What's new in Hindsight 0.6.2

Hindsight 0.6.2 is a maintenance release focused on security and migration reliability. It bumps several vulnerable dependencies across the Python and npm stacks, repairs a stuck-migration state that affected some production deployments on 0.6.x, and ships a handful of integration fixes for Claude Code, the Agent SDK, the CLI, and Paperclip. We recommend all users on 0.6.x upgrade.

• Security: Vulnerable dependencies bumped — litellm ≥1.83.14, urllib3 2.7.0, and additional high/critical pip and npm packages.
• Migration Reliability: Repaired the mental_models.subtype stuck state and hardened the embedding-dimension migration against transient OID errors.
• Integration Fixes: Claude Code MCP request timeout, recall parameter rename across both Agent SDK and Claude Code MCP, get_page content reliability, CLI timestamp delivery, and Paperclip event-payload alignment.

Security

GitHub flagged four sets of vulnerabilities on the 0.6.1 default branch (all moderate). 0.6.2 bumps the affected dependencies across the root lockfile and the integration lockfiles:

• litellm to >=1.83.14
• urllib3 to 2.7.0
• Additional high/critical pip and npm packages across the stack

Thanks to @dcbouius for driving these through.

Migration Reliability

Two migration-side fixes land in 0.6.2:

• mental_models.subtype repair at head. A small number of production deployments running 0.6.x reported column "subtype" of relation "mental_models" does not exist errors despite Alembic reporting the correct version. This was caused by a historical down_revision rewrite that bypassed a specific migration branch on databases originally migrated through certain 0.5.x paths. 0.6.2 adds an idempotent migration at the current head that adds the missing column with IF NOT EXISTS, so affected deployments unstick themselves on the next upgrade and already-healthy deployments are unaffected.
• Embedding-dimension OID errors. The embedding-dimension migration now handles transient PostgreSQL OID errors gracefully, removing a flaky failure mode some users hit when running on busy clusters. Thanks to @dcbouius for this one as well.

Integration Fixes

• Claude Code: configurable MCP request timeout. Long-running recall and reflect calls were occasionally timing out at the default. Claude Code now exposes a configurable MCP request timeout — see the requestTimeoutSeconds option. Thanks to @rsaulo.
• max_results → max_tokens rename across recall. The Agent SDK's agent_knowledge_recall parameter was previously mapped in a way that imposed a 10-token budget on default-config users, returning empty recall results. The parameter is now named max_tokens and the default raised from 10 to 1024 across both the Agent SDK and the Claude Code MCP plugin. Default-config users will see useful recall results immediately after upgrading. Thanks to @r266-tech and @offendingcommit.
• get_page returns full content reliably. Both the Claude Code plugin and the Agent SDK now request detail=content for get_page calls and handle tool-result spillover, so full page content returns instead of being truncated. Thanks to @cdbartholomew and @r266-tech.
• CLI memory retain --timestamp actually reaches the API. The CLI accepted a --timestamp flag but dropped it before sending to the API. Same went for the Control Plane's "Event Date" field. Both now correctly forward the timestamp.
• Paperclip integration aligned with real event payloads. The Paperclip integration's event handler was based on a slightly out-of-date payload shape; 0.6.2 aligns it with what Paperclip actually emits, restoring correct fact extraction. Thanks to @amirhmoradi.