and vice versa) - Graph query readability —
same graph querynow reconstructs full edge sequences so output shows relationship-labeled paths, not node-only chains - Markdown cross-note linking —
.mdreferences now map to note nodes, enabling direct note-to-note traversal (for example,notes/a.md -> notes/b.md) - Graph reference-path normalization — extraction now rejects absolute/external-style path references (for example,
Users/...,/...,.windsurf/worktrees) to reduce noisy out-of-vault graph nodes - Precheck scope clarity —
make prechecknow labels its blocklist scan as repo-scope release hygiene and explicitly notes what it does not cover (user vaults, full history, forks, mirrors);make precheck-fulladds an all-tracked-files blocklist sweep - Config validation hardening —
top_kis clamped to [1, 100],thresholdis clamped to [0.0, 1.0], andopenai-compatiblenow warns whenbase_urlis missing - Lint fixes — resolved unused variables, import ordering, misspellings, and unchecked error returns flagged by golangci-lint across CLI/internal packages
- Flaky seed cache test isolation — fixed
TestSeedCmd_ListNoNetworkto avoid cross-test proxy environment caching issues
- README: Web dashboard section — added dedicated
same webusage examples and a dashboard capability summary - README: Docker install option — added Docker build/run examples and linked
docs/docker.md - README: shell completion setup — added bash, zsh, and fish completion instructions
- README: CLI reference updates — added
same webandsame completionentries - README: comparison table update — added a web dashboard row to SAME vs. alternatives
- CLI test coverage expansion — added command-level tests for
search,doctor,index,completion,web,pin,feedback,log,model,seed,repair,display,hooks, andmcp
- No privacy boundary changes — graph extraction still operates only on indexed notes;
_PRIVATE/remains excluded because it is never indexed
Fixes keyword-only search (the biggest issue for no-Ollama environments), adds linux-arm64 pre-built binaries, and adds provider = "none" for permanent keyword-only mode.
- BUG-035: Hardened prompt injection sanitization —
sanitizeContextTags(hooks) andneutralizeTags(MCP) now neutralize LLM-specific injection delimiters: Llama/Mistral[INST]/[/INST],<<SYS>>/<</SYS>>, and XML<![CDATA[sequences. Previously only XML-like structural tags were sanitized - Fixed case-insensitive tag matching for
IMPORTANT— theIMPORTANTtag was listed in uppercase but compared against lowercased text, so<IMPORTANT>injection payloads were not neutralized. Now correctly matched case-insensitively - MCP
get_notenow sanitizes output — previously returned raw note content to agents without neutralizing XML-like tags, allowing stored prompt injection via crafted notes. Now appliesneutralizeTagsbefore returning content - MCP
get_session_contextnow sanitizes pinned notes and handoff text — pinned note text and latest handoff text were returned unsanitized, allowing injection via crafted pinned/handoff content - MCP
recent_activitynow filters_PRIVATE/paths — defense-in-depth gap: recent notes listing did not filter private paths at the application level - Guard: added GitHub token (
ghp_/ghs_) and Slack token (xoxb-/xoxp-) PII patterns — pre-commit scanner now detects these common credential types - Comprehensive security test suite — added dedicated security tests for injection sanitization, plugin validation, MCP input validation (agent normalization, rate limiting, tag neutralization), web dashboard middleware (localhost-only, security headers, private path filtering), path traversal prevention, claims path normalization, search term sanitization, and guard pattern detection
- Keyword-only search works in
same searchandsame ask— added LIKE-based keyword fallback when FTS5 is unavailable. Previously, keyword-only mode indexed notes successfully but search returned "No search index available". The CLI now matches the web dashboard's 3-tier fallback chain: vector → FTS5 → LIKE-based keyword - Context surfacing hooks work in keyword-only mode — the user-prompt hook previously early-returned when no embedding provider was available, showing a diagnostic instead of searching. Now falls through to keyword search (FTS5 → LIKE), so context surfacing works without Ollama
same doctorno longer gives false positive for keyword search — the "Finding relevant notes" check now actually tests keyword search instead of just counting notessame doctorno longer cascades errors when vault path is wrong — if vault path fails, database-dependent checks show "skipped" instead of cascading into confusing "permission denied" errors. Summary box shows actionableVAULT_PATHguidancefind_similar_notesgives clear message in keyword-only mode — instead of a confusing "not in index" error, explains that similar notes requires semantic search- Config persists active provider —
same initnow writes the actual embedding provider to config (e.g.,provider = "none") instead of always writingprovider = "ollama" - MCP and hooks portability —
.mcp.jsonand.claude/settings.jsonnow usesamefrom PATH instead of hardcoded absolute binary paths. Existing users: runsame setup mcpandsame setup hooksto update for cross-machine portability - Search no-results guidance —
same searchnow suggests--allflag when no results found. Federated search suggestssame reindex same --versionflag —same --versionnow works (previously onlysame versionworked)- Ollama error classification — connection errors now classified by root cause:
connection_refused(not running),permission_denied(sandbox policy),timeout(model loading),dns_failure. Doctor, hooks, and retry logs all show classified reasons instead of generic "request failed" - Doctor: Ollama skip reason — when Ollama is unavailable, doctor shows why (e.g., "permission denied — localhost may be blocked by sandbox/runtime policy") instead of just "skipped (lite mode)"
- Doctor: reindex upgrade prompt — when Ollama is running but index is keyword-only, doctor prompts to run
same reindexto enable semantic search - Permission-denied errors not retried — sandbox EACCES/EPERM errors now fast-fail instead of retrying 3 times with exponential backoff
- NULL
agentscan regressions — search, note listing, pinned-note reads, andsame doctorkeyword checks now safely handle legacy rows whereagentisNULL
provider = "none"for keyword-only mode — explicit opt-out of embeddings. UseSAME_EMBED_PROVIDER=none,--provider none, or setprovider = "none"in config. Skips Ollama check entirely during init- linux-arm64 pre-built binary — CI now builds for ARM Linux (Codespaces, OrbStack, Raspberry Pi, AWS Graviton). No more building from source on
aarch64 same reindex --verbose— shows each file being processed during reindex, matching thesame init -vflag- Doctor: portability checks — detects hardcoded absolute binary paths in
.mcp.jsonand.claude/settings.json, suggestssame setup mcp/same setup hooksto fix - Seed install
--allhint — success message now showssame search --allas a next step for cross-vault search same claimcommand group — advisory read/write file claims for multi-agent coordination:same claim <file> --agent <name>same claim --read <file> --agent <name>same claim --listsame claim --release <file> [--agent <name>]
- MCP session context git awareness —
get_session_contextnow includes branch, recent commits, dirty files, and untracked files when available - Agent attribution on MCP writes —
save_note,save_decision, andcreate_handoffnow accept optionalagentand persist it in note frontmatter/index metadata - Agent-aware MCP filtering —
search_notes_filterednow supports filtering byagent - Web dashboard agent badges — note cards and note viewer now display
@agentattribution when present - Dashboard polish pass — improved responsive breakpoints, keyboard search navigation (
/,Esc, arrows, Enter), loading skeletons, friendlier empty/error states, print stylesheet, ARIA/focus improvements, and snippet term highlighting same vault rename— rename a vault alias without re-registering. Updates the vault registry in-place
Comprehensive upgrade to session handoffs based on real-world user feedback. Richer auto-generated handoffs, better session continuity, bug reporting infrastructure, and UX polish.
- Rich auto-handoffs — now extract decision titles (from
save_decisioncalls), notes created (fromsave_notecalls), tool usage breakdown, user/assistant message split, and word-boundary truncation for topics - Forward-looking context — auto-handoffs now include a "Next steps" section extracted from the last assistant messages
- Bootstrap parser — includes ALL sections from handoff files instead of silently dropping unknown ones. Known sections are prioritized, unknown sections appended in original order
- Placeholder filtering — bootstrap strips sections containing only
(see ...),(review ...), or(none)placeholder text - Configurable handoff age —
hooks.handoff_max_age_daysin config.toml (default: 2 days). Controls how far back SAME looks for handoff notes at session start - Clearer session loading message — stderr now shows
"← previous session loaded"instead of the confusing"↩ recovered previous session" - File truncation indicator — when more than 20 files are changed, handoff shows
"...and N more"instead of silent truncation - Large note warnings — reindex warns when notes exceed 30KB, which can reduce search quality
- App attribution headers — openai-compatible provider now sends
X-TitleandHTTP-Refererheaders for OpenRouter compatibility --providerflag for init —same init --provider openai-compatibleskips Ollama check and uses the specified embedding provider- Standardized handoff filenames — MCP
create_handoffnow uses the same date-based naming convention as auto-handoffs - Interactive seed selection during init — users with existing notes now see the full seed catalog with an option to install one directly, instead of a dim tip line
- Embedding model chooser during init — shows available models (nomic, snowflake, mxbai, etc.) and lets users pick before indexing
- Styled
reindexandstatsoutput — human-friendly formatted output instead of raw JSON dumps - Grouped help commands — all commands now organized into groups in
--helpoutput (no more loose ungrouped commands) - Readable search scores — verbose mode shows
Relevance: 87%instead ofScore: 0.873 - Complete MCP tool list —
same setup mcpnow shows all 12 tools includingsearch_across_vaults
- Web dashboard —
same weblaunches a local read-only dashboard at127.0.0.1:4078. Browse notes, search semantically, view vault composition, read decisions and handoffs, see related notes. Single embedded HTML file, no external dependencies. Localhost-only with security headers (CSP, X-Frame-Options DENY, DNS rebinding protection). Works without Ollama (keyword fallback).--portand--openflags available - Dashboard insights — contextual tips based on vault state: index staleness warnings, search mode guidance, seed install suggestions, content type coaching, pinned notes tips
- Bug reporting — "Report a Bug" link in README and npm package, GitHub issue templates (bug report + feature request),
same doctorshows issues URL when checks fail, MCPindex_statsdescription guides agents tosame doctorand GitHub Issues - Stop hook message control — handoff creation message shows once per session; subsequent updates are silent
- npm-publish CI — release workflow now checks if version already exists before publishing, preventing false failures on re-runs
Critical fix for Claude Code v2 transcript format. Stop hooks (decision extractor, handoff generator, feedback loop) were silently returning empty results because the transcript parser expected flat JSON but Claude Code v2 nests messages in a {"type":"...","message":{...}} envelope.
- Transcript parser for Claude Code v2 format —
processEntry()now unwraps nestedmessageenvelopes and falls back to the top-leveltypefield as a role identifier. Stop hooks (decision extractor, handoff generator, feedback loop) now correctly parse transcripts from Claude Code v2.x. - HookInput JSON tag mismatch —
session_idandhook_event_namefields now use snake_case JSON tags matching Claude Code's actual input format. Previously used camelCase which caused silent deserialization failures. - Windows binary detection —
detectBinaryPath()now appends.exeon Windows, checks%LOCALAPPDATA%\Programs\SAME\, and quotes paths with spaces on all platforms (not just Windows). - Cross-platform path handling — handoff note paths use
filepath.Joininstead of string concatenation. Tilde expansion handles both~/and~\for Windows. - Scanner error handling — transcript parser now checks
scanner.Err()after reading, reporting partial data on I/O errors instead of silently truncating. - Provider-agnostic error messages — embedding failure message now says "check 'same doctor'" instead of hardcoding Ollama-specific instructions. Works correctly for OpenAI and llama.cpp users.
- Doctor suggestion text — "run 'same init'" corrected to "run 'same setup hooks'" for missing hooks.
- MCP setup prompt — "Connect to Cursor/Windsurf?" changed to "Set up MCP server for AI tools?" to avoid confusing Claude Code users.
- Internal commands hidden —
hook,migrate,budget,plugin,push-allowno longer appear insame --help. Still accessible for debugging. - Seed tab completion —
same seed install,same seed info, andsame seed removenow offer tab-completable seed names. - Cleaner CLI output —
SilenceErrorsandSilenceUsageprevent cobra from dumping usage text on errors. Seed install indexing messages simplified. - Corrected documentation — README, CHANGELOG, and AGENTS.md updated with accurate seed counts (10 seeds, 612+ notes) and diagnostic check counts (19).
One-command install of pre-built knowledge vaults. same seed install claude-code-power-user downloads, extracts, indexes, and registers a seed vault — ready to search in seconds.
same seedcommand group — browse and install pre-built knowledge vaults:same seed list— show available seeds with note counts and descriptions. Flags:--refresh,--jsonsame seed install <name>— download, extract, index, and register a seed vault. Flags:--path,--force,--no-indexsame seed info <name>— show detailed seed metadata (audience, tags, requirements)same seed remove <name>— uninstall a seed vault. Flags:--yes,--keep-files
- 10 official seed vaults — Claude Code Power User, AI Agent Architecture, Personal Productivity OS, Security Audit Framework, DevOps Runbooks, Indie Hacker Playbook, Open Source Launch Kit, Freelancer Business Kit, Home Chef Essentials, Fitness & Wellness. Browse at github.com/sgx-labs/seed-vaults
- Seed manifest registry —
seeds.jsonhosted in seed-vaults repo with schema versioning, 1-hour client-side cache, stale-cache fallback on network errors same modelcommand — show current embedding model and switch between models withsame model use <name>. Lists all 10 supported models with dimensions and descriptions. Warns about reindex after switching.- Automatic lite mode fallback — seed install falls back to keyword-only indexing when Ollama isn't available
- Version compatibility check — seeds declare
min_same_version; install rejects incompatible seeds with upgrade guidance
- Tarball extraction hardening — path traversal prevention (null bytes,
../, absolute paths, hidden files), symlink + hardlink rejection, file extension allowlist (.md,.toml,.json,.txt,.yml,.yaml,.example,.gitkeep), per-file 10MB size limit, 500 file count limit, 50MB total tarball limit, final containment check afterfilepath.Join - Manifest validation —
io.LimitReaderon HTTP response (1MB max), schema version check, seed name validation (lowercase alphanumeric + hyphens only) - Install safety — atomic cleanup on failure (partial install removed),
--forcerequired to overwrite,seed removeonly deletes under~/same-seeds/(safety boundary), vault registration uses existing lockfile pattern - Seed name validation — lowercase alphanumeric with hyphens, 64-char max, no leading/trailing hyphens
- OpenAI-compatible embedding provider — SAME now supports any server that exposes the OpenAI-compatible
/v1/embeddingsendpoint. Useprovider = "openai-compatible"with llama.cpp, VLLM, LM Studio, or any other compatible inference engine. API key is optional for local servers. Configure via[embedding]in config orSAME_EMBED_PROVIDER/SAME_EMBED_BASE_URL/SAME_EMBED_MODELenvironment variables. - Non-localhost security warning — when using an OpenAI-compatible provider with a remote base URL, SAME prints a warning that embedding requests will leave your machine. Local servers (localhost, 127.0.0.1, ::1) are silent.
--hooks-onlyflag for init —same init --hooks-onlyskips MCP setup for Claude Code-only workflows (mirrors existing--mcp-onlyfor Cursor/Windsurf).- Expanded embedding model support — auto-detected dimensions for 5 new models:
snowflake-arctic-embed2(1024),embeddinggemma(768),qwen3-embedding(1024),nomic-embed-text-v2-moe(768),bge-m3(1024). All recognized in dimension defaults and embedding-only model filter. - Provider-aware onboarding —
same initdetectsopenai/openai-compatibleproviders and skips the Ollama connectivity check, showing provider/model/endpoint info instead. - Pre-release verification gate —
make precheckruns 9 automated checks (version consistency, build, tests, PII scan, git identity, JSON validation, CLI smoke test).
- Unknown config keys now warn — unrecognized keys in
config.tomlprint a warning with suggestions (e.g.exclude_paths→skip_dirs). Previously unknown keys were silently ignored. - Welcome notes skip existing vaults —
same initno longer createswelcome/in vaults that already have markdown files. Governed vaults with existing structure are left untouched. SAME_EMBED_BASE_URLmissing fromLoadConfig()— the env var was handled inEmbeddingProviderConfig()but not in the config-file loader, causing inconsistency when both paths were used.OPENAI_API_KEYfallback foropenai-compatible—LoadConfig()now checks the env var for bothopenaiandopenai-compatibleproviders.BaseURLnot passed to embedding provider —indexer.goandinit.gonow pass the configuredBaseURLwhen constructing embedding providers, fixing silent failures when usingopenai-compatiblewith a custom endpoint.
- CLI help grouping —
same --helpnow organizes commands into 6 logical groups: Getting Started, Search & Discovery, Knowledge Management, Diagnostics, Configuration, and Advanced. Makes it easy to find what you need. - Doctor lite mode —
same doctorno longer fails when Ollama isn't running. Embedding-dependent checks show "skipped (lite mode)" instead of red failures, and the summary shows "SAME is running in lite mode (keyword search). Install Ollama for semantic search." - Readable search scores — search results show human labels ("Excellent match", "Strong match", "Good match", "Weak match") instead of raw percentages.
- MCP tool list on setup —
same initandsame setup mcpnow print all 12 available MCP tools with descriptions after registering the server.
- Token budget starvation — context surfacing now continues scanning past oversized notes instead of stopping. If a large note doesn't fit in the remaining token budget, smaller high-relevance notes behind it can still be included.
- Config clobber during init —
SetDisplayMode()andSetProfile()now load from the target vault's config file instead of auto-detecting. Previously, when CWD != vaultPath, they would fall back toDefaultConfig()and overwrite the just-written config with empty/default values. - DefaultConfig embedding model —
DefaultConfig().Embedding.Modelnow returns"nomic-embed-text"instead of empty string, preventing broken config files when the default is serialized. - Onboarding "1" input —
confirm()now accepts"1"as yes, matching the mental model users have after the numbered experience-level prompt (1/2). [ollama].modelfallback — users who set a custom model in[ollama]without an[embedding]section now get their override applied correctly.neutralizeTagsdead variable — removed unusedlowervariable in MCP server tag sanitization.
- CLI descriptions polished —
bench,config,guard,vault, andwatchcommands rewritten for plain-language audience ("Test how fast search is" instead of "Run search performance benchmarks"). - Hook error messages — 8 user-facing error messages improved: consistent
same:prefix, no leaked internal errors, actionable hints pointing tosame doctororsame init. - Glama MCP badge — added to README for MCP directory visibility.
- Session-bootstrap hook not wired —
same initnow installs all 6 hooks includingsession-bootstrap. Previously only 5 of 6 were configured, so session orientation context was never delivered on SessionStart. - Wrong vault when CWD is a vault — vault resolution now checks CWD for vault markers before falling back to the registry default. If you're standing in a vault directory, that vault is used regardless of what the registry default is.
same initdidn't set default vault — runningsame initin a new directory now always sets that vault as the registry default, not just on first-ever init.same statusvault display unclear — vault section now shows the active vault prominently with its resolution source (auto-detected from cwd, registry default, --vault flag). Registered vaults list uses→for active and*for default, sorted alphabetically. JSON output now includes all 6 hooks.
Search across all your vaults from one place. Manage multiple vaults from the CLI. Propagate notes between vaults with privacy guards.
- Federated search —
same search --allsearches every registered vault in one query.same search --vaults work,personalsearches specific vaults. Results merged by score with graceful degradation (semantic → FTS5 → keyword per vault). 50-vault limit. - MCP:
search_across_vaults— federated search tool for any MCP client. Brings the total to 12 MCP tools. same vaultcommand group —same vault list,same vault add <alias> <path>,same vault remove <alias>,same vault default <alias>for managing the vault registry (~/.config/same/vaults.json).same vault feed— one-way note propagation between vaults. Copy notes from a source vault into the current vault'sfed/<alias>/directory. Includes PII guard (scans for email/phone/SSN patterns), symlink rejection, 10MB file size limit, self-feed prevention, and--dry-runmode.store.AllNotes()— returns all chunk_id=0 notes excluding_PRIVATE/, ordered by modified date.- 20 new tests —
sanitizeAlias(14 cases),safeFeedPath(19 cases),FederatedSearch(empty query, too many vaults, private note exclusion, mixed vault health, graceful skip). - Progressive feature discovery — CLI teaches new capabilities at the moment they become relevant.
vault addhints about--allwhen 2+ vaults registered.searchhints aboutsame related.reindexhints aboutsame watch.statusshows available vaults andsame askwhen a chat model is detected.doctorvalidates vault registry health (18 checks total). - Pinned notes in session bootstrap — pinned notes now survive context compaction. Previously only surfaced during per-prompt context, pinned notes are now included at session start (Priority 1, 2000-char budget) so your AI always has your most important context.
- Vault registry Save() merge bug —
same vault removesilently failed because Save() re-read the registry from disk and merged back deleted entries. Removed merge logic so removes take effect immediately. - MCP works without Ollama — MCP server now starts and serves search results even when Ollama is unavailable. Search falls back gracefully: HybridSearch → FTS5 → keyword. Previously,
npx @sgx-labs/same mcprefused to start without Ollama, breaking MCP client setups. - MCP create_handoff overwrite — multiple handoffs on the same day no longer overwrite each other; uses minute-level timestamps for uniqueness.
- MCP registry manifests —
server.jsonupdated to official MCP registry schema ($schema,isRequired,registryBaseUrl).smithery.yamlusesnpx -yinstead of baresame. npmpackage.jsonaddsmcpNamefor registry auto-discovery. - Hook output format — Stop and SessionStart events now use
systemMessagefor correct Claude Code rendering. - URL corrections — all references to ollama.ai updated to ollama.com across install scripts, CLI, and tutorial. Discord invite links synced across all files.
same statushook display — now shows all 6 hooks instead of 4.
- Brand refresh — ASCII banner updated from 12-line "STATELESS AGENT" red gradient to compact "SAME" blue gradient with "Stateless Agent Memory Engine" subtitle. Updated across CLI, install.sh, and install.ps1.
- CLI decomposed —
cmd/same/main.gosplit into 18 focused files:search_cmd.go,vault_cmd.go,ask_cmd.go,status_cmd.go,doctor_cmd.go,display_cmd.go,demo_cmd.go,tutorial_cmd.go, and more. Main.go now handles only command registration. - Hooks decomposed —
context_surfacing.gosplit intosearch_strategies.go,term_extraction.go,text_processing.go,verbose_logging.go. - Test coverage expanded — new test suites for hooks runner, session recovery, session bootstrap, instance registry, indexer, memory, setup, MCP handlers, and store edge cases.
- AGENTS.md — contributor guide for AI coding agents.
- MCP server hardening (15 fixes) — query length limits (10K chars), file size guard on
get_note(1MB), write rate limiting (30 ops/min sliding window), snippet sanitization neutralizes 12 prompt-injection tag patterns before returning results to AI clients.save_decisionandcreate_handoffuseIndexSingleFileinstead of full reindex to prevent DoS. Decision titles sanitized. Append-mode provenance tracking. Federated search resolves aliases from registry map directly. - MCP tool annotations — all 12 tools declare
readOnlyHint,destructiveHint, andidempotentHintper the MCP 2025-06-18 spec. Helps MCP clients enforce least-privilege. - Defense-in-depth
_PRIVATE/filtering — case-insensitiveUPPER(path) NOT LIKEadded toVectorSearch,VectorSearchRaw, andContentTermSearchSQL queries. Pinned notes skip_PRIVATE/paths. Hooks use case-insensitiveisPrivatePath(). - SQL LIKE injection prevention —
escapeLIKE()helper escapes%,_, and\in user-supplied search terms acrossKeywordSearchandContentTermSearch. - Expanded tag sanitization — context injection now neutralizes 12 tag types (added
system-reminder,system,instructions,tool_result,tool_use,IMPORTANT) to block stored prompt injection. - Vault feed hardening —
sanitizeAlias()strips path separators, traversal characters, and null bytes.safeFeedPath()blocks absolute paths, traversal, private/hidden directories, and null bytes. Federated search error messages use aliases only (no raw filesystem paths). - Self-closing tag injection —
neutralizeTags()(MCP) andsanitizeContextTags()(hooks) now neutralize self-closing tags (<tag/>) and tags with attributes (<tag attr="...">), closing prompt injection vectors. - Bootstrap context injection — session bootstrap output is now sanitized before wrapping in
<session-bootstrap>tags, preventing stored prompt injection via crafted handoff/decision content. - LIKE injection in title search —
KeywordSearchTitleMatchnow usesescapeLIKE()to prevent SQL wildcard injection via%and_characters.
Security hardening, crash recovery, search improvements, UX polish, and every hook now proves it's working.
- SessionStart crash recovery — 3-tier priority cascade recovers context even when terminal is closed without Stop firing: handoff (full, completeness 1.0) → instance registry (partial, 0.4) → session index (minimal, 0.3). Schema v3 adds
session_recoverytable for telemetry. - Hook status lines — every hook now prints a one-line receipt to stderr: session recovery source, decisions extracted, handoffs saved, stale notes flagged, referenced notes boosted.
same display quietsilences all output. - HybridSearch for MCP and CLI —
search_notes,search_notes_filtered, andsame searchnow use HybridSearch (semantic + keyword + fuzzy title) instead of raw VectorSearch. Better results for partial matches and typos. - Command groups —
same --helporganizes commands into 5 groups: Essential, Search & Browse, Configuration, Advanced, Other same hooks— new command showing all 6 hooks with name, event, status, and description--jsonflag —same status --jsonandsame doctor --jsonfor machine-readable output- Star ratings — search results show
★★★★☆ 85%instead of raw scores.--verbosefor raw numbers. - 98 new tests — security (plugin injection, path traversal, symlinks), edge cases (empty inputs, large inputs, concurrent access), store operations
- NPM distribution —
npx @sgx-labs/same mcp --vault /pathfor MCP clients. Zero-dependency wrapper downloads prebuilt binary from GitHub Releases at install time. Release workflow auto-publishes to npm on tag push.
22 vulnerabilities fixed (3 critical, 8 high, 11 medium):
- CRITICAL: Plugin command injection —
validatePlugin()with shell metachar regex, path traversal block, exec permission check - CRITICAL: Hard-coded vec0 768 dims —
EmbeddingDim()now dynamic per provider/model - CRITICAL: OpenAI gets Ollama URL — conditional BaseURL, only set for Ollama provider
- HIGH: SSRF in init — localhost validation (127.0.0.1/::1/localhost) before HTTP
- HIGH: Symlink escape —
EvalSymlinks()+ ancestor walk in safeVaultPath and config - HIGH: Settings destruction — return error on malformed JSON instead of silent overwrite
- HIGH: Embedding mismatch — use resolved model name in SetEmbeddingMeta
- HIGH: PII via os.Hostname() — SHA-256 hash →
machine-a1b2c3d4format - FTS5 query injection —
sanitizeFTS5Term()strips*,^,-,"and other operators - Case-insensitive
_PRIVATE/—UPPER(n.path) NOT LIKEacross all SQL queries - JSON error sanitization — vault paths → directory name only, no raw hostnames in errors
- File permissions — all MCP/config writes to 0o600
- Embedding pipeline — OpenAI provider URL, retry logic, all-zero vector detection, API key leak prevention, dimension validation
- Search quality — absolute+relative scoring blend, per-note token cap (400), FTS5 OR instead of AND, composite indexes for common queries
same scope→same status— referenced non-existent command- Indexer double-read — eliminated redundant file reads during indexing
- IncrementAccessCount — batch update instead of per-path
- README rewritten — pain-first opening, architecture diagram, feature matrix, comparison table, updated benchmarks
- Schema v3 — adds
session_recoverytable; auto-migrates from v2 - MCP tool list updated — setup now shows all 11 tools with accurate descriptions
Self-diagnosing retrieval, pinned notes, keyword fallback, vault privacy structure, RAG chat, interactive demo, write-side MCP tools, security hardening, and a full polish pass.
- Write-side MCP tools — 5 new MCP tools bring the total to 11. Your AI can now save notes, log decisions, and create session handoffs — not just read:
save_note— create or update markdown notes (auto-indexed, dot-dir protected, 100KB limit)save_decision— log structured decisions with status and datecreate_handoff— session handoffs with summary, pending items, and blockersget_session_context— one-call orientation: pinned notes + latest handoff + recent activity + statsrecent_activity— recently modified notes (clamped to 50)
same ask— ask questions, get answers FROM your notes with source citations. Uses a local Ollama LLM to synthesize answers from semantically relevant notes. Auto-detects the best available chat model. 100% local, no cloud APIs. Example:same ask "what did we decide about authentication?"same demo— interactive demo that creates a temporary vault with 6 realistic sample notes, indexes them, runs search, and showcasessame ask. Works without Ollama (keyword-only mode).same tutorial— modular learn-by-doing system with 6 lessons: semantic search, decisions, pinning, privacy tiers, RAG chat, and session handoffs. Run all lessons (same tutorial) or jump to any topic (same tutorial search,same tutorial pin). Creates real notes and runs real commands — you learn the CLI by using it.- SAME Lite (keyword-only mode) — SAME now works without Ollama. When Ollama is unavailable,
same initoffers keyword-only mode using SQLite FTS5. All features work — search, ask, demo, tutorial — with keyword matching instead of semantic search. Install Ollama later andsame reindexupgrades to full semantic mode. Zero dependencies beyond the binary. - Project-aware init —
same initnow detects existing project documentation (README.md, docs/, ARCHITECTURE.md, CLAUDE.md, .cursorrules, ADR/) and offers to index them. Zero new notes required — your project already has context. same pin— pin important notes so they're always included in every session:same pin path/to/note.md,same pin list,same pin remove path/to/note.md. Pinned notes inject with maximum priority regardless of query.same repair— one-command database recovery: backs upsame.db, force-rebuilds the index, and confirms. The go-to command when something breaks.same feedback— manual thumbs-up/down for notes:same feedback "path" upboosts retrieval confidence;same feedback "path" downpenalizes. Supports glob-style paths.- Vault seed structure —
same initnow creates a three-tier privacy directory structure:sessions/(handoffs),_PRIVATE/(never indexed, never committed), plus a.gitignoretemplate enforcing privacy boundaries - FTS5 keyword fallback — when Ollama is down or slow, context surfacing falls back to SQLite FTS5 full-text search instead of failing silently
- Doctor retrieval diagnostics — 8 new
same doctorchecks: embedding config mismatch, SQLite PRAGMA integrity, retrieval utilization rate, config file validity, hook installation, DB integrity, index freshness, log file size - Schema migration system —
schema_metatable with version-gated migrations;GetMeta()/SetMeta()for metadata storage; auto-migrates between schema versions - Embedding mismatch guard — detects when embedding provider/model/dimensions change without reindexing; surfaces clear guidance;
Providerinterface gainsModel()method - Hook execution timeout — 10-second timeout prevents hung Ollama from blocking prompts; returns
<same-diagnostic>on timeout - AI-facing diagnostics — when hooks fail (DB missing, Ollama down), the AI sees
<same-diagnostic>blocks with suggested user actions instead of silent failure - Ollama retry with backoff — 3 attempts with exponential backoff (0/2/4s) for 5xx and network errors
- Usage data pruning — records older than 90 days pruned during reindex
- Configurable noise filtering —
[vault] noise_pathsin config.toml orSAME_NOISE_PATHSenv var - MCP directory manifests —
server.json(official MCP registry),smithery.yaml(Smithery.ai) for directory submissions - GitHub Sponsors —
.github/FUNDING.ymlconfiguration - MCP server test coverage — 22 tests for
safeVaultPath,filterPrivatePaths,clampTopK, and helpers - 45+ new tests — store, search, indexer, config, and MCP packages
11 fixes from 6 rounds of pre-release security auditing:
- Dot-path blocking in MCP —
save_notecan no longer overwrite.same/config.toml,.git/,.gitignore - DB path PII fix —
index_statsreturnssame.dbnot the full filesystem path - MCP error sanitization — all MCP error messages changed to static strings; no internal paths leak to AI
find_similar_notespath validation — now validates throughsafeVaultPath- Write size limits — 100KB max on
save_decisionandcreate_handoffcontent <plugin-context>tag sanitization — opening tag now stripped (was only stripping closing tag)- Config file permissions — all config writes changed from 0o644 to 0o600 (5 occurrences)
- Backup file permissions —
same repairbackup changed to 0o600 - OLLAMA_URL scheme validation — blocks
file://,ftp://; onlyhttp/httpsallowed - Empty input validation —
same search,same ask,same feedbackreject empty input - Plugin timeout safety —
cmd.Processnil check before Kill()
- Replaced all panics with errors —
OllamaURL()andvalidateLocalhostOnly()now return errors instead of crashing - TOML
skip_dirsnow applied —LoadConfig()applies[vault] skip_dirsto the globalSkipDirsmap - Verbose log permissions — changed from 0o644 to 0o600 (owner-only)
- Noise path filter — uses
HasPrefixinstead ofContainsto prevent false matches
- Go 1.25 — standardized across go.mod, CI, release workflow, install scripts, README
- Schema version 2 — adds FTS5 virtual table for keyword fallback; auto-migrates from v1
- Context surfacing resilience — embedding failures trigger keyword fallback instead of returning errors
- CLI descriptions rewritten — all user-facing commands use outcome language (e.g. "Scan your notes and rebuild the search index" instead of "Index vault into SQLite")
- README restructured —
same demoabove the fold, MCP tools table promoted, numbers section, SAME Lite callout, eval methodology - MCP tool descriptions improved — all 11 tools with agent-oriented "when to use" guidance
- Error messages friendlier — "escapes vault boundary" → "outside your notes folder"; timeouts and connection failures include actionable guidance
- Box is now default display —
fullmode shows the cyan Unicode box automatically - Noise filtering off by default — add
noise_pathsto config if you want path-based filtering - Intel Mac install — install.sh uses ARM binary + Rosetta instead of non-existent darwin-amd64
Fixed critical Windows installation issues.
- PowerShell 5.1 compatibility — ANSI escape codes now work in Windows PowerShell (not just PS7)
- TLS 1.2 enforcement — Installer works on older Windows systems
- PATH works immediately — No need to restart terminal after install
- Better Ollama detection — Checks process and API, not just PATH
- Windows Defender guidance — Clear instructions when antivirus blocks the binary
- Unblock downloaded file — Removes "downloaded from internet" security flag
- PowerShell version display during install
- Corporate proxy detection hint in error messages
- Execution policy bypass instructions on website
- Windows added to site structured data (SEO)
Safety rails for multi-agent workflows.
- Push protection — Prevents accidental pushes to wrong repos when running multiple agent instances
same push-allow [repo]creates one-time push ticketsame guard settings set push-protect onenables with auto-hook installsame guard settings set push-timeout Nconfigures ticket expiry (10-300s)- Works across multiple Claude instances sharing same machine
- Visual feedback box — Unicode box output showing surfaced notes, match terms, and token counts
- CI setup for vibe coders —
same ci initcreates GitHub Actions workflow- Auto-detects project type (Go, Node, Python)
same ci explainteaches what CI is- Educational output guides users through next steps
- Context surfacing output uses the visual feedback box for
fullmode - Guard settings now show push protection status and hook installation state
One-command updates, no more curl.
same update— Check for and install the latest version from GitHub releases- Detects platform (darwin-arm64, linux-amd64, windows-amd64)
- Downloads correct binary
- Replaces itself atomically
--forceflag to reinstall even if on latest
- Handles dev builds gracefully (warns instead of failing)
- Version check now suggests
same updateinstead of curl command
Better first-run experience and vibe-coder friendly commands.
- Welcome notes — 3 example notes copied to
.same/welcome/during init, demonstrating recommended format and providing searchable onboarding content - Profile system —
same profile use precise|balanced|broadto adjust precision vs coverage tradeoffs, with token usage warnings - Display modes —
same display full|compact|quietto control output verbosity - Experience level question — Setup asks if you're new to coding or experienced, sets appropriate defaults
- Cloud sync warning — Detects Dropbox, iCloud, OneDrive, Google Drive and warns about database conflicts
- Large vault time estimates — Shows estimated indexing time for 500+ note vaults
- Dependency checks — Verifies Go 1.25+ and CGO with platform-specific install instructions
- ASCII art banner — STATELESS AGENT logo with red gradient in installer
- Default display mode is now "full" (verbose box) instead of compact
- Installer has friendlier messaging and visual polish
Landing page, branded CLI, multi-provider embeddings, and feedback loop.
- Multi-provider embedding support — pluggable embedding backend with Ollama (default) and OpenAI providers. Configure via
[embedding]config section orSAME_EMBED_PROVIDER/SAME_EMBED_MODEL/SAME_EMBED_API_KEYenv vars - Feedback loop — notes surfaced during a session that the agent actually references get an access count boost, improving future retrieval confidence
- Landing page at statelessagent.com — dark terminal aesthetic, install-first design
- Branded CLI output — STATELESS AGENT ASCII art with red gradient, section headers, boxed summaries, and footer across
same init,same status, andsame doctor - Post-init explanation — completion message now explains what SAME does: context surfacing, decision extraction, handoffs, feedback loop, staleness checks
- Donations — Buy Me a Coffee + GitHub Sponsors links in README and landing page
- Embedding architecture —
embedding.Clientreplaced withembedding.Providerinterface; all call sites updated - README overhauled — sell first, document second; collapsed
<details>sections for CLI reference, configuration, and MCP; streamlined FAQ - install.sh now also available at
statelessagent.com/install.sh
Eval-driven optimization, security hardening, CLI improvements.
- Composite scoring: semantic + recency + confidence signal blending
- Distance threshold and composite threshold tuning via config
- Eval harness for measuring retrieval quality
- Security: prompt injection pattern scanning in context snippets
same budgetcommand for context utilization stats- Config file support (
.same/config.toml) withsame config show/edit
- Default distance threshold tuned from 15.0 to 16.2 based on eval results
- Hook output formatting improvements
SAME is now a standalone Go project, decoupled from any specific vault infrastructure.
- Data directory moved:
.scripts/same/data/→.same/data/. Runsame reindex --forceafter updating. - Plugins path moved:
.scripts/same/plugins.json→.same/plugins.json. - Go module renamed: now
github.com/sgx-labs/statelessagent. - Default handoff directory: Now
sessions. Override withSAME_HANDOFF_DIR. - Default decision log: Now
decisions.md. Override withSAME_DECISION_LOG.
- Multi-tool vault detection: recognizes
.same,.obsidian,.logseq,.foam,.dendronmarkers SAME_DATA_DIRenv var to override data directory locationSAME_HANDOFF_DIRenv var to override handoff directorySAME_DECISION_LOGenv var to override decision log pathSAME_SKIP_DIRSenv var to add custom skip directories- Security:
_PRIVATE/exclusion from indexing and context surfacing - Security: Ollama localhost-only validation
- Security: Prompt injection detection in context surfacing snippets
- Security:
same doctorchecks for private content leaks and Ollama binding - MCP server name changed from
vault-searchtosame
- Obsidian-specific vault detection fallback
- Personal path defaults
- Node.js/Python infrastructure (package.json, vault-search Python server)
- Raycast scripts, eval harness, docs (deferred to separate repos)
- Initial Go rewrite of SAME
- Vector search with sqlite-vec
- Claude Code hooks (context surfacing, decision extraction, handoff generation, staleness check)
- MCP server with 6 tools
- Composite scoring (semantic + recency + confidence)
- Vault registry for multi-vault support
- File watcher for auto-reindex
- Budget tracking for context utilization