Skip to content

Releases: initializ/forge

v0.2.0

26 Feb 06:47
@initializ-mk initializ-mk
v0.2.0
b9d9d07
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.2.0 Latest
Latest

Forge v0.2.0

Forge is a secure, portable AI agent runtime. Run agents locally, in cloud, or enterprise environments without exposing inbound tunnels.

This release introduces long-term agent memory with hybrid vector + keyword search, multi-provider LLM failover, a modular skills architecture with security analysis, and a redesigned Bubble Tea TUI wizard — along with numerous bug fixes and developer experience improvements.

Highlights

Long-Term Agent Memory (PR #8)

Agents can now accumulate knowledge across sessions. Observations from tool results and assistant decisions are automatically captured before compaction discards old messages, then persisted as daily markdown logs alongside a curated MEMORY.md. A hybrid search engine combines vector cosine similarity with keyword overlap and temporal decay to retrieve the most relevant context.

  • Embedder interface with OpenAI (text-embedding-3-small), Gemini, and Ollama (nomic-embed-text) providers
  • Pluggable VectorStore interface with file-based JSON implementation (ready for future Qdrant/Pinecone swap)
  • Hybrid search: 70% vector similarity + 30% keyword overlap, exponential decay (7-day half-life), MEMORY.md marked evergreen
  • memory_search and memory_get builtin tools — agents query their own long-term memory
  • MemoryFlusher hook in the compactor pipeline captures observations before discard
  • Graceful degradation: no embedder → keyword-only search; no memory dir → skip silently; corrupted index → auto-rebuild

Enable with memory.long_term: true in forge.yaml or FORGE_MEMORY_LONG_TERM=true.

LLM Fallback Chains and OpenAI OAuth (PR #7)

Production agents need resilience. Forge now supports automatic failover across multiple LLM providers with intelligent error classification and cooldown tracking.

  • FallbackChain wraps multiple LLM clients — retries on rate limits (429), server errors (503), and timeouts
  • Cooldown tracker prevents hammering failed providers
  • Auto-detection from available API keys (OPENAI_API_KEY, ANTHROPIC_API_KEY, etc.)
  • OpenAI OAuth with Authorization Code + PKCE flow, browser-based login, and auto-refresh
  • Responses API client for ChatGPT OAuth / Codex endpoints
  • Configure via forge.yaml, FORGE_MODEL_FALLBACKS env, or the init wizard

Modular Skills Architecture (PR #6)

Skills are now a standalone forge-skills module with a complete trust and security pipeline.

  • forge-skills/ module: autodiscovery, SkillRegistry interface, SKILL.md-per-subdirectory convention, embedded filesystem
  • Trust model: SHA-256 integrity checksums, Ed25519 signature verification, keyring management
  • Security analyzer: deterministic risk scoring, configurable policy enforcement, audit report generation
  • CLI commands: forge skills audit [--format text|json], forge skills sign --key <path>, forge skills keygen <name>
  • Build pipeline: SecurityAnalysisStage blocks builds on policy violations, writes compiled/security-audit.json

Bubble Tea TUI Wizard and Web Search (PRs #4, #3, #2)

  • Redesigned init wizard using Bubble Tea with multi-step navigation, back/forward, secret masking, and live validation
  • Tavily web search provider alongside Perplexity with auto-detection
  • Telegram typing indicator support
  • Bug fixes: esc quit, back-navigation state resets, env var deduplication, egress domain filtering

What's Changed

New Features

  • Long-term agent memory with hybrid vector + keyword search (#8)
  • LLM fallback chains with cooldown tracking and error classification (#7)
  • OpenAI OAuth login with PKCE and auto-refresh (#7)
  • Modular skills architecture with trust model and security analyzer (#6)
  • Tavily web search integration (#4)
  • Bubble Tea TUI init wizard with multi-step navigation (#4)
  • Telegram typing indicator (#4)
  • memory_search and memory_get builtin tools (#8)
  • forge skills audit, forge skills sign, forge skills keygen CLI commands (#6)

Improvements

  • Embedder auto-resolution from LLM provider config with Anthropic fallback (#8)
  • Auto-detect fallback providers from available API keys (#7)
  • Background memory indexing at startup (#8)
  • Model-aware context budgeting (#7)
  • Custom tool entrypoint resolved relative to working directory (#5)

Bug Fixes

  • Fix OAuth/API-key routing preventing Codex endpoint misuse (#7)
  • Fix esc key quit and back-navigation loop in wizard (#4)
  • Fix spacebar not working after back-navigation (#4)
  • Fix skills step re-prompting for provider API key (#4)
  • Fix panic in skills step when navigating back (#4)
  • Deduplicate env vars in .env file and wizard prompts (#4)

Configuration

# forge.yaml — new memory configuration
memory:
  persistence: true          # session memory (default: true)
  long_term: true            # cross-session memory (default: false)
  memory_dir: .forge/memory  # long-term memory storage
  embedding_provider: openai # auto-detected from LLM provider
  vector_weight: 0.7         # vector vs keyword balance
  keyword_weight: 0.3
  decay_half_life_days: 7    # temporal decay for daily logs

# fallback configuration
model:
  provider: anthropic
  name: claude-sonnet-4-20250514
  fallbacks:
    - provider: openai
      name: gpt-4o
    - provider: gemini
      name: gemini-2.5-flash

On-Disk Memory Layout

.forge/memory/
├── MEMORY.md          # Curated facts (evergreen, no decay)
├── 2026-02-26.md      # Today's observation log
├── 2026-02-25.md      # Yesterday's log
└── index/
    └── index.json     # Embedding vectors (internal, never in context window)

Stats

Full Changelog

v0.1.0...v0.2.0

Contributors

initializ-mk and ratnesh-maurya
Assets 9
Loading

v0.1.0

22 Feb 09:35
@github-actions github-actions
v0.1.0
029f382

Choose a tag to compare

View all tags
v0.1.0

Changelog

  • 539c4fc Add multi-module codebase: forge-core, forge-cli, forge-plugins
  • 5d72b7a Fix .gitignore: use /forge to only ignore root binary
  • dd8aacf Fix CI build: cd into forge-cli module before go build
  • 361eafe Fix CI workflow for Go workspace multi-module layout
  • 4c299cf Fix all golangci-lint issues across all modules
  • 919b925 Fix all remaining errcheck: resp.Body.Close and os.WriteFile
  • 44d9459 Fix goreleaser: remove deprecated replacements field
  • 50acb64 Fix integration test: import slack/telegram from forge-plugins
  • 84fe6ec Fix last 5 errcheck: os.WriteFile and resp.Body.Close
  • 831c89e Fix lint CI: pass explicit module paths to golangci-lint
  • eb938a8 Fix lint CI: upgrade golangci-lint to v2 for Go 1.25 support
  • c5208e3 Fix lint CI: use explicit golangci-lint version v2.10.1
  • eaf9f01 Fix remaining errcheck lint issues
  • abf65a0 Fix remaining lint issues and update test assertion
  • c197a02 Initial commit
  • 029f382 Merge branch 'develop'
  • 448d748 Merge pull request #1 from initializ/develop
  • b58a972 Run gofmt on all Go source files
Loading