Changelog¶
The full, versioned changelog lives in the repository's
CHANGELOG.md
(Keep a Changelog format).
Re-baselined at 0.0.1 — mokata's inaugural public release. Earlier internal iterations were a stabilizing phase and are collapsed into this entry; 0.0.1 is the honest starting point for an early, fast-moving project.
0.0.11¶
Team mode — a shared, governed team brain over your own Postgres. No breaking changes; additive;
local stays the zero-config default. mokata gains an explicit run mode: mokata mode shows the
current mode + a team-readiness preflight, and mokata mode set local|team switches it through the
human-gated write path — local a zero-config no-op, set team a fail-closed preflight (run
identity, $MOKATA_PG_DSN, DB reachable in a ≤500ms probe, compatible schema) that never
half-activates. Team setup runs on the team's own Postgres: mokata team init is the sole owner
of DDL (guides --backend managed|compose|local, fails closed on a missing DSN, provisions the
shared tables idempotently on vanilla Postgres ≥14, pins the team project identity, runs a live
CONNECTED test), and mokata team join <source> is the new-member path chaining adopt → connect →
activate → vault pull → onboard → consent → doctor; status/adopt/connect/disconnect ship too.
The DSN value is never stored (only the env-var name) and mokata hosts nothing. Shared memory over
Postgres adds a scope hierarchy (personal → project → team → global), typed items
(rule/guardrail/best-practice/context/reference/decision) with an enforcement binding
(advisory/soft/hard), in-run hard-rule enforcement, and shared formulas; mokata memory promote
moves a rule's enforcement (human-gated) and mokata memory review runs the Draft → In-Review →
Approved proposal workflow (proposer ≠ approver). Team writes are journal-first: every durable
write lands in a crash-safe local journal (offline never blocks), and mokata sync flushes +
reconciles — each write inherits the ledger id of its original human approval and is re-secret-scanned,
and each memory write is compare-and-set on a revision column so a conflict surfaces through the human
gate (never silent last-writer-wins). Access is governed by scoped consent; mokata audit
--consent show|grant|revoke manages a revocable standing consent for the batched audit-publish
(per-publish secret-scan still hard-blocks). Also: mokata branch-protection-check verifies the
public default branch is protected (fail-closed); a team ops kit (docker-compose.team.yml +
.env.example + llms.txt); the in-Claude-Code MCP repair skill is renamed to /mokata:mcp-repair;
mokata setup claude surfaces a permission-grant step when wiring the MCP server; and Python ≥ 3.10
is the supported floor.
0.0.10¶
"Inside Claude Code" — richer in-terminal UX, a gated settings wizard, a doctor coverage
matrix, and three hook/setup fixes. No breaking changes; additive; no new dependencies. A new
command palette (mokata menu / /mokata:menu) lists every mokata command and skill on one screen
with gate markers, derived from the shipped files (single source, no drift). /mokata:docs [topic]
points to the published docs — listing topics with their URLs and resolving a topic to its page
(read online; not bundled in the wheel; never fetches at runtime). An interactive, gated settings
wizard (mokata config wizard) walks you through mokata's settings, routing every change through the
same human-gated write path (secret-scan + schema validation + write gate + audit ledger) and
failing closed when non-interactive. Output is now consistent across verdicts, progress, and doctor
tables (colour on a TTY, clean ASCII when piped or under NO_COLOR), and mokata doctor gains an
opt-in capability coverage matrix (mokata doctor --matrix) — pass / degraded / fail per capability,
single-sourced from the resolver. Under the hood, the tokenizer-free chars÷4 token estimate now logs
estimate-vs-actual to the ledger so the ~2k briefing budget's safety margin is measured. Fixes:
hooks no longer hang when stdin is an open pipe with no writer (bounded read + safe fallback);
mokata-hook with a missing/unknown subcommand now exits non-zero (exit 1, never the reserved
security-block code) so a mis-wired hook is visible; and mokata unsetup claude removes config files
it created once they're empty instead of leaving {} husks (files with your own content are preserved).
0.0.9¶
Installs from PyPI, no clone — and the MCP server works out of the box. No breaking changes.
pip install mokata now ships everything (command templates, hooks, and Agent Skills are packaged in
the wheel) — no repo clone needed; the bundled MCP server's SDK is a default dependency on Python
3.10+, so mokata-mcp runs out of the box (on 3.9 the CLI still works and the MCP server prints a
clear upgrade message). mokata setup claude registers the MCP server at an absolute path, verifies
the connection (CONNECTED ✓), and wires commands + skills + the status line; new mokata mcp start |
status | install plus a /mokata:mcp-repair repair skill re-register the server from inside Claude Code.
Re-running mokata setup claude now syncs the Agent Skills and prunes stale/removed mokata skills
(your own skills are never touched).
0.0.8¶
Fix: no duplicate Agent Skills when the plugin is installed. mokata setup claude now detects
an installed mokata plugin and skips writing project-scope Agent Skills (the plugin already
provides them) — running both previously listed every skill twice in Claude Code. Commands, hooks,
and MCP wiring unchanged; no effect when the plugin isn't installed.
0.0.7¶
Agent Skills surface. No breaking changes; additive. mokata's core capabilities now also
register as Claude Code Agent Skills (auto-engaged from their description), alongside the
/mokata:* slash commands. 14 skills ship as skills/<name>/SKILL.md, each rendered from the one
command template (single source + drift guard — no duplication). Installed by both the plugin
(skills/ + "skills" in plugin.json) and mokata setup claude (.claude/skills/, reversible
via mokata unsetup claude). Non-Claude harnesses degrade clean.
0.0.6¶
Windows portability fix. No breaking changes; Linux/macOS behavior unchanged. The Windows
CI matrix first ran on the 0.0.5 re-cut and surfaced two real Windows-only bugs (prior green runs
were Linux-only). Fixed: (1) the SQLite memory backend held a persistent file handle across
operations, so a tempdir teardown failed on Windows with PermissionError [WinError 32] — the
file-backed backend now opens a short-lived connection per operation (an in-memory :memory: DB
keeps its connection, having no file to leak); (2) text files written without an explicit encoding
landed as cp1252 on Windows (em-dash → 0x97) and broke the utf-8 read — every text-mode file
I/O now passes encoding="utf-8". Guarded by a lint test (encoding on all text I/O) and a
portability test (no lingering handle) that run on every OS.
0.0.5¶
Portable sessions, in-Claude-Code UX, every-agent reach & supply-chain trust.
No breaking changes.
Fixed: hook invocation now uses a PATH-resolved mokata-hook console entry (the python3: command
not found pre-hook error on Windows / GUI macOS / exotic PATHs is gone). New: portable/shareable
sessions (session push/pull/list/name — machine-path-free, secret-scanned,
human-gated); an always-on stage badge + flow legibility + parallel-agent lanes + full
Claude-Code command parity (CI-enforced) + task decomposition + brainstorm anti-drift anchor +
native to-do widget (one RunProgress, many renderers); a first-run/reconfigure wizard;
memory intelligence (explainable retrieval, health nudges, proposed guardrails); a CI/PR
check GitHub Action; reach under Cursor/Copilot/Windsurf/Codex/Gemini/Aider, language + OS
matrix; and publishable community stacks (mokata stacks, no telemetry). Hardened: supply-chain
(SBOM + Sigstore provenance, least-privilege SHA-pinned CI); reliability fuzz pass + a measured
performance budget; release-process version-at-tag verification. (A VS Code extension +
Copilot Chat @mokata are planned — not available; team mode over a shared backend lands in
0.0.11.)
0.0.4¶
Governance transparency, session lifecycle, portability & hardening. No breaking changes.
New: mokata govern (clickable governed-state dashboard — rules/guardrails + memory-by-kind +
proposals, read-only); mokata audit --why (what + decision + why timeline; decisions now record
rationale); mokata sessions/resume + a mid-brainstorm checkpoint (leave a brainstorm and come
back, HARD-GATE intact); opt-in git-worktree isolation for parallel/paused work; cross-harness
portability (claude/codex/cowork adapters + mokata harness matrix, degrade-clear); mokata
version/upgrade (offline info, opt-in update check, human-gated upgrade) + /mokata:version.
Hardened: secret guard broadened to 18 formats + fuzz invariant (paths/URLs/UUIDs/hex digests no
longer false-positive); Dependabot/CodeQL/Scorecard/CODEOWNERS; live-DB CI (Postgres+pgvector+
Neo4j containers); README + CLI-reference audit with a docs-vs-code drift guard.
0.0.3¶
Wires up governance/token features that previously had no runtime path, plus a second
secret-guard precision fix. No breaking changes. New/reachable: mokata memory consolidate
(proposal-only), mokata skill author (RED-GREEN-for-docs, human-gated), mokata playbook
--dense (output-density compression). Karpathy gates now run per pipeline phase, lethal-trifecta
gating guards a private outbound vault push, rules-learning surfaces proposal-only promotions in
mokata rules, per-task model routing is opt-in, and the briefing emits a cache-stable prefix —
all off-by-default / degrade-clean / human-gated where they write. Fixed: the secret-guard
entropy layer no longer flags long file paths / URLs / UUIDs as secrets (real-secret detection
unchanged; complements the 0.0.2 envelope fix).
0.0.2¶
Critical fix. The PreToolUse secret-guard hook scanned the whole hook payload — including
Claude Code's high-entropy session_id and transcript_path — which tripped the secret detector
and blocked every Write/Edit/Bash call for installed plugin users. It now scans only the
tool's content and target path, never the envelope metadata. Real-secret detection is unchanged
(secrets in a command, file content, or a .env/.pem path still hard-block). No feature changes.
0.0.1¶
The inaugural public release — clean-room, local-first, Apache-2.0. A spec-driven, test-first framework for Claude Code whose spine is a real codebase knowledge graph, persistent self-healing, shareable memory, and human-gated, audited governance.
- Knowledge graph — typed structural queries (callers/callees/blast-radius) over an adopted
graph with a grep floor; incremental index +
lat-checkdrift; an external Neo4j adapter (degrade-clean to grep). - Memory — persistent + decision + typed parts (rule/guardrail/best-practice/context/
reference), on by default, self-healing; tiered retrieval (lexical → graph → semantic, with
a pluggable embedder / pgvector); sharing via export/import, migrate, and a team Postgres
store mokata owns;
/mokata:onboardguided typed capture; a team design vault. - Engine & correctness — the 7-phase pipeline, a provable completeness gate (RED before
GREEN), spec-persisted precondition, ground-in-code discipline, spec-awareness regression
guard, and a verified
shipstep (never auto-merge). - Governance & UX — universal human-gated writes (secret-scan → approval → audit ledger),
deviation gate, reversible/resumable, local-first with zero telemetry; trust dials;
parallel-aware progress lanes + an opt-in clickable local dashboard (
mokata watch); profiles, per-layer/tool toggles, standalone skills.
Early & stabilizing: expect rapid iteration; pin the version if you need stability. No
required runtime dependencies (jsonschema/mcp/postgres/neo4j are optional extras); the
suite passes with jsonschema both absent and present.