Skip to content

Changelog

The full, versioned changelog lives in the repository's CHANGELOG.md (Keep a Changelog format).

Re-baselined at 0.0.1 — mokata's inaugural public release. Earlier internal iterations were a stabilizing phase and are collapsed into this entry; 0.0.1 is the honest starting point for an early, fast-moving project.

0.0.11

Team mode — a shared, governed team brain over your own Postgres. No breaking changes; additive; local stays the zero-config default. mokata gains an explicit run mode: mokata mode shows the current mode + a team-readiness preflight, and mokata mode set local|team switches it through the human-gated write path — local a zero-config no-op, set team a fail-closed preflight (run identity, $MOKATA_PG_DSN, DB reachable in a ≤500ms probe, compatible schema) that never half-activates. Team setup runs on the team's own Postgres: mokata team init is the sole owner of DDL (guides --backend managed|compose|local, fails closed on a missing DSN, provisions the shared tables idempotently on vanilla Postgres ≥14, pins the team project identity, runs a live CONNECTED test), and mokata team join <source> is the new-member path chaining adopt → connect → activate → vault pull → onboard → consent → doctor; status/adopt/connect/disconnect ship too. The DSN value is never stored (only the env-var name) and mokata hosts nothing. Shared memory over Postgres adds a scope hierarchy (personal → project → team → global), typed items (rule/guardrail/best-practice/context/reference/decision) with an enforcement binding (advisory/soft/hard), in-run hard-rule enforcement, and shared formulas; mokata memory promote moves a rule's enforcement (human-gated) and mokata memory review runs the Draft → In-Review → Approved proposal workflow (proposer ≠ approver). Team writes are journal-first: every durable write lands in a crash-safe local journal (offline never blocks), and mokata sync flushes + reconciles — each write inherits the ledger id of its original human approval and is re-secret-scanned, and each memory write is compare-and-set on a revision column so a conflict surfaces through the human gate (never silent last-writer-wins). Access is governed by scoped consent; mokata audit --consent show|grant|revoke manages a revocable standing consent for the batched audit-publish (per-publish secret-scan still hard-blocks). Also: mokata branch-protection-check verifies the public default branch is protected (fail-closed); a team ops kit (docker-compose.team.yml + .env.example + llms.txt); the in-Claude-Code MCP repair skill is renamed to /mokata:mcp-repair; mokata setup claude surfaces a permission-grant step when wiring the MCP server; and Python ≥ 3.10 is the supported floor.

0.0.10

"Inside Claude Code" — richer in-terminal UX, a gated settings wizard, a doctor coverage matrix, and three hook/setup fixes. No breaking changes; additive; no new dependencies. A new command palette (mokata menu / /mokata:menu) lists every mokata command and skill on one screen with gate markers, derived from the shipped files (single source, no drift). /mokata:docs [topic] points to the published docs — listing topics with their URLs and resolving a topic to its page (read online; not bundled in the wheel; never fetches at runtime). An interactive, gated settings wizard (mokata config wizard) walks you through mokata's settings, routing every change through the same human-gated write path (secret-scan + schema validation + write gate + audit ledger) and failing closed when non-interactive. Output is now consistent across verdicts, progress, and doctor tables (colour on a TTY, clean ASCII when piped or under NO_COLOR), and mokata doctor gains an opt-in capability coverage matrix (mokata doctor --matrix) — pass / degraded / fail per capability, single-sourced from the resolver. Under the hood, the tokenizer-free chars÷4 token estimate now logs estimate-vs-actual to the ledger so the ~2k briefing budget's safety margin is measured. Fixes: hooks no longer hang when stdin is an open pipe with no writer (bounded read + safe fallback); mokata-hook with a missing/unknown subcommand now exits non-zero (exit 1, never the reserved security-block code) so a mis-wired hook is visible; and mokata unsetup claude removes config files it created once they're empty instead of leaving {} husks (files with your own content are preserved).

0.0.9

Installs from PyPI, no clone — and the MCP server works out of the box. No breaking changes. pip install mokata now ships everything (command templates, hooks, and Agent Skills are packaged in the wheel) — no repo clone needed; the bundled MCP server's SDK is a default dependency on Python 3.10+, so mokata-mcp runs out of the box (on 3.9 the CLI still works and the MCP server prints a clear upgrade message). mokata setup claude registers the MCP server at an absolute path, verifies the connection (CONNECTED ✓), and wires commands + skills + the status line; new mokata mcp start | status | install plus a /mokata:mcp-repair repair skill re-register the server from inside Claude Code. Re-running mokata setup claude now syncs the Agent Skills and prunes stale/removed mokata skills (your own skills are never touched).

0.0.8

Fix: no duplicate Agent Skills when the plugin is installed. mokata setup claude now detects an installed mokata plugin and skips writing project-scope Agent Skills (the plugin already provides them) — running both previously listed every skill twice in Claude Code. Commands, hooks, and MCP wiring unchanged; no effect when the plugin isn't installed.

0.0.7

Agent Skills surface. No breaking changes; additive. mokata's core capabilities now also register as Claude Code Agent Skills (auto-engaged from their description), alongside the /mokata:* slash commands. 14 skills ship as skills/<name>/SKILL.md, each rendered from the one command template (single source + drift guard — no duplication). Installed by both the plugin (skills/ + "skills" in plugin.json) and mokata setup claude (.claude/skills/, reversible via mokata unsetup claude). Non-Claude harnesses degrade clean.

0.0.6

Windows portability fix. No breaking changes; Linux/macOS behavior unchanged. The Windows CI matrix first ran on the 0.0.5 re-cut and surfaced two real Windows-only bugs (prior green runs were Linux-only). Fixed: (1) the SQLite memory backend held a persistent file handle across operations, so a tempdir teardown failed on Windows with PermissionError [WinError 32] — the file-backed backend now opens a short-lived connection per operation (an in-memory :memory: DB keeps its connection, having no file to leak); (2) text files written without an explicit encoding landed as cp1252 on Windows (em-dash → 0x97) and broke the utf-8 read — every text-mode file I/O now passes encoding="utf-8". Guarded by a lint test (encoding on all text I/O) and a portability test (no lingering handle) that run on every OS.

0.0.5

Portable sessions, in-Claude-Code UX, every-agent reach & supply-chain trust. No breaking changes. Fixed: hook invocation now uses a PATH-resolved mokata-hook console entry (the python3: command not found pre-hook error on Windows / GUI macOS / exotic PATHs is gone). New: portable/shareable sessions (session push/pull/list/name — machine-path-free, secret-scanned, human-gated); an always-on stage badge + flow legibility + parallel-agent lanes + full Claude-Code command parity (CI-enforced) + task decomposition + brainstorm anti-drift anchor + native to-do widget (one RunProgress, many renderers); a first-run/reconfigure wizard; memory intelligence (explainable retrieval, health nudges, proposed guardrails); a CI/PR check GitHub Action; reach under Cursor/Copilot/Windsurf/Codex/Gemini/Aider, language + OS matrix; and publishable community stacks (mokata stacks, no telemetry). Hardened: supply-chain (SBOM + Sigstore provenance, least-privilege SHA-pinned CI); reliability fuzz pass + a measured performance budget; release-process version-at-tag verification. (A VS Code extension + Copilot Chat @mokata are planned — not available; team mode over a shared backend lands in 0.0.11.)

0.0.4

Governance transparency, session lifecycle, portability & hardening. No breaking changes. New: mokata govern (clickable governed-state dashboard — rules/guardrails + memory-by-kind + proposals, read-only); mokata audit --why (what + decision + why timeline; decisions now record rationale); mokata sessions/resume + a mid-brainstorm checkpoint (leave a brainstorm and come back, HARD-GATE intact); opt-in git-worktree isolation for parallel/paused work; cross-harness portability (claude/codex/cowork adapters + mokata harness matrix, degrade-clear); mokata version/upgrade (offline info, opt-in update check, human-gated upgrade) + /mokata:version. Hardened: secret guard broadened to 18 formats + fuzz invariant (paths/URLs/UUIDs/hex digests no longer false-positive); Dependabot/CodeQL/Scorecard/CODEOWNERS; live-DB CI (Postgres+pgvector+ Neo4j containers); README + CLI-reference audit with a docs-vs-code drift guard.

0.0.3

Wires up governance/token features that previously had no runtime path, plus a second secret-guard precision fix. No breaking changes. New/reachable: mokata memory consolidate (proposal-only), mokata skill author (RED-GREEN-for-docs, human-gated), mokata playbook --dense (output-density compression). Karpathy gates now run per pipeline phase, lethal-trifecta gating guards a private outbound vault push, rules-learning surfaces proposal-only promotions in mokata rules, per-task model routing is opt-in, and the briefing emits a cache-stable prefix — all off-by-default / degrade-clean / human-gated where they write. Fixed: the secret-guard entropy layer no longer flags long file paths / URLs / UUIDs as secrets (real-secret detection unchanged; complements the 0.0.2 envelope fix).

0.0.2

Critical fix. The PreToolUse secret-guard hook scanned the whole hook payload — including Claude Code's high-entropy session_id and transcript_path — which tripped the secret detector and blocked every Write/Edit/Bash call for installed plugin users. It now scans only the tool's content and target path, never the envelope metadata. Real-secret detection is unchanged (secrets in a command, file content, or a .env/.pem path still hard-block). No feature changes.

0.0.1

The inaugural public release — clean-room, local-first, Apache-2.0. A spec-driven, test-first framework for Claude Code whose spine is a real codebase knowledge graph, persistent self-healing, shareable memory, and human-gated, audited governance.

  • Knowledge graph — typed structural queries (callers/callees/blast-radius) over an adopted graph with a grep floor; incremental index + lat-check drift; an external Neo4j adapter (degrade-clean to grep).
  • Memory — persistent + decision + typed parts (rule/guardrail/best-practice/context/ reference), on by default, self-healing; tiered retrieval (lexical → graph → semantic, with a pluggable embedder / pgvector); sharing via export/import, migrate, and a team Postgres store mokata owns; /mokata:onboard guided typed capture; a team design vault.
  • Engine & correctness — the 7-phase pipeline, a provable completeness gate (RED before GREEN), spec-persisted precondition, ground-in-code discipline, spec-awareness regression guard, and a verified ship step (never auto-merge).
  • Governance & UX — universal human-gated writes (secret-scan → approval → audit ledger), deviation gate, reversible/resumable, local-first with zero telemetry; trust dials; parallel-aware progress lanes + an opt-in clickable local dashboard (mokata watch); profiles, per-layer/tool toggles, standalone skills.

Early & stabilizing: expect rapid iteration; pin the version if you need stability. No required runtime dependencies (jsonschema/mcp/postgres/neo4j are optional extras); the suite passes with jsonschema both absent and present.