#+TITLE: Changelog #+STARTUP: content * v0.2.1 — Rename, Safety, and Deployment (2026-05-02) This release renames the project to Passepartout, adds content-level safety gates, professionalizes deployment, and documents every function with full explanatory prose. ** Project Rename - **Passepartout:** Project renamed from OpenCortex to Passepartout. All files, packages, functions, and environment variables updated. - **Org/lisp split:** Source of truth lives in ~org/~, tangled to ~lisp/~. Core files committed, skills generated at configure time. - **31 org files:** Every file renamed to ~category-subject.org~ convention. Harness and skills unified under one directory. ** Safety - **Secret Exposure Gate:** Content scanning for API keys, PEM blocks, PGP keys, credentials, and tokens in all outgoing text. - **Path Protection:** File reads blocked for ~.env~, SSH keys, PEM/PGP, cloud configs, and credential stores. - **Shell Safety:** Destructive commands (~rm -rf /~, ~dd~, ~mkfs~, ~shred~) and injection patterns (backtick, ~$()~) blocked with timeout and output limits. - **Lisp Validation Gate:** Writes to ~.lisp~ and ~.org~ files validated for syntax errors before they reach disk. - **REPL Verification Lint:** Warns if defuns are written without REPL prototyping. ** Deployment - **Multi-distro:** Automatic detection of Debian vs Fedora, correct package names and managers. - **systemd service:** User-level auto-start on boot via ~passepartout install service~. - **Backup/Restore:** ~passepartout backup~ and ~passepartout restore~ commands. - **Docker:** Updated to ~debian:trixie-slim~, fixed build context. - **CI/CD:** GitHub Actions workflows for lint, test, and release. Gitea deploy workflow fixed. ** Engineering Process - **REPL-first Lifecycle:** Two-track workflow: Org-first for prose and tests, REPL-first for implementation. Every function prototyped in the REPL before reaching Org. - **Verification Loop:** Bouncer rejects bad lisp; rejection trace feeds back to LLM for self-correction. - **System-prompt-augment:** Skills can inject domain-specific mandates into the LLM prompt via ~:system-prompt-augment~. ** Documentation - **Literate Prose Restored:** Every Org file now has an Architectural Intent overview and explanatory prose before each function block, following the style established in the v0.1.0 era. - **AGENTS.md:** Thinned to a routing layer — the skill org files are authoritative. ** Contributors - **gitignore:** ~skills/*.lisp~ and ~tests/*.lisp~ as generated artifacts (source of truth is ~.org~). - **DeepSeek and NVIDIA NIM:** Added as LLM providers (OpenAI-compatible). Use ~DEEPSEEK_API_KEY~ and ~NVIDIA_API_KEY~ env vars. * v0.2.0 - Interactive Refinement (2026-04-29) This release focuses on professionalizing the environment and enhancing the agent's structural capabilities. ** Features - **Enhanced Lisp/Org Utilities:** Structural editing, REPL evaluation, and automated formatting to ensure code integrity. - **Namespace Standardization:** Refactored utilities into =utils-org= and =utils-lisp= for predictable discovery. - **Autonomous Mandates:** Implemented =GEMINI.md= for local agentic enforcement of engineering standards. - **Onboarding Wizard:** Modular Lisp setup for multiple LLM providers. - **Professional TUI:** Styled, scrollable interface with improved diagnostics. * v0.1.0 - The Autonomous Foundation (2026-04-20) This is the initial MVP release of the ~passepartout~. It establishes a secure, auditable Lisp kernel for a personal operating system. ** Features - **Unified Envelope Architecture:** Actuator-agnostic protocol that decouples routing metadata from cognitive payloads, ensuring all clients (TUI, Emacs, CLI, Matrix) are treated as equal citizens. - **Metabolic Pipeline:** Robust Perceive-Reason-Act loop with selective memory rollbacks and graceful shutdown handling. - **Verification Lock:** Mandatory skill enforcement via environment configuration. System halts if security policies or bouncers fail to load. - **Foveal-Peripheral Context:** High-resolution focus on active tasks with low-resolution skeletal awareness of the rest of the Memex. - **The Bouncer:** Last-mile deterministic security gate with Deep Packet Inspection for secrets and network exfiltration. - **Autonomous Scribe:** Background distillation worker that turns daily journal entries into evergreen Zettelkasten notes. Verified to distill atomic concepts autonomously. - **Autonomous Gardener:** Heartbeat-driven worker that repairs broken links and identifies orphaned nodes in the Memex graph. - **Unified Onboarding:** Single-command installation (~passepartout.sh~) with Docker support, OS detection, and automated dependency resolution. - **Channel-Aware TUI:** Interactive Croatoan-based terminal client with clean, human-readable formatting for tool results and system logs. - **CLI Gateway:** Local TCP socket server for pipe-friendly interaction and frictionless first contact. ** Licensing & Community - **AGPLv3 License:** Passepartout is now officially licensed under the GNU Affero General Public License v3.0. - **Contributor License Agreement:** Implemented a broad CLA (~CLA.org~) for long-term project sustainability. ** Architectural Shift - Transitioned to **Literate Granularity**: Every function and invariant is now formally documented in its own Org block. - **Provider Agnosticism:** Implemented a dynamic LLM cascade (OpenRouter, Ollama, etc.) removing all hardcoded backend dependencies. - **Thin Harness Philosophy:** Decoupled the kernel from specific editors or third-party gateways.