release: v3.14.11 — track automatised-pipeline rename + fix pool allowlist

Two fixes:

1. ingest_codebase blocking bug. mcp_client_pool.get_client() did
   not inject _extra_allowed_commands, so the upstream binary was
   rejected by the base allowlist. Pool now mirrors what
   ap_bridge.py applies on its bridge path. ingest_codebase now
   succeeds when mcp-connections.json points at a valid binary.

2. Track upstream binary rename. cdeust/automatised-pipeline v0.0.7
   renamed the Rust binary from ai-architect-mcp to
   automatised-pipeline. Updated pipeline_installer (--bin flag,
   _BUILT_BINARY_REL), pipeline_discovery (_BINARY_CANDIDATES,
   _BUILT_RELATIVE), pipeline_install_release (asset naming),
   ap_bridge (allowlist), http_launcher / http_standalone
   (binary discovery).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: cdeust

.claude-plugin/plugin.json

@@ -1,7 +1,7 @@
 {
   "name": "cortex",
   "description": "Persistent memory for Claude Code — remembers across sessions automatically. Install and forget. Scientific retrieval backed by 41 published papers.",
-  "version": "3.14.10",
+  "version": "3.14.11",
   "author": {
     "name": "Clement Deust",
     "email": "admin@ai-architect.tools"

CHANGELOG.md

@@ -6,6 +6,45 @@ adheres to [Semantic Versioning](https://semver.org/).
 
 ## [Unreleased]
 
+## [3.14.11] — track automatised-pipeline binary rename + fix pool allowlist
+
+### Fixed
+
+- **`ingest_codebase` failed with `Command 'ai-architect-mcp' not in
+  allowed list`.** The pool path in `mcp_client_pool.get_client()`
+  instantiated `MCPClient` without injecting `_extra_allowed_commands`,
+  while the bridge path in `ap_bridge.py` injected `{"node",
+  "automatised-pipeline", "ai-architect-mcp"}` before connecting. The
+  `ingest_codebase` codepath went through the pool, so the upstream
+  binary was rejected by the base allowlist
+  (`['cortex', 'mcp-server', 'node', 'npx', 'python', 'python3']`).
+  Pool now mirrors the bridge's extension.
+
+### Changed
+
+- **Track upstream binary rename** (`automatised-pipeline` ≥ v0.0.7):
+  the upstream Rust binary is now named `automatised-pipeline` (was
+  `ai-architect-mcp`). Updated:
+  - `pipeline_installer.py`: `--bin automatised-pipeline` and
+    `_BUILT_BINARY_REL = "target/release/automatised-pipeline"`.
+  - `pipeline_discovery.py`: dropped legacy `ai-architect-mcp` from
+    `_BINARY_CANDIDATES`; `_BUILT_RELATIVE` updated.
+  - `pipeline_install_release.py`: release-asset naming convention
+    follows upstream (`automatised-pipeline-{os}-{arch}.tar.gz`).
+  - `ap_bridge.py`: dropped `ai-architect-mcp` from
+    `_extra_allowed_commands` (only `automatised-pipeline` + `node`).
+  - `http_launcher.py`, `http_standalone.py`: binary discovery uses
+    the new name.
+
+### Migration notes
+
+- Users running the upstream pipeline must update to v0.0.7 of
+  `cdeust/automatised-pipeline` (binary renamed). Cortex's source
+  build path (`pipeline_installer`) and prebuilt fast-path
+  (`pipeline_install_release`) both target the new name.
+- Existing installs at `~/.claude/methodology/bin/mcp-server` keep
+  working — the symlink target is rebuilt on next install.
+
 ## [3.14.10] — self-locating plugin MCP launcher
 
 ### Fixed

mcp_server/infrastructure/ap_bridge.py

@@ -223,13 +223,12 @@ async def connect(self) -> bool:
                 cfg = {**cfg, "callTimeoutMs": 0}
                 self._client = MCPClient(cfg)
                 # AP's binary is not in the default allowlist.
-                # ``ai-architect-mcp`` is the crate name in
-                # automatised-pipeline; ``node`` is for the
-                # plugin-cache resolution path.
+                # ``automatised-pipeline`` is the bin name shipped by
+                # cdeust/automatised-pipeline ≥ v0.0.7; ``node`` is for
+                # the plugin-cache resolution path.
                 self._client._extra_allowed_commands = {
                     "node",
                     "automatised-pipeline",
-                    "ai-architect-mcp",
                 }
                 await self._client.connect()
                 self._connected = True

mcp_server/infrastructure/mcp_client_pool.py

@@ -64,6 +64,14 @@ async def get_client(server_name: str) -> MCPClient:
     config = _load_server_config(server_name)
     client = MCPClient(config)
 
+    # Upstream MCP servers ship binaries that are not in the default
+    # allowlist. Mirror the extension that ap_bridge.py applies on its
+    # bridge path so the pool path is not silently rejected. Without
+    # this, ingest_codebase fails with "Command not in allowed list"
+    # even when mcp-connections.json correctly points at the binary.
+    # source: ap_bridge.py L226-L233 — same set, same reason.
+    client._extra_allowed_commands = {"node", "automatised-pipeline"}
+
     await client.connect()
     _pool[server_name] = client
 

mcp_server/infrastructure/pipeline_discovery.py

@@ -39,7 +39,6 @@
     "cortex-pipeline",
     "automatised-pipeline",
     "ai-automatised-pipeline",
-    "ai-architect-mcp",
 )
 
 # Common source-checkout locations. Relative to each user's working dir

mcp_server/infrastructure/pipeline_install_release.py

@@ -16,9 +16,9 @@
 
 Asset naming convention (upstream contract)
 -------------------------------------------
-- ``ai-architect-mcp-{os}-{arch}.tar.gz`` containing the binary at
-  the archive root as ``ai-architect-mcp``.
-- ``ai-architect-mcp-{os}-{arch}.tar.gz.sha256`` carrying the hex digest.
+- ``automatised-pipeline-{os}-{arch}.tar.gz`` containing the binary at
+  the archive root as ``automatised-pipeline``.
+- ``automatised-pipeline-{os}-{arch}.tar.gz.sha256`` carrying the hex digest.
 - ``{os}`` ∈ {macos, linux}; ``{arch}`` ∈ {x86_64, aarch64}.
 """
 
@@ -98,7 +98,7 @@ def _find_assets(release: dict, tag: str) -> Optional[tuple[str, str]]:
 def _verify_and_extract(
     tar_path: str, expected_sha: str, dest_dir: str
 ) -> Optional[str]:
-    """Verify SHA256, extract ``ai-architect-mcp`` to dest_dir, return path.
+    """Verify SHA256, extract ``automatised-pipeline`` to dest_dir, return path.
 
     Refuses tar entries that escape dest_dir (path-traversal guard).
     """
@@ -116,7 +116,7 @@ def _verify_and_extract(
             target = (dest / member.name).resolve()
             if not str(target).startswith(str(dest) + os.sep) and target != dest:
                 return None
-            if member.isfile() and Path(member.name).name == "ai-architect-mcp":
+            if member.isfile() and Path(member.name).name == "automatised-pipeline":
                 # filter="data" enforces safe extraction (no symlinks
                 # outside dest, no special files, no setuid bits) —
                 # required default in Python 3.14, opt-in earlier.
@@ -182,7 +182,7 @@ def try_install_prebuilt(symlink_dest: Path) -> dict:
         # Move the verified binary into the methodology bin dir under a
         # versioned name so subsequent fast-path installs don't clash.
         symlink_dest.parent.mkdir(parents=True, exist_ok=True)
-        final = symlink_dest.parent / "ai-architect-mcp.prebuilt"
+        final = symlink_dest.parent / "automatised-pipeline.prebuilt"
         shutil.move(binary, str(final))
         os.chmod(final, 0o755)
 

mcp_server/infrastructure/pipeline_installer.py

@@ -42,10 +42,10 @@
 logger = logging.getLogger(__name__)
 
 _DEFAULT_GIT_URL = "https://github.com/cdeust/automatised-pipeline.git"
-_BUILT_BINARY_REL = "target/release/ai-architect-mcp"
+_BUILT_BINARY_REL = "target/release/automatised-pipeline"
 _DISABLE_ENV = "CORTEX_AUTO_INSTALL_PIPELINE"
 
-# Minimum acceptable size for a successfully-built ai-architect-mcp
+# Minimum acceptable size for a successfully-built automatised-pipeline
 # binary. The release build is multi-MB; anything below this threshold
 # is a corrupted or 0-byte file (disk full, killed compiler, etc.).
 _MIN_BINARY_BYTES = 1_024 * 1_024
@@ -149,7 +149,7 @@ def _install_locked(force_rebuild: bool, git_url: Optional[str]) -> dict:
     if force_rebuild or not _binary_is_usable(binary):
         env = {**os.environ, "PATH": f"{_CARGO_HOME_BIN}:{os.environ.get('PATH', '')}"}
         rc, tail = _run_quiet(
-            [cargo, "build", "--release", "--bin", "ai-architect-mcp"],
+            [cargo, "build", "--release", "--bin", "automatised-pipeline"],
             cwd=str(src),
             env=env,
             timeout=1800,

mcp_server/server/http_launcher.py

@@ -97,12 +97,12 @@ def _is_cortex_root(p: Path) -> bool:
 
 
 def _find_ap_binary() -> str | None:
-    """Locate a built ``ai-architect-mcp`` (automatised-pipeline).
+    """Locate a built ``automatised-pipeline`` (automatised-pipeline).
 
     Checks, in order:
       1. ``CORTEX_AP_COMMAND`` already set — caller knows the path.
-      2. A sibling dev checkout: ``~/Documents/Developments/automatised-pipeline/target/release/ai-architect-mcp``.
-      3. ``ai-architect-mcp`` on ``PATH``.
+      2. A sibling dev checkout: ``~/Documents/Developments/automatised-pipeline/target/release/automatised-pipeline``.
+      3. ``automatised-pipeline`` on ``PATH``.
 
     Returns the absolute binary path, or ``None`` if not buildable. We
     do NOT build here — building requires Rust + cmake and can take
@@ -112,11 +112,11 @@ def _find_ap_binary() -> str | None:
         return None  # caller explicitly configured it — leave alone
     dev = (
         Path.home()
-        / "Documents/Developments/automatised-pipeline/target/release/ai-architect-mcp"
+        / "Documents/Developments/automatised-pipeline/target/release/automatised-pipeline"
     )
     if dev.is_file() and os.access(dev, os.X_OK):
         return str(dev)
-    path_hit = shutil.which("ai-architect-mcp")
+    path_hit = shutil.which("automatised-pipeline")
     return path_hit
 
 
@@ -162,7 +162,7 @@ def _ensure_ap_graph(dev_src: Path | None, env: dict) -> None:
     try:
         subprocess.Popen(  # noqa: S603
             [
-                bin_path or "ai-architect-mcp",
+                bin_path or "automatised-pipeline",
             ],
             stdin=subprocess.PIPE,
             stdout=subprocess.DEVNULL,

mcp_server/server/http_standalone.py

@@ -281,14 +281,14 @@ def _auto_enable_ap() -> None:
         dev = (
             Path.home()
             / "Documents/Developments/automatised-pipeline"
-            / "target/release/ai-architect-mcp"
+            / "target/release/automatised-pipeline"
         )
         if dev.is_file() and os.access(dev, os.X_OK):
             bin_path = str(dev)
         else:
             import shutil as _sh
 
-            bin_path = _sh.which("ai-architect-mcp")
+            bin_path = _sh.which("automatised-pipeline")
     if bin_path is None and not os.environ.get("CORTEX_AP_COMMAND"):
         return
     if bin_path and not os.environ.get("CORTEX_AP_COMMAND"):

pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "neuro-cortex-memory"
-version = "3.14.10"
+version = "3.14.11"
 description = "Scientifically-grounded memory system based on computational neuroscience research"
 readme = "README.md"
 license = "MIT"