refactor: CR-002 post-release cleanup — dead features, env vars, auth-skip-local#203
Merged
Conversation
T019: Remove dead exports from lib.js (requestUpload, WorkstationID, getSessionSignals, getSessionFiles, clearSessionSignals, diffScope, SCOPE_PATTERNS, deletePendingMarker, formatResolvedIssuesBlock); remove buildInjectURL and formatProjectBriefingBlock from session-start.js; remove buildSearchRequest from user-prompt.js; delete sync-sessions.js and post-compact.js entirely. Update test files to use local helpers instead of deleted exports. T020: Rename ENGRAM_API_TOKEN -> ENGRAM_AUTH_ADMIN_TOKEN in .mcp.json, run-engram.js, lib.js, session-start.js, commands/*.md, plugin.json, skills/memory/SKILL.md. Remove ENGRAM_URL_LEGACY and ENGRAM_API_TOKEN_LEGACY env entries and legacy fallback blocks. Bump plugin version 5.0.0 -> 5.0.1.
… consolidate env vars, add auth-skip-local - Remove ENGRAM_API_TOKEN everywhere, replace with ENGRAM_AUTH_ADMIN_TOKEN - Fix grpcserver BUG: use config.GetWorkerToken() not direct os.Getenv - Delete 6 dead packages: llmclient, backfill, dedup, pipeline, palace, synthesis - Delete dead models: pattern.go (407 LOC), conflict types (12 LOC) - Strip LLM pipeline from sdk/processor.go (~465 lines) - Remove ~400 lines dead functions from 10 worker handler files - Remove embedding config fields, getters, envFirstOf helper - Add ENGRAM_AUTH_SKIP_LOCAL + ENGRAM_AUTH_TRUSTED_PROXY config fields - Plugin: remove LEGACY shims, rename token, clean dead hook exports - Delete sync-sessions.js, post-compact.js (dead hooks) - Bump plugin version 5.0.0 → 5.0.1 - Build/vet/test all green 62 files changed, -8268 lines net
|
Caution Review failedThe pull request is closed. ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (9)
WalkthroughУдаляет большие устаревшие подсистемы: серверный backfill/LLM pipeline, palace/mining/aaak, synthesis/wiki, pattern моделирование, встроенный LLM-клиент и множество вспомогательных hook/ingest/retrieval функций; одновременно переключает источник админ-токена на ENGRAM_AUTH_ADMIN_TOKEN и очищает связанный код и документацию. Changes
Sequence Diagram(s)(Пропущено — изменения в основном удаляют подсистемы и не вводят новую многоступенчатую последовательность взаимодействий.) Estimated code review effort🎯 5 (Critical) | ⏱️ ~120 minutes Possibly related PRs
Поэма
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Warning There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure. 🔧 golangci-lint (2.11.4)Error: can't load config: unsupported version of the configuration: "" See https://golangci-lint.run/docs/product/migration-guide for migration instructions Comment |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request performs a comprehensive cleanup by removing multiple legacy packages related to backfill, mining, and synthesis, while standardizing the administrative token as ENGRAM_AUTH_ADMIN_TOKEN. It also introduces new configuration options for local authentication and trusted proxies. Review feedback suggests that the configuration reload logic should be updated to track these new fields and that the Scan method for JSONInt64Array must return an error for unsupported types to prevent silent failures.
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 3
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
internal/worker/sdk/processor.go (1)
576-717:⚠️ Potential issue | 🔴 CriticalФункции
isSelfReferentialSummaryиhasMeaningfulContentявляются мёртвым кодом и должны быть удалены.Поиск показывает, что обе функции используются только в тестах (ProcessorTest lines 74, 742 для
isSelfReferentialSummaryи lines 125, 808 дляhasMeaningfulContent), но не вызываются ни из одного кода в продакшене. После удаленияProcessSummaryэти функции остались неиспользуемыми. Удалите функции вместе с соответствующими тестовыми случаями.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@internal/worker/sdk/processor.go` around lines 576 - 717, The two helper functions isSelfReferentialSummary and hasMeaningfulContent are dead code left after removing ProcessSummary; delete both function definitions from processor.go and remove the corresponding test cases in ProcessorTest that reference isSelfReferentialSummary and hasMeaningfulContent (and any test helpers/assertions that only exercise them); also clean up any now-unused imports or variables introduced solely for these functions so the build and tests remain clean.
🧹 Nitpick comments (4)
plugin/engram/hooks/user-prompt.test.js (1)
1-4: Рекомендуется удалить пустой тестовый файл.Файл содержит только комментарии и не имеет реальных тестов. Вместо сохранения пустого файла-заглушки рекомендуется полностью удалить его — история git сохранит информацию о том, что тесты были удалены и почему.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@plugin/engram/hooks/user-prompt.test.js` around lines 1 - 4, Удалите пустой файл user-prompt.test.js which contains only comments and no tests: remove the file from the repository (git rm) so it no longer appears in the codebase; rely on git history to preserve the prior content and rationale and ensure there are no imports or references to user-prompt.test.js elsewhere (e.g., test runners or index files) before committing the deletion.internal/worker/sdk/processor.go (1)
206-258: Удалить неиспользуемые функции и константу.Функции
unionStrings,mergeNarrativeиmergeFileMtimes, а также константаwriteMergeSimilarityThresholdне вызываются в коде и могут быть удалены.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@internal/worker/sdk/processor.go` around lines 206 - 258, Remove the unused constant and functions to clean up dead code: delete writeMergeSimilarityThreshold and the functions unionStrings, mergeNarrative, and mergeFileMtimes from the file; also remove any now-unused imports (e.g., "strings") and any references or tests that expect these symbols so the build stays clean. Ensure no other code calls unionStrings, mergeNarrative, mergeFileMtimes or relies on writeMergeSimilarityThreshold before committing.plugin/engram/hooks/pre-tool-use.test.js (1)
38-38: Незначительная несогласованность: использованиеrequire('fs')вместо импортированногоfs.На строке 4 уже импортирован
fs, но здесь используетсяrequire('fs'). Рекомендуется использовать уже импортированную переменную для единообразия.♻️ Предлагаемое исправление
- require('fs').writeFileSync(signalPath, JSON.stringify({ read_counts: { 'internal/auth.go': 3 } }), 'utf8'); + fs.writeFileSync(signalPath, JSON.stringify({ read_counts: { 'internal/auth.go': 3 } }), 'utf8');🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@plugin/engram/hooks/pre-tool-use.test.js` at line 38, The test uses require('fs') inline instead of the already-imported fs variable; locate the writeFileSync call that writes to signalPath (the line with require('fs').writeFileSync(...)) and replace the require call with the existing fs identifier so the code uses the imported fs (i.e., change require('fs').writeFileSync(...) to fs.writeFileSync(...)) to keep imports consistent.internal/config/config.go (1)
431-434: Несоответствие паттернов доступа к конфигурации.
GetWorkerToken()читает только из переменной окружения, игнорируяcfg.WorkerToken, который загружается вLoad()(строки 259-261). Это отличается от паттернаGetWorkerHost(), который проверяет env, затем fallback наGet().WorkerHost.Такой подход может быть намеренным (не кэшировать токены в памяти), но тогда:
- Загрузка
cfg.WorkerTokenвLoad()становится избыточной- Отслеживание изменений
WorkerTokenвReload()(строки 400-402) теряет смысл♻️ Опция 1: Убрать загрузку cfg.WorkerToken (если env-only)
Удалить строки 259-261 в
Load()и строки 400-402 вReload(), а также полеWorkerTokenиз структуры.♻️ Опция 2: Использовать cfg.WorkerToken (консистентный паттерн)
// GetWorkerToken returns the admin authentication token from ENGRAM_AUTH_ADMIN_TOKEN. func GetWorkerToken() string { - return strings.TrimSpace(os.Getenv("ENGRAM_AUTH_ADMIN_TOKEN")) + if token := strings.TrimSpace(os.Getenv("ENGRAM_AUTH_ADMIN_TOKEN")); token != "" { + return token + } + return Get().WorkerToken }🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@internal/config/config.go` around lines 431 - 434, GetWorkerToken currently reads only the environment and ignores the loaded cfg.WorkerToken, causing inconsistency with GetWorkerHost and making Load/Reload token handling pointless; to fix, change GetWorkerToken to first check ENGRAM_AUTH_ADMIN_TOKEN env (trimmed) and if empty return Get().WorkerToken so the existing Load() and Reload() assignments to cfg.WorkerToken remain meaningful (leave Load, Reload and the WorkerToken field as-is).
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@internal/handlers/serverevents/bridge.go`:
- Around line 107-108: Код в bridge.go записывает serverURL :=
os.Getenv("ENGRAM_SERVER_URL") но документация и другие плагины используют
ENGRAM_URL, из‑за чего возникает несовместимость; исправьте это, добавив в ту же
функцию/блок чтения переменных окружения fallback: если ENGRAM_SERVER_URL
пустой, прочитать os.Getenv("ENGRAM_URL") в ту же переменную serverURL и
залогировать предупреждение о deprecated/несоответствии (чтобы пользователи
знали о несоответствии), сохранив при этом чтение токена через
ENGRAM_AUTH_ADMIN_TOKEN как есть.
In `@internal/worker/handlers_backfill.go`:
- Around line 181-186: The handler now returns a simple JSON via writeJSON with
keys stored, skipped, errors, and deprecated, but the OpenAPI definitions still
reference the removed BackfillSessionResponse structure (with metrics_report and
observations_extracted). Update the API docs to match the handler: remove or
replace the BackfillSessionResponse schema in docs/swagger.yaml and
docs/swagger.json and instead define the response schema to include integer
fields stored, skipped, errors and a string deprecated (or update the endpoint
response reference to an inline schema returning those four keys); ensure the
paths that reference BackfillSessionResponse are updated so the documented
response matches the writeJSON output.
In `@pkg/models/observation.go`:
- Around line 233-240: In JSONInt64Array.Scan(), the default case currently
returns nil which hides unsupported input types; change the default branch to
return a descriptive error (e.g., using fmt.Errorf) similar to
JSONStringArray.Scan() and JSONInt64Map.Scan(), referencing the function name
JSONInt64Array.Scan and include the actual received type in the error message so
callers can detect and handle invalid input.
---
Outside diff comments:
In `@internal/worker/sdk/processor.go`:
- Around line 576-717: The two helper functions isSelfReferentialSummary and
hasMeaningfulContent are dead code left after removing ProcessSummary; delete
both function definitions from processor.go and remove the corresponding test
cases in ProcessorTest that reference isSelfReferentialSummary and
hasMeaningfulContent (and any test helpers/assertions that only exercise them);
also clean up any now-unused imports or variables introduced solely for these
functions so the build and tests remain clean.
---
Nitpick comments:
In `@internal/config/config.go`:
- Around line 431-434: GetWorkerToken currently reads only the environment and
ignores the loaded cfg.WorkerToken, causing inconsistency with GetWorkerHost and
making Load/Reload token handling pointless; to fix, change GetWorkerToken to
first check ENGRAM_AUTH_ADMIN_TOKEN env (trimmed) and if empty return
Get().WorkerToken so the existing Load() and Reload() assignments to
cfg.WorkerToken remain meaningful (leave Load, Reload and the WorkerToken field
as-is).
In `@internal/worker/sdk/processor.go`:
- Around line 206-258: Remove the unused constant and functions to clean up dead
code: delete writeMergeSimilarityThreshold and the functions unionStrings,
mergeNarrative, and mergeFileMtimes from the file; also remove any now-unused
imports (e.g., "strings") and any references or tests that expect these symbols
so the build stays clean. Ensure no other code calls unionStrings,
mergeNarrative, mergeFileMtimes or relies on writeMergeSimilarityThreshold
before committing.
In `@plugin/engram/hooks/pre-tool-use.test.js`:
- Line 38: The test uses require('fs') inline instead of the already-imported fs
variable; locate the writeFileSync call that writes to signalPath (the line with
require('fs').writeFileSync(...)) and replace the require call with the existing
fs identifier so the code uses the imported fs (i.e., change
require('fs').writeFileSync(...) to fs.writeFileSync(...)) to keep imports
consistent.
In `@plugin/engram/hooks/user-prompt.test.js`:
- Around line 1-4: Удалите пустой файл user-prompt.test.js which contains only
comments and no tests: remove the file from the repository (git rm) so it no
longer appears in the codebase; rely on git history to preserve the prior
content and rationale and ensure there are no imports or references to
user-prompt.test.js elsewhere (e.g., test runners or index files) before
committing the deletion.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 71cc8ed1-cc78-4b90-b0ba-00fd9fa03901
📒 Files selected for processing (81)
internal/backfill/backfill.gointernal/backfill/chunk/chunk.gointernal/backfill/extract/extract.gointernal/backfill/extract/prompts.gointernal/backfill/extract/retrospective.gointernal/backfill/metrics/metrics.gointernal/backfill/progress.gointernal/backfill/sanitize/sanitize.gointernal/config/config.gointernal/dedup/checker.gointernal/dedup/checker_test.gointernal/grpcserver/server.gointernal/handlers/engramcore/tools.gointernal/handlers/serverevents/bridge.gointernal/handlers/serverevents/doc.gointernal/palace/aaak/aaak_test.gointernal/palace/aaak/compress.gointernal/palace/aaak/decode.gointernal/palace/aaak/emotions.gointernal/palace/aaak/entities.gointernal/palace/aaak/flags.gointernal/palace/aaak/tokens_test.gointernal/palace/aaak/topics.gointernal/palace/mining/chunker.gointernal/palace/mining/classify.gointernal/palace/mining/concepts.gointernal/palace/mining/exchange.gointernal/palace/mining/filter.gointernal/palace/mining/miner.gointernal/palace/mining/mining_test.gointernal/palace/mining/normalize.gointernal/palace/taxonomy/queries.gointernal/pipeline/deterministic.gointernal/pipeline/deterministic_test.gointernal/synthesis/entity_extractor.gointernal/synthesis/json_parser.gointernal/synthesis/prompts.gointernal/synthesis/types.gointernal/synthesis/wiki_disk.gointernal/synthesis/wiki_generator.gointernal/worker/floor_fill.gointernal/worker/handlers.gointernal/worker/handlers_backfill.gointernal/worker/handlers_context.gointernal/worker/handlers_context_floor_test.gointernal/worker/handlers_data.gointernal/worker/handlers_data_test.gointernal/worker/handlers_ingest.gointernal/worker/handlers_sessions.gointernal/worker/handlers_system.gointernal/worker/retrieval.gointernal/worker/retrieval_helpers.gointernal/worker/sdk/processor.gointernal/worker/sdk/processor_test.gointernal/worker/sdk/prompts.gointernal/worker/service.gointernal/worker/trigger_matcher.gopkg/llmclient/client.gopkg/models/conflict.gopkg/models/observation.gopkg/models/pattern.gopkg/models/pattern_test.goplugin/engram/.claude-plugin/plugin.jsonplugin/engram/.mcp.jsonplugin/engram/commands/doctor.mdplugin/engram/commands/issue.mdplugin/engram/commands/restart.mdplugin/engram/commands/retro.mdplugin/engram/commands/setup.mdplugin/engram/commands/stats.mdplugin/engram/hooks/lib.jsplugin/engram/hooks/lib.test.jsplugin/engram/hooks/post-compact.jsplugin/engram/hooks/pre-tool-use.test.jsplugin/engram/hooks/session-start.jsplugin/engram/hooks/session-start.test.jsplugin/engram/hooks/sync-sessions.jsplugin/engram/hooks/user-prompt.jsplugin/engram/hooks/user-prompt.test.jsplugin/engram/scripts/run-engram.jsplugin/engram/skills/memory/SKILL.md
💤 Files with no reviewable changes (55)
- plugin/engram/hooks/sync-sessions.js
- internal/palace/aaak/emotions.go
- internal/palace/aaak/entities.go
- internal/backfill/extract/retrospective.go
- internal/palace/aaak/tokens_test.go
- internal/worker/handlers_system.go
- internal/synthesis/prompts.go
- internal/worker/handlers.go
- internal/palace/mining/classify.go
- internal/palace/aaak/decode.go
- internal/palace/mining/filter.go
- internal/palace/mining/concepts.go
- plugin/engram/hooks/user-prompt.js
- internal/worker/handlers_context.go
- internal/dedup/checker_test.go
- internal/worker/sdk/prompts.go
- internal/palace/aaak/topics.go
- plugin/engram/hooks/session-start.test.js
- internal/palace/taxonomy/queries.go
- internal/worker/handlers_context_floor_test.go
- internal/palace/aaak/flags.go
- internal/palace/mining/exchange.go
- internal/backfill/metrics/metrics.go
- internal/palace/aaak/compress.go
- internal/worker/handlers_data_test.go
- internal/worker/trigger_matcher.go
- internal/palace/mining/chunker.go
- internal/worker/floor_fill.go
- internal/backfill/chunk/chunk.go
- internal/pipeline/deterministic_test.go
- internal/synthesis/wiki_generator.go
- internal/synthesis/types.go
- internal/worker/retrieval_helpers.go
- internal/worker/handlers_ingest.go
- internal/synthesis/wiki_disk.go
- internal/worker/retrieval.go
- internal/backfill/progress.go
- internal/backfill/sanitize/sanitize.go
- pkg/llmclient/client.go
- internal/backfill/extract/prompts.go
- internal/worker/handlers_data.go
- internal/palace/aaak/aaak_test.go
- internal/synthesis/json_parser.go
- internal/palace/mining/mining_test.go
- internal/palace/mining/miner.go
- internal/palace/mining/normalize.go
- plugin/engram/hooks/post-compact.js
- pkg/models/conflict.go
- internal/backfill/backfill.go
- pkg/models/pattern.go
- internal/backfill/extract/extract.go
- internal/dedup/checker.go
- internal/pipeline/deterministic.go
- internal/synthesis/entity_extractor.go
- pkg/models/pattern_test.go
Default case returned nil instead of fmt.Errorf, silently ignoring scan failures. Now returns a descriptive error for unsupported src types. Resolves CodeRabbit MAJOR review comment.
Plugin hooks and documentation use ENGRAM_URL universally. Bridge was reading only ENGRAM_SERVER_URL, causing silent misconfiguration when users follow the documented env var. Added deprecation warning on fallback.
Removed unused constant writeMergeSimilarityThreshold and three unreferenced functions: unionStrings, mergeNarrative, mergeFileMtimes. None were called anywhere in the codebase.
Line 38 used require('fs').writeFileSync instead of the fs variable
imported at the top of the file. Use the existing import.
…elds 1. GetWorkerToken now mirrors GetWorkerHost pattern: checks ENGRAM_AUTH_ADMIN_TOKEN env var first, falls back to cfg.WorkerToken. 2. Reload() now tracks changes to AuthSkipLocal and AuthTrustedProxy, which were added to the config struct but not diffed in the changed- fields detection block.
Handler now returns {stored, skipped, errors, deprecated} since
observation/session-summary persistence was removed in v5. Remove stale
metrics_report and observations_extracted fields; add deprecated string.
thebtf
added a commit
that referenced
this pull request
Apr 24, 2026
Bump daemon version v5.0.0 → v5.1.0, plugin 5.0.1 → 5.1.0. Since v5.0.1: - PR #202: dead-code sweep — removed Go references to dropped tables (-2861 lines) - PR #203: env var cleanup, auth-skip-local, dead features removal (-5862 lines) - PR #204: dead UI views and API functions removal (-4065 lines) - PR #205: Activity Timeline + observation UI cleanup (-2784 lines) Total: ~15,500 lines of dead code removed post-v5.0.0.
thebtf
added a commit
that referenced
this pull request
Apr 26, 2026
…d test Adds tests/critical/auth_two_tier_test.go (//go:build critical) — the first @critical end-to-end test in this repo. Resolves the MISSING_SUITE verdict from the critical-suite skill before v6.0.0 release. The test exercises the v6 auth boundary across BOTH transports (gRPC + HTTP) using the SAME validator chain — which is precisely the surface PR #203 silently broke. With this test in place, a future regression where gRPC and HTTP diverge on validator wiring fails CI before the release tag is cut. Sub-tests: - gRPC bufconn server accepts operator key (FR-1 tier 1) - gRPC bufconn server accepts dashboard-issued keycard (FR-2 symmetry — the assertion PR #203 would have flipped to FAIL) - gRPC rejects garbage / missing bearer with Unauthenticated - HTTP httptest server bearer arm: master + keycard accepted, garbage rejected - Anti-stub mutation guard: replacing the keycard store with always-fail flips the keycard-success assertion, proving the test exercises the store path and is not a tautology Run via: go test -tags=critical ./tests/critical/... Build tag gates the suite away from default `go test ./...`.
thebtf
added a commit
that referenced
this pull request
Apr 26, 2026
BREAKING CHANGES — v6.0.0 auth model. * Two-tier token model. Daemon and plugin no longer accept the operator key on workstations. Each workstation reads `ENGRAM_TOKEN` — a per-workstation API token (worker keycard) issued via the dashboard `/tokens` page. Operator key (`ENGRAM_AUTH_ADMIN_TOKEN`) lives ONLY on the server host. * Plugin `.mcp.json` env rename: `ENGRAM_AUTH_ADMIN_TOKEN` → `ENGRAM_TOKEN`. No legacy fallback chain. * Daemon fail-fast on missing token (FR-4): clean exit 1 instead of silent graceful-degrade to `loom_*-only` (PR #203 regression class). * Issuance hardening: `POST/GET/DELETE /api/auth/tokens` and `/api/auth/tokens/{id}/stats` require an admin browser session cookie; bearer-token authentication (operator key OR worker keycard) → 403. * Single `auth.Validator` shared by HTTP middleware + gRPC interceptor — the symmetric validation contract that PR #203's regression broke. * Strict token shape gate: `engram_` + exactly 32 hex chars; fails closed before any DB / bcrypt work. * Whitelisted scope mapping: only `read-write` / `read-only` are accepted from the api_tokens.scope column; anything else is treated as data corruption. * Connection pool keys credential AND TLS CA: rotating ENGRAM_TLS_CA or switching keycards cannot ride a stale pooled connection. * Bootstrap: 1 critical test (`tests/critical/auth_two_tier_test.go`) proves gRPC + HTTP both accept the same valid keycard via the same validator chain. Resolves the project-wide MISSING_SUITE gate. * Production playbook (`docs/PRODUCTION-TESTING-PLAYBOOK.md`) bootstraps the customer-mode walkthrough required by rule #11. Three scenarios (S2.full, S3, S4) require live-stand validation before v6.0.0 tag. 17/17 review threads resolved. Critical suite verdict: PASS.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
CR-002: Post-Release Cleanup
Removes all residual dead code from v5.0.0 dynamic features + consolidates env vars.
What changed (-8268 lines, 62 files)
Env var consolidation (US15):
ENGRAM_API_TOKEN→ENGRAM_AUTH_ADMIN_TOKENeverywhere (Go, JS, scripts, docs, plugin)grpcserver/server.go— was readingENGRAM_API_TOKENdirectly instead ofconfig.GetWorkerToken()ENGRAM_URL_LEGACY,ENGRAM_API_TOKEN_LEGACYshimsenvFirstOfhelper (zero callers after embedding removal)Dead dynamic features removed (US16):
pkg/llmclient/,internal/backfill/,internal/dedup/,internal/pipeline/,internal/palace/,internal/synthesis/pattern.go(407 LOC),conflict.gotypes (12 LOC)sdk/processor.go(~465 lines)ENGRAM_EMBEDDING_*andENGRAM_LLM_*env var handlingDead function sweep (US17):
floor_fill.go+ testHook cleanup (US15/US16):
lib.js(~180 lines)sync-sessions.js,post-compact.jsNew: auth skip-local config fields (US18 prep):
AuthSkipLocal+AuthTrustedProxyconfig fields + env loadingVerification
go build ./...✅go vet ./...✅go test ./... -count=1 -short✅node --test plugin/engram/hooks/hook-cli.test.js✅Summary by CodeRabbit
Chores
Removed Features
Simplification