Releases: oscharko-dev/Keiko
Keiko 0.2.8
Automated Keiko 0.2.8 release.
- Published @oscharko-dev/keiko@0.2.8 to https://registry.npmjs.org/.
- npm dist-tag: latest.
- Registry install smoke passed before this GitHub Release was created or updated.
- Release generated by
npm run release:publish.
Keiko 0.2.7
Automated Keiko 0.2.7 release.
- Published @oscharko-dev/keiko@0.2.7 to https://registry.npmjs.org/.
- npm dist-tag: latest.
- Registry install smoke passed before this GitHub Release was created or updated.
- Release generated by
npm run release:publish.
Keiko 0.2.6
Automated Keiko 0.2.6 release.
- Published @oscharko-dev/keiko@0.2.6 to https://registry.npmjs.org/.
- npm dist-tag: latest.
- Registry install smoke passed before this GitHub Release was created or updated.
- Release generated by
npm run release:publish.
Keiko 0.2.5
Patch release for the PWA desktop-install icon sizing.\n\n- Regenerates the PWA app icon set with the approved green/black icon and smaller centered mark.\n- Publishes @oscharko-dev/keiko@0.2.5 and workspace packages as npm latest.\n- Includes the Lite LLM routing hardening from 0.2.4.\n\nVerification:\n- PR #1436 checks passed.\n- release/0.2 CI passed.\n- v0.2.5 Release verification passed.\n- npm registry install smoke passed.
Keiko 0.2.0
Keiko 0.2.0
Keiko 0.2.0 is the largest release to date: it introduces Quality Intelligence (requirement-grounded test design with evidence, coverage traceability, drift detection, and an adversarial quality judge), the Figma design connector, MemoriaViva governed enterprise memory with encryption at rest, the semantic relationship engine, real SSE token streaming, and a forward-only modular package architecture — verified end to end against a live Azure AI Foundry deployment.
Install
npm install @oscharko-dev/keiko
npx keiko init
npm run keiko:startThen open http://127.0.0.1:1983.
Upgrading from 0.1.x: 0.2.0 is a forward-only modular baseline (ADR-0025). Install fresh via the steps above; re-run keiko init in your projects.
Quality Intelligence (new)
A native Workspace window that turns connected sources into reviewable, evidence-backed test-case candidates:
- Connect sources like Chat: a single Fachkonzept file, folders, Knowledge Capsules/capsule sets, Figma snapshots — up to 16 sources simultaneously with a fair byte budget, fail-soft skipping, and dropped-source notices (#709, #710, #729).
- Determinism-first, model-independent: capability-based model routing (no hard-coded model ids), deterministic structural stages, seed + response-format reproducibility, full model attribution in evidence (#761).
- Coverage Intelligence: run-size-independent coverage confidence, Gap Radar, and a bidirectional requirement↔test traceability matrix (CSV/Markdown) with human-readable requirement excerpts (#734, #790).
- Living Tests: source-drift detection via content fingerprints and targeted regeneration that preserves untouched candidates (#735).
- Adversarial test-quality judge: an optional model-judge tier that flags weak tests with rationale — fail-soft, budgeted, fully audited (#736).
- Inline editing of candidates on the Workspace canvas with immutable evidence manifests and audit trail (#712).
- Multi-format export: PDF, Markdown, plain text, ZIP bundle, plus a Quality Center dry-run preview with a hard 403 write guard (#711).
Figma design connector (new)
Connect a Figma board read-only via personal access token: deterministic clean Snapshot (Screen-IR, design tokens, links), screen navigation/flow graph, accessibility baseline, design-to-tests and a first design-to-code slice — model-free by default, with capability-routed vision augmentation and governed consent, audit, and a coded error taxonomy (#750).
MemoriaViva enterprise memory (new name, new depth)
- Encryption at rest (AES-256-GCM secretbox vault, ADR-0035) — no plaintext memory on disk.
- Salience capture from natural conversation, plasticity (decay/forget governance,
keiko memory maintain), and semantic retrieval via embeddings (#204).
Conversation Center
- Real SSE token streaming — first token ~0.4 s instead of ~15 s on TLS-intercepted networks (#152).
- Evidence-driven connected repository context: connect any local folder (also outside the project), N+1 sources, hardened credential deny-list, coverage notices (#177).
- Local knowledge connectors and persistent Knowledge Capsules with capsule sets and vector retrieval (#189).
- Reciprocal-rank-fusion grounding so folders and connectors share one budget without dominance, with operator-configurable grounding limits (#532).
Workspace platform
- Governed desktop-shell workspace, WCAG 2.2 AA verified in both themes (#518).
- Semantic relationship engine: governed Files↔Chat relationships with data-flow visualization (#532).
- Installable branded PWA; the app shell is now served network-first so redeploys never strand stale chunks (#121, #842).
- Platform baseline migrated to Next.js 16 and ESLint 9 flat config (#862/#926); all supply-chain gates pass on the new stack.
Architecture and security
- Forward-only 0.2.0 modular baseline: 22 workspace packages behind error-severity architecture gates, bundled single-product publish, supply-chain checks and SBOM (#156, #423).
- Security posture verified for this release: global CSRF guard on every state-changing route, redaction before every model call and every persisted leaf, credential deny-lists at root and traversal level (now including project registration), exact-host Figma egress validation plus render-URL SSRF guarding, secrets never in error messages, 0
npm auditfindings. - Release-branch hardening: grounded runs are fail-soft per source — a broken or vanished connected source is skipped with a visible notice and the answer is built from the remaining healthy sources; a denied-only connection still fails closed.
Verification
- 7,051 root tests + 1,437 UI tests green; typecheck, lint, dependency-cruiser architecture gates, package-surface, version-consistency, supply-chain and install smokes all pass.
- All 20 release epics re-verified against their acceptance criteria at the release commit; every formerly open user finding was either fixed in a merged hardening PR (closed with evidence) or fixed in this release (#790).
Known limits
- Positive multimodal vision augmentation (Figma image understanding) is platform-deferred: the gateway message contract is text-only end to end; routing and graceful degradation are shipped (#810/#754).
- Local Knowledge embedding model selection falls back to the first configured provider (#621).
- Quality Center export is dry-run preview only by design; live writes return 403.
Install availability update (2026-06-22)
The npm latest dist-tag is @oscharko-dev/keiko@0.2.0. The root package and all 21 runtime workspace packages are public on npm with latest=0.2.0; fresh npm and Yarn 4.9.1 registry install smokes pass from https://registry.npmjs.org/.
If installation through a corporate Nexus proxy still returns a 404 for @oscharko-dev/keiko-cli or another @oscharko-dev/* runtime package, invalidate the Nexus negative cache for the @oscharko-dev scope or retry after its TTL. The packages resolve from npmjs.org.
Keiko 0.2.0 beta.5
Keiko 0.2.0 beta.5
Beta prerelease for the release/0.2.0 stabilization line.
Included release-line changes
- Fix explicit grounded file scopes so connected single files are included even when the user prompt has no lexical hit.
- Include the latest merged release-line hardening fixes before tagging beta.5.
- Bump root, workspace, lockfile, and
KEIKO_PRODUCT_VERSIONmetadata to0.2.0-beta.5.
Publication
- npm package:
@oscharko-dev/keiko@0.2.0-beta.5 - npm dist-tag:
beta - Source tag:
v0.2.0-beta.5
Release evidence
- Tag-push release verification: https://github.com/oscharko-dev/Keiko/actions/runs/27463170934
- Manual publish workflow: https://github.com/oscharko-dev/Keiko/actions/runs/27463175801
Keiko 0.2.0 beta.4
What's Changed
Full Changelog: v0.2.0-beta.3...v0.2.0-beta.4
Contributors
Assets 2
Keiko 0.2.0-beta.0
Community beta release for Keiko 0.2.0.\n\nPublished to npm with dist-tag beta: @oscharko-dev/keiko@0.2.0-beta.0.\n\nInstall: npm install @oscharko-dev/keiko@beta\n\nRelease workflow: https://github.com/oscharko-dev/Keiko/actions/runs/27269754662
Keiko 0.1.7
Keiko 0.1.7
Keiko 0.1.7 is the current public npm release for local enterprise evaluation.
Install
npm install @oscharko-dev/keiko
npx keiko init
npm run keiko:startThen open:
http://127.0.0.1:1983