Release Notes

What changed in each MMRY AI release.

1.12.0

Added

• OAuth client management for admins. Account administrators can now register external AI platforms (ChatGPT GPT, MCP server, etc.) through a dedicated admin page. Create clients, rotate secrets, deactivate platforms, optionally revoke all active tokens on deactivation. Available at /admin/oauth-clients for users with the Admin role.
• Public API documentation. A curated OpenAPI 3.x spec at /openapi/v1.json describing just the public memory operations (load, search, save) and OAuth flow. Drop-in importable to ChatGPT's GPT builder Actions and MCP server tooling. The document is filtered so internal mechanics never appear in it.
• Friendlier rate-limit responses. When a request is rate-limited, the API now returns a clear JSON message with a "try again in N seconds" hint instead of a blank response. The Authorize page displays the message instead of showing an unexpected-error.

Security

• Rotating an OAuth client's secret instantly revokes every active access and refresh token for that client. The platform sees its old tokens fail, refreshes against the new secret, and is back online — a stolen secret can't keep a tail of valid tokens alive.
• Deactivating an OAuth client removes it from new authorization flows immediately; existing tokens can be revoked at the same time with one checkbox.
• Admin secret-display modal shows the raw secret exactly once with an explicit warning that it can't be retrieved later.

Engineering

• Deployment scripts now enforce release-branch discipline (refuse to publish production unless on main) and run a 7-probe smoke after every deploy — catches the stale-assembly bug automatically.
• Backend integration test suite moved into the API repository for version control.

1.11.0

Added

• Cross-platform integration foundation. MMRY AI now supports OAuth 2.0 authorization so external AI assistants can connect to your memories with your permission. The groundwork for upcoming ChatGPT, Copilot, Gemini, and Cursor integrations.
• Public /v1/ memory API. A clean three-operation surface (load, search, save) that external platforms call on your behalf. Your memories stay yours; platforms only see what they need to help.
• Authorization consent screen. When an external platform requests access, you log in to MMRY AI and explicitly approve. You stay in control of which platforms can read or write your memories.
• Per-platform usage tracking. Every external request is logged so you can see which platforms are using MMRY AI on your behalf.

Security

• OAuth tokens are stored only as SHA-256 hashes. The raw token is returned to the platform once and never logged.
• Refresh tokens rotate on every use. A stolen refresh token is invalidated the moment the real platform uses its replacement.
• PKCE (Proof Key for Code Exchange) is supported for platforms that use it, adding a second layer of protection against intercepted authorization codes.

Notes

• No external platforms are registered yet. The first registrations (ChatGPT GPT, MCP servers) are the next phase. Existing Claude Code plugin users see no change; the plugin continues to use the same authentication it already had.

1.10.0

Changed

• Brand alignment: the plugin is now MMRY AI. Slash commands moved from /mnemo: to /mmry:. Install path moved to ~/.claude/mmry/.
• Plugin version bumped to 2.0.0 to reflect the brand cutover.

Fixed

• Plugin setup opens your default browser reliably from Git Bash, MSYS2, Cygwin, and WSL on Windows.
• Setup polling now shows a "still waiting" status so it never appears hung.

Upgrade

• Existing installs will not auto-update across the rename. Run /plugin uninstall mnemo@mnemo-plugin then /plugin install mmry@mmry-plugin to migrate.

1.9.0

Fixed

• Multi-hour sessions now produce memories reliably.
• Plugin auto-updates reach all installs, including legacy ones.

Changed

• Save reminders are less frequent and incremental.

1.8.0

Fixed

• Saved memories preserve your content verbatim.
• Concurrent sessions no longer cross-contaminate.

Changed

• /mnemo:save returns a one-line confirmation of what was stored.

Removed

• /mnemo:remember (use /mnemo:save).

1.7.0

Fixed

• Group and Private visibility honored on AI-processed memories.
• /mnemo:save no longer announces internal classification details.
• Reduced cross-session contamination on concurrent sessions.

1.4.0

Added

• Server-side AI memory processing.
• Procedure category for how-to knowledge.
• Tier promotion endpoint.
• Foundation tier write protection.
• Plugin self-update.

1.3.0

Added

• Export all memories as JSON.

Fixed

• Missing or malformed request bodies return 400.
• Wrong HTTP method returns 405.

1.2.1

Fixed

• Top navigation alignment.

1.2.0

Added

• Invitation-based user onboarding.
• Browser-based device authorization for plugin setup.
• Account dashboard at /account.
• Trial-to-paid flow via Stripe checkout.
• Self-service password reset.
• Feedback submission.

1.1.0

Added

• Credit metering and auto-recharge.
• Volume-tiered subscription pricing.
• Stripe subscription management.
• 14-day free trial on registration.
• Memory visibility: Global, Group, and Private.
• Permission groups and access rules.
• Web-based login and registration.

1.0.0

Added

• Initial release.
• Memory storage, retrieval, search, and tier-based expiration.
• JWT and API key authentication.
• Multi-tenant isolation.