ci: bump codecov/codecov-action from 5 to 7#97
Open
dependabot[bot] wants to merge 127 commits into
Open
Conversation
- aingle_zome_types: 0.0.2 -> 0.0.3 (adds graph.rs WASM boundary types) - aingle_cortex: 0.2.1 -> 0.2.2 (adds client.rs, observability.rs) - aingle: 0.0.100 -> 0.0.101 (adds 4 semantic host functions) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Build and publish both aingle-minimal and aingle-cortex binaries for all platforms (Linux x86_64/aarch64, macOS x86_64/aarch64, Windows x86_64). Also publish aingle_zome_types and aingle_cortex crates to crates.io on release.
- aingle_zome_types: 0.0.2 -> 0.0.3 (adds graph.rs WASM boundary types) - aingle_cortex: 0.2.1 -> 0.2.2 (adds client.rs, observability.rs) - aingle: 0.0.100 -> 0.0.101 (adds 4 semantic host functions)
Build and publish both aingle-minimal and aingle-cortex binaries for all platforms (Linux x86_64/aarch64, macOS x86_64/aarch64, Windows x86_64). Also publish aingle_zome_types and aingle_cortex crates to crates.io on release.
Removes OpenSSL dependency from aingle_cortex by using rustls-tls instead of native-tls. Fixes aarch64-linux cross-compilation failure in CI release workflow. aingle_cortex: 0.2.2 -> 0.2.3
- Add subjects_with_prefix() and delete_by_subject_prefix() to GraphDB - Re-export TripleBuilder from aingle_graph - Add skill verification REST endpoints (validate, sandbox CRUD) - Add reputation REST endpoints (consistency, batch-verify) - Add SandboxManager to Cortex state - Switch cortex deps to workspace path (graph, logic, zk, titans) - Bump aingle_graph 0.2.1, aingle_cortex 0.2.4
Bumps the rust-minor-patch group with 31 updates: | Package | From | To | | --- | --- | --- | | [rustls](https://github.com/rustls/rustls) | `0.23.35` | `0.23.36` | | [thiserror](https://github.com/dtolnay/thiserror) | `2.0.17` | `2.0.18` | | [quote](https://github.com/dtolnay/quote) | `1.0.42` | `1.0.44` | | [proc-macro2](https://github.com/dtolnay/proc-macro2) | `1.0.103` | `1.0.106` | | [serde_json](https://github.com/serde-rs/json) | `1.0.145` | `1.0.149` | | [bytes](https://github.com/tokio-rs/bytes) | `1.11.0` | `1.11.1` | | [flate2](https://github.com/rust-lang/flate2-rs) | `1.1.5` | `1.1.9` | | [futures](https://github.com/rust-lang/futures-rs) | `0.3.31` | `0.3.32` | | [anyhow](https://github.com/dtolnay/anyhow) | `1.0.100` | `1.0.102` | | [tokio](https://github.com/tokio-rs/tokio) | `1.48.0` | `1.49.0` | | [assert_cmd](https://github.com/assert-rs/assert_cmd) | `2.1.1` | `2.1.2` | | [chrono](https://github.com/chronotope/chrono) | `0.4.42` | `0.4.44` | | [blake3](https://github.com/BLAKE3-team/BLAKE3) | `1.8.2` | `1.8.3` | | [futures-util](https://github.com/rust-lang/futures-rs) | `0.3.31` | `0.3.32` | | [uuid](https://github.com/uuid-rs/uuid) | `1.19.0` | `1.21.0` | | [clap](https://github.com/clap-rs/clap) | `4.5.53` | `4.5.60` | | [env_logger](https://github.com/rust-cli/env_logger) | `0.11.8` | `0.11.9` | | [ndarray](https://github.com/rust-ndarray/ndarray) | `0.17.1` | `0.17.2` | | [tempfile](https://github.com/Stebalien/tempfile) | `3.23.0` | `3.25.0` | | [tower](https://github.com/tower-rs/tower) | `0.5.2` | `0.5.3` | | [tokio-test](https://github.com/tokio-rs/tokio) | `0.4.4` | `0.4.5` | | [indexmap](https://github.com/indexmap-rs/indexmap) | `2.12.1` | `2.13.0` | | [regex](https://github.com/rust-lang/regex) | `1.12.2` | `1.12.3` | | [async-graphql](https://github.com/async-graphql/async-graphql) | `7.0.17` | `7.2.1` | | [async-graphql-axum](https://github.com/async-graphql/async-graphql) | `7.0.17` | `7.2.1` | | [tokio-stream](https://github.com/tokio-rs/tokio) | `0.1.17` | `0.1.18` | | [human-panic](https://github.com/rust-cli/human-panic) | `2.0.4` | `2.0.6` | | [serial_test](https://github.com/palfrey/serial_test) | `3.2.0` | `3.4.0` | | [futures-core](https://github.com/rust-lang/futures-rs) | `0.3.31` | `0.3.32` | | [rustls-pki-types](https://github.com/rustls/pki-types) | `1.13.2` | `1.14.0` | | [tokio-util](https://github.com/tokio-rs/tokio) | `0.7.17` | `0.7.18` | Updates `rustls` from 0.23.35 to 0.23.36 - [Release notes](https://github.com/rustls/rustls/releases) - [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md) - [Commits](rustls/rustls@v/0.23.35...v/0.23.36) Updates `thiserror` from 2.0.17 to 2.0.18 - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](dtolnay/thiserror@2.0.17...2.0.18) Updates `quote` from 1.0.42 to 1.0.44 - [Release notes](https://github.com/dtolnay/quote/releases) - [Commits](dtolnay/quote@1.0.42...1.0.44) Updates `proc-macro2` from 1.0.103 to 1.0.106 - [Release notes](https://github.com/dtolnay/proc-macro2/releases) - [Commits](dtolnay/proc-macro2@1.0.103...1.0.106) Updates `serde_json` from 1.0.145 to 1.0.149 - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](serde-rs/json@v1.0.145...v1.0.149) Updates `bytes` from 1.11.0 to 1.11.1 - [Release notes](https://github.com/tokio-rs/bytes/releases) - [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md) - [Commits](tokio-rs/bytes@v1.11.0...v1.11.1) Updates `flate2` from 1.1.5 to 1.1.9 - [Release notes](https://github.com/rust-lang/flate2-rs/releases) - [Commits](rust-lang/flate2-rs@1.1.5...1.1.9) Updates `futures` from 0.3.31 to 0.3.32 - [Release notes](https://github.com/rust-lang/futures-rs/releases) - [Changelog](https://github.com/rust-lang/futures-rs/blob/master/CHANGELOG.md) - [Commits](rust-lang/futures-rs@0.3.31...0.3.32) Updates `anyhow` from 1.0.100 to 1.0.102 - [Release notes](https://github.com/dtolnay/anyhow/releases) - [Commits](dtolnay/anyhow@1.0.100...1.0.102) Updates `tokio` from 1.48.0 to 1.49.0 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-1.48.0...tokio-1.49.0) Updates `assert_cmd` from 2.1.1 to 2.1.2 - [Changelog](https://github.com/assert-rs/assert_cmd/blob/master/CHANGELOG.md) - [Commits](assert-rs/assert_cmd@v2.1.1...v2.1.2) Updates `chrono` from 0.4.42 to 0.4.44 - [Release notes](https://github.com/chronotope/chrono/releases) - [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md) - [Commits](chronotope/chrono@v0.4.42...v0.4.44) Updates `blake3` from 1.8.2 to 1.8.3 - [Release notes](https://github.com/BLAKE3-team/BLAKE3/releases) - [Commits](BLAKE3-team/BLAKE3@1.8.2...1.8.3) Updates `futures-util` from 0.3.31 to 0.3.32 - [Release notes](https://github.com/rust-lang/futures-rs/releases) - [Changelog](https://github.com/rust-lang/futures-rs/blob/master/CHANGELOG.md) - [Commits](rust-lang/futures-rs@0.3.31...0.3.32) Updates `uuid` from 1.19.0 to 1.21.0 - [Release notes](https://github.com/uuid-rs/uuid/releases) - [Commits](uuid-rs/uuid@v1.19.0...v1.21.0) Updates `clap` from 4.5.53 to 4.5.60 - [Release notes](https://github.com/clap-rs/clap/releases) - [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md) - [Commits](clap-rs/clap@clap_complete-v4.5.53...clap_complete-v4.5.60) Updates `env_logger` from 0.11.8 to 0.11.9 - [Release notes](https://github.com/rust-cli/env_logger/releases) - [Changelog](https://github.com/rust-cli/env_logger/blob/main/CHANGELOG.md) - [Commits](rust-cli/env_logger@v0.11.8...v0.11.9) Updates `ndarray` from 0.17.1 to 0.17.2 - [Release notes](https://github.com/rust-ndarray/ndarray/releases) - [Changelog](https://github.com/rust-ndarray/ndarray/blob/master/RELEASES.md) - [Commits](rust-ndarray/ndarray@0.17.1...0.17.2) Updates `tempfile` from 3.23.0 to 3.25.0 - [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md) - [Commits](https://github.com/Stebalien/tempfile/commits) Updates `tower` from 0.5.2 to 0.5.3 - [Release notes](https://github.com/tower-rs/tower/releases) - [Commits](tower-rs/tower@tower-0.5.2...tower-0.5.3) Updates `tokio-test` from 0.4.4 to 0.4.5 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-test-0.4.4...tokio-test-0.4.5) Updates `indexmap` from 2.12.1 to 2.13.0 - [Changelog](https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md) - [Commits](indexmap-rs/indexmap@2.12.1...2.13.0) Updates `regex` from 1.12.2 to 1.12.3 - [Release notes](https://github.com/rust-lang/regex/releases) - [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md) - [Commits](rust-lang/regex@1.12.2...1.12.3) Updates `async-graphql` from 7.0.17 to 7.2.1 - [Changelog](https://github.com/async-graphql/async-graphql/blob/master/CHANGELOG.md) - [Commits](https://github.com/async-graphql/async-graphql/commits) Updates `async-graphql-axum` from 7.0.17 to 7.2.1 - [Changelog](https://github.com/async-graphql/async-graphql/blob/master/CHANGELOG.md) - [Commits](https://github.com/async-graphql/async-graphql/commits) Updates `tokio-stream` from 0.1.17 to 0.1.18 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-stream-0.1.17...tokio-stream-0.1.18) Updates `human-panic` from 2.0.4 to 2.0.6 - [Changelog](https://github.com/rust-cli/human-panic/blob/master/CHANGELOG.md) - [Commits](rust-cli/human-panic@v2.0.4...v2.0.6) Updates `serial_test` from 3.2.0 to 3.4.0 - [Release notes](https://github.com/palfrey/serial_test/releases) - [Commits](palfrey/serial_test@v3.2.0...v3.4.0) Updates `futures-core` from 0.3.31 to 0.3.32 - [Release notes](https://github.com/rust-lang/futures-rs/releases) - [Changelog](https://github.com/rust-lang/futures-rs/blob/master/CHANGELOG.md) - [Commits](rust-lang/futures-rs@0.3.31...0.3.32) Updates `rustls-pki-types` from 1.13.2 to 1.14.0 - [Release notes](https://github.com/rustls/pki-types/releases) - [Commits](rustls/pki-types@v/1.13.2...v/1.14.0) Updates `tokio-util` from 0.7.17 to 0.7.18 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-util-0.7.17...tokio-util-0.7.18) --- updated-dependencies: - dependency-name: rustls dependency-version: 0.23.36 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: thiserror dependency-version: 2.0.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: quote dependency-version: 1.0.44 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: proc-macro2 dependency-version: 1.0.106 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: serde_json dependency-version: 1.0.149 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: bytes dependency-version: 1.11.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: flate2 dependency-version: 1.1.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: futures dependency-version: 0.3.32 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: anyhow dependency-version: 1.0.102 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: tokio dependency-version: 1.49.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust-minor-patch - dependency-name: assert_cmd dependency-version: 2.1.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: chrono dependency-version: 0.4.44 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: blake3 dependency-version: 1.8.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: futures-util dependency-version: 0.3.32 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: uuid dependency-version: 1.21.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust-minor-patch - dependency-name: clap dependency-version: 4.5.60 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: env_logger dependency-version: 0.11.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: ndarray dependency-version: 0.17.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: tempfile dependency-version: 3.25.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust-minor-patch - dependency-name: tower dependency-version: 0.5.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: tokio-test dependency-version: 0.4.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: indexmap dependency-version: 2.13.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust-minor-patch - dependency-name: regex dependency-version: 1.12.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: async-graphql dependency-version: 7.2.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust-minor-patch - dependency-name: async-graphql-axum dependency-version: 7.2.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust-minor-patch - dependency-name: tokio-stream dependency-version: 0.1.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: human-panic dependency-version: 2.0.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: serial_test dependency-version: 3.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust-minor-patch - dependency-name: futures-core dependency-version: 0.3.32 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch - dependency-name: rustls-pki-types dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust-minor-patch - dependency-name: tokio-util dependency-version: 0.7.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-minor-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [base64](https://github.com/marshallpierce/rust-base64) from 0.21.7 to 0.22.1. - [Changelog](https://github.com/marshallpierce/rust-base64/blob/master/RELEASE-NOTES.md) - [Commits](marshallpierce/rust-base64@v0.21.7...v0.22.1) --- updated-dependencies: - dependency-name: base64 dependency-version: 0.22.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [fallible-iterator](https://github.com/sfackler/rust-fallible-iterator) from 0.2.0 to 0.3.0. - [Release notes](https://github.com/sfackler/rust-fallible-iterator/releases) - [Changelog](https://github.com/sfackler/rust-fallible-iterator/blob/master/CHANGELOG.md) - [Commits](sfackler/rust-fallible-iterator@v0.2.0...v0.3.0) --- updated-dependencies: - dependency-name: fallible-iterator dependency-version: 0.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [spargebra](https://github.com/oxigraph/oxigraph) from 0.3.5 to 0.4.5. - [Release notes](https://github.com/oxigraph/oxigraph/releases) - [Changelog](https://github.com/oxigraph/oxigraph/blob/main/CHANGELOG.md) - [Commits](oxigraph/oxigraph@v0.3.5...v0.4.5) --- updated-dependencies: - dependency-name: spargebra dependency-version: 0.4.5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [candle-core](https://github.com/huggingface/candle) from 0.4.1 to 0.9.2. - [Changelog](https://github.com/huggingface/candle/blob/main/CHANGELOG.md) - [Commits](https://github.com/huggingface/candle/commits) --- updated-dependencies: - dependency-name: candle-core dependency-version: 0.9.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [wasmer](https://github.com/wasmerio/wasmer) from 6.0.0 to 7.0.1. - [Release notes](https://github.com/wasmerio/wasmer/releases) - [Changelog](https://github.com/wasmerio/wasmer/blob/main/CHANGELOG.md) - [Commits](wasmerio/wasmer@v6.0.0...v7.0.1) --- updated-dependencies: - dependency-name: wasmer dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [if-addrs](https://github.com/messense/if-addrs) from 0.6.7 to 0.13.4. - [Release notes](https://github.com/messense/if-addrs/releases) - [Commits](messense/if-addrs@v0.6.7...v0.13.4) --- updated-dependencies: - dependency-name: if-addrs dependency-version: 0.13.4 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [rocksdb](https://github.com/rust-rocksdb/rust-rocksdb) from 0.22.0 to 0.24.0. - [Release notes](https://github.com/rust-rocksdb/rust-rocksdb/releases) - [Changelog](https://github.com/rust-rocksdb/rust-rocksdb/blob/master/CHANGELOG.md) - [Commits](rust-rocksdb/rust-rocksdb@v0.22.0...v0.24.0) --- updated-dependencies: - dependency-name: rocksdb dependency-version: 0.24.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [toml](https://github.com/toml-rs/toml) from 0.5.11 to 0.9.10+spec-1.1.0. - [Commits](toml-rs/toml@toml-v0.5.11...toml-v0.9.10) --- updated-dependencies: - dependency-name: toml dependency-version: 0.9.10+spec-1.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [bulletproofs](https://github.com/zkcrypto/bulletproofs) from 4.0.0 to 5.0.0. - [Changelog](https://github.com/zkcrypto/bulletproofs/blob/main/CHANGELOG.md) - [Commits](https://github.com/zkcrypto/bulletproofs/commits) --- updated-dependencies: - dependency-name: bulletproofs dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Add file-backed JSONL audit log with configurable path. Register namespace extraction middleware under auth feature gate. Enforce namespace boundaries in triple CRUD, query, proof validation, proof storage, and reputation handlers. Record audit entries on create/delete mutations. All backward-compatible: namespace=None means no filtering, audit defaults to in-memory.
# Conflicts: # Cargo.lock
# Conflicts: # Cargo.lock
…-1.1.0' # Conflicts: # Cargo.lock
# Conflicts: # Cargo.lock
Fix build breakage from Dependabot merges: rmp 0.8.15 removed functions used by rmp-serde 0.14 (via aingle_middleware_bytes). Upgrade direct rmp-serde deps to v1 and pin rmp to 0.8.14 for the transitive 0.14 dep.
aingle_graph 0.2.1→0.2.2, aingle_logic 0.2.0→0.2.1, aingle_zk 0.2.0→0.2.1, titans_memory 0.2.0→0.2.1, aingle_ai 0.1.0→0.1.1, hope_agents 0.2.0→0.2.1, aingle_minimal 0.3.0→0.3.1, aingle_cortex 0.2.4→0.2.5, aingle_zome_types 0.0.3→0.0.4, ai_hash 0.0.2→0.0.3
feat: Semantic DAG v0.6.0 — append-only causal graph with signing and sync
release: AIngle v0.6.0 — Semantic DAG with signing and cross-node sync
Add dag to default and full feature sets so the binary includes DAG endpoints without requiring explicit --features dag. Bump to v0.6.1.
fix: enable dag feature by default in aingle_cortex
Triple mutations (create/delete) now automatically generate DagActions in both cluster and non-cluster mode, enabling complete audit trails. - Add Custom variant to DagPayload for explicit user actions - Add subjects field to TripleDelete for subject-based indexing - Add subject_index to DagStore with full lifecycle (put/ingest/rebuild/prune) - Add history_by_subject() for subject-scoped DAG queries - Add POST /api/v1/dag/actions endpoint for custom DagActions - Fix GET /api/v1/dag/history?subject=X to use dedicated subject index - Non-cluster triple writes now record DagActions via dag_store.put() - Handle Custom payload in Raft state machine and export/timetravel
…d data
ProofStore.submit() persists only request.proof_data (the raw proof
bytes) but ProofVerifier.verify() was deserializing as a full ZkProof
which requires proof_type, proof_data, timestamp, and metadata fields.
This caused 422 "missing field proof_type" on GET /api/v1/proofs/{id}/verify.
Fix: when direct ZkProof deserialization fails, reconstruct the envelope
from StoredProof.proof_type metadata + the stored raw proof data. Also
injects the ProofData serde type tag when the client omitted it.
… 19xxx ports Eliminate 5 potential crash scenarios: - Replace nested unwrap in Raft peer fallback with infallible SocketAddr::from - Replace HeaderValue::from_str().unwrap() with infallible From<u64/u32> in rate limiter - Change DagGraph::to_json/export to return Result instead of expect/panic - Propagate errors from GraphDB::memory() in AppState::new/with_audit_path - Add safe short_id() helper to prevent string slice out-of-bounds in DAG export Standardize all components to 19xxx port range: - Cortex REST: 19090, P2P: 19091 (already correct) - Minimal REST/WebRTC: 8080 → 19080, QUIC: 8443 → 19081 - Fix OpenAPI spec, docker-compose, tutorials, and examples
Release v0.6.2
- GraphDB.flush() now flushes DAG store alongside triple store - DAG persistent init failure is now fatal (no silent in-memory fallback) - DAG action failures on triple insert/delete return errors instead of being silently swallowed — prevents triples existing without audit trail - GraphQL mutations now record DAG actions (previously bypassed DAG/Raft entirely, causing split-brain in cluster mode) - DagStore.put() validates parent hashes exist before accepting actions, preventing orphaned entries that break traversal and time-travel queries - Corrupted actions in DAG backend are now logged during index rebuild instead of being silently skipped Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
ProofStore was purely in-memory — all proofs lost on restart. This adds a ProofBackend trait (mirroring the DagBackend pattern) with Memory and Sled implementations. - New `proofs/backend.rs` with ProofBackend trait, MemoryProofBackend, and SledProofBackend (tree "proofs" in a dedicated sled DB) - Refactored ProofStore to use backend trait instead of HashMap - `ProofStore::with_sled(path)` constructor for persistent storage - `ProofStore::flush()` for durable writes - `AppState::with_db_path` creates Sled-backed ProofStore (uses `proofs.sled` sibling directory to avoid sled lock contention with the graph DB) - `AppState::flush()` now flushes proof store alongside graph - Stats rebuilt from backend on startup (no tokio lock needed)
ClusterSnapshot did not include proofs — new nodes joining a cluster started with zero proofs. This adds proof snapshot export/import to the Raft state machine. - Added ProofSnapshot struct and ProofSnapshotProvider trait - ClusterSnapshot now has `proofs: Vec<ProofSnapshot>` field (backward-compatible via serde(default)) - Blake3 checksum now covers proofs alongside triples + ineru_ltm - CortexSnapshotBuilder exports proofs via provider during build - install_snapshot() imports proofs when present - ProofStore implements ProofSnapshotProvider (sync methods for export/import via backend.list_all) - Wired into cluster_init: proof provider set on CortexStateMachine
Ineru only saved on explicit shutdown — a crash meant data loss. This adds a configurable periodic flush task. - Added `flush_interval_secs` to CortexConfig (default: 300s) - Added `--flush-interval <SECS>` CLI argument (0 = disabled) - Spawns tokio task that calls state.flush() at the configured interval - Flushes graph DB, proof store, and Ineru snapshot atomically
AuditLog::record() used `let _ = writeln!()` which silently ignored write failures, and never called sync_all() — data could be lost on crash. - writeln! errors now logged via log::error! - file.sync_all() called after each write (log::warn on failure) - OpenOptions::open failures logged instead of silently ignored
insert_batch() performed individual puts — a failure mid-batch left the store in an inconsistent state with some triples written and indexes partially updated. - Added apply_batch() to StorageBackend trait (default: sequential puts) - SledBackend overrides with sled::Batch for atomic writes - Refactored GraphStore::insert_batch() into 3 phases: 1. Collect non-duplicate triples 2. Atomic backend batch write 3. Update indexes only on success
Gossip only synced triples — DAG actions were not replicated between peers. This adds tip-based DAG sync to the P2P layer. - New p2p/dag_sync.rs module with tip collection, missing action computation, serialized action fetch, and batch ingestion - Added DagTipSync, RequestDagActions, SendDagActions message variants (feature-gated under "dag") - Gossip loop (Task 2) now sends DagTipSync alongside BloomSync - Message handler (Task 3) handles all 3 DAG message types: - DagTipSync: compute missing actions via DagStore::compute_missing() - RequestDagActions: fetch and send actions by hash - SendDagActions: ingest received actions via DagStore::ingest() - Reuses existing DagStore::compute_missing() and ingest() APIs
End-to-end tests verifying data flows correctly across all AIngle subsystems — these caught the sled lock contention bug where ProofStore and GraphDB shared the same sled path. - ProofStore Sled round-trip (20 proofs write/reopen/delete/verify) - Graph+DAG triple materialization consistency (50 triples + deletes) - Batch insert index consistency (100 triples, duplicate handling) - AppState flush/restore full cycle (triples + proofs survive restart) - Raft snapshot with proofs serialization round-trip - Snapshot checksum changes when proofs are included - Graph Sled persistence with float precision verification - Audit log fsync integrity (50 entries write/reopen/query filters)
Audit found 5 locations where important data was written to disk without sync_all(), meaning a crash or power loss could lose the data even after a "successful" write returned. - main.rs: DAG signing key — `let _ = write_all` replaced with proper error handling + fsync (key loss broke all future DAG signatures) - kaneru/persistence.rs: Agent state + LearningEngine saves now fsync after write_all (ML weights/Q-values could be lost) - ineru/lib.rs: Memory snapshot now uses File::create + write_all + sync_all instead of std::fs::write (which never fsyncs) - p2p/identity.rs: Node Ed25519 key now fsynced on both Unix and non-Unix (identity loss = can't rejoin P2P mesh) - p2p/peer_store.rs: Known peers JSON now fsynced (peer list loss = must rediscover all network peers)
Mutex lock poisoning in the WAL writer caused panics that crashed the entire node. The WAL is the most critical data path — a panic here takes down all Raft consensus operations. All 4 .lock().unwrap() calls replaced with .lock().map_err() that returns io::Error, propagating the failure gracefully instead of aborting the process.
RuleEngine used .write().unwrap() and .read().unwrap() on 9 lock acquisitions. A panic in any thread holding these locks would cascade to crash all subsequent validation/inference operations. Replaced all 9 occurrences with .unwrap_or_else(|p| p.into_inner()) which recovers the data from a poisoned lock and continues operating. Stats and inferred triples are non-critical — crashing the server over a stats counter is disproportionate.
KaneruAgent::learn() called .unwrap() on current_state (Option) and observation_history.back() (Option) — both panic if called before any observation is recorded. Replaced with early returns + log::warn for graceful degradation. The agent now safely skips learning when called in an invalid state instead of crashing the entire process.
p2p_status() and list_peers() called serde_json::to_value().unwrap() which would panic the server if serialization ever failed. Replaced with match that returns 500 Internal Server Error with error details.
…line This release fixes 16 bugs found during an exhaustive input/output audit of the entire AIngle data pipeline: ## Data integrity (6 fixes) - Persistent ProofStore with Sled backend (was in-memory only) - Proofs included in Raft cluster snapshots (new nodes got 0 proofs) - Periodic auto-flush every 300s (crash = data loss window reduced) - Audit log fsync + error reporting (was silently dropping writes) - Atomic batch insert via sled::Batch (partial writes impossible) - P2P DAG action sync via tip exchange (DAG wasn't replicated) ## fsync hardening (5 fixes) - DAG signing key write — error handling + fsync - Kaneru agent state + ML weights — fsync after save - Ineru memory snapshot — fsync after write - P2P node identity key — fsync on all platforms - Peer store JSON — fsync after write ## Panic elimination (5 fixes) - WAL writer: lock().unwrap() → lock().map_err() (4 sites) - Rule engine: poisoned lock recovery (9 sites) - Kaneru agent: unwrap on Option → graceful early return - P2P REST endpoints: unwrap → HTTP 500 error response - ProofStore init: blocking_write removed entirely ## Testing - 8 new cross-subsystem data integrity tests - 1092+ tests passing across all core crates, 0
Exposes GraphStore::insert_batch() via REST API for efficient bulk
data loading. Uses sled::Batch for atomic writes when using Sled backend.
- POST /api/v1/triples/batch with JSON body {"triples": [...]}
- Returns 201 with inserted IDs, total count, and duplicate count
- Validates all inputs before writing (empty subject/predicate → 400)
- Namespace scoping enforced per triple
- Duplicates silently skipped (reported in response)
- Audit log records batch_create with insert/duplicate counts
- Events broadcast for each new triple
GET /api/v1/proofs/:id/verify returned 422 when the stored proof_data didn't match the expected ZkProof structure (e.g. user submitted arbitrary JSON without the required commitment/challenge/response fields). Now: - Malformed proof data → 200 with valid:false + error details - Proof not found → 404 - Valid proof → 200 with valid:true This matches the semantic contract: verification tells you whether a proof is valid, it shouldn't fail with a server error just because the proof data is garbage.
release: AIngle v0.6.3 — total data integrity hardening
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5 to 7. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@v5...v7) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Contributor
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps codecov/codecov-action from 5 to 7.
Release notes
Sourced from codecov/codecov-action's releases.
... (truncated)
Changelog
Sourced from codecov/codecov-action's changelog.
... (truncated)
Commits
fb8b358chore(release): 7.0.0 (#1957)ca0a928ci: remove Enforce License Compliance workflow (#1950)e79a696chore(release): 6.0.1 (#1949)51e6422fix: prevent template injection in run: steps (VULN-1652) (#1947)57e3a13Th/6.0.0 (#1928)f67d33dRevert "Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0""...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)