Changelog

All notable changes are tagged via git tag v*. This file tracks unreleased work + release pointers.

Unreleased

chore(docs): regenerate DNA-INDEX (reduced scope) (302ca661)
fix(kei-conflict-scan): close 3 backlog bugs + Phase C draft emission (f354aacc)
feat(kei-buddy): conversational LLM-driven flow + kei-sage retrieval graph-RAG (b61b17ea)
feat(contacts): glue sync + Google pagination + Apple discovery + folding (06bcce99)
fix(kei-conflict-scan): wikilink path-norm + drop handoff false-positives (6cd99982)
feat(kei-buddy fleet): 5 atomics — google/apple contacts + classifier + tick + slash-commands (450156a4)

Release notes per tag are kept in the GitHub Releases UI: https://github.com/KeiSeiLab/KeiSeiKit-1.0/releases

Highlights below; full notes in each tag's GitHub Release page.

User feedback from real curl|bash with profile=full: "нет выбора провайдера, нахуй не понятно что делать после установки". Closed.

NEW kei onboard — 4-step wizard auto-triggered at end of install (TTY only). Walks user through: pick primary CLI → kei mcp-wire → MOONSHOT_API_KEY hint → kei-doctor health check. Re-runnable any time.
NEW bin/kei onboard|setup|wizard arm.
FIX act_runner: command not found — resolver tries act_runner → gitea-runner; brew install switched to gitea-runner (functionally equivalent for Forgejo).
FIX Forgejo no such table: user — added forgejo migrate before admin user create (idempotent).
FIX zoekt: No formulae or casks found — graceful fallback: brew taps → go install → clean skip with warning.
DEFERRED kei-shared missing + launchd Input/output error → v0.46.

Four-CLI parallel pre-release audit (Claude+Grok+Gemini+Copilot, each reviewing different angle) surfaced 9 real issues in v0.43. All patched.

CRITICAL Walk-up canonicalize for non-existent leaf paths (defeats v0.42 fix #1 when parent didn't exist either).
HIGH O_NOFOLLOW open + fd-write closes TOCTOU window during hook chain await.
HIGH Sanitize MOONSHOT_API_KEY pre-curl (config injection blocked).
HIGH env_clear + whitelist on subprocess spawn (no secret leak via kei_bash).
HIGH Path::starts_with + canonical KEI_ALLOWED_ROOTS (no prefix-bypass).
MED macOS $TMPDIR carve-out (allowed_roots check FIRST; narrowed /var/ blanket).
MED Timeout doc honesty (per-step not aggregate).
MED cwd in hook input.
MED Failure-fallback cache has full schema.

NEW kei limits — honest subscription-quota report. Research-grounded: 4 of 5 CLIs have no public quota API. Only Kimi balance via Moonshot /v1/users/me/balance (requires MOONSHOT_API_KEY).
NEW Pet integration — reads cache, shows Kimi balance segment if live.
FIX Atomic cache write (mktemp + atomic mv).
FIX tonumber? swallows parse errors; _safe_json wrapper.
FIX Token off argv (curl --config - via stdin).
FIX jq runtime guard.

Re-audit found v0.41 fixes were incomplete. All patched.

CRITICAL Symlink leaf bypass — canonicalize full path + reject is_symlink leaf for new files (3-of-4 reviewers convergent).
HIGH $HOME removed from default allowed_roots (was self-neuter vector — agent could overwrite ~/.claude/hooks/*).
HIGH Empty section [bash]/[edit]/[write] now also FAIL-CLOSED.
MED tokio::fs in load_chain.
MED process_group + killpg applied to hook subprocess too.

NEW kei_bash / kei_edit / kei_write MCP tools in kei-mcp.
NEW policy-chain.toml SSoT for which hooks gate which tool.
NEW 3-tier enforcement model (Claude+Grok TIER 1, Copilot TIER 2, Agy+Kimi TIER 3).
NEW kei mcp-wire orchestrator + 5 per-CLI wire scripts.

NEW kei pick interactive picker.
NEW kei agent <name> with DNA-driven provider resolution.
NEW kei primary get/set default backend.
NEW spawn_agent MCP tool — any MCP-capable CLI can spawn KeiSeiKit agents on any backend.

NEW Hook packs (safety / evidence / observability / epistemic / orchestration / git-guard / stack-rust).
NEW Stack profiles (minimal / web / ml / systems / mobile).
NEW kei configure re-runnable.