# Changelog

```json
{"@context":"https://schema.org","@type":"ItemList","name":"Journal des modifications \u2014 Mnemom","description":"Ce qui a \u00e9t\u00e9 livr\u00e9 r\u00e9cemment sur la plateforme Mnemom \u2014 s\u00e9curit\u00e9, fiabilit\u00e9 et mises \u00e0 jour de la plateforme, avec une posture honn\u00eate, pas du marketing.","url":"https://www.mnemom.ai/fr/changelog","inLanguage":"fr-FR","publisher":{"@id":"https://www.mnemom.ai#organization"},"dateModified":"2026-06-08","itemListElement":[{"@type":"ListItem","position":1,"item":{"@type":"CreativeWork","name":"Standard agent-discovery surfaces are published and resolvable.","datePublished":"2026-06-05","url":"/for-agents"}},{"@type":"ListItem","position":2,"item":{"@type":"CreativeWork","name":"AEGIS L5: public advisories and STIX 2.1 IoC feed are live.","datePublished":"2026-05-23","url":"/trust/advisories"}},{"@type":"ListItem","position":3,"item":{"@type":"CreativeWork","name":"The threat thermometer now reads live per-axis Protection Network state.","datePublished":"2026-05-23","url":"https://docs.mnemom.ai/concepts/protection-network"}},{"@type":"ListItem","position":4,"item":{"@type":"CreativeWork","name":"L1 cross-tenant aggregator: campaign-state rolling stats across customers.","datePublished":"2026-05-22","url":"https://docs.mnemom.ai/concepts/protection-network"}},{"@type":"ListItem","position":5,"item":{"@type":"CreativeWork","name":"Safe House per-evaluation webhooks (sh.*) are wired end-to-end.","datePublished":"2026-05-22","url":"https://docs.mnemom.ai/specs/webhooks"}},{"@type":"ListItem","position":6,"item":{"@type":"CreativeWork","name":"Continuous adversarial arena: 15 canonical personas, mutation-phase gated.","datePublished":"2026-05-22","url":"https://docs.mnemom.ai/concepts/arena"}},{"@type":"ListItem","position":7,"item":{"@type":"CreativeWork","name":"Customer false-negative and false-positive reports feed the Managed Rules pipeline.","datePublished":"2026-05-22","url":"https://docs.mnemom.ai/guides/recipes-report"}},{"@type":"ListItem","position":8,"item":{"@type":"CreativeWork","name":"Three reviewer modes \u2014 with a structural dual-control invariant on tier 1-2.","datePublished":"2026-05-22","url":"https://docs.mnemom.ai/concepts/protection-network"}},{"@type":"ListItem","position":9,"item":{"@type":"CreativeWork","name":"Admin review queue with append-only audit chain.","datePublished":"2026-05-22","url":"https://www.mnemom.ai/changelog#aegisReviewQueue"}},{"@type":"ListItem","position":10,"item":{"@type":"CreativeWork","name":"Ed25519-signed Managed Rules with KV+R2 dual-write and a 24h observe soak.","datePublished":"2026-05-21","url":"https://docs.mnemom.ai/concepts/protection-network"}},{"@type":"ListItem","position":11,"item":{"@type":"CreativeWork","name":"Substrate fingerprinting: every evaluation now carries the L0 axis identity.","datePublished":"2026-05-20","url":"https://docs.mnemom.ai/concepts/supply-chain-detection"}},{"@type":"ListItem","position":12,"item":{"@type":"CreativeWork","name":"D\u00e9tecteurs Safe House renforc\u00e9s sur les classes de prompt injection et de fuite de PII.","datePublished":"2026-03-31","url":"https://docs.mnemom.ai/guides/safe-house-config"}},{"@type":"ListItem","position":13,"item":{"@type":"CreativeWork","name":"L'identit\u00e9 d'agent par passkey et cl\u00e9 mat\u00e9rielle est active.","datePublished":"2026-03-24","url":"https://docs.mnemom.ai/concepts/agent-identity"}},{"@type":"ListItem","position":14,"item":{"@type":"CreativeWork","name":"La passerelle auto-scale d\u00e9sormais au plafond M0 sans changement c\u00f4t\u00e9 op\u00e9rateur.","datePublished":"2026-03-15","url":"https://www.mnemom.ai/changelog#scaleM0"}}]}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.mnemom.ai/fr"},{"@type":"ListItem","position":2,"name":"Ce que nous avons livr\u00e9.","item":"https://www.mnemom.ai/fr/changelog"}]}
```

Livré

# Ce que nous avons livré.

Un journal honnête de ce qui a été mis en ligne, quand et pourquoi cela compte. Pas de vernis marketing — juste les changements, la posture qu'ils débloquent et les justificatifs.

2026-06-05

Plateforme

## Standard agent-discovery surfaces are published and resolvable.

An agent with no prior knowledge can now find the Mnemom API, learn how to authenticate, and see what skills it can invoke — entirely from standard files at www.mnemom.ai. Every URL resolves to something real; nothing is aspirational.

-   <code>/.well-known/api-catalog</code> (RFC 9727) points at the live OpenAPI 3.1 spec; <code>/.well-known/oauth-protected-resource</code> and <code>/.well-known/oauth-authorization-server</code> (RFC 9728) faithfully mirror our real upstream IdP (Supabase GoTrue) — we run no first-party OAuth server, stated plainly in <code>/auth.md</code>.
-   <code>/.well-known/agent-skills/\*</code> lists invokable skills backed only by real public endpoints, and <code>/.well-known/agent-card.json</code> ships an A2A-style service card; Content-Signal directives in robots.txt declare our search and AI posture.
-   Added the <code>api-auth-discovery</code> commitment to the agent-readiness manifest, verified nightly against production.

[Read the agent-readiness manifest](/fr/for-agents)

2026-05-23

Protection

## AEGIS L5: public advisories and STIX 2.1 IoC feed are live.

The transparency surface of the Protection Network is open. /trust/advisories carries signed post-incident write-ups; /v1/trust/iocs serves a STIX 2.1 indicator bundle. Empty by design at GA — the system tells the truth.

-   <code>/trust/advisories</code> is live with its first synthetic post-mortem, clearly labeled synthetic per the calm-at-GA contract.
-   /v1/trust/iocs returns a STIX 2.1 bundle, authenticated and rate-limited, ready for threat-intel pipelines (curl + JSON-LD).
-   New <code>advisory.published</code> and <code>ioc.added</code> webhook events join the catalog, so threat-intel pipelines can react the moment the Protection Network publishes.

[Read the latest advisory](/fr/trust/advisories)

2026-05-23

Protection

## The threat thermometer now reads live per-axis Protection Network state.

Customers now see the cross-tenant threat picture at <code>/dashboard/threats</code>: per-axis state across substrate, vertical, pattern, and source, refreshed every 30 seconds. Calm at GA, by design.

-   <code>GET /v1/network/threat-state</code> returns per-axis aggregation of the live Protection Network picture, ready to poll from your dashboards.
-   A dashboard page at <code>/dashboard/threats</code> ships with four per-axis cards and a totals card.
-   A new <code>network.threat\_level.changed</code> event lets you wire threat-level transitions straight into your own alerting.

[Read the Protection Network concept](https://docs.mnemom.ai/concepts/protection-network)

2026-05-22

Protection

## L1 cross-tenant aggregator: campaign-state rolling stats across customers.

Per-axis rolling stats now correlate signals across arena, Sideband, and integrity-checkpoint traffic — the cross-tenant correlation engine that sees campaigns no single customer could.

-   The correlation engine joins per-axis fingerprints across integrity, arena, and Sideband signals to build campaign-level state no single tenant can see.
-   Per-bucket state machine with 6h-window hysteresis on exit; states wired to cells.ts via four concrete campaign\_state cells (safe-house-hardening#246).
-   The engine refreshes continuously, keeping the cross-tenant picture current across the whole Protection Network.

[Read the Protection Network concept](https://docs.mnemom.ai/concepts/protection-network)

2026-05-22

Plateforme

## Safe House per-evaluation webhooks (sh.\*) are wired end-to-end.

Five Safe House front-door events join the AEGIS catalog with per-org delivery mode controls — table-stakes for SOC/SIEM integration. Brings the AEGIS-GA webhook catalog from 10 to 15 fully-wired events.

-   New <code>sh.evaluation.warn</code> / <code>quarantine</code> / <code>block</code> webhook events fire at each verdict point, plus <code>sh.session.escalated</code> when a session crosses a risk tier.
-   Per-org delivery modes (full, 10% sampled, or summary-only) keep high-traffic orgs in control, with HMAC-signed delivery on every event.
-   13 sh\_emission cells in the harness pin every checkpoint × mode firing path (safe-house-hardening#247).

[Read the webhook spec](https://docs.mnemom.ai/specs/webhooks)

2026-05-22

Protection

## Continuous adversarial arena: 15 canonical personas, mutation-phase gated.

The adversarial arena now spans every canonical threat type across all four Safe House checkpoints, with mutation-phase gating that lets attacks evolve only while detection holds. Findings that slip past feed straight into the Managed Rules pipeline.

-   All 15 personas now cover every canonical threat type across the four Safe House checkpoints, including a supply-chain archetype at inside.integrity.
-   Mutation-phase gating lets attacks evolve per fingerprint bucket only while detection holds, with hysteresis to prevent thrash.
-   Attacks that beat detection are captured automatically as Managed Rules candidates over an isolated, attribution-stamped path — no human in the loop to lose a finding.

[Read the arena concept](https://docs.mnemom.ai/concepts/arena)

2026-05-22

Protection

## Customer false-negative and false-positive reports feed the Managed Rules pipeline.

Customer signal is now a first-class source. Reports flow through an authenticated endpoint, a CLI command, and an acknowledgment-email pipeline that ships in five locales — feeding the same candidate review queue as arena and the cross-tenant aggregator.

-   The report endpoint is live, with a <code>recipe.candidate.created</code> webhook fan-out to your account whenever a report becomes a rule candidate.
-   <code>mnemom recipes report-fn</code> and <code>report-fp</code> commands shipped in the @mnemom/mnemom CLI.
-   Customer-FN acknowledgment email rendered in en/fr/de/it/es via the Track D template pipeline.

[Read the recipes report guide](https://docs.mnemom.ai/guides/recipes-report)

2026-05-22

Sécurité

## Three reviewer modes — with a structural dual-control invariant on tier 1-2.

Platform admins can flip reviewer mode between manual, auto-approve-trusted-sources, and auto-approve-high-confidence. The protective invariant is structural, not procedural: tier-1 and tier-2 rules can never auto-promote without human dual-control, regardless of mode.

-   Reviewer mode and threshold persist platform-wide and are read and written through <code>/v1/admin/settings/reviewer-mode</code>, with every change written to the audit trail.
-   The admin reviewer-mode control ships with a confirmation step and full audit attribution on every change.
-   Three concrete reviewer\_mode cells pin the invariant: trusted-sources promotes tier-3, high-confidence inserts ONE approval on tier-1 but does NOT promote, manual blocks all auto-approval (safe-house-hardening#245).

[Read the Protection Network concept](https://docs.mnemom.ai/concepts/protection-network)

2026-05-22

Sécurité

## Admin review queue with append-only audit chain.

Platform admins now triage Managed Rule candidates from a dedicated queue: approve, reject, needs-changes, or promote. Every action lands as a service-role-only INSERT on an append-only chain — the audit surface CISOs and regulators can rely on.

-   Every review action lands on an append-only chain, rooted at candidate creation and running through promotion or retirement — the audit surface CISOs and regulators can rely on.
-   An admin review-queue UI ships with full rule detail and telemetry.
-   Every state transition emits a governance signal, and no rule can go active without dual-control sign-off — two-person approval enforced by the platform, not by policy.

2026-05-21

Protection

## Ed25519-signed Managed Rules with KV+R2 dual-write and a 24h observe soak.

Promoting a recipe to a Managed Rule is now a cryptographically signed event. Each rule is Ed25519-signed, served fail-closed, and routed through a 24-hour observe soak before it enforces in production.

-   Promotion cryptographically signs each rule; gateways verify the signature and serve through a tiered, fail-closed read path with a sub-30s P95 propagation target.
-   Rules escalate from observe to active automatically, with auto-rollback if the false-positive rate climbs; the reasoning surfaces in <code>recipe.promoted</code> and <code>recipe.retired</code> webhooks.
-   A nightly sweep automatically retires rules with zero hits after 90 days, so the active rule set stays lean and current.

[Read the Protection Network concept](https://docs.mnemom.ai/concepts/protection-network)

2026-05-20

Protection

## Substrate fingerprinting: every evaluation now carries the L0 axis identity.

The supply-chain detection signal is live. Every integrity checkpoint, arena attempt, and sideband analysis is now stamped with substrate, vertical, pattern, and source fingerprints — the cross-tenant correlation key that catches behavioral deviation across every customer running on the same substrate.

-   Every evaluation is now stamped with its four-axis substrate fingerprint at write time — deployed in production.
-   The underlying data model for the Protection Network is in place, with row-level isolation enforced from the first write.
-   Rules compose like cards — Platform → Org → Team → Agent, strictest-wins.

[Read the supply-chain detection concept](https://docs.mnemom.ai/concepts/supply-chain-detection)

2026-03-31

Sécurité

## Détecteurs Safe House renforcés sur les classes de prompt injection et de fuite de PII.

Les détecteurs front-door et back-door ont reçu une passe de calibration. Moins de faux positifs sur les appels d'outils légitimes, un taux de blocage plus net sur les nouveaux schémas d'injection — sans élargir les données que nous collectons.

-   Détecteurs de prompt injection réentraînés sur un corpus adversarial récent ; 12 % de faux positifs en moins.
-   Le filtrage back-door capte désormais les fuites de PII sur tokens fragmentés (par ex. numéros de sécurité sociale ou de carte répartis sur plusieurs chunks streamés).
-   Le format de verdict signé inclut désormais la version du détecteur, afin que les auditeurs puissent reproduire le classifieur exact utilisé.

[Lire le guide de configuration Safe House](https://docs.mnemom.ai/guides/safe-house-config)

2026-03-24

Sécurité

## L'identité d'agent par passkey et clé matérielle est active.

Les agents peuvent désormais être liés à une passkey ou à une clé matérielle dès le premier jour. La signature Ed25519 reste le défaut ; l'identité d'agent adossée à WebAuthn est disponible pour les équipes qui veulent un onboarding d'agent infalsifiable.

-   Attestation WebAuthn prise en charge pour l'enrôlement d'agents.
-   La rotation d'identité d'agent ne casse pas les chaînes de preuves historiques ; les anciennes clés restent vérifiables.
-   Fonctionne sur la passerelle auto-hébergée comme sur les tenants managés.

[Lire le guide sur l'identité d'agent](https://docs.mnemom.ai/concepts/agent-identity)

2026-03-15

Fiabilité

## La passerelle auto-scale désormais au plafond M0 sans changement côté opérateur.

Travail de fiabilité en coulisse. La passerelle managée provisionne élastiquement pour les pics de trafic jusqu'au plafond M0 sans aucune config côté tenant. Les déploiements auto-hébergés récupèrent les mêmes défauts d'autoscaler dans le chart Helm.

-   Auto-scale de 2 à 10 réplicas selon un CPU soutenu > 70 %.
-   Chemin de démarrage à froid réduit de 40 % pour l'image auto-hébergée.
-   Aucun changement de tarif — la montée en charge reste dans le plafond de votre palier.

## Voyez ce que la plateforme prouve réellement.

Chaque changement livré étaie l'une de deux affirmations : ce que nous prouvons, ou comment nous protégeons vos agents.

[Ce que nous prouvons](/fr/what-we-prove)[La Safe House](/fr/security)

---
_Source: /fr/changelog/index.html · Generated by build-markdown-mirrors.mjs · For agent-readability commitment #4 see https://www.mnemom.ai/for-agents_