theirongolddev/gitlore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: theirongolddev:571c304031043afc9024bf96c676efb92324d2e3
Branches Tags
theirongolddev:master theirongolddev:embedding-title-normalization theirongolddev:git-5-search-output theirongolddev:robot-meta-explain theirongolddev:tui theirongolddev:trace theirongolddev:perf-audit theirongolddev:cli-imp
theirongolddev:v0.9.4
..
compare: theirongolddev:ac5602e5659990d52d32611f5c194063fcf568cb
Branches Tags
theirongolddev:master theirongolddev:embedding-title-normalization theirongolddev:git-5-search-output theirongolddev:robot-meta-explain theirongolddev:tui theirongolddev:trace theirongolddev:perf-audit theirongolddev:cli-imp
theirongolddev:v0.9.4

10 Commits
571c304031 ... ac5602e565

Author SHA1 Message Date
teernisse
ac5602e565 docs(plans): expand asupersync migration with decision gates, rollback, and invariants 
Major additions to the migration plan based on review feedback:

Alternative analysis:
- Add "Why not tokio CancellationToken + JoinSet?" section explaining
  why obligation tracking and single-migration cost favor asupersync
  over incremental tokio fixes.

Error handling depth:
- Add NetworkErrorKind enum design for preserving error categories
  (timeout, DNS, TLS, connection refused) without coupling LoreError
  to any HTTP client.
- Add response body size guard (64 MiB) to prevent unbounded memory
  growth from misconfigured endpoints.

Adapter layer refinements:
- Expand append_query_params with URL fragment handling, edge case
  docs, and doc comments.
- Add contention constraint note for std::sync::Mutex rate limiter.

Cancellation invariants (INV-1 through INV-4):
- Atomic batch writes, no .await between tx open/commit,
  ShutdownSignal + region cancellation complementarity.
- Concrete test plan for each invariant.

Semantic ordering concerns:
- Document 4 behavioral differences when replacing join_all with
  region-spawned tasks (ordering, error aggregation, backpressure,
  late result loss on cancellation).

HTTP behavior parity:
- Replace informational table with concrete acceptance criteria and
  pass/fail tests for redirects, proxy, keep-alive, DNS, TLS, and
  Content-Length.

Phasing refinements:
- Add Cx threading sub-steps (orchestration path first, then
  command/embedding layer) for blast radius reduction.
- Add decision gate between Phase 0d and Phase 1 requiring compile +
  behavioral smoke tests before committing to runtime swap.

Rollback strategy:
- Per-phase rollback guidance with concrete escape hatch triggers
  (nightly breakage > 7d, TLS incompatibility, API instability,
  wiremock issues).

Testing depth:
- Adapter-layer test gap analysis with 5 specific asupersync-native
  integration tests.
- Cancellation integration test specifications.
- Coverage gap documentation for wiremock-on-tokio tests.

Risk register additions:
- Unbounded response body buffering, manual URL/header handling
  correctness.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-06 13:36:56 -05:00
teernisse
d3f8020cf8 perf(me): optimize mentions query with materialized CTEs scoped to candidates 
The `query_mentioned_in` SQL previously joined notes directly against
the full issues/merge_requests tables, with per-row subqueries for
author/assignee/reviewer exclusion. On large databases this produced
pathological query plans where SQLite scanned the entire notes table
before filtering to relevant entities.

Refactor into a dedicated `build_mentioned_in_sql()` builder that:

1. Pre-filters candidate issues and MRs into MATERIALIZED CTEs
   (state open OR recently closed, not authored by user, not
   assigned/reviewing). This narrows the working set before any
   notes join.

2. Computes note timestamps (my_ts, others_ts, any_ts) as separate
   MATERIALIZED CTEs scoped to candidate entities only, rather than
   scanning all notes.

3. Joins mention-bearing notes against the pre-filtered candidates,
   avoiding the full-table scans.

Also adds a test verifying that authored issues are excluded from the
mentions results, and a unit test asserting all four CTEs are
materialized.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-06 13:36:37 -05:00
teernisse
9107a78b57 perf(ingestion): replace per-row INSERT loops with chunked batch INSERTs 
The issue and MR ingestion paths previously inserted labels, assignees,
and reviewers one row at a time inside a transaction. For entities with
many labels or assignees, this issued N separate SQLite statements where
a single multi-row INSERT suffices.

Replace the per-row loops with batch INSERT functions that build a
single `INSERT OR IGNORE ... VALUES (?1,?2),(?1,?3),...` statement per
chunk. Chunks are capped at 400 rows (BATCH_LINK_ROWS_MAX) to stay
comfortably below SQLite's default 999 bind-parameter limit.

Affected paths:
- issues.rs: link_issue_labels_batch_tx, insert_issue_assignees_batch_tx
- merge_requests.rs: insert_mr_labels_batch_tx,
  insert_mr_assignees_batch_tx, insert_mr_reviewers_batch_tx

New tests verify deduplication (OR IGNORE), multi-chunk correctness,
and equivalence with the old per-row approach. A perf benchmark
(bench_issue_assignee_insert_individual_vs_batch) demonstrates the
speedup across representative assignee set sizes.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-06 13:36:26 -05:00
teernisse
5fb27b1fbb chore: remove obsolete config files 
Remove configuration files that are no longer used:

- .opencode/rules: OpenCode rules file, superseded by project CLAUDE.md
  and ~/.claude/ rules directory structure
- .roam/fitness.yaml: Roam fitness tracking config, unrelated to this
  project

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-06 11:16:17 -05:00
teernisse
2ab57d8d14 chore(plans): remove ephemeral review feedback files 
Remove iterative feedback files that were used during plan development.
These files captured review rounds but are no longer needed now that the
plans have been finalized:

- plans/lore-service.feedback-{1,2,3,4}.md
- plans/time-decay-expert-scoring.feedback-{1,2,3,4}.md
- plans/tui-prd-v2-frankentui.feedback-{1,2,3,4,5,6,7,8,9}.md

The canonical plan documents remain; only the review iteration artifacts
are removed to reduce clutter.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-06 11:16:12 -05:00
teernisse
77445f6903 docs(plans): add asupersync migration plan 
Draft plan for replacing Tokio + Reqwest with Asupersync, a cancel-correct
async runtime with structured concurrency guarantees.

Motivation:
- Current Ctrl+C during join_all silently drops in-flight HTTP requests
- ShutdownSignal is a hand-rolled AtomicBool with no structured cancellation
- No deterministic testing for concurrent ingestion patterns
- Tokio provides no structured concurrency guarantees

Plan structure:
- Complete inventory of tokio/reqwest usage in production and test code
- Phase 0: Preparation (reduce tokio surface before swap)
  - Extract signal handler to single function
  - Replace tokio::sync::Mutex with std::sync::Mutex where appropriate
  - Create HTTP adapter trait for pluggable backends
- Phase 1-5: Progressive migration with detailed implementation steps

Trade-offs accepted:
- Nightly Rust required (asupersync dependency)
- Pre-1.0 runtime dependency (mitigated by adapter layer + version pinning)
- Deeper function signature changes for Cx threading

This is a reference document for future implementation, not an immediate
change to the runtime.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-06 11:15:58 -05:00
teernisse
87249ef3d9 feat(agents): add CEO and Founding Engineer agent configurations 
Establish multi-agent infrastructure with two initial agent roles:

CEO Agent (agents/ceo/):
- AGENTS.md: Root configuration defining home directory conventions,
  memory system integration (para-memory-files skill), safety rules
- HEARTBEAT.md: Execution checklist covering identity verification,
  local planning review, approval follow-ups, assignment processing,
  delegation patterns, fact extraction, and clean exit protocol
- SOUL.md: Persona definition with strategic posture (P&L ownership,
  action bias, focus protection) and voice/tone guidelines (direct,
  plain language, async-friendly formatting)
- TOOLS.md: Placeholder for tool acquisition notes
- memory/2026-03-05.md: First daily notes with timeline entries and
  observations about environment setup

Founding Engineer Agent (agents/founding-engineer/):
- AGENTS.md: IC-focused configuration for primary code contributor,
  references project CLAUDE.md for toolchain conventions, includes
  quality gate reminders (cargo check/clippy/fmt)

This structure supports the Paperclip-style agent coordination system
where agents have dedicated home directories, memory systems, and
role-specific execution checklists.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-06 11:15:47 -05:00
teernisse
f6909d822e docs: add documentation for me, related, and init --refresh commands 
Update CLAUDE.md and README.md with documentation for recently added
features:

CLAUDE.md:
- Add robot mode examples for `lore --robot related`
- Add example for `lore --robot init --refresh`

README.md:
- Add full documentation section for `lore me` command including all
  flags (--issues, --mrs, --mentions, --activity, --since, --project,
  --all, --user, --reset-cursor) and section descriptions
- Add documentation section for `lore related` command with entity mode
  and query mode examples
- Expand `lore init` section with --refresh flag documentation explaining
  project registration workflow
- Add quick examples in the features section
- Update version number in example output (0.9.2)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-06 11:15:36 -05:00
teernisse
1dfcfd3f83 feat(autocorrect): add fuzzy subcommand matching and flag-as-subcommand detection 
Extend the CLI autocorrection pipeline with two new correction rules that
help agents recover from common typos and misunderstandings:

1. SubcommandFuzzy (threshold 0.85): Fuzzy-matches typo'd subcommands
   against the canonical list. Examples:
   - "issuess" → "issues"
   - "timline" → "timeline"
   - "serach" → "search"
   
   Guards prevent false positives:
   - Words that look like misplaced global flags are skipped
   - Valid command prefixes are left to clap's infer_subcommands

2. FlagAsSubcommand: Detects when agents type subcommands as flags.
   Some agents (especially Codex) assume `--robot-docs` is a flag rather
   than a subcommand. This rule converts:
   - "--robot-docs" → "robot-docs"
   - "--generate-docs" → "generate-docs"

Also improves error messages in main.rs:
- MissingRequiredArgument: Contextual example based on detected subcommand
- MissingSubcommand: Lists common commands
- TooFewValues/TooManyValues: Command-specific help hints

Added CANONICAL_SUBCOMMANDS constant enumerating all valid subcommands
(including hidden ones) for fuzzy matching. This ensures agents that know
about hidden commands still get typo correction.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-06 11:15:28 -05:00
teernisse
ffbd1e2dce feat(me): add mentions section for @-mentions in dashboard 
Add a new --mentions flag to the `lore me` command that surfaces items
where the user is @-mentioned but NOT already assigned, authoring, or
reviewing. This fills an important gap in the personal work dashboard:
cross-team requests and callouts that don't show up in the standard
issue/MR sections.

Implementation details:
- query_mentioned_in() scans notes for @username patterns, then filters
  out entities where the user is already an assignee, author, or reviewer
- MentionedInItem type captures entity_type (issue/mr), iid, title, state,
  project path, attention state, and updated timestamp
- Attention state computation marks items as needs_attention when there's
  recent activity from others
- Recency cutoff (7 days) prevents surfacing stale mentions
- Both human and robot renderers include the new section

The robot mode schema adds mentioned_in array with me_mentions field
preset for token-efficient output.

Test coverage:
- mentioned_in_finds_mention_on_unassigned_issue: basic case
- mentioned_in_excludes_assigned_issue: no duplicate surfacing
- mentioned_in_excludes_author_on_mr: author already sees in authored MRs
- mentioned_in_excludes_reviewer_on_mr: reviewer already sees in reviewing
- mentioned_in_uses_recency_cutoff: old mentions filtered
- mentioned_in_respects_project_filter: scoping works

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-06 11:15:15 -05:00
42 changed files with 2965 additions and 3166 deletions
Expand all files Collapse all files

50
.opencode/rules
View File

@@ -1,50 +0,0 @@
````markdown
## UBS Quick Reference for AI Agents
UBS stands for "Ultimate Bug Scanner": **The AI Coding Agent's Secret Weapon: Flagging Likely Bugs for Fixing Early On**
**Install:** `curl -sSL https://raw.githubusercontent.com/Dicklesworthstone/ultimate_bug_scanner/master/install.sh | bash`
**Golden Rule:** `ubs <changed-files>` before every commit. Exit 0 = safe. Exit >0 = fix & re-run.
**Commands:**
```bash
ubs file.ts file2.py # Specific files (< 1s) — USE THIS
ubs $(git diff --name-only --cached) # Staged files — before commit
ubs --only=js,python src/ # Language filter (3-5x faster)
ubs --ci --fail-on-warning . # CI mode — before PR
ubs --help # Full command reference
ubs sessions --entries 1 # Tail the latest install session log
ubs . # Whole project (ignores things like .venv and node_modules automatically)
```
**Output Format:**
```
⚠️ Category (N errors)
file.ts:42:5 Issue description
💡 Suggested fix
Exit code: 1
```
Parse: `file:line:col` → location | 💡 → how to fix | Exit 0/1 → pass/fail
**Fix Workflow:**
1. Read finding → category + fix suggestion
2. Navigate `file:line:col` → view context
3. Verify real issue (not false positive)
4. Fix root cause (not symptom)
5. Re-run `ubs <file>` → exit 0
6. Commit
**Speed Critical:** Scope to changed files. `ubs src/file.ts` (< 1s) vs `ubs .` (30s). Never full scan for small edits.
**Bug Severity:**
- **Critical** (always fix): Null safety, XSS/injection, async/await, memory leaks
- **Important** (production): Type narrowing, division-by-zero, resource leaks
- **Contextual** (judgment): TODO/FIXME, console logs
**Anti-Patterns:**
- ❌ Ignore findings → ✅ Investigate each
- ❌ Full scan per edit → ✅ Scope to file
- ❌ Fix symptom (`if (x) { x.y }`) → ✅ Root cause (`x?.y`)
````

11
.roam/fitness.yaml
View File

@@ -1,11 +0,0 @@
rules:
- name: No circular imports in core
type: dependency
source: "src/**"
forbidden_target: "tests/**"
reason: "Production code should not import test modules"
- name: Complexity threshold
type: metric
metric: cognitive_complexity
threshold: 30
reason: "Functions above 30 cognitive complexity need refactoring"

7
CLAUDE.md
View File

@@ -652,6 +652,13 @@ lore --robot me --user jdoe
lore --robot me --fields minimal lore --robot me --fields minimal
lore --robot me --reset-cursor lore --robot me --reset-cursor
# Find semantically related entities
lore --robot related issues 42
lore --robot related "authentication flow"
# Re-register projects from config
lore --robot init --refresh
# Agent self-discovery manifest (all commands, flags, exit codes, response schemas) # Agent self-discovery manifest (all commands, flags, exit codes, response schemas)
lore robot-docs lore robot-docs

82
README.md
View File

@@ -83,6 +83,12 @@ lore timeline "deployment"
# Timeline for a specific issue # Timeline for a specific issue
lore timeline issue:42 lore timeline issue:42
# Personal work dashboard
lore me
# Find semantically related entities
lore related issues 42
# Why was this file changed? (file -> MR -> issue -> discussion) # Why was this file changed? (file -> MR -> issue -> discussion)
lore trace src/features/auth/login.ts lore trace src/features/auth/login.ts
@@ -406,6 +412,37 @@ Shows: users with touch counts (author vs. review), linked MR references. Defaul
| `--as-of` | Score as if "now" is a past date (ISO 8601 or duration like 30d, expert mode only) | | `--as-of` | Score as if "now" is a past date (ISO 8601 or duration like 30d, expert mode only) |
| `--include-bots` | Include bot users normally excluded via `scoring.excludedUsernames` | | `--include-bots` | Include bot users normally excluded via `scoring.excludedUsernames` |
### `lore me`
Personal work dashboard showing open issues, authored/reviewing MRs, and activity feed. Designed for quick daily check-ins.
```bash
lore me # Full dashboard
lore me --issues # Open issues section only
lore me --mrs # Authored + reviewing MRs only
lore me --activity # Activity feed only
lore me --mentions # Items you're @mentioned in (not assigned/authored/reviewing)
lore me --since 7d # Activity window (default: 30d)
lore me --project group/repo # Scope to one project
lore me --all # All synced projects (overrides default_project)
lore me --user jdoe # Override configured username
lore me --reset-cursor # Reset since-last-check cursor
```
The dashboard detects the current user from GitLab authentication and shows:
- **Issues section**: Open issues assigned to you
- **MRs section**: MRs you authored + MRs where you're a reviewer
- **Activity section**: Recent events (state changes, comments, etc.) on your items
- **Mentions section**: Items where you're @mentioned but not assigned/authoring/reviewing
The `--since` flag affects only the activity section. Other sections show current state regardless of time window.
#### Field Selection (Robot Mode)
```bash
lore -J me --fields minimal # Compact output for agents
```
### `lore timeline` ### `lore timeline`
Reconstruct a chronological timeline of events matching a keyword query. The pipeline discovers related entities through cross-reference graph traversal and assembles a unified, time-ordered event stream. Reconstruct a chronological timeline of events matching a keyword query. The pipeline discovers related entities through cross-reference graph traversal and assembles a unified, time-ordered event stream.
@@ -566,6 +603,26 @@ lore drift issues 42 --threshold 0.6 # Higher threshold (stricter)
lore drift issues 42 -p group/repo # Scope to project lore drift issues 42 -p group/repo # Scope to project
``` ```
### `lore related`
Find semantically related entities via vector search. Accepts either an entity reference or a free text query.
```bash
lore related issues 42 # Find entities related to issue #42
lore related mrs 99 -p group/repo # Related to MR #99 in specific project
lore related "authentication flow" # Find entities matching free text query
lore related issues 42 -n 5 # Limit results
```
In entity mode (`issues N` or `mrs N`), the command embeds the entity's content and finds similar documents via vector similarity. In query mode (free text), the query is embedded directly.
| Flag | Default | Description |
|------|---------|-------------|
| `-p` / `--project` | all | Scope to a specific project (fuzzy match) |
| `-n` / `--limit` | `10` | Maximum results |
Requires embeddings to have been generated via `lore embed` or `lore sync`.
### `lore cron` ### `lore cron`
Manage cron-based automatic syncing (Unix only). Installs a crontab entry that runs `lore sync --lock -q` at a configurable interval. Manage cron-based automatic syncing (Unix only). Installs a crontab entry that runs `lore sync --lock -q` at a configurable interval.
@@ -710,16 +767,35 @@ Displays:
### `lore init` ### `lore init`
Initialize configuration and database interactively. Initialize configuration and database interactively, or refresh the database to match an existing config.
```bash ```bash
lore init # Interactive setup lore init # Interactive setup
lore init --refresh # Register new projects from existing config
lore init --force # Overwrite existing config lore init --force # Overwrite existing config
lore init --non-interactive # Fail if prompts needed lore init --non-interactive # Fail if prompts needed
``` ```
When multiple projects are configured, `init` prompts whether to set a default project (used when `-p` is omitted). This can also be set via the `--default-project` flag. When multiple projects are configured, `init` prompts whether to set a default project (used when `-p` is omitted). This can also be set via the `--default-project` flag.
#### Refreshing Project Registration
When projects are added to the config file, `lore sync` does not automatically pick them up because project discovery only happens during `lore init`. Use `--refresh` to register new projects without modifying the config file:
```bash
lore init --refresh # Interactive: registers new projects, prompts to delete orphans
lore -J init --refresh # Robot mode: returns JSON with orphan info
```
The `--refresh` flag:
- Validates GitLab authentication before processing
- Registers new projects from config into the database
- Detects orphan projects (in database but removed from config)
- In interactive mode: prompts to delete orphans (default: No)
- In robot mode: returns JSON with orphan info without prompting
Use `--force` to completely overwrite the config file with fresh interactive setup. The `--refresh` and `--force` flags are mutually exclusive.
In robot mode, `init` supports non-interactive setup via flags: In robot mode, `init` supports non-interactive setup via flags:
```bash ```bash
@@ -788,7 +864,7 @@ Show version information including the git commit hash.
```bash ```bash
lore version lore version
# lore version 0.1.0 (abc1234) # lore version 0.9.2 (571c304)
``` ```
## Robot Mode ## Robot Mode
@@ -831,7 +907,7 @@ The `actions` array contains executable shell commands an agent can run to recov
### Field Selection ### Field Selection
The `--fields` flag controls which fields appear in the JSON response, reducing token usage for AI agent workflows. Supported on `issues`, `mrs`, `notes`, `search`, `timeline`, and `who` list commands: The `--fields` flag controls which fields appear in the JSON response, reducing token usage for AI agent workflows. Supported on `issues`, `mrs`, `notes`, `me`, `search`, `timeline`, and `who` list commands:
```bash ```bash
# Minimal preset (~60% fewer tokens) # Minimal preset (~60% fewer tokens)

24
agents/ceo/AGENTS.md Normal file
View File

@@ -0,0 +1,24 @@
You are the CEO.
Your home directory is $AGENT_HOME. Everything personal to you -- life, memory, knowledge -- lives there. Other agents may have their own folders and you may update them when necessary.
Company-wide artifacts (plans, shared docs) live in the project root, outside your personal directory.
## Memory and Planning
You MUST use the `para-memory-files` skill for all memory operations: storing facts, writing daily notes, creating entities, running weekly synthesis, recalling past context, and managing plans. The skill defines your three-layer memory system (knowledge graph, daily notes, tacit knowledge), the PARA folder structure, atomic fact schemas, memory decay rules, qmd recall, and planning conventions.
Invoke it whenever you need to remember, retrieve, or organize anything.
## Safety Considerations
- Never exfiltrate secrets or private data.
- Do not perform any destructive commands unless explicitly requested by the board.
## References
These files are essential. Read them.
- `$AGENT_HOME/HEARTBEAT.md` -- execution and extraction checklist. Run every heartbeat.
- `$AGENT_HOME/SOUL.md` -- who you are and how you should act.
- `$AGENT_HOME/TOOLS.md` -- tools you have access to

72
agents/ceo/HEARTBEAT.md Normal file
View File

@@ -0,0 +1,72 @@
# HEARTBEAT.md -- CEO Heartbeat Checklist
Run this checklist on every heartbeat. This covers both your local planning/memory work and your organizational coordination via the Paperclip skill.
## 1. Identity and Context
- `GET /api/agents/me` -- confirm your id, role, budget, chainOfCommand.
- Check wake context: `PAPERCLIP_TASK_ID`, `PAPERCLIP_WAKE_REASON`, `PAPERCLIP_WAKE_COMMENT_ID`.
## 2. Local Planning Check
1. Read today's plan from `$AGENT_HOME/memory/YYYY-MM-DD.md` under "## Today's Plan".
2. Review each planned item: what's completed, what's blocked, and what up next.
3. For any blockers, resolve them yourself or escalate to the board.
4. If you're ahead, start on the next highest priority.
5. **Record progress updates** in the daily notes.
## 3. Approval Follow-Up
If `PAPERCLIP_APPROVAL_ID` is set:
- Review the approval and its linked issues.
- Close resolved issues or comment on what remains open.
## 4. Get Assignments
- `GET /api/companies/{companyId}/issues?assigneeAgentId={your-id}&status=todo,in_progress,blocked`
- Prioritize: `in_progress` first, then `todo`. Skip `blocked` unless you can unblock it.
- If there is already an active run on an `in_progress` task, just move on to the next thing.
- If `PAPERCLIP_TASK_ID` is set and assigned to you, prioritize that task.
## 5. Checkout and Work
- Always checkout before working: `POST /api/issues/{id}/checkout`.
- Never retry a 409 -- that task belongs to someone else.
- Do the work. Update status and comment when done.
## 6. Delegation
- Create subtasks with `POST /api/companies/{companyId}/issues`. Always set `parentId` and `goalId`.
- Use `paperclip-create-agent` skill when hiring new agents.
- Assign work to the right agent for the job.
## 7. Fact Extraction
1. Check for new conversations since last extraction.
2. Extract durable facts to the relevant entity in `$AGENT_HOME/life/` (PARA).
3. Update `$AGENT_HOME/memory/YYYY-MM-DD.md` with timeline entries.
4. Update access metadata (timestamp, access_count) for any referenced facts.
## 8. Exit
- Comment on any in_progress work before exiting.
- If no assignments and no valid mention-handoff, exit cleanly.
---
## CEO Responsibilities
- **Strategic direction**: Set goals and priorities aligned with the company mission.
- **Hiring**: Spin up new agents when capacity is needed.
- **Unblocking**: Escalate or resolve blockers for reports.
- **Budget awareness**: Above 80% spend, focus only on critical tasks.
- **Never look for unassigned work** -- only work on what is assigned to you.
- **Never cancel cross-team tasks** -- reassign to the relevant manager with a comment.
## Rules
- Always use the Paperclip skill for coordination.
- Always include `X-Paperclip-Run-Id` header on mutating API calls.
- Comment in concise markdown: status line + bullets + links.
- Self-assign via checkout only when explicitly @-mentioned.

33
agents/ceo/SOUL.md Normal file
View File

@@ -0,0 +1,33 @@
# SOUL.md -- CEO Persona
You are the CEO.
## Strategic Posture
- You own the P&L. Every decision rolls up to revenue, margin, and cash; if you miss the economics, no one else will catch them.
- Default to action. Ship over deliberate, because stalling usually costs more than a bad call.
- Hold the long view while executing the near term. Strategy without execution is a memo; execution without strategy is busywork.
- Protect focus hard. Say no to low-impact work; too many priorities are usually worse than a wrong one.
- In trade-offs, optimize for learning speed and reversibility. Move fast on two-way doors; slow down on one-way doors.
- Know the numbers cold. Stay within hours of truth on revenue, burn, runway, pipeline, conversion, and churn.
- Treat every dollar, headcount, and engineering hour as a bet. Know the thesis and expected return.
- Think in constraints, not wishes. Ask "what do we stop?" before "what do we add?"
- Hire slow, fire fast, and avoid leadership vacuums. The team is the strategy.
- Create organizational clarity. If priorities are unclear, it's on you; repeat strategy until it sticks.
- Pull for bad news and reward candor. If problems stop surfacing, you've lost your information edge.
- Stay close to the customer. Dashboards help, but regular firsthand conversations keep you honest.
- Be replaceable in operations and irreplaceable in judgment. Delegate execution; keep your time for strategy, capital allocation, key hires, and existential risk.
## Voice and Tone
- Be direct. Lead with the point, then give context. Never bury the ask.
- Write like you talk in a board meeting, not a blog post. Short sentences, active voice, no filler.
- Confident but not performative. You don't need to sound smart; you need to be clear.
- Match intensity to stakes. A product launch gets energy. A staffing call gets gravity. A Slack reply gets brevity.
- Skip the corporate warm-up. No "I hope this message finds you well." Get to it.
- Use plain language. If a simpler word works, use it. "Use" not "utilize." "Start" not "initiate."
- Own uncertainty when it exists. "I don't know yet" beats a hedged non-answer every time.
- Disagree openly, but without heat. Challenge ideas, not people.
- Keep praise specific and rare enough to mean something. "Good job" is noise. "The way you reframed the pricing model saved us a quarter" is signal.
- Default to async-friendly writing. Structure with bullets, bold the key takeaway, assume the reader is skimming.
- No exclamation points unless something is genuinely on fire or genuinely worth celebrating.

3
agents/ceo/TOOLS.md Normal file
View File

@@ -0,0 +1,3 @@
# Tools
(Your tools will go here. Add notes about them as you acquire and use them.)

18
agents/ceo/memory/2026-03-05.md Normal file
View File

@@ -0,0 +1,18 @@
# 2026-03-05 -- CEO Daily Notes
## Timeline
- **13:07** First heartbeat. GIT-1 already done (CEO setup + FE hire submitted).
- **13:07** Founding Engineer hire approved (approval c2d7622a). Agent ed7d27a9 is idle.
- **13:07** No assignments in inbox. Woke on `issue_commented` for already-done GIT-1. Clean exit.
## Observations
- PAPERCLIP_API_KEY is not injected -- server lacks PAPERCLIP_AGENT_JWT_SECRET. Board-level fallback works for reads but /agents/me returns 401. Workaround: use company agents list endpoint.
- Company prefix is GIT.
- Two agents active: CEO (me, d584ded4), FoundingEngineer (ed7d27a9, idle).
## Today's Plan
1. Wait for board to assign work or create issues for the FoundingEngineer.
2. When work arrives, delegate to FE and track.

24
agents/founding-engineer/AGENTS.md Normal file
View File

@@ -0,0 +1,24 @@
You are the Founding Engineer.
Your home directory is $AGENT_HOME. Everything personal to you -- life, memory, knowledge -- lives there.
Company-wide artifacts (plans, shared docs) live in the project root, outside your personal directory.
## Project Context
This is a Rust CLI tool called `lore` for local GitLab data management with SQLite. The codebase uses Cargo, pedantic clippy lints, and forbids unsafe code. See the project CLAUDE.md for full toolchain and workflow details.
## Your Role
You are the primary individual contributor. You write code, fix bugs, add features, and ship. You report to the CEO.
## Safety Considerations
- Never exfiltrate secrets or private data.
- Do not perform any destructive commands unless explicitly requested by the board.
- Always run `cargo check`, `cargo clippy`, and `cargo fmt --check` after code changes.
## References
- `$AGENT_HOME/HEARTBEAT.md` -- execution checklist. Run every heartbeat.
- Project `CLAUDE.md` -- toolchain, workflow, and project conventions.

867
plans/asupersync-migration.md Normal file
View File

@@ -0,0 +1,867 @@
# Plan: Replace Tokio + Reqwest with Asupersync
**Date:** 2026-03-06
**Status:** Draft
**Decisions:** Adapter layer (yes), timeouts in adapter, deep Cx threading, reference doc only
---
## Context
Gitlore uses tokio as its async runtime and reqwest as its HTTP client. Both work, but:
- Ctrl+C during `join_all` silently drops in-flight HTTP requests with no cleanup
- `ShutdownSignal` is a hand-rolled `AtomicBool` with no structured cancellation
- No deterministic testing for concurrent ingestion patterns
- tokio provides no structured concurrency guarantees
Asupersync is a cancel-correct async runtime with region-owned tasks, obligation tracking, and deterministic lab testing. Replacing tokio+reqwest gives us structured shutdown, cancel-correct ingestion, and testable concurrency.
**Trade-offs accepted:**
- Nightly Rust required (asupersync dependency)
- Pre-1.0 runtime dependency (mitigated by adapter layer + version pinning)
- Deeper function signature changes for Cx threading
### Why not tokio CancellationToken + JoinSet?
The core problems (Ctrl+C drops requests, no structured cancellation) *can* be fixed without replacing the runtime. Tokio's `CancellationToken` + `JoinSet` + explicit task tracking gives structured cancellation for fan-out patterns. This was considered and rejected for two reasons:
1. **Obligation tracking is the real win.** CancellationToken/JoinSet fix the "cancel cleanly" problem but don't give us obligation tracking (compile-time proof that all spawned work is awaited) or deterministic lab testing. These are the features that prevent *future* concurrency bugs, not just the current Ctrl+C issue.
2. **Separation of concerns.** Fixing Ctrl+C with tokio primitives first, then migrating the runtime second, doubles the migration effort (rewrite fan-out twice). Since we have no users and no backwards compatibility concerns, a single clean migration is lower total cost.
If asupersync proves unviable (nightly breakage, API instability), the fallback is exactly this: tokio + CancellationToken + JoinSet.
---
## Current Tokio Usage Inventory
### Production code (must migrate)
| Location | API | Purpose |
|----------|-----|---------|
| `main.rs:53` | `#[tokio::main]` | Runtime entrypoint |
| `main.rs` (4 sites) | `tokio::spawn` + `tokio::signal::ctrl_c` | Ctrl+C signal handlers |
| `gitlab/client.rs:9` | `tokio::sync::Mutex` | Rate limiter lock |
| `gitlab/client.rs:10` | `tokio::time::sleep` | Rate limiter backoff |
| `gitlab/client.rs:729,736` | `tokio::join!` | Parallel pagination |
### Production code (reqwest -- must replace)
| Location | Usage |
|----------|-------|
| `gitlab/client.rs` | REST API: GET with headers/query, response status/headers/JSON, pagination via x-next-page and Link headers, retry on 429 |
| `gitlab/graphql.rs` | GraphQL: POST with Bearer auth + JSON body, response JSON parsing |
| `embedding/ollama.rs` | Ollama: GET health check, POST JSON embedding requests |
### Test code (keep on tokio via dev-dep)
| File | Tests | Uses wiremock? |
|------|-------|----------------|
| `gitlab/graphql_tests.rs` | 30 | Yes |
| `gitlab/client_tests.rs` | 4 | Yes |
| `embedding/pipeline_tests.rs` | 4 | Yes |
| `ingestion/surgical_tests.rs` | 4 async | Yes |
### Test code (switch to asupersync)
| File | Tests | Why safe |
|------|-------|----------|
| `core/timeline_seed_tests.rs` | 13 | Pure CPU/SQLite, no HTTP, no tokio APIs |
### Test code (already sync `#[test]` -- no changes)
~35 test files across documents/, core/, embedding/, gitlab/transformers/, ingestion/, cli/commands/, tests/
---
## Phase 0: Preparation (no runtime change)
Goal: Reduce tokio surface area before the swap. Each step is independently valuable.
### 0a. Extract signal handler
The 4 identical Ctrl+C handlers in `main.rs` (lines 1020, 2341, 2493, 2524) become one function in `core/shutdown.rs`:
```rust
pub fn install_ctrl_c_handler(signal: ShutdownSignal) {
tokio::spawn(async move {
let _ = tokio::signal::ctrl_c().await;
eprintln!("\nInterrupted, finishing current batch... (Ctrl+C again to force quit)");
signal.cancel();
let _ = tokio::signal::ctrl_c().await;
std::process::exit(130);
});
}
```
4 spawn sites -> 1 function. The function body changes in Phase 3.
### 0b. Replace tokio::sync::Mutex with std::sync::Mutex
In `gitlab/client.rs`, the rate limiter lock guards a tiny sync critical section (check `Instant::now()`, compute delay). No async work inside the lock. `std::sync::Mutex` is correct and removes a tokio dependency:
```rust
// Before
use tokio::sync::Mutex;
let delay = self.rate_limiter.lock().await.check_delay();
// After
use std::sync::Mutex;
let delay = self.rate_limiter.lock().expect("rate limiter poisoned").check_delay();
```
Note: `.expect()` over `.unwrap()` for clarity. Poisoning is near-impossible here (the critical section is a trivial `Instant::now()` check), but the explicit message aids debugging if it ever fires.
**Contention constraint:** `std::sync::Mutex` blocks the executor thread while held. This is safe *only* because the critical section is a single `Instant::now()` comparison with no I/O. If the rate limiter ever grows to include async work (HTTP calls, DB queries), it must move back to an async-aware lock. Document this constraint with a comment at the lock site.
### 0c. Replace tokio::join! with futures::join!
In `gitlab/client.rs:729,736`. `futures::join!` is runtime-agnostic and already in deps.
**After Phase 0, remaining tokio in production code:**
- `#[tokio::main]` (1 site)
- `tokio::spawn` + `tokio::signal::ctrl_c` (1 function)
- `tokio::time::sleep` (1 import)
---
## Phase 0d: Error Type Migration (must precede adapter layer)
The adapter layer (Phase 1) uses `GitLabNetworkError { detail: Option<String> }`, which requires this error type change before the adapter compiles. Placed here so Phases 1-3 compile as a unit.
### `src/core/error.rs`
```rust
// Remove:
#[error("HTTP error: {0}")]
Http(#[from] reqwest::Error),
// Change:
#[error("Cannot connect to GitLab at {base_url}")]
GitLabNetworkError {
base_url: String,
// Before: source: Option<reqwest::Error>
// After:
detail: Option<String>,
},
```
The adapter layer stringifies HTTP client errors at the boundary so `LoreError` doesn't depend on any HTTP client's error types. This also means the existing reqwest call sites that construct `GitLabNetworkError` must be updated to pass `detail: Some(format!("{e:?}"))` instead of `source: Some(e)` -- but those sites are rewritten in Phase 2 anyway, so no extra work.
**Note on error granularity:** Flattening all HTTP errors to `detail: Option<String>` loses the distinction between timeouts, TLS failures, DNS resolution failures, and connection resets. To preserve actionable error categories without coupling `LoreError` to any HTTP client, add a lightweight `NetworkErrorKind` enum:
```rust
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub enum NetworkErrorKind {
Timeout,
ConnectionRefused,
DnsResolution,
Tls,
Other,
}
#[error("Cannot connect to GitLab at {base_url}")]
GitLabNetworkError {
base_url: String,
kind: NetworkErrorKind,
detail: Option<String>,
},
```
The adapter's `execute()` method classifies errors at the boundary:
- Timeout from `asupersync::time::timeout``NetworkErrorKind::Timeout`
- Transport errors from the HTTP client → classified by error type into the appropriate kind
- Unknown errors → `NetworkErrorKind::Other`
This keeps `LoreError` client-agnostic while preserving the ability to make retry decisions based on error *type* (e.g., retry on timeout but not on TLS). The adapter's `execute()` method is the single place where this mapping happens, so adding new kinds is localized.
---
## Phase 1: Build the HTTP Adapter Layer
### Why
Asupersync's `HttpClient` is lower-level than reqwest:
- Headers: `Vec<(String, String)>` not typed `HeaderMap`/`HeaderValue`
- Body: `Vec<u8>` not a builder with `.json()`
- Status: raw `u16` not `StatusCode` enum
- Response: body already buffered, no async `.json().await`
- No per-request timeout
Without an adapter, every call site becomes 5-6 lines of boilerplate. The adapter also isolates gitlore from asupersync's pre-1.0 HTTP API.
### New file: `src/http.rs` (~100 LOC)
```rust
use asupersync::http::h1::{HttpClient, HttpClientConfig, PoolConfig};
use asupersync::http::h1::types::Method;
use asupersync::time::timeout;
use serde::de::DeserializeOwned;
use serde::Serialize;
use std::time::Duration;
use crate::core::error::{LoreError, Result};
pub struct Client {
inner: HttpClient,
timeout: Duration,
}
pub struct Response {
pub status: u16,
pub reason: String,
pub headers: Vec<(String, String)>,
body: Vec<u8>,
}
impl Client {
pub fn with_timeout(timeout: Duration) -> Self {
Self {
inner: HttpClient::with_config(HttpClientConfig {
pool_config: PoolConfig::builder()
.max_connections_per_host(6)
.max_total_connections(100)
.idle_timeout(Duration::from_secs(90))
.build(),
..Default::default()
}),
timeout,
}
}
pub async fn get(&self, url: &str, headers: &[(&str, &str)]) -> Result<Response> {
self.execute(Method::Get, url, headers, Vec::new()).await
}
pub async fn get_with_query(
&self,
url: &str,
params: &[(&str, String)],
headers: &[(&str, &str)],
) -> Result<Response> {
let full_url = append_query_params(url, params);
self.execute(Method::Get, &full_url, headers, Vec::new()).await
}
pub async fn post_json<T: Serialize>(
&self,
url: &str,
headers: &[(&str, &str)],
body: &T,
) -> Result<Response> {
let body_bytes = serde_json::to_vec(body)
.map_err(|e| LoreError::Other(format!("JSON serialization failed: {e}")))?;
let mut all_headers = headers.to_vec();
all_headers.push(("Content-Type", "application/json"));
self.execute(Method::Post, url, &all_headers, body_bytes).await
}
async fn execute(
&self,
method: Method,
url: &str,
headers: &[(&str, &str)],
body: Vec<u8>,
) -> Result<Response> {
let header_tuples: Vec<(String, String)> = headers
.iter()
.map(|(k, v)| ((*k).to_owned(), (*v).to_owned()))
.collect();
let raw = timeout(self.timeout, self.inner.request(method, url, header_tuples, body))
.await
.map_err(|_| LoreError::GitLabNetworkError {
base_url: url.to_string(),
kind: NetworkErrorKind::Timeout,
detail: Some(format!("Request timed out after {:?}", self.timeout)),
})?
.map_err(|e| LoreError::GitLabNetworkError {
base_url: url.to_string(),
kind: classify_transport_error(&e),
detail: Some(format!("{e:?}")),
})?;
Ok(Response {
status: raw.status,
reason: raw.reason,
headers: raw.headers,
body: raw.body,
})
}
}
impl Response {
pub fn is_success(&self) -> bool {
(200..300).contains(&self.status)
}
pub fn json<T: DeserializeOwned>(&self) -> Result<T> {
serde_json::from_slice(&self.body)
.map_err(|e| LoreError::Other(format!("JSON parse error: {e}")))
}
pub fn text(self) -> Result<String> {
String::from_utf8(self.body)
.map_err(|e| LoreError::Other(format!("UTF-8 decode error: {e}")))
}
pub fn header(&self, name: &str) -> Option<&str> {
self.headers
.iter()
.find(|(k, _)| k.eq_ignore_ascii_case(name))
.map(|(_, v)| v.as_str())
}
/// Returns all values for a header name (case-insensitive).
/// Needed for multi-value headers like `Link` used in pagination.
pub fn headers_all(&self, name: &str) -> Vec<&str> {
self.headers
.iter()
.filter(|(k, _)| k.eq_ignore_ascii_case(name))
.map(|(_, v)| v.as_str())
.collect()
}
}
/// Appends query parameters to a URL.
///
/// Edge cases handled:
/// - URLs with existing `?query` → appends with `&`
/// - URLs with `#fragment` → inserts query before fragment
/// - Empty params → returns URL unchanged
/// - Repeated keys → preserved as-is (GitLab API uses repeated `labels[]`)
fn append_query_params(url: &str, params: &[(&str, String)]) -> String {
if params.is_empty() {
return url.to_string();
}
let query: String = params
.iter()
.map(|(k, v)| format!("{}={}", urlencoding::encode(k), urlencoding::encode(v)))
.collect::<Vec<_>>()
.join("&");
// Preserve URL fragments: split on '#', insert query, rejoin
let (base, fragment) = match url.split_once('#') {
Some((b, f)) => (b, Some(f)),
None => (url, None),
};
let with_query = if base.contains('?') {
format!("{base}&{query}")
} else {
format!("{base}?{query}")
};
match fragment {
Some(f) => format!("{with_query}#{f}"),
None => with_query,
}
}
```
### Response body size guard
The adapter buffers entire response bodies in memory (`Vec<u8>`). A misconfigured endpoint or unexpected redirect to a large file could cause unbounded memory growth. Add a max response body size check in `execute()`:
```rust
const MAX_RESPONSE_BODY_BYTES: usize = 64 * 1024 * 1024; // 64 MiB — generous for JSON, catches runaways
// In execute(), after receiving raw response:
if raw.body.len() > MAX_RESPONSE_BODY_BYTES {
return Err(LoreError::Other(format!(
"Response body too large: {} bytes (max {})",
raw.body.len(),
MAX_RESPONSE_BODY_BYTES,
)));
}
```
This is a safety net, not a tight constraint. GitLab JSON responses are typically < 1 MiB. Ollama embedding responses are < 100 KiB per batch. The 64 MiB limit catches runaways without interfering with normal operation.
### Timeout behavior
Every request is wrapped with `asupersync::time::timeout(self.timeout, ...)`. Default timeouts:
- GitLab REST/GraphQL: 30s
- Ollama: configurable (default 60s)
- Ollama health check: 5s
---
## Phase 2: Migrate the 3 HTTP Modules
### 2a. `gitlab/client.rs` (REST API)
**Imports:**
```rust
// Remove
use reqwest::header::{ACCEPT, HeaderMap, HeaderValue};
use reqwest::{Client, Response, StatusCode};
// Add
use crate::http::{Client, Response};
```
**Client construction** (lines 68-96):
```rust
// Before: reqwest::Client::builder().default_headers(h).timeout(d).build()
// After:
let client = Client::with_timeout(Duration::from_secs(30));
```
**request() method** (lines 129-170):
```rust
// Before
let response = self.client.get(&url)
.header("PRIVATE-TOKEN", &self.token)
.send().await
.map_err(|e| LoreError::GitLabNetworkError { ... })?;
// After
let response = self.client.get(&url, &[
("PRIVATE-TOKEN", &self.token),
("Accept", "application/json"),
]).await?;
```
**request_with_headers() method** (lines 510-559):
```rust
// Before
let response = self.client.get(&url)
.query(params)
.header("PRIVATE-TOKEN", &self.token)
.send().await?;
let headers = response.headers().clone();
// After
let response = self.client.get_with_query(&url, params, &[
("PRIVATE-TOKEN", &self.token),
("Accept", "application/json"),
]).await?;
// headers already owned in response.headers
```
**handle_response()** (lines 182-219):
```rust
// Before: async fn (consumed body with .text().await)
// After: sync fn (body already buffered in Response)
fn handle_response<T: DeserializeOwned>(&self, response: Response, path: &str) -> Result<T> {
match response.status {
401 => Err(LoreError::GitLabAuthFailed),
404 => Err(LoreError::GitLabNotFound { resource: path.into() }),
429 => {
let retry_after = response.header("retry-after")
.and_then(|v| v.parse().ok())
.unwrap_or(60);
Err(LoreError::GitLabRateLimited { retry_after })
}
s if (200..300).contains(&s) => response.json::<T>(),
s => Err(LoreError::Other(format!("GitLab API error: {} {}", s, response.reason))),
}
}
```
**Pagination** -- No structural changes. `async_stream::stream!` and header parsing stay the same. Only the response type changes:
```rust
// Before: headers.get("x-next-page").and_then(|v| v.to_str().ok())
// After: response.header("x-next-page")
```
**parse_link_header_next** -- Change signature from `(headers: &HeaderMap)` to `(headers: &[(String, String)])` and find by case-insensitive name.
### 2b. `gitlab/graphql.rs`
```rust
// Before
let response = self.http.post(&url)
.header("Authorization", format!("Bearer {}", self.token))
.header("Content-Type", "application/json")
.json(&body).send().await?;
let json: Value = response.json().await?;
// After
let bearer = format!("Bearer {}", self.token);
let response = self.http.post_json(&url, &[
("Authorization", &bearer),
], &body).await?;
let json: Value = response.json()?;
```
Status matching changes from `response.status().as_u16()` to `response.status` (already u16).
### 2c. `embedding/ollama.rs`
```rust
// Health check
let response = self.client.get(&url, &[]).await?;
let tags: TagsResponse = response.json()?;
// Embed batch
let response = self.client.post_json(&url, &[], &request).await?;
if !response.is_success() {
let status = response.status; // capture before .text() consumes response
let body = response.text()?;
return Err(LoreError::EmbeddingFailed { document_id: 0, reason: format!("HTTP {status}: {body}") });
}
let embed_response: EmbedResponse = response.json()?;
```
**Standalone health check** (`check_ollama_health`): Currently creates a temporary `reqwest::Client`. Replace with temporary `crate::http::Client`:
```rust
pub async fn check_ollama_health(base_url: &str) -> bool {
let client = Client::with_timeout(Duration::from_secs(5));
let url = format!("{base_url}/api/tags");
client.get(&url, &[]).await.map_or(false, |r| r.is_success())
}
```
---
## Phase 3: Swap the Runtime + Deep Cx Threading
### 3a. Cargo.toml
```toml
[dependencies]
# Remove:
# reqwest = { version = "0.12", features = ["json"] }
# tokio = { version = "1", features = ["rt-multi-thread", "macros", "time", "signal"] }
# Add:
asupersync = { version = "0.2", features = ["tls", "tls-native-roots"] }
# Keep unchanged:
async-stream = "0.3"
futures = { version = "0.3", default-features = false, features = ["alloc"] }
serde = { version = "1", features = ["derive"] }
serde_json = "1"
urlencoding = "2"
[dev-dependencies]
tempfile = "3"
wiremock = "0.6"
tokio = { version = "1", features = ["rt", "macros"] }
```
### 3b. rust-toolchain.toml
```toml
[toolchain]
channel = "nightly-2026-03-01" # Pin specific date to avoid surprise breakage
```
Update the date as needed when newer nightlies are verified. Never use bare `"nightly"` in production.
### 3c. Entrypoint (`main.rs:53`)
```rust
// Before
#[tokio::main]
async fn main() -> Result<()> { ... }
// After
#[asupersync::main]
async fn main(cx: &Cx) -> Outcome<()> { ... }
```
### 3d. Signal handler (`core/shutdown.rs`)
```rust
// After (Phase 0 extracted it; now rewrite for asupersync)
pub async fn install_ctrl_c_handler(cx: &Cx, signal: ShutdownSignal) {
cx.spawn("ctrl-c-handler", async move |cx| {
cx.shutdown_signal().await;
eprintln!("\nInterrupted, finishing current batch... (Ctrl+C again to force quit)");
signal.cancel();
// Preserve hard-exit on second Ctrl+C (same behavior as Phase 0a)
cx.shutdown_signal().await;
std::process::exit(130);
});
}
```
**Cleanup concern:** `std::process::exit(130)` on second Ctrl+C bypasses all drop guards, flush operations, and asupersync region cleanup. This is intentional (user demanded hard exit) but means any in-progress DB transaction will be abandoned mid-write. SQLite's journaling makes this safe (uncommitted transactions are rolled back on next open), but verify this holds for WAL mode if enabled. Consider logging a warning before exit so users understand incomplete operations may need re-sync.
### 3e. Rate limiter sleep
```rust
// Before
use tokio::time::sleep;
// After
use asupersync::time::sleep;
```
### 3f. Deep Cx threading
Thread `Cx` from `main()` through command dispatch into the orchestrator and ingestion modules. This enables region-scoped cancellation for `join_all` batches.
**Function signatures that need `cx: &Cx` added:**
| Module | Functions |
|--------|-----------|
| `main.rs` | Command dispatch match arms for `sync`, `ingest`, `embed` |
| `cli/commands/sync.rs` | `run_sync()` |
| `cli/commands/ingest.rs` | `run_ingest_command()`, `run_ingest()` |
| `cli/commands/embed.rs` | `run_embed()` |
| `cli/commands/sync_surgical.rs` | `run_sync_surgical()` |
| `ingestion/orchestrator.rs` | `ingest_issues()`, `ingest_merge_requests()`, `ingest_discussions()`, etc. |
| `ingestion/surgical.rs` | `surgical_sync()` |
| `embedding/pipeline.rs` | `embed_documents()`, `embed_batch_group()` |
**Region wrapping for join_all batches** (orchestrator.rs):
```rust
// Before
let prefetched_batch = join_all(prefetch_futures).await;
// After -- cancel-correct region with result collection
let (tx, rx) = std::sync::mpsc::channel();
cx.region(|scope| async {
for future in prefetch_futures {
let tx = tx.clone();
scope.spawn(async move |_cx| {
let result = future.await;
let _ = tx.send(result);
});
}
drop(tx);
}).await;
let prefetched_batch: Vec<_> = rx.into_iter().collect();
```
**IMPORTANT: Semantic differences beyond ordering.** Replacing `join_all` with region-spawned tasks changes three behaviors:
1. **Ordering:** `join_all` preserves input order — results\[i\] corresponds to futures\[i\]. The `std::sync::mpsc` channel pattern does NOT (results arrive in completion order). If downstream logic assumes positional alignment (e.g., zipping results with input items by index), this is a silent correctness bug. Options:
- Send `(index, result)` tuples through the channel and sort by index after collection.
- If `scope.spawn()` returns a `JoinHandle<T>`, collect handles in order and await them sequentially.
2. **Error aggregation:** `join_all` runs all futures to completion even if some fail, collecting all results. Region-spawned tasks with a channel will also run all tasks, but if the region is cancelled mid-flight (e.g., Ctrl+C), some results are lost. Decide per call site: should partial results be processed, or should the entire batch be retried?
3. **Backpressure:** `join_all` with N futures creates N concurrent tasks. Region-spawned tasks behave similarly, but if the region has concurrency limits, backpressure semantics change. Verify asupersync's region API does not impose implicit concurrency caps.
4. **Late result loss on cancellation:** When a region is cancelled, tasks that have completed but whose results haven't been received yet may have already sent to the channel. However, tasks that are mid-flight will be dropped, and their results never sent. The channel receiver must drain whatever was sent, but the caller must treat a cancelled region's results as incomplete — never assume all N results arrived. Document per call site whether partial results are safe to process or whether the entire batch should be discarded on cancellation.
Audit every `join_all` call site for all four assumptions before choosing the pattern.
Note: The exact result-collection pattern depends on asupersync's region API. If `scope.spawn()` returns a `JoinHandle<T>`, prefer collecting handles and awaiting them (preserves ordering and simplifies error handling).
This is the biggest payoff: if Ctrl+C fires during a prefetch batch, the region cancels all in-flight HTTP requests with bounded cleanup instead of silently dropping them.
**Estimated signature changes:** ~15 functions gain a `cx: &Cx` parameter.
**Phasing the Cx threading (risk reduction):** Rather than threading `cx` through all ~15 functions at once, split into two steps:
- **Step 1:** Thread `cx` through the orchestration path only (`main.rs` dispatch → `run_sync`/`run_ingest` → orchestrator functions). This is where region-wrapping `join_all` batches happens — the actual cancellation payoff. Verify invariants pass.
- **Step 2:** Widen to the command layer and embedding pipeline (`run_embed`, `embed_documents`, `embed_batch_group`, `sync_surgical`). These are lower-risk since they don't have the same fan-out patterns.
This reduces the blast radius of Step 1 and provides an earlier validation checkpoint. If Step 1 surfaces problems, Step 2 hasn't been started yet.
---
## Phase 4: Test Migration
### Keep on `#[tokio::test]` (wiremock tests -- 42 tests)
No changes. `tokio` is in `[dev-dependencies]` with `features = ["rt", "macros"]`.
**Coverage gap:** These tests validate protocol correctness (request format, response parsing, status code handling, pagination) through the adapter layer, but they do NOT exercise asupersync's runtime behavior (timeouts, connection pooling, cancellation). This is acceptable because:
1. Protocol correctness is the higher-value test target — it catches most regressions
2. Runtime-specific behavior is covered by the new cancellation integration tests (below)
3. The adapter layer is thin enough that runtime differences are unlikely to affect request/response semantics
**Adapter-layer test gap:** The 42 wiremock tests validate protocol correctness (request format, response parsing) but run on tokio, not asupersync. This means the adapter's actual behavior under the production runtime is untested by mocked-response tests. To close this gap, add 3-5 asupersync-native integration tests that exercise the adapter against a simple HTTP server (e.g., `hyper` or a raw TCP listener) rather than wiremock:
1. **GET with headers + JSON response** — verify header passing and JSON deserialization through the adapter.
2. **POST with JSON body** — verify Content-Type injection and body serialization.
3. **429 + Retry-After** — verify the adapter surfaces rate-limit responses correctly.
4. **Timeout** — verify the adapter's `asupersync::time::timeout` wrapper fires.
5. **Large response rejection** — verify the body size guard triggers.
These tests are cheap to write (~50 LOC each) and close the "works on tokio but does it work on asupersync?" gap that GPT 5.3 flagged.
| File | Tests |
|------|-------|
| `gitlab/graphql_tests.rs` | 30 |
| `gitlab/client_tests.rs` | 4 |
| `embedding/pipeline_tests.rs` | 4 |
| `ingestion/surgical_tests.rs` | 4 |
### Switch to `#[asupersync::test]` (no wiremock -- 13 tests)
| File | Tests |
|------|-------|
| `core/timeline_seed_tests.rs` | 13 |
### Already `#[test]` (sync -- ~35 files)
No changes needed.
### New: Cancellation integration tests (asupersync-native)
Wiremock tests on tokio validate protocol/serialization correctness but cannot test asupersync's cancellation and region semantics. Add asupersync-native integration tests for:
1. **Ctrl+C during fan-out:** Simulate cancellation mid-batch in orchestrator. Verify all in-flight tasks are drained, no task leaks, no obligation leaks.
2. **Region quiescence:** Verify that after a region completes (normal or cancelled), no background tasks remain running.
3. **Transaction integrity under cancellation:** Cancel during an ingestion batch that has fetched data but not yet written to DB. Verify no partial data is committed.
These tests use asupersync's deterministic lab runtime, which is one of the primary motivations for this migration.
---
## Phase 5: Verify and Harden
### Verification checklist
```bash
cargo check --all-targets
cargo clippy --all-targets -- -D warnings
cargo fmt --check
cargo test
```
### Specific things to verify
1. **async-stream on nightly** -- Does `async_stream 0.3` compile on current nightly?
2. **TLS root certs on macOS** -- Does `tls-native-roots` pick up system CA certs?
3. **Connection pool under concurrency** -- Do `join_all` batches (4-8 concurrent requests to same host) work without pool deadlock?
4. **Pagination streams** -- Do `async_stream::stream!` pagination generators work unchanged?
5. **Wiremock test isolation** -- Do wiremock tests pass with tokio only in dev-deps?
### HTTP behavior parity acceptance criteria
reqwest provides several implicit behaviors that asupersync's h1 client may not. Each must pass a concrete acceptance test before the migration is considered complete:
| reqwest default | Acceptance criterion | Pass/Fail test |
|-----------------|---------------------|----------------|
| Automatic redirect following (up to 10) | If GitLab returns 3xx, gitlore must not silently lose the response. Either follow the redirect or surface a clear error. | Send a request to wiremock returning 301 → verify adapter returns the redirect status (not an opaque failure) |
| Automatic gzip/deflate decompression | Not required — JSON responses are small. | N/A (no test needed) |
| Proxy from `HTTP_PROXY`/`HTTPS_PROXY` env | If `HTTP_PROXY` is set, requests must route through it. If asupersync lacks proxy support, document this as a known limitation. | Set `HTTP_PROXY=http://127.0.0.1:9999` → verify connection attempt targets the proxy, or document that proxy is unsupported |
| Connection keep-alive | Pagination batches (4-8 sequential requests to same host) must reuse connections. | Measure with `ss`/`netstat`: 8 paginated requests should use ≤2 TCP connections |
| System DNS resolution | Hostnames must resolve via OS resolver. | Verify `lore sync` works against a hostname (not just IP) |
| Request body Content-Length | POST requests must include Content-Length header (some proxies/WAFs require it). | Inspect outgoing request headers in wiremock test |
| TLS certificate validation | HTTPS requests must validate server certificates using system CA store. | Verify `lore sync` succeeds against production GitLab (valid cert) and fails against self-signed cert |
### Cancellation + DB transaction invariants
Region-based cancellation stops HTTP tasks cleanly, but partial ingestion can leave the database in an inconsistent state if cancellation fires between "fetched data" and "wrote to DB". The following invariants must hold and be tested:
**INV-1: Atomic batch writes.** Each ingestion batch (issues, MRs, discussions) writes to the DB inside a single `unchecked_transaction()`. If the transaction is not committed, no partial data from that batch is visible. This is already the case for most ingestion paths — audit all paths and fix any that write outside a transaction.
**INV-2: Region cancellation cannot corrupt committed data.** A cancelled region may abandon in-flight HTTP requests, but it must not interrupt a DB transaction mid-write. This holds naturally because SQLite transactions are synchronous (not async) — once `tx.execute()` starts, it runs to completion on the current thread regardless of task cancellation. Verify this assumption holds for WAL mode.
**Hard rule: no `.await` between transaction open and commit/rollback.** Cancellation can fire at any `.await` point. If an `.await` exists between `unchecked_transaction()` and `tx.commit()`, a cancelled region could drop the transaction guard mid-batch, rolling back partial writes silently. Audit all ingestion paths to confirm this invariant holds. If any path must do async work mid-transaction (e.g., fetching related data), restructure to fetch-then-write: complete all async work first, then open the transaction, write synchronously, and commit.
**INV-3: No partial batch visibility.** If cancellation fires after fetching N items but before the batch transaction commits, zero items from that batch are persisted. The next sync picks up where it left off using cursor-based pagination.
**INV-4: ShutdownSignal + region cancellation are complementary.** The existing `ShutdownSignal` check-before-write pattern in orchestrator loops (`if signal.is_cancelled() { break; }`) remains the first line of defense. Region cancellation is the second — it ensures in-flight HTTP tasks are drained even if the orchestrator loop has already moved past the signal check. Both mechanisms must remain active.
**Test plan for invariants:**
- INV-1: Cancellation integration test — cancel mid-batch, verify DB has zero partial rows from that batch
- INV-2: Verify `unchecked_transaction()` commit is not interruptible by task cancellation (lab runtime test)
- INV-3: Cancel after fetch, re-run sync, verify no duplicates and no gaps
- INV-4: Verify both ShutdownSignal and region cancellation are triggered on Ctrl+C
---
## File Change Summary
| File | Change | LOC |
|------|--------|-----|
| `Cargo.toml` | Swap deps | ~10 |
| `rust-toolchain.toml` | NEW -- set nightly | 3 |
| `src/http.rs` | NEW -- adapter layer | ~100 |
| `src/main.rs` | Entrypoint macro, Cx threading, remove 4 signal handlers | ~40 |
| `src/core/shutdown.rs` | Extract + rewrite signal handler | ~20 |
| `src/core/error.rs` | Remove reqwest::Error, change GitLabNetworkError (Phase 0d) | ~10 |
| `src/gitlab/client.rs` | Replace reqwest, remove tokio imports, adapt all methods | ~80 |
| `src/gitlab/graphql.rs` | Replace reqwest | ~20 |
| `src/embedding/ollama.rs` | Replace reqwest | ~20 |
| `src/cli/commands/sync.rs` | Add Cx param | ~5 |
| `src/cli/commands/ingest.rs` | Add Cx param | ~5 |
| `src/cli/commands/embed.rs` | Add Cx param | ~5 |
| `src/cli/commands/sync_surgical.rs` | Add Cx param | ~5 |
| `src/ingestion/orchestrator.rs` | Add Cx param, region-wrap join_all | ~30 |
| `src/ingestion/surgical.rs` | Add Cx param | ~10 |
| `src/embedding/pipeline.rs` | Add Cx param | ~10 |
| `src/core/timeline_seed_tests.rs` | Swap test macro | ~13 |
**Total: ~16 files modified, 1 new file, ~400-500 LOC changed.**
---
## Execution Order
```
Phase 0a-0c (prep, safe, independent)
|
v
Phase 0d (error type migration -- required before adapter compiles)
|
v
DECISION GATE: verify nightly + asupersync + tls-native-roots compile AND behavioral smoke tests pass
|
v
Phase 1 (adapter layer, compiles but unused) ----+
| |
v | These 3 are one
Phase 2 (migrate 3 HTTP modules to adapter) ------+ atomic commit
| |
v |
Phase 3 (swap runtime, Cx threading) ------------+
|
v
Phase 4 (test migration)
|
v
Phase 5 (verify + harden)
```
Phase 0a-0c can be committed independently (good cleanup regardless).
Phase 0d (error types) can also land independently, but MUST precede the adapter layer.
**Decision gate:** After Phase 0d, create `rust-toolchain.toml` with nightly pin and verify `asupersync = "0.2"` compiles with `tls-native-roots` on macOS. Then run behavioral smoke tests in a throwaway binary or integration test:
1. **TLS validation:** HTTPS GET to a public endpoint (e.g., `https://gitlab.com/api/v4/version`) succeeds with valid cert.
2. **DNS resolution:** Request using hostname (not IP) resolves correctly.
3. **Redirect handling:** GET to a 301/302 endpoint — verify the adapter returns the redirect status (not an opaque error) so call sites can decide whether to follow.
4. **Timeout behavior:** Request to a slow/non-responsive endpoint times out within the configured duration.
5. **Connection pooling:** 4 sequential requests to the same host reuse connections (verify via debug logging or `ss`/`netstat`).
If compilation fails or any behavioral test reveals a showstopper (e.g., TLS doesn't work on macOS, timeouts don't fire), stop and evaluate the tokio CancellationToken fallback before investing in Phases 1-3.
Compile-only gating is insufficient — this migration's failure modes are semantic (HTTP behavior parity), not just syntactic.
Phases 1-3 must land together (removing reqwest requires both the adapter AND the new runtime).
Phases 4-5 are cleanup that can be incremental.
---
## Rollback Strategy
If the migration stalls or asupersync proves unviable after partial completion:
- **Phase 0a-0c completed:** No rollback needed. These are independently valuable cleanup regardless of runtime choice.
- **Phase 0d completed:** `GitLabNetworkError { detail }` is runtime-agnostic. Keep it.
- **Phases 1-3 partially completed:** These must land atomically. If any phase in 1-3 fails, revert the entire atomic commit. The adapter layer (Phase 1) imports asupersync types, so it cannot exist without the runtime.
- **Full rollback to tokio:** If asupersync is abandoned entirely, the fallback path is tokio + `CancellationToken` + `JoinSet` (see "Why not tokio CancellationToken + JoinSet?" above). The adapter layer design is still valid — swap `asupersync::http` for `reqwest` behind the same `crate::http::Client` API.
**Decision point:** After Phase 0 is complete, verify asupersync compiles on the pinned nightly with `tls-native-roots` before committing to Phases 1-3. If TLS or nightly issues surface, stop and evaluate the tokio fallback.
**Concrete escape hatch triggers (abandon asupersync, fall back to tokio + CancellationToken + JoinSet):**
1. **Nightly breakage > 7 days:** If the pinned nightly breaks and no newer nightly restores compilation within 7 days, abort.
2. **TLS incompatibility:** If `tls-native-roots` cannot validate certificates on macOS (system CA store) and `tls-webpki-roots` also fails, abort.
3. **API instability:** If asupersync releases a breaking change to `HttpClient`, `region()`, or `Cx` APIs before our migration is complete, evaluate migration cost. If > 2 days of rework, abort.
4. **Wiremock incompatibility:** If keeping wiremock tests on tokio while production runs asupersync causes test failures or flaky behavior that cannot be resolved in 1 day, abort.
---
## Risks
| Risk | Severity | Mitigation |
|------|----------|------------|
| asupersync pre-1.0 API changes | High | Adapter layer isolates call sites. Pin exact version. |
| Nightly Rust breakage | Medium-High | Pin nightly date in rust-toolchain.toml. CI tests on nightly. Coupling runtime + toolchain migration amplifies risk — escape hatch triggers defined in Rollback Strategy. |
| TLS cert issues on macOS | Medium | Test early in Phase 5. Fallback: `tls-webpki-roots` (Mozilla bundle). |
| Connection pool behavior under load | Medium | Stress test with `join_all` of 8+ concurrent requests in Phase 5. |
| async-stream nightly compat | Low | Widely used crate, likely fine. Fallback: manual Stream impl. |
| Build time increase | Low | Measure before/after. asupersync may be heavier than tokio. |
| Reqwest behavioral drift | Medium | reqwest has implicit redirect/proxy/compression handling. Audit each (see Phase 5 table). GitLab API doesn't redirect, so low actual risk. |
| Partial ingestion on cancel | Medium | Region cancellation can fire between HTTP fetch and DB write. Verify transaction boundaries align with region scope (see Phase 5). |
| Unbounded response body buffering | Low | Adapter buffers full response bodies. Mitigated by 64 MiB size guard in adapter `execute()`. |
| Manual URL/header handling correctness | Low-Medium | `append_query_params` and case-insensitive header scans replicate reqwest behavior manually. Mitigated by unit tests for edge cases (existing query params, fragments, repeated keys, case folding). |

186
plans/lore-service.feedback-1.md
View File

@@ -1,186 +0,0 @@
1. **Isolate scheduled behavior from manual `sync`**
Reasoning: Your current plan injects backoff into `handle_sync_cmd`, which affects all `lore sync` calls (including manual recovery runs). Scheduled behavior should be isolated so humans arent unexpectedly blocked by service backoff.
```diff
@@ Context
-`lore sync` runs a 4-stage pipeline (issues, MRs, docs, embeddings) that takes 2-4 minutes.
+`lore sync` remains the manual/operator command.
+`lore service run` (hidden/internal) is the scheduled execution entrypoint.
@@ Commands & User Journeys
+### `lore service run` (hidden/internal)
+**What it does:** Executes one scheduled sync attempt with service-only policy:
+- applies service backoff policy
+- records service run state
+- invokes sync pipeline with configured profile
+- updates retry state on success/failure
+
+**Invocation:** scheduler always runs:
+`lore --robot service run --reason timer`
@@ Backoff Integration into `handle_sync_cmd`
-Insert **after** config load but **before** the dry_run check:
+Do not add backoff checks to `handle_sync_cmd`.
+Backoff logic lives only in `handle_service_run`.
```
2. **Use DB as source-of-truth for service state (not a standalone JSON status file)**
Reasoning: You already have `sync_runs` in SQLite. A separate JSON status file creates split-brain and race/corruption risk. Keep JSON as optional cache/export only.
```diff
@@ Status File
-Location: `{get_data_dir()}/sync-status.json`
+Primary state location: SQLite (`service_state` table) + existing `sync_runs`.
+Optional mirror file: `{get_data_dir()}/sync-status.json` (best-effort export only).
@@ File-by-File Implementation Details
-### `src/core/sync_status.rs` (NEW)
+### `migrations/015_service_state.sql` (NEW)
+CREATE TABLE service_state (
+ id INTEGER PRIMARY KEY CHECK (id = 1),
+ installed INTEGER NOT NULL DEFAULT 0,
+ platform TEXT,
+ interval_seconds INTEGER,
+ profile TEXT NOT NULL DEFAULT 'balanced',
+ consecutive_failures INTEGER NOT NULL DEFAULT 0,
+ next_retry_at_ms INTEGER,
+ last_error_code TEXT,
+ last_error_message TEXT,
+ updated_at_ms INTEGER NOT NULL
+);
+
+### `src/core/service_state.rs` (NEW)
+- read/write state row
+- derive backoff/next_retry
+- join with latest `sync_runs` for status output
```
3. **Backoff policy should be configurable, jittered, and error-aware**
Reasoning: Fixed hardcoded backoff (`base=1800`) is wrong when user sets another interval. Also permanent failures (bad token/config) should not burn retries forever; they should enter paused/error state.
```diff
@@ Backoff Logic
-// Exponential: base * 2^failures, capped at 4 hours
+// Exponential with jitter: base * 2^(failures-1), capped, ±20% jitter
+// Applies only to transient errors.
+// Permanent errors set `paused_reason` and stop retries until user action.
@@ CLI Definition Changes
+ServiceCommand::Resume, // clear paused state / failures
+ServiceCommand::Run, // hidden
@@ Error Types
+ServicePaused, // scheduler paused due to permanent error
+ServiceCommandFailed, // OS command failure with stderr context
```
4. **Add a pipeline-level single-flight lock**
Reasoning: Current locking is in ingest stages; theres still overlap risk across full sync pipelines (docs/embed can overlap with another run). Add a top-level lock for scheduled/manual sync pipeline execution.
```diff
@@ Architecture
+Add `sync_pipeline` lock at top-level sync execution.
+Keep existing ingest lock (`sync`) for ingest internals.
@@ Backoff Integration into `handle_sync_cmd`
+Before starting sync pipeline, acquire `AppLock` with:
+name = "sync_pipeline"
+stale_lock_minutes = config.sync.stale_lock_minutes
+heartbeat_interval_seconds = config.sync.heartbeat_interval_seconds
```
5. **Dont embed token in service files by default**
Reasoning: Embedding PAT into unit/plist is a high-risk secret leak path. Make secure storage explicit and default-safe.
```diff
@@ `lore service install [--interval 30m]`
+`lore service install [--interval 30m] [--token-source env-file|embedded]`
+Default: `env-file` (0600 perms, user-owned)
+`embedded` allowed only with explicit opt-in and warning
@@ Robot output
- "token_embedded": true
+ "token_source": "env_file"
@@ Human output
- Note: Your GITLAB_TOKEN is embedded in the service file.
+ Note: Token is stored in a user-private env file (0600).
```
6. **Introduce a command-runner abstraction with timeout + stderr capture**
Reasoning: `launchctl/systemctl/schtasks` calls are failure-prone; you need consistent error mapping and deterministic tests.
```diff
@@ Platform Backends
-exports free functions that dispatch via `#[cfg(target_os)]`
+exports backend + shared `CommandRunner`:
+- run(cmd, args, timeout)
+- capture stdout/stderr/exit code
+- map failure to `ServiceCommandFailed { cmd, exit_code, stderr }`
```
7. **Persist install manifest to avoid brittle file parsing**
Reasoning: Parsing timer/plist for interval/state is fragile and platform-format dependent. Persist a manifest with checksums and expected artifacts.
```diff
@@ Platform Backends
-Same pattern for ... `get_interval_seconds()`
+Add manifest: `{data_dir}/service-manifest.json`
+Stores platform, interval, profile, generated files, and command.
+`service status` reads manifest first, then verifies platform state.
@@ Acceptance criteria
+Install is idempotent:
+- if manifest+files already match, report `no_change: true`
+- if drift detected, reconcile and rewrite
```
8. **Make schedule profile explicit (`fast|balanced|full`)**
Reasoning: This makes the feature more useful and performance-tunable without requiring users to understand internal flags.
```diff
@@ `lore service install [--interval 30m]`
+`lore service install [--interval 30m] [--profile fast|balanced|full]`
+
+Profiles:
+- fast: `sync --no-docs --no-embed`
+- balanced (default): `sync --no-embed`
+- full: `sync`
```
9. **Upgrade `service status` to include scheduler health + recent run summary**
Reasoning: Single last-sync snapshot is too shallow. Include recent attempts and whether scheduler is paused/backing off/running.
```diff
@@ `lore service status`
-What it does: Shows whether the service is installed, its configuration, last sync result, and next scheduled run.
+What it does: Shows install state, scheduler state (running/backoff/paused), recent runs, and next run estimate.
@@ Robot output
- "last_sync": { ... },
- "backoff": null
+ "scheduler_state": "running|backoff|paused|idle",
+ "last_sync": { ... },
+ "recent_runs": [{"run_id":"...","status":"...","started_at_iso":"..."}],
+ "backoff": null,
+ "paused_reason": null
```
10. **Strengthen tests around determinism and cross-platform generation**
Reasoning: Time-based backoff and shell quoting are classic flaky points. Add fake clock + fake command runner for deterministic tests.
```diff
@@ Testing Strategy
+Add deterministic test seams:
+- `Clock` trait for backoff/now calculations
+- `CommandRunner` trait for backend command execution
+
+Add tests:
+- transient vs permanent error classification
+- backoff schedule with jitter bounds
+- manifest drift reconciliation
+- quoting/escaping for paths with spaces and special chars
+- `service run` does not modify manual `sync` behavior
```
If you want, I can rewrite your full plan as a single clean revised document with these changes already integrated (instead of patch fragments).

182
plans/lore-service.feedback-2.md
View File

@@ -1,182 +0,0 @@
**High-Impact Revisions (ordered by priority)**
1. **Make service identity project-scoped (avoid collisions across repos/users)**
Analysis: Current fixed names (`com.gitlore.sync`, `LoreSync`, `lore-sync.timer`) will collide when users run multiple gitlore workspaces. This causes silent overwrites and broken uninstall/status behavior.
Diff:
```diff
--- a/plan.md
+++ b/plan.md
@@ Commands & User Journeys / install
- lore service install [--interval 30m] [--profile balanced] [--token-source env-file]
+ lore service install [--interval 30m] [--profile balanced] [--token-source auto] [--name <optional>]
@@ Install Manifest Schema
+ /// Stable per-install identity (default derived from project root hash)
+ pub service_id: String,
@@ Platform Backends
- Label: com.gitlore.sync
+ Label: com.gitlore.sync.{service_id}
- Task name: LoreSync
+ Task name: LoreSync-{service_id}
- ~/.config/systemd/user/lore-sync.service
+ ~/.config/systemd/user/lore-sync-{service_id}.service
```
2. **Replace token model with secure per-OS defaults**
Analysis: The current “env-file default” is not actually secure on macOS launchd (token still ends up in plist). On Windows, assumptions about inherited environment are fragile. Use OS-native secure stores by default and keep `embedded` as explicit opt-in only.
Diff:
```diff
--- a/plan.md
+++ b/plan.md
@@ Token storage strategies
-| env-file (default) | ...
+| auto (default) | macOS: Keychain, Linux: env-file (0600), Windows: Credential Manager |
+| env-file | Linux/systemd only |
| embedded | ... explicit warning ...
@@ macOS launchd section
- env-file strategy stores canonical token in service-env but embeds token in plist
+ default strategy is Keychain lookup at runtime; no token persisted in plist
+ env-file is not offered on macOS
@@ Windows schtasks section
- token must be in user's system environment
+ default strategy stores token in Windows Credential Manager and injects at runtime
```
3. **Version and atomically persist manifest/status**
Analysis: `Option<Self>` on read hides corruption, and non-atomic writes risk truncated JSON on crashes. This will create false “not installed” and scheduler confusion.
Diff:
```diff
--- a/plan.md
+++ b/plan.md
@@ Install Manifest Schema
+ pub schema_version: u32, // start at 1
+ pub updated_at_iso: String,
@@ Status File Schema
+ pub schema_version: u32, // start at 1
+ pub updated_at_iso: String,
@@ Read/Write
- read(path) -> Option<Self>
+ read(path) -> Result<Option<Self>, LoreError>
- write(...) -> std::io::Result<()>
+ write_atomic(...) -> std::io::Result<()> // tmp file + fsync + rename
```
4. **Persist `next_retry_at_ms` instead of recomputing jitter**
Analysis: Deterministic jitter from timestamp modulo is predictable and can herd retries. Persisting `next_retry_at_ms` at failure time makes status accurate, stable, and cheap to compute.
Diff:
```diff
--- a/plan.md
+++ b/plan.md
@@ SyncStatusFile
pub consecutive_failures: u32,
+ pub next_retry_at_ms: Option<i64>,
@@ Backoff Logic
- compute backoff from last_run.timestamp_ms and deterministic jitter each read
+ compute backoff once on failure, store next_retry_at_ms, read-only comparison afterward
+ jitter algorithm: full jitter in [0, cap], injectable RNG for tests
```
5. **Add circuit breaker for repeated transient failures**
Analysis: Infinite transient retries can run forever on systemic failures (DB corruption, bad network policy). After N transient failures, pause with actionable reason.
Diff:
```diff
--- a/plan.md
+++ b/plan.md
@@ Scheduler states
- backoff — transient failures, waiting to retry
+ backoff — transient failures, waiting to retry
+ paused — permanent error OR circuit breaker tripped after N transient failures
@@ Service run flow
- On transient failure: increment failures, compute backoff
+ On transient failure: increment failures, compute backoff, if failures >= max_transient_failures -> pause
```
6. **Stage-aware outcome policy (core freshness over all-or-nothing)**
Analysis: Failing embeddings/docs should not block issues/MRs freshness. Split stage outcomes and only treat core stages as hard-fail by default. This improves reliability and practical usefulness.
Diff:
```diff
--- a/plan.md
+++ b/plan.md
@@ Context
- lore sync runs a 4-stage pipeline ... treated as one run result
+ lore service run records per-stage outcomes (issues, mrs, docs, embeddings)
@@ Status File Schema
+ pub stage_results: Vec<StageResult>,
@@ service run flow
- Execute sync pipeline with flags derived from profile
+ Execute stage-by-stage and classify severity:
+ - critical: issues, mrs
+ - optional: docs, embeddings
+ optional stage failures mark run as degraded, not failed
```
7. **Replace cfg free-function backend with trait-based backend**
Analysis: Current backend API is hard to test end-to-end without real OS commands. A `SchedulerBackend` trait enables deterministic integration tests and cleaner architecture.
Diff:
```diff
--- a/plan.md
+++ b/plan.md
@@ Platform Backends / Architecture
- exports free functions dispatched via #[cfg]
+ define trait SchedulerBackend { install, uninstall, state, file_paths, next_run }
+ provide LaunchdBackend, SystemdBackend, SchtasksBackend implementations
+ include FakeBackend for integration tests
```
8. **Harden platform units and detect scheduler prerequisites**
Analysis: systemd user timers often fail silently without user manager/linger; launchd context can be wrong in headless sessions. Add explicit diagnostics and unit hardening.
Diff:
```diff
--- a/plan.md
+++ b/plan.md
@@ Linux systemd unit
[Service]
Type=oneshot
ExecStart=...
+TimeoutStartSec=900
+NoNewPrivileges=true
+PrivateTmp=true
+ProtectSystem=strict
+ProtectHome=read-only
@@ Linux install/status
+ detect user manager availability and linger state; surface warning/action
@@ macOS install/status
+ detect non-GUI bootstrap context and return actionable error
```
9. **Add operational commands: `trigger`, `doctor`, and non-interactive log tail**
Analysis: `logs` opening an editor is weak for automation and incident response. Operators need a preflight and immediate controlled run.
Diff:
```diff
--- a/plan.md
+++ b/plan.md
@@ ServiceCommand
+ Trigger, // run one attempt through service policy now
+ Doctor, // validate scheduler, token, paths, permissions
@@ logs
- opens editor
+ supports --tail <n> and --follow in human mode
+ robot mode can return last_n lines optionally
```
10. **Fix plan inconsistencies and edge-case correctness**
Analysis: There are internal mismatches that will cause implementation drift.
Diff:
```diff
--- a/plan.md
+++ b/plan.md
@@ Interval Parsing
- supports 's' suffix
+ remove 's' suffix (acceptance only allows 5m..24h)
@@ uninstall acceptance
- removes ALL service files only
+ explicitly also remove service-manifest and service-env (status/logs retained)
@@ SyncStatusFile schema
- pub last_run: SyncRunRecord
+ pub last_run: Option<SyncRunRecord> // matches idle/no runs state
```
---
**Recommended Architecture Upgrade Summary**
The strongest improvement set is: **(1) project-scoped IDs, (2) secure token defaults, (3) atomic/versioned state, (4) persisted retry schedule + circuit breaker, (5) stage-aware outcomes**. That combination materially improves correctness, multi-repo safety, security, operability, and real-world reliability without changing your core manual-vs-scheduled separation principle.

174
plans/lore-service.feedback-3.md
View File

@@ -1,174 +0,0 @@
Below are the highest-impact revisions Id make, ordered by severity/ROI. These focus on correctness first, then security, then operability and UX.
1. **Fix multi-install ambiguity (`service_id` exists, but commands cant target one explicitly)**
Analysis: The plan introduces `service-manifest-{service_id}.json`, but `status/uninstall/resume/logs` have no selector. In a multi-workspace or multi-name install scenario, behavior becomes ambiguous and error-prone. Add explicit targeting plus discovery.
```diff
@@ ## Commands & User Journeys
+### `lore service list`
+Lists installed services discovered from `{data_dir}/service-manifest-*.json`.
+Robot output includes `service_id`, `platform`, `interval_seconds`, `profile`, `installed_at_iso`.
@@ ### `lore service uninstall`
-### `lore service uninstall`
+### `lore service uninstall [--service <service_id|name>] [--all]`
@@
-2. CLI reads install manifest to find `service_id`
+2. CLI resolves target service via `--service` or current-project-derived default.
+3. If multiple candidates and no selector, return actionable error.
@@ ### `lore service status`
-### `lore service status`
+### `lore service status [--service <service_id|name>]`
```
2. **Make status state service-scoped (not global)**
Analysis: A single `sync-status.json` for all services causes cross-service contamination (pause/backoff/outcome from one profile affecting another). Keep lock global, but state per service.
```diff
@@ ## Status File
-### Location
-`{get_data_dir()}/sync-status.json`
+### Location
+`{get_data_dir()}/sync-status-{service_id}.json`
@@ ## Paths Module Additions
-pub fn get_service_status_path() -> PathBuf {
- get_data_dir().join("sync-status.json")
+pub fn get_service_status_path(service_id: &str) -> PathBuf {
+ get_data_dir().join(format!("sync-status-{service_id}.json"))
}
@@
-Note: `sync-status.json` is NOT scoped by `service_id`
+Note: status is scoped by `service_id`; lock remains global (`sync_pipeline`) to prevent overlapping writes.
```
3. **Stop classifying permanence via string matching**
Analysis: Matching `"401 Unauthorized"` in strings is brittle and will misclassify edge cases. Carry machine codes through stage results and classify by `ErrorCode` only.
```diff
@@ pub struct StageResult {
- pub error: Option<String>,
+ pub error: Option<String>,
+ pub error_code: Option<String>, // e.g., AUTH_FAILED, NETWORK_ERROR
}
@@ Error classification helpers
-fn is_permanent_error_message(msg: Option<&str>) -> bool { ...string contains... }
+fn is_permanent_error_code(code: Option<&str>) -> bool {
+ matches!(code, Some("TOKEN_NOT_SET" | "AUTH_FAILED" | "CONFIG_NOT_FOUND" | "CONFIG_INVALID" | "MIGRATION_FAILED"))
+}
```
4. **Install should be transactional (manifest written last)**
Analysis: Current order writes manifest before scheduler enable. If enable fails, you persist a false “installed” state. Use two-phase install with rollback.
```diff
@@ ### `lore service install` User journey
-9. CLI writes install manifest ...
-10. CLI runs the platform-specific enable command
+9. CLI runs the platform-specific enable command
+10. On success, CLI writes install manifest atomically
+11. On failure, CLI removes generated files and returns `ServiceCommandFailed`
```
5. **Fix launchd token security gap (env-file currently still embeds token)**
Analysis: Current “env-file” on macOS still writes token into plist, defeating the main security goal. Generate a private wrapper script that reads env file at runtime and execs `lore`.
```diff
@@ ### macOS: launchd
-<key>ProgramArguments</key>
-<array>
- <string>{binary_path}</string>
- <string>--robot</string>
- <string>service</string>
- <string>run</string>
-</array>
+<key>ProgramArguments</key>
+<array>
+ <string>{data_dir}/service-run-{service_id}.sh</string>
+</array>
@@
-`env-file`: ... token value must still appear in plist ...
+`env-file`: token never appears in plist; wrapper loads `{data_dir}/service-env-{service_id}` at runtime.
```
6. **Improve backoff math and add half-open circuit recovery**
Analysis: Current jitter + min clamp makes first retry deterministic and can over-pause. Also circuit-breaker requires manual resume forever. Add cooldown + half-open probe to self-heal.
```diff
@@ Backoff Logic
-let backoff_secs = ((base_backoff as f64) * jitter_factor) as u64;
-let backoff_secs = backoff_secs.max(base_interval_seconds);
+let max_backoff = base_backoff;
+let min_backoff = base_interval_seconds;
+let span = max_backoff.saturating_sub(min_backoff);
+let backoff_secs = min_backoff + ((span as f64) * jitter_factor) as u64;
@@ Scheduler states
-- `paused` — permanent error ... OR circuit breaker tripped ...
+- `paused` — permanent error requiring intervention
+- `half_open` — probe state after circuit cooldown; one trial run allowed
@@ Circuit breaker
-... transitions to `paused` ... Run: lore service resume
+... transitions to `half_open` after cooldown (default 30m). Successful probe closes breaker automatically; failed probe returns to backoff/paused.
```
7. **Promote backend trait to v1 (not v2) for deterministic integration tests**
Analysis: This is a reliability-critical feature spanning OS schedulers. A trait abstraction now gives true behavior tests and safer refactors.
```diff
@@ ### Platform Backends
-> Future architecture note: A `SchedulerBackend` trait ... for v2.
+Adopt `SchedulerBackend` trait in v1 with real backends (`launchd/systemd/schtasks`) and `FakeBackend` for tests.
+This enables deterministic install/uninstall/status/run-path integration tests without touching host scheduler.
```
8. **Harden `run_cmd` timeout behavior**
Analysis: If timeout occurs, child process must be killed and reaped. Otherwise you leak processes and can wedge repeated runs.
```diff
@@ fn run_cmd(...)
-// Wait with timeout
-let output = wait_with_timeout(output, timeout_secs)?;
+// Wait with timeout; on timeout kill child and wait to reap
+let output = wait_with_timeout_kill_and_reap(child, timeout_secs)?;
```
9. **Add manual control commands (`pause`, `trigger`, `repair`)**
Analysis: These are high-utility operational controls. `trigger` helps immediate sync without waiting interval. `pause` supports maintenance windows. `repair` avoids manual file deletion for corrupt state.
```diff
@@ pub enum ServiceCommand {
+ /// Pause scheduled execution without uninstalling
+ Pause { #[arg(long)] reason: Option<String> },
+ /// Trigger an immediate one-off run using installed profile
+ Trigger { #[arg(long)] ignore_backoff: bool },
+ /// Repair corrupt manifest/status by backing up and reinitializing
+ Repair { #[arg(long)] service: Option<String> },
}
```
10. **Make `logs` default non-interactive and add rotation policy**
Analysis: Opening editor by default is awkward for automation/SSH and slower for normal diagnosis. Defaulting to `tail` is more practical; `--open` can preserve editor behavior.
```diff
@@ ### `lore service logs`
-By default, opens in the user's preferred editor.
+By default, prints last 100 lines to stdout.
+Use `--open` to open editor.
@@
+Log rotation: rotate `service-stdout.log` / `service-stderr.log` at 10 MB, keep 5 files.
```
11. **Remove destructive/shell-unsafe suggested action**
Analysis: `actions(): ["rm {path}", ...]` is unsafe (shell injection + destructive guidance). Replace with safe command path.
```diff
@@ LoreError::actions()
-Self::ServiceCorruptState { path, .. } => vec![&format!("rm {path}"), "lore service install"],
+Self::ServiceCorruptState { .. } => vec!["lore service repair", "lore service install"],
```
12. **Tighten scheduler units for real-world reliability**
Analysis: Add explicit working directory and success-exit handling to reduce environment drift and edge failures.
```diff
@@ systemd service unit
[Service]
Type=oneshot
ExecStart={binary_path} --robot service run
+WorkingDirectory={data_dir}
+SuccessExitStatus=0
TimeoutStartSec=900
```
If you want, I can produce a single consolidated “v3 plan” markdown with these revisions already merged into your original structure.

190
plans/lore-service.feedback-4.md
View File

@@ -1,190 +0,0 @@
No `## Rejected Recommendations` section was present in the plan you shared, so the proposals below are all net-new.
1. **Make scheduled runs explicitly target a single service instance**
Analysis: right now `service run` has no selector, but the plan supports multiple installed services. That creates ambiguity and incorrect manifest/status selection. This is the most important architectural fix.
```diff
@@ `lore service install` What it does
- runs `lore --robot service run` at the specified interval
+ runs `lore --robot service run --service-id <service_id>` at the specified interval
@@ Robot output (`install`)
- "sync_command": "/usr/local/bin/lore --robot service run",
+ "sync_command": "/usr/local/bin/lore --robot service run --service-id a1b2c3d4",
@@ `ServiceCommand` enum
- #[command(hide = true)]
- Run,
+ #[command(hide = true)]
+ Run {
+ /// Internal selector injected by scheduler backend
+ #[arg(long, hide = true)]
+ service_id: String,
+ },
@@ `handle_service_run` signature
-pub fn handle_service_run(start: std::time::Instant) -> Result<(), Box<dyn std::error::Error>>
+pub fn handle_service_run(service_id: &str, start: std::time::Instant) -> Result<(), Box<dyn std::error::Error>>
@@ run flow step 1
- Read install manifest
+ Read install manifest for `service_id`
```
2. **Strengthen `service_id` derivation to avoid cross-workspace collisions**
Analysis: hashing config path alone can collide when many workspaces share one global config. Identity should represent what is being synced, not only where config lives.
```diff
@@ Key Design Principles / Project-Scoped Service Identity
- derive from a stable hash of the config file path
+ derive from a stable fingerprint of:
+ - canonical workspace root
+ - normalized configured GitLab project URLs
+ - canonical config path
+ then take first 12 hex chars of SHA-256
@@ `compute_service_id`
- Returns first 8 hex chars of SHA-256 of the canonical config path.
+ Returns first 12 hex chars of SHA-256 of a canonical identity tuple
+ (workspace_root + sorted project URLs + config_path).
```
3. **Introduce a service-state machine with a dedicated admin lock**
Analysis: install/uninstall/pause/resume/repair/status can race each other. A lock and explicit transition table prevents invalid states and file races.
```diff
@@ New section: Service State Model
+ All state mutations are serialized by `AppLock("service-admin-{service_id}")`.
+ Legal transitions:
+ - idle -> running -> success|degraded|backoff|paused
+ - backoff -> running|paused
+ - paused -> half_open|running (resume)
+ - half_open -> running|paused
+ Any invalid transition is rejected with `ServiceCorruptState`.
@@ `handle_install`, `handle_uninstall`, `handle_pause`, `handle_resume`, `handle_repair`
+ Acquire `service-admin-{service_id}` before mutating manifest/status/service files.
```
4. **Unify manual and scheduled sync execution behind one orchestrator**
Analysis: the plan currently duplicates stage logic and error classification in `service run`, increasing drift risk. A shared orchestrator gives one authoritative pipeline behavior.
```diff
@@ Key Design Principles
+ #### 6. Single Sync Orchestrator
+ Both `lore sync` and `lore service run` call `SyncOrchestrator`.
+ Service mode adds policy (backoff/circuit-breaker); manual mode bypasses policy.
@@ Service Run Implementation
- execute_sync_stages(&sync_args)
+ SyncOrchestrator::run(SyncMode::Service { profile, policy })
@@ manual sync
- separate pipeline path
+ SyncOrchestrator::run(SyncMode::Manual { flags })
```
5. **Add bounded in-run retries for transient core-stage failures**
Analysis: single-shot failure handling will over-trigger backoff on temporary network blips. One short retry per core stage significantly improves freshness without much extra runtime.
```diff
@@ Stage-aware execution
+ Core stages (`issues`, `mrs`) get up to 1 immediate retry on transient errors
+ (jittered 1-5s). Permanent errors are never retried.
+ Optional stages keep best-effort semantics.
@@ Acceptance criteria (`service run`)
+ Retries transient core stage failures once before counting run as failed.
```
6. **Harden persistence with full crash-safety semantics**
Analysis: current atomic write description is good but incomplete for power-loss durability. You should fsync parent directory after rename and include lightweight integrity metadata.
```diff
@@ `write_atomic`
- tmp file + fsync + rename
+ tmp file + fsync(file) + rename + fsync(parent_dir)
@@ `ServiceManifest` and `SyncStatusFile`
+ pub write_seq: u64,
+ pub content_sha256: String, // optional integrity guard for repair/doctor
```
7. **Fix token handling to avoid shell/env injection and add secure-store mode**
Analysis: sourcing env files in shell is brittle if token contains special chars/newlines. Also, secure OS credential stores should be first-class for production reliability/security.
```diff
@@ Token storage strategies
-| `env-file` (default) ...
+| `auto` (default) | use secure-store when available, else env-file |
+| `secure-store` | macOS Keychain / libsecret / Windows Credential Manager |
+| `env-file` | explicit fallback |
@@ macOS wrapper script
-. "{data_dir}/service-env-{service_id}"
-export {token_env_var}
+TOKEN_VALUE="$(cat "{data_dir}/service-token-{service_id}" )"
+export {token_env_var}="$TOKEN_VALUE"
@@ Acceptance criteria
+ Reject token values containing `\0` or newline for env-file mode.
+ Never eval/source untrusted token content.
```
8. **Correct platform/runtime implementation hazards**
Analysis: there are a few correctness risks that should be fixed in-plan now.
```diff
@@ macOS install steps
- Get UID via `unsafe { libc::getuid() }`
+ Get UID via safe API (`nix::unistd::Uid::current()` or equivalent safe helper)
@@ Command Runner Helper
- poll try_wait and read stdout/stderr after exit
+ avoid potential pipe backpressure deadlock:
+ use wait-with-timeout + concurrent stdout/stderr draining
@@ Linux timer
- OnUnitActiveSec={interval_seconds}s
+ OnUnitInactiveSec={interval_seconds}s
+ AccuracySec=1min
```
9. **Make logs fully service-scoped**
Analysis: you already scoped manifest/status by `service_id`; logs are still global in several places. Multi-service installs will overwrite each others logs.
```diff
@@ Paths Module Additions
-pub fn get_service_log_path() -> PathBuf
+pub fn get_service_log_path(service_id: &str, stream: LogStream) -> PathBuf
@@ log filenames
- logs/service-stderr.log
- logs/service-stdout.log
+ logs/service-{service_id}-stderr.log
+ logs/service-{service_id}-stdout.log
@@ `service logs`
- default path: `{data_dir}/logs/service-stderr.log`
+ default path: `{data_dir}/logs/service-{service_id}-stderr.log`
```
10. **Resolve internal spec contradictions and rollback gaps**
Analysis: there are a few contradictory statements and incomplete rollback behavior that will cause implementation churn.
```diff
@@ `service logs` behavior
- default (no flags): open in editor (human)
+ default (no flags): print last 100 lines (human and robot metadata mode)
+ `--open` is explicit opt-in
@@ install rollback
- On failure: removes generated service files
+ On failure: removes generated service files, env file, wrapper script, and temp manifest
@@ `handle_service_run` sample code
- let manifest_path = get_service_manifest_path();
+ let manifest_path = get_service_manifest_path(service_id);
```
If you want, I can take these revisions and produce a single consolidated “Iteration 4” replacement plan block with all sections rewritten coherently so its ready to hand to an implementer.

114
plans/time-decay-expert-scoring.feedback-1.md
View File

@@ -1,114 +0,0 @@
Your plan is strong directionally, but Id revise it in 8 key places to avoid regressions and make it significantly more useful in production.
1. **Split reviewer signals into “participated” vs “assigned-only”**
Reason: todays inflation problem is often assignment noise. Treating `mr_reviewers` equal to real review activity still over-ranks passive reviewers.
```diff
@@ Per-signal contributions
-| Reviewer (reviewed MR touching path) | 10 | 90 days |
+| ReviewerParticipated (left DiffNote on MR/path) | 10 | 90 days |
+| ReviewerAssignedOnly (in mr_reviewers, no DiffNote by that user on MR/path) | 3 | 45 days |
```
```diff
@@ Scoring Formula
-score = reviewer_mr * reviewer_weight + ...
+score = reviewer_participated * reviewer_weight
+ + reviewer_assigned_only * reviewer_assignment_weight
+ + ...
```
2. **Cap/saturate note intensity per MR**
Reason: raw per-note addition can still reward “comment storms.” Use diminishing returns.
```diff
@@ Rust-Side Aggregation
-- Notes: Vec<i64> (timestamps) from diffnote_reviewer
+-- Notes grouped per (username, mr_id): note_count + max_ts
+-- Note contribution per MR uses diminishing returns:
+-- note_score_mr = note_bonus * ln(1 + note_count) * decay(now - ts, note_hl)
```
3. **Use better event timestamps than `m.updated_at` for file-change signals**
Reason: `updated_at` is noisy (title edits, metadata touches) and creates false recency.
```diff
@@ SQL Restructure
- signal 3/4 seen_at = m.updated_at
+ signal 3/4 activity_ts = COALESCE(m.merged_at, m.closed_at, m.created_at, m.updated_at)
```
4. **Dont stream raw note rows to Rust; pre-aggregate in SQL**
Reason: current plan removes SQL grouping and can blow up memory/latency on large repos.
```diff
@@ SQL Restructure
-SELECT username, signal, mr_id, note_id, ts FROM signals
+WITH raw_signals AS (...),
+aggregated AS (
+ -- 1 row per (username, signal_class, mr_id) for MR-level signals
+ -- 1 row per (username, mr_id) for note_count + max_ts
+)
+SELECT username, signal_class, mr_id, qty, ts FROM aggregated
```
5. **Replace fixed `"24m"` with model-driven cutoff**
Reason: hardcoded 24m is arbitrary and tied to current weights/half-lives only.
```diff
@@ Default --since Change
-Expert mode: "6m" -> "24m"
+Expert mode default window derived from scoring.max_age_days (default 1095 days / 36m).
+Formula guidance: choose max_age where max possible single-event contribution < epsilon (e.g. 0.25 points).
+Add `--all-history` to disable cutoff for diagnostics.
```
6. **Validate scoring config explicitly**
Reason: silent bad configs (`half_life_days = 0`, negative weights) create undefined behavior.
```diff
@@ ScoringConfig (config.rs)
pub struct ScoringConfig {
pub author_weight: i64,
pub reviewer_weight: i64,
pub note_bonus: i64,
+ pub reviewer_assignment_weight: i64, // default: 3
pub author_half_life_days: u32,
pub reviewer_half_life_days: u32,
pub note_half_life_days: u32,
+ pub reviewer_assignment_half_life_days: u32, // default: 45
+ pub max_age_days: u32, // default: 1095
}
@@ Config::load_from_path
+validate_scoring(&config.scoring)?; // weights >= 0, half_life_days > 0, max_age_days >= 30
```
7. **Keep raw float score internally; round only for display**
Reason: rounding before sort causes avoidable ties/rank instability.
```diff
@@ Rust-Side Aggregation
-Round to i64 for Expert.score field
+Compute `raw_score: f64`, sort by raw_score DESC.
+Expose integer `score` for existing UX.
+Optionally expose `score_raw` and `score_components` in robot JSON when `--explain-score`.
```
8. **Add confidence + data-completeness metadata**
Reason: rankings are misleading if `mr_file_changes` coverage is poor.
```diff
@@ ExpertResult / Output
+confidence: "high" | "medium" | "low"
+coverage: { mrs_with_file_changes, total_mrs_in_window, percent }
+warning when coverage < threshold (e.g. 70%)
```
```diff
@@ Verification
4. cargo test
+5. ubs src/cli/commands/who.rs src/core/config.rs
+6. Benchmark query_expert on representative DB (latency + rows scanned before/after)
```
If you want, I can rewrite your full plan document into a clean “v2” version that already incorporates these diffs end-to-end.

132
plans/time-decay-expert-scoring.feedback-2.md
View File

@@ -1,132 +0,0 @@
The plan is strong, but Id revise it in 10 places to improve correctness, scalability, and operator trust.
1. **Add rename/old-path awareness (correctness gap)**
Analysis: right now both existing code and your plan still center on `position_new_path` / `new_path` matches (`src/cli/commands/who.rs:643`, `src/cli/commands/who.rs:681`). That misses expertise on renamed/deleted paths and under-ranks long-time owners after refactors.
```diff
@@ ## Context
-This produces two compounding problems:
+This produces three compounding problems:
@@
2. **Reviewer inflation**: ...
+3. **Path-history blindness**: Renamed/moved files lose historical expertise because matching relies on current-path fields only.
@@ ### 3. SQL Restructure (who.rs)
-AND n.position_new_path {path_op}
+AND (n.position_new_path {path_op} OR n.position_old_path {path_op})
-AND fc.new_path {path_op}
+AND (fc.new_path {path_op} OR fc.old_path {path_op})
```
2. **Follow rename chains for queried paths**
Analysis: matching `old_path` helps, but true continuity needs alias expansion (A→B→C). Without this, expertise before multi-hop renames is fragmented.
```diff
@@ ### 3. SQL Restructure (who.rs)
+**Path alias expansion**: Before scoring, resolve a bounded rename alias set (default max depth: 20)
+from `mr_file_changes(change_type='renamed')`. Query signals against all aliases.
+Output includes `path_aliases_used` for transparency.
```
3. **Use hybrid SQL pre-aggregation instead of fully raw rows**
Analysis: the “raw row” design is simpler but will degrade on large repos with heavy DiffNote volume. Pre-aggregating to `(user, mr)` for MR signals and `(user, mr, note_count)` for note signals keeps memory/latency predictable.
```diff
@@ ### 3. SQL Restructure (who.rs)
-The SQL CTE ... removes the outer GROUP BY aggregation. Instead, it returns raw signal rows:
-SELECT username, signal, mr_id, note_id, ts FROM signals
+Use hybrid aggregation:
+- SQL returns MR-level rows for author/reviewer signals (1 row per user+MR+signal_class)
+- SQL returns note groups (1 row per user+MR with note_count, max_ts)
+- Rust applies decay + ln(1+count) + final ranking.
```
4. **Make timestamp policy state-aware (merged vs opened)**
Analysis: replacing `updated_at` with only `COALESCE(merged_at, created_at)` over-decays long-running open MRs. Open MRs need recency from active lifecycle; merged MRs should anchor to merge time.
```diff
@@ ### 3. SQL Restructure (who.rs)
-Replace m.updated_at with COALESCE(m.merged_at, m.created_at)
+Use state-aware timestamp:
+activity_ts =
+ CASE
+ WHEN m.state = 'merged' THEN COALESCE(m.merged_at, m.updated_at, m.created_at, m.last_seen_at)
+ WHEN m.state = 'opened' THEN COALESCE(m.updated_at, m.created_at, m.last_seen_at)
+ END
```
5. **Replace fixed `24m` with config-driven max age**
Analysis: `24m` is reasonable now, but brittle after tuning weights/half-lives. Tie cutoff to config so model behavior remains coherent as parameters evolve.
```diff
@@ ### 1. ScoringConfig (config.rs)
+pub max_age_days: u32, // default: 730 (or 1095)
@@ ### 5. Default --since Change
-Expert mode: "6m" -> "24m"
+Expert mode default window derives from `scoring.max_age_days`
+unless user passes `--since` or `--all-history`.
```
6. **Add reproducible scoring time via `--as-of`**
Analysis: decayed ranking is time-sensitive; debugging and tests become flaky without a fixed reference clock. This improves reliability and incident triage.
```diff
@@ ## Files to Modify
-2. src/cli/commands/who.rs
+2. src/cli/commands/who.rs
+3. src/cli/mod.rs
+4. src/main.rs
@@ ### 5. Default --since Change
+Add `--as-of <RFC3339|YYYY-MM-DD>` to score at a fixed timestamp.
+`resolved_input` includes `as_of_ms` and `as_of_iso`.
```
7. **Add explainability output (`--explain-score`)**
Analysis: decayed multi-signal ranking will be disputed without decomposition. Show components and top evidence MRs to make results actionable and debuggable.
```diff
@@ ## Rejected Ideas (with rationale)
-- **`--explain-score` flag with component breakdown**: ... deferred
+**Included in this iteration**: `--explain-score` adds per-user score components
+(`author`, `review_participated`, `review_assigned`, `notes`) plus top evidence MRs.
```
8. **Add confidence/coverage metadata**
Analysis: rankings can look precise while data is incomplete (`mr_file_changes` gaps, sparse DiffNotes). Confidence fields prevent false certainty.
```diff
@@ ### 4. Rust-Side Aggregation (who.rs)
+Compute and emit:
+- `coverage`: {mrs_considered, mrs_with_file_changes, mrs_with_diffnotes, percent}
+- `confidence`: high|medium|low (threshold-based)
```
9. **Add index migration for new query shapes**
Analysis: your new `EXISTS/NOT EXISTS` reviewer split and path dual-matching will need better indexes; current `who` indexes are not enough for author+path+time combinations.
```diff
@@ ## Files to Modify
+3. **`migrations/021_who_decay_indexes.sql`** — indexes for decay query patterns:
+ - notes(diffnote path + author + created_at + discussion_id) partial
+ - notes(old_path variant) partial
+ - mr_file_changes(project_id, new_path, merge_request_id)
+ - mr_file_changes(project_id, old_path, merge_request_id) partial
+ - merge_requests(state, merged_at, updated_at, created_at)
```
10. **Expand tests to invariants and determinism**
Analysis: example-based tests are good, but ranking systems need invariant tests to avoid subtle regressions.
```diff
@@ ### 7. New Tests (TDD)
+**`test_score_monotonicity_by_age`**: same signal, older timestamp never scores higher
+**`test_row_order_independence`**: shuffled SQL row order yields identical ranking
+**`test_as_of_reproducibility`**: same data + same `--as-of` => identical output
+**`test_rename_alias_chain_scoring`**: expertise carries across A->B->C rename chain
+**`test_overlap_participated_vs_assigned_counts`**: overlap reflects split reviewer semantics
```
If you want, I can produce a full consolidated `v2` plan doc patch (single unified diff against `plans/time-decay-expert-scoring.md`) rather than per-change snippets.

167
plans/time-decay-expert-scoring.feedback-3.md
View File

@@ -1,167 +0,0 @@
**Critical Plan Findings First**
1. The proposed index `idx_notes_mr_path_author ON notes(noteable_id, ...)` will fail: `notes.noteable_id` does not exist in schema (`migrations/002_issues.sql:74`).
2. Rename awareness is only applied in scoring queries, not in path resolution probes; today `build_path_query()` and `suffix_probe()` only inspect `position_new_path`/`new_path` (`src/cli/commands/who.rs:465`, `src/cli/commands/who.rs:591`), so old-path queries can still miss.
3. A fixed `"24m"` default window is brittle once half-lives become configurable; it can silently truncate meaningful history for larger half-lives.
Below are the revisions Id make to your plan.
1. **Fix migration/index architecture (blocking correctness + perf)**
Rationale: prevents migration failure and aligns indexes to actual query shapes.
```diff
diff --git a/plan.md b/plan.md
@@ ### 6. Index Migration (db.rs)
- -- Support EXISTS subquery for reviewer participation check
- CREATE INDEX IF NOT EXISTS idx_notes_mr_path_author
- ON notes(noteable_id, position_new_path, author_username)
- WHERE note_type = 'DiffNote' AND is_system = 0;
+ -- Support reviewer participation joins (notes -> discussions -> MR)
+ CREATE INDEX IF NOT EXISTS idx_notes_diffnote_discussion_author_created
+ ON notes(discussion_id, author_username, created_at)
+ WHERE note_type = 'DiffNote' AND is_system = 0;
+
+ -- Path-first indexes for global and project-scoped path lookups
+ CREATE INDEX IF NOT EXISTS idx_mfc_new_path_project_mr
+ ON mr_file_changes(new_path, project_id, merge_request_id);
+ CREATE INDEX IF NOT EXISTS idx_mfc_old_path_project_mr
+ ON mr_file_changes(old_path, project_id, merge_request_id)
+ WHERE old_path IS NOT NULL;
@@
- -- Support state-aware timestamp selection
- CREATE INDEX IF NOT EXISTS idx_mr_state_timestamps
- ON merge_requests(state, merged_at, closed_at, updated_at, created_at);
+ -- Removed: low-selectivity timestamp composite index; joins are MR-id driven.
```
2. **Restructure SQL around `matched_mrs` CTE instead of repeating OR path clauses**
Rationale: better index use, less duplicated logic, cleaner maintenance.
```diff
diff --git a/plan.md b/plan.md
@@ ### 3. SQL Restructure (who.rs)
- WITH raw AS (
- -- 5 UNION ALL subqueries (signals 1, 2, 3, 4a, 4b)
- ),
+ WITH matched_notes AS (
+ -- DiffNotes matching new_path
+ ...
+ UNION ALL
+ -- DiffNotes matching old_path
+ ...
+ ),
+ matched_file_changes AS (
+ -- file changes matching new_path
+ ...
+ UNION ALL
+ -- file changes matching old_path
+ ...
+ ),
+ matched_mrs AS (
+ SELECT DISTINCT mr_id, project_id FROM matched_notes
+ UNION
+ SELECT DISTINCT mr_id, project_id FROM matched_file_changes
+ ),
+ raw AS (
+ -- signals sourced from matched_mrs + matched_notes
+ ),
```
3. **Replace correlated `EXISTS/NOT EXISTS` reviewer split with one precomputed participation set**
Rationale: same semantics, lower query cost, easier reasoning.
```diff
diff --git a/plan.md b/plan.md
@@ Signal 4 splits into two
- Signal 4a uses an EXISTS subquery ...
- Signal 4b uses NOT EXISTS ...
+ Build `reviewer_participation(mr_id, username)` once from matched DiffNotes.
+ Then classify `mr_reviewers` rows via LEFT JOIN:
+ - participated: `rp.username IS NOT NULL`
+ - assigned-only: `rp.username IS NULL`
+ This avoids correlated EXISTS scans per reviewer row.
```
4. **Make default `--since` derived from half-life + decay floor, not hardcoded 24m**
Rationale: remains mathematically consistent when config changes.
```diff
diff --git a/plan.md b/plan.md
@@ ### 1. ScoringConfig (config.rs)
+ pub decay_floor: f64, // default: 0.05
@@ ### 5. Default --since Change
- Expert mode: "6m" -> "24m"
+ Expert mode default window is computed:
+ default_since_days = ceil(max_half_life_days * log2(1.0 / decay_floor))
+ With defaults (max_half_life=180, floor=0.05), this is ~26 months.
+ CLI `--since` still overrides; `--all-history` still disables windowing.
```
5. **Use `log2(1+count)` for notes instead of `ln(1+count)`**
Rationale: keeps 1 note ~= 1 unit (with `note_bonus=1`) while preserving diminishing returns.
```diff
diff --git a/plan.md b/plan.md
@@ Scoring Formula
- note_contribution(mr) = note_bonus * ln(1 + note_count_in_mr) * 2^(-days_elapsed / note_half_life)
+ note_contribution(mr) = note_bonus * log2(1 + note_count_in_mr) * 2^(-days_elapsed / note_half_life)
```
6. **Guarantee deterministic float aggregation and expose `score_raw`**
Rationale: avoids hash-order drift and explainability mismatch vs rounded integer score.
```diff
diff --git a/plan.md b/plan.md
@@ ### 4. Rust-Side Aggregation (who.rs)
- HashMap<i64, ...>
+ BTreeMap<i64, ...> (or sort keys before accumulation) for deterministic summation order
+ Use compensated summation (Kahan/Neumaier) for stable f64 totals
@@
- Sort on raw `f64` score ... round only for display
+ Keep `score_raw` internally and expose when `--explain-score` is active.
+ `score` remains integer for backward compatibility.
```
7. **Extend rename awareness to query resolution (not only scoring)**
Rationale: fixes user-facing misses for old path input and suffix lookup.
```diff
diff --git a/plan.md b/plan.md
@@ Path rename awareness
- All signal subqueries match both old and new path columns
+ Also update `build_path_query()` probes and suffix probe:
+ - exact_exists: new_path OR old_path (notes + mr_file_changes)
+ - prefix_exists: new_path LIKE OR old_path LIKE
+ - suffix_probe: union of notes.position_new_path, notes.position_old_path,
+ mr_file_changes.new_path, mr_file_changes.old_path
```
8. **Tighten CLI/output contracts for new flags**
Rationale: avoids payload bloat/ambiguity and keeps robot clients stable.
```diff
diff --git a/plan.md b/plan.md
@@ ### 5b. Score Explainability via `--explain-score`
+ `--explain-score` conflicts with `--detail` (mutually exclusive)
+ `resolved_input` includes `as_of_ms`, `as_of_iso`, `scoring_model_version`
+ robot output includes `score_raw` and `components` only when explain is enabled
```
9. **Add confidence metadata (promote from rejected to accepted)**
Rationale: makes ranking more actionable and trustworthy with sparse evidence.
```diff
diff --git a/plan.md b/plan.md
@@ Rejected Ideas (with rationale)
- Confidence/coverage metadata: ... Deferred to avoid scope creep
+ Confidence/coverage metadata: ACCEPTED (minimal v1)
+ Add per-user `confidence: low|medium|high` based on evidence breadth + recency.
+ Keep implementation lightweight (no extra SQL pass).
```
10. **Upgrade test and verification scope to include query-plan and clock semantics**
Rationale: catches regressions your current tests wont.
```diff
diff --git a/plan.md b/plan.md
@@ 8. New Tests (TDD)
+ test_old_path_probe_exact_and_prefix
+ test_suffix_probe_uses_old_path_sources
+ test_since_relative_to_as_of_clock
+ test_explain_and_detail_are_mutually_exclusive
+ test_null_timestamp_fallback_to_created_at
+ test_query_plan_uses_path_indexes (EXPLAIN QUERY PLAN)
@@ Verification
+ 7. EXPLAIN QUERY PLAN snapshots for expert query (exact + prefix) confirm index usage
```
If you want, I can produce a single consolidated “revision 3” plan document that fully merges all of the above into your original structure.

133
plans/time-decay-expert-scoring.feedback-4.md
View File

@@ -1,133 +0,0 @@
Your plan is already strong. The biggest remaining gaps are temporal correctness, indexability at scale, and ranking reliability under sparse/noisy evidence. These are the revisions Id make.
1. **Fix temporal correctness for `--as-of` (critical)**
Analysis: Right now the plan describes `--as-of`, but the SQL only enforces lower bounds (`>= since`). If `as_of` is in the past, “future” events can still enter and get full weight (because elapsed is clamped). This breaks reproducibility.
```diff
@@ 3. SQL Restructure
- AND n.created_at >= ?2
+ AND n.created_at BETWEEN ?2 AND ?4
@@ Signal 3/4a/4b
- AND {state_aware_ts} >= ?2
+ AND {state_aware_ts} BETWEEN ?2 AND ?4
@@ 5a. Reproducible Scoring via --as-of
- All decay computations use as_of_ms instead of SystemTime::now()
+ All event selection and decay computations are bounded by as_of_ms.
+ Query window is [since_ms, as_of_ms], never [since_ms, now_ms].
+ Add test: test_as_of_excludes_future_events.
```
2. **Resolve `closed`-state inconsistency**
Analysis: The CASE handles `closed`, but all signal queries filter to `('opened','merged')`, making the `closed_at` branch dead code. Either include closed MRs intentionally or remove that logic. Id include closed with a reduced multiplier.
```diff
@@ ScoringConfig (config.rs)
+ pub closed_mr_multiplier: f64, // default: 0.5
@@ 3. SQL Restructure
- AND m.state IN ('opened','merged')
+ AND m.state IN ('opened','merged','closed')
@@ 4. Rust-Side Aggregation
+ if state == "closed" { contribution *= closed_mr_multiplier; }
```
3. **Replace `OR` path predicates with index-friendly `UNION ALL` branches**
Analysis: `(new_path ... OR old_path ...)` often degrades index usage in SQLite. Split into two indexed branches and dedupe once. This improves planner stability and latency on large datasets.
```diff
@@ 3. SQL Restructure
-WITH matched_notes AS (
- ... AND (n.position_new_path {path_op} OR n.position_old_path {path_op})
-),
+WITH matched_notes AS (
+ SELECT ... FROM notes n WHERE ... AND n.position_new_path {path_op}
+ UNION ALL
+ SELECT ... FROM notes n WHERE ... AND n.position_old_path {path_op}
+),
+matched_notes_dedup AS (
+ SELECT DISTINCT id, discussion_id, author_username, created_at, project_id
+ FROM matched_notes
+),
@@
- JOIN matched_notes mn ...
+ JOIN matched_notes_dedup mn ...
```
4. **Add canonical path identity (rename-chain support)**
Analysis: Direct `old_path/new_path` matching only handles one-hop rename scenarios. A small alias graph/table built at ingest time gives robust expertise continuity across A→B→C chains and avoids repeated SQL complexity.
```diff
@@ Files to Modify
- 3. src/core/db.rs — Add migration for indexes...
+ 3. src/core/db.rs — Add migration for indexes + path_identity table
+ 4. src/core/ingest/*.rs — populate path_identity on rename events
+ 5. src/cli/commands/who.rs — resolve query path to canonical path_id first
@@ Context
- The fix has three parts:
+ The fix has four parts:
+ - Introduce canonical path identity so multi-hop renames preserve expertise
```
5. **Split scoring engine into a versioned core module**
Analysis: `who.rs` is becoming a mixed CLI/query/math/output surface. Move scoring math and event normalization into `src/core/scoring/` with explicit model versions. This reduces regression risk and enables future model experiments.
```diff
@@ Files to Modify
+ 4. src/core/scoring/mod.rs — model interface + shared types
+ 5. src/core/scoring/model_v2_decay.rs — current implementation
+ 6. src/cli/commands/who.rs — orchestration only
@@ 5b. Score Explainability
+ resolved_input includes scoring_model_version and scoring_model_name
```
6. **Add evidence confidence to reduce sparse-data rank spikes**
Analysis: One recent MR can outrank broader, steadier expertise. Add a confidence factor derived from number of distinct evidence MRs and expose both `score_raw` and `score_adjusted`.
```diff
@@ Scoring Formula
+ confidence(user) = 1 - exp(-evidence_mr_count / 6.0)
+ score_adjusted = score_raw * confidence
@@ 4. Rust-Side Aggregation
+ compute evidence_mr_count from unique MR ids across all signals
+ sort by score_adjusted DESC, then score_raw DESC, then last_seen DESC
@@ 5b. --explain-score
+ include confidence and evidence_mr_count
```
7. **Add first-class bot/service-account filtering**
Analysis: Reviewer inflation is not just assignment; bots and automation users can still pollute rankings. Make exclusion explicit and configurable.
```diff
@@ ScoringConfig (config.rs)
+ pub excluded_username_patterns: Vec<String>, // defaults include "*bot*", "renovate", "dependabot"
@@ 3. SQL Restructure
+ AND username NOT MATCHES excluded patterns (applied in Rust post-query or SQL where feasible)
@@ CLI
+ --include-bots (override exclusions)
```
8. **Tighten reviewer “participated” with substantive-note threshold**
Analysis: A single “LGTM” note shouldnt classify someone as engaged reviewer equivalent to real inline review. Use a minimum substantive threshold.
```diff
@@ ScoringConfig (config.rs)
+ pub reviewer_min_note_chars: u32, // default: 20
@@ reviewer_participation CTE
- SELECT DISTINCT ... FROM matched_notes
+ SELECT DISTINCT ... FROM matched_notes
+ WHERE LENGTH(TRIM(body)) >= ?reviewer_min_note_chars
```
9. **Add rollout safety: model compare mode + rank-delta diagnostics**
Analysis: This is a scoring-model migration. You need safe rollout mechanics, not just tests. Add a compare mode so you can inspect rank deltas before forcing v2.
```diff
@@ CLI (who)
+ --scoring-model v1|v2|compare (default: v2)
+ --max-rank-delta-report N (compare mode diagnostics)
@@ Robot output
+ include v1_score, v2_score, rank_delta when --scoring-model compare
```
If you want, I can produce a single consolidated “plan v4” document that applies all nine diffs cleanly into your original markdown.

209
plans/tui-prd-v2-frankentui.feedback-1.md
View File

@@ -1,209 +0,0 @@
No `## Rejected Recommendations` section was present, so these are all net-new improvements.
1. Keep core `lore` stable; isolate nightly to a TUI crate
Rationale: the current plan says “whole project nightly” but later assumes TUI is feature-gated. Isolating nightly removes unnecessary risk from non-TUI users, CI, and release cadence.
```diff
@@ 3.2 Nightly Rust Strategy
-- The entire gitlore project moves to pinned nightly, not just the TUI feature.
+- Keep core `lore` on stable Rust.
+- Add workspace member `lore-tui` pinned to nightly for FrankenTUI.
+- Ship `lore tui` only when `--features tui` (or separate `lore-tui` binary) is enabled.
@@ 10.1 New Files
+- crates/lore-tui/Cargo.toml
+- crates/lore-tui/src/main.rs
@@ 11. Assumptions
-17. TUI module is feature-gated.
+17. TUI is isolated in a workspace crate and feature-gated in root CLI integration.
```
2. Add a framework adapter boundary from day 1
Rationale: the “3-day ratatui escape hatch” is optimistic without a strict interface. A tiny `UiRuntime` + screen renderer trait makes fallback real, not aspirational.
```diff
@@ 4. Architecture
+### 4.9 UI Runtime Abstraction
+Introduce `UiRuntime` trait (`run`, `send`, `subscribe`) and `ScreenRenderer` trait.
+FrankenTUI implementation is default; ratatui adapter can be dropped in with no state/action rewrite.
@@ 3.5 Escape Hatch
-- The migration cost to ratatui is ~3 days
+- Migration cost target is ~3-5 days, validated by one ratatui spike screen in Phase 1.
```
3. Stop using CLI command modules as the TUI query API
Rationale: coupling TUI to CLI output-era structs creates long-term friction and accidental regressions. Create a shared domain query layer used by both CLI and TUI.
```diff
@@ 10.20 Refactor: Extract Query Functions
-- extract query_* from cli/commands/*
+- introduce `src/domain/query/*` as the canonical read model API.
+- CLI and TUI both depend on domain query layer.
+- CLI modules retain formatting/output only.
@@ 10.2 Modified Files
+- src/domain/query/mod.rs
+- src/domain/query/issues.rs
+- src/domain/query/mrs.rs
+- src/domain/query/search.rs
+- src/domain/query/who.rs
```
4. Replace single `Arc<Mutex<Connection>>` with connection manager
Rationale: one locked connection serializes everything and hurts responsiveness, especially during sync. Use separate read pool + writer connection with WAL and busy timeout.
```diff
@@ 4.4 App — Implementing the Model Trait
- pub db: Arc<Mutex<Connection>>,
+ pub db: Arc<DbManager>, // read pool + single writer coordination
@@ 4.5 Async Action System
- Each Cmd::task closure locks the mutex, runs the query, and returns a Msg
+ Reads use pooled read-only connections.
+ Sync/write path uses dedicated writer connection.
+ Enforce WAL, busy_timeout, and retry policy for SQLITE_BUSY.
```
5. Make debouncing/cancellation explicit and correct
Rationale: “runtime coalesces rapid keypresses” is not a safe correctness guarantee. Add request IDs and stale-response dropping to prevent flicker and wrong data.
```diff
@@ 4.3 Core Types (Msg)
+ SearchRequestStarted { request_id: u64, query: String }
- SearchExecuted(SearchResults),
+ SearchExecuted { request_id: u64, results: SearchResults },
@@ 4.4 maybe_debounced_query()
- runtime coalesces rapid keypresses
+ use explicit 200ms debounce timer + monotonic request_id
+ ignore results whose request_id != current_search_request_id
```
6. Implement true streaming sync, not batch-at-end pseudo-streaming
Rationale: the plan promises real-time logs/progress but code currently returns one completion message. This gap will disappoint users and complicate cancellation.
```diff
@@ 4.4 start_sync_task()
- Pragmatic approach: run sync synchronously, collect all progress events, return summary.
+ Use event channel subscription for `SyncProgress`/`SyncLogLine` streaming.
+ Keep `SyncCompleted` only as terminal event.
+ Add cooperative cancel token mapped to `Esc` while running.
@@ 5.9 Sync
+ Add "Resume from checkpoint" option for interrupted syncs.
```
7. Fix entity identity ambiguity across projects
Rationale: using `iid` alone is unsafe in multi-project datasets. Navigation and cross-refs should key by `(project_id, iid)` or global ID.
```diff
@@ 4.3 Core Types
- IssueDetail(i64)
- MrDetail(i64)
+ IssueDetail(EntityKey)
+ MrDetail(EntityKey)
+ pub struct EntityKey { pub project_id: i64, pub iid: i64, pub kind: EntityKind }
@@ 10.12.4 Cross-Reference Widget
- parse "group/project#123" -> iid only
+ parse into `{project_path, iid, kind}` then resolve to `project_id` before navigation
```
8. Resolve keybinding conflicts and formalize keymap precedence
Rationale: current spec conflicts (`Tab` sort vs focus filter; `gg` vs go-prefix). A deterministic keymap contract prevents UX bugs.
```diff
@@ 8.2 List Screens
- Tab | Cycle sort column
- f | Focus filter bar
+ Tab | Focus filter bar
+ S | Cycle sort column
+ / | Focus filter bar (alias)
@@ 4.4 interpret_key()
+ Add explicit precedence table:
+ 1) modal/palette
+ 2) focused input
+ 3) global
+ 4) screen-local
+ Add configurable go-prefix timeout (default 500ms) with cancel feedback.
```
9. Add performance SLOs and DB/index plan
Rationale: “fast enough” is vague. Add measurable budgets, required indexes, and query-plan gates in CI for predictable performance.
```diff
@@ 3.1 Risk Matrix
+ Add risk: "Query latency regressions on large datasets"
@@ 9.3 Phase 0 — Toolchain Gate
+7. p95 list query latency < 75ms on 100k issues synthetic fixture
+8. p95 search latency < 200ms on 1M docs (lexical mode)
@@ 11. Assumptions
-5. SQLite queries are fast enough for interactive use (<50ms for filtered results).
+5. Performance budgets are enforced by benchmark fixtures and query-plan checks.
+6. Required indexes documented and migration-backed before TUI GA.
```
10. Add reliability/observability model (error classes, retries, tracing)
Rationale: one string toast is not enough for production debugging. Add typed errors, retry policy, and an in-TUI diagnostics pane.
```diff
@@ 4.3 Core Types (Msg)
- Error(String),
+ Error(AppError),
+ pub enum AppError {
+ DbBusy, DbCorruption, NetworkRateLimited, NetworkUnavailable,
+ AuthFailed, ParseError, Internal(String)
+ }
@@ 5.11 Doctor / Stats
+ Add "Diagnostics" tab:
+ - last 100 errors
+ - retry counts
+ - current sync/backoff state
+ - DB contention metrics
```
11. Add “Saved Views + Watchlist” as high-value product features
Rationale: this makes the TUI compelling daily, not just navigable. Users can persist filters and monitor critical slices (e.g., “P1 auth issues updated in last 24h”).
```diff
@@ 1. Executive Summary
+ - Saved Views (named filters and layouts)
+ - Watchlist panel (tracked queries with delta badges)
@@ 5. Screen Taxonomy
+### 5.12 Saved Views / Watchlist
+Persistent named filters for Issues/MRs/Search.
+Dashboard shows per-watchlist deltas since last session.
@@ 6. User Flows
+### 6.9 Flow: "Run morning watchlist triage"
+Dashboard -> Watchlist -> filtered IssueList/MRList -> detail drilldown
```
12. Strengthen testing plan with deterministic behavior and chaos cases
Rationale: snapshot tests alone wont catch race/staleness/cancellation issues. Add concurrency, cancellation, and flaky terminal behavior tests.
```diff
@@ 9.2 Phases
+Phase 5.5 Reliability Test Pack (2d)
+ - stale response drop tests
+ - sync cancel/resume tests
+ - SQLITE_BUSY retry tests
+ - resize storm and rapid key-chord tests
@@ 10.9 Snapshot Test Example
+ Add non-snapshot tests:
+ - property tests for navigation invariants
+ - integration tests for request ordering correctness
+ - benchmark tests for query budgets
```
If you want, I can produce a consolidated “PRD v2.1 patch” with all of the above merged into one coherent updated document structure.

203
plans/tui-prd-v2-frankentui.feedback-2.md
View File

@@ -1,203 +0,0 @@
I excluded the two items in your `## Rejected Recommendations` and focused on net-new improvements.
These are the highest-impact revisions Id make.
### 1. Fix the package graph now (avoid a hard Cargo cycle)
Your current plan has `root -> optional lore-tui` and `lore-tui -> lore (root)`, which creates a cyclic dependency risk. Split shared logic into a dedicated core crate so CLI and TUI both depend downward.
```diff
diff --git a/PRD.md b/PRD.md
@@ ## 9.1 Dependency Changes
-[workspace]
-members = [".", "crates/lore-tui"]
+[workspace]
+members = [".", "crates/lore-core", "crates/lore-tui"]
@@
-[dependencies]
-lore-tui = { path = "crates/lore-tui", optional = true }
+[dependencies]
+lore-core = { path = "crates/lore-core" }
+lore-tui = { path = "crates/lore-tui", optional = true }
@@ # crates/lore-tui/Cargo.toml
-lore = { path = "../.." } # Core lore library
+lore-core = { path = "../lore-core" } # Shared domain/query crate (acyclic graph)
```
### 2. Stop coupling TUI to `cli/commands/*` internals
Calling CLI command modules from TUI is brittle and will drift. Introduce a shared query/service layer with DTOs owned by core.
```diff
diff --git a/PRD.md b/PRD.md
@@ ## 4.1 Module Structure
- action.rs # Async action runners (DB queries, GitLab calls)
+ action.rs # Task dispatch only
+ service/
+ mod.rs
+ query.rs # Shared read services (CLI + TUI)
+ sync.rs # Shared sync orchestration facade
+ dto.rs # UI-agnostic data contracts
@@ ## 10.2 Modified Files
-src/cli/commands/list.rs # Extract query_issues(), query_mrs() as pub fns
-src/cli/commands/show.rs # Extract query_issue_detail(), query_mr_detail() as pub fns
-src/cli/commands/who.rs # Extract query_experts(), etc. as pub fns
-src/cli/commands/search.rs # Extract run_search_query() as pub fn
+crates/lore-core/src/query/issues.rs # Canonical issue queries
+crates/lore-core/src/query/mrs.rs # Canonical MR queries
+crates/lore-core/src/query/show.rs # Canonical detail queries
+crates/lore-core/src/query/who.rs # Canonical people queries
+crates/lore-core/src/query/search.rs # Canonical search queries
+src/cli/commands/*.rs # Consume lore-core query services
+crates/lore-tui/src/action.rs # Consume lore-core query services
```
### 3. Add a real task supervisor (dedupe + cancellation + priority)
Right now tasks are ad hoc and can overrun each other. Add a scheduler keyed by screen+intent.
```diff
diff --git a/PRD.md b/PRD.md
@@ ## 4.5 Async Action System
-The `Cmd::task(|| { ... })` pattern runs a blocking closure on a background thread pool.
+The TUI uses a `TaskSupervisor`:
+- Keyed tasks (`TaskKey`) to dedupe redundant requests
+- Priority lanes (`Input`, `Navigation`, `Background`)
+- Cooperative cancellation tokens per task
+- Late-result drop via generation IDs (not just search)
@@ ## 4.3 Core Types
+pub enum TaskKey {
+ LoadScreen(Screen),
+ Search { generation: u64 },
+ SyncStream,
+}
```
### 4. Correct sync streaming architecture (current sketch loses streamed events)
The sample creates `tx/rx` then drops `rx`; events never reach update loop. Define an explicit stream subscription with bounded queue and backpressure policy.
```diff
diff --git a/PRD.md b/PRD.md
@@ ## 4.4 App — Implementing the Model Trait
- let (tx, _rx) = std::sync::mpsc::channel::<Msg>();
+ let (tx, rx) = std::sync::mpsc::sync_channel::<Msg>(1024);
+ // rx is registered via Subscription::from_receiver("sync-stream", rx)
@@
- let result = crate::ingestion::orchestrator::run_sync(
+ let result = crate::ingestion::orchestrator::run_sync(
&config,
&conn,
|event| {
@@
- let _ = tx.send(Msg::SyncProgress(event.clone()));
- let _ = tx.send(Msg::SyncLogLine(format!("{event:?}")));
+ if tx.try_send(Msg::SyncProgress(event.clone())).is_err() {
+ let _ = tx.try_send(Msg::SyncBackpressureDrop);
+ }
+ let _ = tx.try_send(Msg::SyncLogLine(format!("{event:?}")));
},
);
```
### 5. Upgrade data-plane performance plan (keyset pagination + index contracts)
Virtualized list without keyset paging still forces expensive scans. Add explicit keyset pagination and query-plan CI checks.
```diff
diff --git a/PRD.md b/PRD.md
@@ ## 9.3 Phase 0 — Toolchain Gate
-7. p95 list query latency < 75ms on synthetic fixture (10k issues, 5k MRs)
+7. p95 list page fetch latency < 75ms using keyset pagination (10k issues, 5k MRs)
+8. EXPLAIN QUERY PLAN must show index usage for top 10 TUI queries
+9. No full table scan on issues/MRs/discussions under default filters
@@
-8. p95 search latency < 200ms on synthetic fixture (50k documents, lexical mode)
+10. p95 search latency < 200ms on synthetic fixture (50k documents, lexical mode)
+## 9.4 Required Indexes (GA blocker)
+- `issues(project_id, state, updated_at DESC, iid DESC)`
+- `merge_requests(project_id, state, updated_at DESC, iid DESC)`
+- `discussions(project_id, entity_type, entity_iid, created_at DESC)`
+- `notes(discussion_id, created_at ASC)`
```
### 6. Enforce `EntityKey` everywhere (remove bare IID paths)
You correctly identified multi-project IID collisions, but many message/state signatures still use `i64`. Make `EntityKey` mandatory in all navigation and detail loaders.
```diff
diff --git a/PRD.md b/PRD.md
@@ ## 4.3 Core Types
- IssueSelected(i64),
+ IssueSelected(EntityKey),
@@
- MrSelected(i64),
+ MrSelected(EntityKey),
@@
- IssueDetailLoaded(IssueDetail),
+ IssueDetailLoaded { key: EntityKey, detail: IssueDetail },
@@
- MrDetailLoaded(MrDetail),
+ MrDetailLoaded { key: EntityKey, detail: MrDetail },
@@ ## 10.10 State Module — Complete
- Cmd::msg(Msg::NavigateTo(Screen::IssueDetail(iid)))
+ Cmd::msg(Msg::NavigateTo(Screen::IssueDetail(entity_key)))
```
### 7. Harden filter/search semantics (strict parser + inline diagnostics + explain scores)
Current filter parser silently ignores unknown fields; that causes hidden mistakes. Add strict parse diagnostics and search score explainability.
```diff
diff --git a/PRD.md b/PRD.md
@@ ## 10.12.1 Filter Bar Widget
- _ => {} // Unknown fields silently ignored
+ _ => self.errors.push(format!("Unknown filter field: {}", token.field))
+ pub errors: Vec<String>, // inline parse/validation errors
+ pub warnings: Vec<String>, // non-fatal coercions
@@ ## 5.6 Search
-- **Live preview:** Selected result shows snippet + metadata in right pane
+- **Live preview:** Selected result shows snippet + metadata in right pane
+- **Explain score:** Optional breakdown (lexical, semantic, recency, boosts) for trust/debug
```
### 8. Add operational resilience: safe mode + panic report + startup fallback
TUI failures should degrade gracefully, not block usage.
```diff
diff --git a/PRD.md b/PRD.md
@@ ## 3.1 Risk Matrix
+| Runtime panic leaves user blocked | High | Medium | Panic hook writes crash report, restores terminal, offers fallback CLI command |
@@ ## 10.3 Entry Point
+pub fn launch_tui(config: Config, db_path: &Path) -> Result<(), LoreError> {
+ install_panic_hook_for_tui(); // terminal restore + crash dump path
+ ...
+}
@@ ## 8.1 Global (Available Everywhere)
+| `:` | Show fallback equivalent CLI command for current screen/action |
```
### 9. Add a “jump list” (forward/back navigation, not only stack pop)
Current model has only push/pop and reset. Add browser-like history for investigation workflows.
```diff
diff --git a/PRD.md b/PRD.md
@@ ## 4.7 Navigation Stack Implementation
pub struct NavigationStack {
- stack: Vec<Screen>,
+ back_stack: Vec<Screen>,
+ current: Screen,
+ forward_stack: Vec<Screen>,
+ jump_list: Vec<Screen>, // recent entity/detail hops
}
@@ ## 8.1 Global (Available Everywhere)
+| `Ctrl+o` | Jump backward in jump list |
+| `Ctrl+i` | Jump forward in jump list |
```
If you want, I can produce a single consolidated “PRD v2.1” patch that applies all nine revisions coherently section-by-section.

163
plans/tui-prd-v2-frankentui.feedback-3.md
View File

@@ -1,163 +0,0 @@
I excluded everything already listed in `## Rejected Recommendations`.
These are the highest-impact net-new revisions Id make.
1. **Enforce Entity Identity Consistency End-to-End (P0)**
Analysis: The PRD defines `EntityKey`, but many code paths still pass bare `iid` (`IssueSelected(item.iid)`, timeline refs, search refs). In multi-project datasets this will cause wrong-entity navigation and subtle data corruption in cached state. Make `EntityKey` mandatory in every navigation message and add compile-time constructors.
```diff
@@ 4.3 Core Types
pub struct EntityKey {
pub project_id: i64,
pub iid: i64,
pub kind: EntityKind,
}
+impl EntityKey {
+ pub fn issue(project_id: i64, iid: i64) -> Self { Self { project_id, iid, kind: EntityKind::Issue } }
+ pub fn mr(project_id: i64, iid: i64) -> Self { Self { project_id, iid, kind: EntityKind::MergeRequest } }
+}
@@ 10.10 state/issue_list.rs
- .map(|item| Msg::IssueSelected(item.iid))
+ .map(|item| Msg::IssueSelected(EntityKey::issue(item.project_id, item.iid)))
@@ 10.10 state/mr_list.rs
- .map(|item| Msg::MrSelected(item.iid))
+ .map(|item| Msg::MrSelected(EntityKey::mr(item.project_id, item.iid)))
```
2. **Make TaskSupervisor Mandatory for All Background Work (P0)**
Analysis: The plan introduces `TaskSupervisor` but still dispatches many direct `Cmd::task` calls. That will reintroduce stale updates, duplicate queries, and priority inversion under rapid input. Centralize all background task creation through one spawn path that enforces dedupe, cancellation tokening, and generation checks.
```diff
@@ 4.5.1 Task Supervisor (Dedup + Cancellation + Priority)
-The supervisor is owned by `LoreApp` and consulted before dispatching any `Cmd::task`.
+The supervisor is owned by `LoreApp` and is the ONLY allowed path for background work.
+All task launches use `LoreApp::spawn_task(TaskKey, TaskPriority, closure)`.
@@ 4.4 App — Implementing the Model Trait
- Cmd::task(move || { ... })
+ self.spawn_task(TaskKey::LoadScreen(screen.clone()), TaskPriority::Navigation, move |token| { ... })
```
3. **Remove the Sync Streaming TODO and Make Real-Time Streaming a GA Gate (P0)**
Analysis: Current text admits sync progress is buffered with a TODO. That undercuts one of the main value props. Make streaming progress/log delivery non-optional, with bounded buffers and dropped-line accounting.
```diff
@@ 4.4 start_sync_task()
- // TODO: Register rx as subscription when FrankenTUI supports it.
- // For now, the task returns the final Msg and progress is buffered.
+ // Register rx as a live subscription (`Subscription::from_receiver` adapter).
+ // Progress and logs must render in real time (no batch-at-end fallback).
+ // Keep a bounded ring buffer (N=5000) and surface `dropped_log_lines` in UI.
@@ 9.3 Phase 0 — Toolchain Gate
+11. Real-time sync stream verified: progress updates visible during run, not only at completion.
```
4. **Upgrade List/Search Data Strategy to Windowed Keyset + Prefetch (P0)**
Analysis: “Virtualized list” alone does not solve query/transfer cost if full result sets are loaded. Move to fixed-size keyset windows with next-window prefetch and fast first paint; this keeps latency predictable on 100k+ records.
```diff
@@ 5.2 Issue List
- Pagination: Virtual scrolling for large result sets
+ Pagination: Windowed keyset pagination (window=200 rows) with background prefetch of next window.
+ First paint uses current window only; no full-result materialization.
@@ 5.4 MR List
+ Same windowed keyset pagination strategy as Issue List.
@@ 9.3 Success criteria
- 7. p95 list page fetch latency < 75ms using keyset pagination on synthetic fixture (10k issues, 5k MRs)
+ 7. p95 first-paint latency < 50ms and p95 next-window fetch < 75ms on synthetic fixture (100k issues, 50k MRs)
```
5. **Add Resumable Sync Checkpoints + Per-Project Fault Isolation (P1)**
Analysis: If sync is interrupted or one project fails, current design mostly falls back to cancel/fail. Add checkpoints so long runs can resume, and isolate failures to project/resource scope while continuing others.
```diff
@@ 3.1 Risk Matrix
+| Interrupted sync loses progress | High | Medium | Persist phase checkpoints and offer resume |
@@ 5.9 Sync
+Running mode: failed project/resource lanes are marked degraded while other lanes continue.
+Summary mode: offer `[R]esume interrupted sync` from last checkpoint.
@@ 11 Assumptions
-16. No new SQLite tables needed (but required indexes must be verified — see Performance SLOs).
+16. Add minimal internal tables for reliability: `sync_runs` and `sync_checkpoints` (append-only metadata).
```
6. **Add Capability-Adaptive Rendering Modes (P1)**
Analysis: Terminal compatibility is currently test-focused, but runtime adaptation is under-specified. Add explicit degradations for no-truecolor, no-unicode, slow SSH/tmux paths to reduce rendering artifacts and support incidents.
```diff
@@ 3.4 Terminal Compatibility Testing
+Add capability matrix validation: truecolor/256/16 color, unicode/ascii glyphs, alt-screen on/off.
@@ 10.19 CLI Integration
+Tui {
+ #[arg(long, default_value="auto")] render_mode: String, // auto|full|minimal
+ #[arg(long)] ascii: bool,
+ #[arg(long)] no_alt_screen: bool,
+}
```
7. **Harden Browser/Open and Log Privacy (P1)**
Analysis: `open_current_in_browser` currently trusts stored URLs; sync logs may expose tokens/emails from upstream messages. Add host allowlisting and redaction pipeline by default.
```diff
@@ 4.4 open_current_in_browser()
- if let Some(url) = url { ... open ... }
+ if let Some(url) = url {
+ if !self.state.security.is_allowed_gitlab_url(&url) {
+ self.state.set_error("Blocked non-GitLab URL".into());
+ return;
+ }
+ ... open ...
+ }
@@ 5.9 Sync
+Log stream passes through redaction (tokens, auth headers, email local-parts) before render/storage.
```
8. **Add “My Workbench” Screen for Daily Pull (P1, new feature)**
Analysis: The PRD is strong on exploration, weaker on “what should I do now?”. Add a focused operator screen aggregating assigned issues, requested reviews, unresolved threads mentioning me, and stale approvals. This makes the TUI habit-forming.
```diff
@@ 5. Screen Taxonomy
+### 5.12 My Workbench
+Single-screen triage cockpit:
+- Assigned-to-me open issues/MRs
+- Review requests awaiting action
+- Threads mentioning me and unresolved
+- Recently stale approvals / blocked MRs
@@ 8.1 Global
+| `gb` | Go to My Workbench |
@@ 9.2 Phases
+section Phase 3.5 — Daily Workflow
+My Workbench screen + queries :p35a, after p3d, 2d
```
9. **Add Rollout, SLO Telemetry, and Kill-Switch Plan (P0)**
Analysis: You have implementation phases but no production rollout control. Add explicit experiment flags, health telemetry, and rollback criteria so risk is operationally bounded.
```diff
@@ Table of Contents
-11. [Assumptions](#11-assumptions)
+11. [Assumptions](#11-assumptions)
+12. [Rollout & Telemetry](#12-rollout--telemetry)
@@ NEW SECTION 12
+## 12. Rollout & Telemetry
+- Feature flags: `tui_experimental`, `tui_sync_streaming`, `tui_workbench`
+- Metrics: startup_ms, frame_render_p95_ms, db_busy_rate, panic_free_sessions, sync_drop_events
+- Kill-switch: disable `tui` feature path at runtime if panic rate > 0.5% sessions over 24h
+- Canary rollout: internal only -> opt-in beta -> default-on
```
10. **Strengthen Reliability Pack with Event-Fuzz + Soak Tests (P0)**
Analysis: Current tests are good but still light on prolonged event pressure. Add deterministic fuzzed key/resize/paste streams and a long soak to catch rare deadlocks/leaks and state corruption.
```diff
@@ 9.2 Phase 5.5 — Reliability Test Pack
+Event fuzz tests (key/resize/paste interleavings) :p55g, after p55e, 1d
+30-minute soak test (no panic, bounded memory) :p55h, after p55g, 1d
@@ 9.3 Success criteria
+12. Event-fuzz suite passes with zero invariant violations across 10k randomized traces.
+13. 30-minute soak: no panic, no deadlock, memory growth < 5%.
```
If you want, I can produce a single consolidated unified diff of the full PRD text next (all edits merged, ready to apply as v3).

157
plans/tui-prd-v2-frankentui.feedback-4.md
View File

@@ -1,157 +0,0 @@
Below are my strongest revisions, focused on correctness, reliability, and long-term maintainability, while avoiding all items in your `## Rejected Recommendations`.
1. **Fix the Cargo/toolchain architecture (current plan has a real dependency-cycle risk and shaky per-member toolchain behavior).**
Analysis: The current plan has `lore -> lore-tui (optional)` and `lore-tui -> lore`, which creates a package cycle when `tui` is enabled. Also, per-member `rust-toolchain.toml` in a workspace is easy to misapply in CI/dev workflows. The cleanest robust shape is: `lore-tui` is a separate binary crate (nightly), `lore` remains stable and delegates at runtime (`lore tui` shells out to `lore-tui`).
```diff
--- a/Gitlore_TUI_PRD_v2.md
+++ b/Gitlore_TUI_PRD_v2.md
@@ 3.2 Nightly Rust Strategy
-- The `lore` binary integrates TUI via `lore tui` subcommand. The `lore-tui` crate is a library dependency feature-gated in the root.
+- `lore-tui` is a separate binary crate built on pinned nightly.
+- `lore` (stable) does not compile-link `lore-tui`; `lore tui` delegates by spawning `lore-tui`.
+- This removes Cargo dependency-cycle risk and keeps stable builds nightly-free.
@@ 9.1 Dependency Changes
-[features]
-tui = ["dep:lore-tui"]
-[dependencies]
-lore-tui = { path = "crates/lore-tui", optional = true }
+[dependencies]
+# no compile-time dependency on lore-tui from lore
+# runtime delegation keeps toolchains isolated
@@ 10.19 CLI Integration
-Add Tui match arm that directly calls crate::tui::launch_tui(...)
+Add Tui match arm that resolves and spawns `lore-tui` with passthrough args.
+If missing, print actionable install/build command.
```
2. **Make `TaskSupervisor` the *actual* single async path (remove contradictory direct `Cmd::task` usage in state handlers).**
Analysis: You declare “direct `Cmd::task` is prohibited outside supervisor,” but later `handle_screen_msg` still launches tasks directly. That contradiction will reintroduce stale-result bugs and race conditions. Make state handlers pure (intent-only); all async launch/cancel/dedup goes through one supervised API.
```diff
--- a/Gitlore_TUI_PRD_v2.md
+++ b/Gitlore_TUI_PRD_v2.md
@@ 4.5.1 Task Supervisor
-The supervisor is the ONLY allowed path for background work.
+The supervisor is the ONLY allowed path for background work, enforced by architecture:
+`AppState` emits intents only; `LoreApp::update` launches tasks via `spawn_task(...)`.
@@ 10.10 State Module — Complete
-pub fn handle_screen_msg(..., db: &Arc<Mutex<Connection>>) -> Cmd<Msg>
+pub fn handle_screen_msg(...) -> ScreenIntent
+// no DB access, no Cmd::task in state layer
```
3. **Enforce `EntityKey` everywhere (remove raw IID navigation paths).**
Analysis: Multi-project identity is one of your strongest ideas, but multiple snippets still navigate by bare IID (`document_id`, `EntityRef::Issue(i64)`). That can misroute across projects and create silent correctness bugs. Make all navigation-bearing results carry `EntityKey` end-to-end.
```diff
--- a/Gitlore_TUI_PRD_v2.md
+++ b/Gitlore_TUI_PRD_v2.md
@@ 4.3 Core Types
-pub enum EntityRef { Issue(i64), MergeRequest(i64) }
+pub enum EntityRef { Issue(EntityKey), MergeRequest(EntityKey) }
@@ 10.10 state/search.rs
-Some(Msg::NavigateTo(Screen::IssueDetail(r.document_id)))
+Some(Msg::NavigateTo(Screen::IssueDetail(r.entity_key.clone())))
@@ 10.11 action.rs
-pub fn fetch_issue_detail(conn: &Connection, iid: i64) -> Result<IssueDetail, LoreError>
+pub fn fetch_issue_detail(conn: &Connection, key: &EntityKey) -> Result<IssueDetail, LoreError>
```
4. **Introduce a shared query boundary inside the existing crate (not a new crate) to decouple TUI from CLI presentation structs.**
Analysis: Reusing CLI command modules directly is fast initially, but it ties TUI to output-layer types and command concerns. A minimal internal `core::query::*` module gives a stable data contract used by both CLI and TUI without the overhead of a new crate split.
```diff
--- a/Gitlore_TUI_PRD_v2.md
+++ b/Gitlore_TUI_PRD_v2.md
@@ 10.2 Modified Files
-src/cli/commands/list.rs # extract query_issues/query_mrs as pub
-src/cli/commands/show.rs # extract query_issue_detail/query_mr_detail as pub
+src/core/query/mod.rs
+src/core/query/issues.rs
+src/core/query/mrs.rs
+src/core/query/detail.rs
+src/core/query/search.rs
+src/core/query/who.rs
+src/cli/commands/* now call core::query::* + format output
+TUI action.rs calls core::query::* directly
```
5. **Add terminal-safety sanitization for untrusted text (ANSI/OSC injection hardening).**
Analysis: Issue/MR bodies, notes, and logs are untrusted text in a terminal context. Without sanitization, terminal escape/control sequences can spoof UI or trigger unintended behavior. Add explicit sanitization and a strict URL policy before rendering/opening.
```diff
--- a/Gitlore_TUI_PRD_v2.md
+++ b/Gitlore_TUI_PRD_v2.md
@@ 3.1 Risk Matrix
+| Terminal escape/control-sequence injection via issue/note text | High | Medium | Strip ANSI/OSC/control chars before render; escape markdown output; allowlist URL scheme+host |
@@ 4.1 Module Structure
+ safety.rs # sanitize_for_terminal(), safe_url_policy()
@@ 10.5/10.8/10.14/10.16
+All user-sourced text passes through `sanitize_for_terminal()` before widget rendering.
+Disable markdown raw HTML and clickable links unless URL policy passes.
```
6. **Move resumable sync checkpoints into v1 (lightweight version).**
Analysis: You already identify interruption risk as real. Deferring resumability to post-v1 leaves a major reliability gap in exactly the heaviest workflow. A lightweight checkpoint table (resource cursor + updated-at watermark) gives large reliability gain with modest complexity.
```diff
--- a/Gitlore_TUI_PRD_v2.md
+++ b/Gitlore_TUI_PRD_v2.md
@@ 3.1 Risk Matrix
-- Resumable checkpoints planned for post-v1
+Resumable checkpoints included in v1 (lightweight cursors per project/resource lane)
@@ 9.3 Success Criteria
+14. Interrupt-and-resume test: sync resumes from checkpoint and reaches completion without full restart.
@@ 9.3.1 Required Indexes (GA Blocker)
+CREATE TABLE IF NOT EXISTS sync_checkpoints (
+ project_id INTEGER NOT NULL,
+ lane TEXT NOT NULL,
+ cursor TEXT,
+ updated_at_ms INTEGER NOT NULL,
+ PRIMARY KEY (project_id, lane)
+);
```
7. **Strengthen performance gates with tiered fixtures and memory ceilings.**
Analysis: Current thresholds are good, but fixture sizes are too close to mid-scale only. Add S/M/L fixtures and memory budget checks so regressions appear before real-world datasets hit them. This gives much more confidence in long-term scalability.
```diff
--- a/Gitlore_TUI_PRD_v2.md
+++ b/Gitlore_TUI_PRD_v2.md
@@ 9.3 Phase 0 — Toolchain Gate
-7. p95 first-paint latency < 50ms ... (100k issues, 50k MRs)
-10. p95 search latency < 200ms ... (50k documents)
+7. Tiered fixtures:
+ S: 10k issues / 5k MRs / 50k notes
+ M: 100k issues / 50k MRs / 500k notes
+ L: 250k issues / 100k MRs / 1M notes
+ Enforce p95 targets per tier and memory ceiling (<250MB RSS in M tier).
+10. Search SLO validated in S and M tiers, lexical and hybrid modes.
```
8. **Add session restore (last screen + filters + selection), with explicit `--fresh` opt-out.**
Analysis: This is high-value daily UX with low complexity, and it makes the TUI feel materially more “compelling/useful” without feature bloat. It also reduces friction when recovering from crash/restart.
```diff
--- a/Gitlore_TUI_PRD_v2.md
+++ b/Gitlore_TUI_PRD_v2.md
@@ 1. Executive Summary
+- **Session restore** — resume last screen, filters, and selection on startup.
@@ 4.1 Module Structure
+ session.rs # persisted UI session state
@@ 8.1 Global
+| `Ctrl+R` | Reset session state for current screen |
@@ 10.19 CLI Integration
+`lore tui --fresh` starts without restoring prior session state.
@@ 11. Assumptions
-12. No TUI-specific configuration initially.
+12. Minimal TUI state file is allowed for session restore only.
```
9. **Add parity tests between TUI data panels and `--robot` outputs.**
Analysis: You already have `ShowCliEquivalent`; parity tests make that claim trustworthy and prevent drift between interfaces. This is a strong reliability multiplier and helps future refactors.
```diff
--- a/Gitlore_TUI_PRD_v2.md
+++ b/Gitlore_TUI_PRD_v2.md
@@ 9.2 Phases / 9.3 Success Criteria
+Phase 5.6 — CLI/TUI Parity Pack
+ - Dashboard count parity vs `lore --robot count/status`
+ - List/detail parity for issues/MRs on sampled entities
+ - Search result identity parity (top-N ids) for lexical mode
+Success criterion: parity suite passes on CI fixtures.
```
If you want, I can produce a single consolidated patch of the PRD text (one unified diff) so you can drop it directly into the next iteration.

200
plans/tui-prd-v2-frankentui.feedback-5.md
View File

@@ -1,200 +0,0 @@
1. **Fix the structural inconsistency between `src/tui` and `crates/lore-tui/src`**
Analysis: The PRD currently defines two different code layouts for the same system. That will cause implementation drift, wrong imports, and duplicated modules. Locking to one canonical layout early prevents execution churn and makes every snippet/action item unambiguous.
```diff
@@ 4.1 Module Structure @@
-src/
- tui/
+crates/lore-tui/src/
mod.rs
app.rs
message.rs
@@
-### 10.5 Dashboard View (FrankenTUI Native)
-// src/tui/view/dashboard.rs
+### 10.5 Dashboard View (FrankenTUI Native)
+// crates/lore-tui/src/view/dashboard.rs
@@
-### 10.6 Sync View
-// src/tui/view/sync.rs
+### 10.6 Sync View
+// crates/lore-tui/src/view/sync.rs
```
2. **Add a small `ui_adapter` seam to contain FrankenTUI API churn**
Analysis: You already identified high likelihood of upstream breakage. Pinning a commit helps, but if every screen imports raw `ftui_*` types directly, churn ripples through dozens of files. A thin adapter layer reduces upgrade cost without introducing the rejected “full portability abstraction”.
```diff
@@ 3.1 Risk Matrix @@
| API breaking changes | High | High (v0.x) | Pin exact git commit; vendor source if needed |
+| API breakage blast radius across app code | High | High | Constrain ftui usage behind `ui_adapter/*` wrappers |
@@ 4.1 Module Structure @@
+ ui_adapter/
+ mod.rs # Re-export stable local UI primitives
+ runtime.rs # App launch/options wrappers
+ widgets.rs # Table/List/Modal wrapper constructors
+ input.rs # Text input + focus helpers
@@ 9.3 Phase 0 — Toolchain Gate @@
+14. `ui_adapter` compile-check: no screen module imports `ftui_*` directly (lint-enforced)
```
3. **Correct search mode behavior and replace sleep-based debounce with cancelable scheduling**
Analysis: Current plan hardcodes `"hybrid"` in `execute_search`, so mode switching is UI-only and incorrect. Also, spawning sleeping tasks per keypress is wasteful under fast typing. Make mode a first-class query parameter and debounce via one cancelable scheduled event per input domain.
```diff
@@ 4.4 maybe_debounced_query @@
-std::thread::sleep(std::time::Duration::from_millis(200));
-match crate::tui::action::execute_search(&conn, &query, &filters) {
+// no thread sleep; schedule SearchRequestStarted after 200ms via debounce scheduler
+match crate::tui::action::execute_search(&conn, &query, &filters, mode) {
@@ 10.11 Action Module — Query Bridge @@
-pub fn execute_search(conn: &Connection, query: &str, filters: &SearchCliFilters) -> Result<SearchResponse, LoreError> {
- let mode_str = "hybrid"; // default; TUI mode selector overrides
+pub fn execute_search(
+ conn: &Connection,
+ query: &str,
+ filters: &SearchCliFilters,
+ mode: SearchMode,
+) -> Result<SearchResponse, LoreError> {
+ let mode_str = match mode {
+ SearchMode::Hybrid => "hybrid",
+ SearchMode::Lexical => "lexical",
+ SearchMode::Semantic => "semantic",
+ };
@@ 9.3 Phase 0 — Toolchain Gate @@
+15. Search mode parity: lexical/hybrid/semantic each return mode-consistent top-N IDs on fixture
```
4. **Guarantee consistent multi-query reads and add query interruption for responsiveness**
Analysis: Detail screens combine multiple queries that can observe mixed states during sync writes. Wrap each detail fetch in a single read transaction for snapshot consistency. Add cancellation/interrupt checks for long-running queries so UI remains responsive under heavy datasets.
```diff
@@ 4.5 Async Action System @@
+All detail fetches (`issue_detail`, `mr_detail`, timeline expansion) run inside one read transaction
+to guarantee snapshot consistency across subqueries.
@@ 10.11 Action Module — Query Bridge @@
+pub fn with_read_snapshot<T>(
+ conn: &Connection,
+ f: impl FnOnce(&rusqlite::Transaction<'_>) -> Result<T, LoreError>,
+) -> Result<T, LoreError> { ... }
+// Long queries register interrupt checks tied to CancelToken
+// to avoid >1s uninterruptible stalls during rapid navigation/filtering.
```
5. **Formalize sync event streaming contract to prevent “stuck” states**
Analysis: Dropping events on backpressure is acceptable, but completion must never be dropped and event ordering must be explicit. Add a typed `SyncUiEvent` stream with guaranteed terminal sentinel and progress coalescing to reduce load while preserving correctness.
```diff
@@ 4.4 start_sync_task @@
-let (tx, rx) = std::sync::mpsc::sync_channel::<Msg>(1024);
+let (tx, rx) = std::sync::mpsc::sync_channel::<SyncUiEvent>(2048);
-// drop this progress update rather than blocking the sync thread
+// coalesce progress to max 30Hz per lane; never drop terminal events
+// always emit SyncUiEvent::StreamClosed { outcome }
@@ 5.9 Sync @@
-- Log viewer with streaming output
+- Log viewer with streaming output and explicit stream-finalization state
+- UI shows dropped/coalesced event counters for transparency
```
6. **Version and validate session restore payloads**
Analysis: A raw JSON session file without schema/version checks is fragile across releases and DB switches. Add schema version, DB fingerprint, and safe fallback rules so session restore never blocks startup or applies stale state incorrectly.
```diff
@@ 11. Assumptions @@
-12. Minimal TUI state file allowed for session restore only ...
+12. Versioned TUI state file allowed for session restore only:
+ fields include `schema_version`, `app_version`, `db_fingerprint`, `saved_at`, `state`.
@@ 10.1 New Files @@
crates/lore-tui/src/session.rs # Lightweight session state persistence
+ # + versioning, validation, corruption quarantine
@@ 4.1 Module Structure @@
session.rs # Lightweight session state persistence
+ # corrupted file -> `.bad-<timestamp>` and fresh start
```
7. **Harden terminal safety beyond ANSI stripping**
Analysis: ANSI stripping is necessary but not sufficient. Bidi controls and invisible Unicode controls can still spoof displayed content. URL checks should normalize host/port and disallow deceptive variants. This closes realistic terminal spoofing vectors.
```diff
@@ 3.1 Risk Matrix @@
| Terminal escape/control-sequence injection via issue/note text | High | Medium | Strip ANSI/OSC/control chars via sanitize_for_terminal() ... |
+| Bidi/invisible Unicode spoofing in rendered text | High | Medium | Strip bidi overrides + zero-width controls in untrusted text |
@@ 10.4.1 Terminal Safety — Untrusted Text Sanitization @@
-Strip ANSI escape sequences, OSC commands, and control characters
+Strip ANSI/OSC/control chars, bidi overrides (RLO/LRO/PDF/RLI/LRI/FSI/PDI),
+and zero-width/invisible controls from untrusted text
-pub fn is_safe_url(url: &str, allowed_hosts: &[String]) -> bool {
+pub fn is_safe_url(url: &str, allowed_origins: &[Origin]) -> bool {
+ // normalize host (IDNA), enforce scheme+host+port match
```
8. **Use progressive hydration for detail screens**
Analysis: Issue/MR detail first-paint can become slow when discussions are large. Split fetch into phases: metadata first, then discussions/file changes, then deep thread content on expand. This improves perceived performance and keeps navigation snappy on large repos.
```diff
@@ 5.3 Issue Detail @@
-Data source: `lore issues <iid>` + discussions + cross-references
+Data source (progressive):
+1) metadata/header (first paint)
+2) discussions summary + cross-refs
+3) full thread bodies loaded on demand when expanded
@@ 5.5 MR Detail @@
-Unique features: File changes list, Diff discussions ...
+Unique features (progressive hydration):
+- file change summary in first paint
+- diff discussion bodies loaded lazily per expanded thread
@@ 9.3 Phase 0 — Toolchain Gate @@
+16. Detail first-paint p95 < 75ms on M-tier fixtures (metadata-only phase)
```
9. **Make reliability tests reproducible with deterministic clocks/seeds**
Analysis: Relative-time rendering and fuzz tests are currently tied to wall clock/randomness, which makes CI flakes hard to diagnose. Introduce a `Clock` abstraction and deterministic fuzz seeds with failure replay output.
```diff
@@ 10.9.1 Non-Snapshot Tests @@
+/// All time-based rendering uses injected `Clock` in tests.
+/// Fuzz failures print deterministic seed for replay.
@@ 9.2 Phase 5.5 — Reliability Test Pack @@
-Event fuzz tests (key/resize/paste):p55g
+Event fuzz tests (key/resize/paste, deterministic seed replay):p55g
+Deterministic clock/render tests:p55i
```
10. **Add an “Actionable Insights” dashboard panel for stronger day-to-day utility**
Analysis: Current dashboard is informative, but not prioritizing. Adding ranked insights (stale P1s, blocked MRs, discussion hotspots) turns it into a decision surface, not just a metrics screen. This makes the TUI materially more compelling for triage workflows.
```diff
@@ 1. Executive Summary @@
- Dashboard — sync status, project health, counts at a glance
+- Dashboard — sync status, project health, counts, and ranked actionable insights
@@ 5.1 Dashboard (Home Screen) @@
-│ Recent Activity │
+│ Recent Activity │
+│ Actionable Insights │
+│ 1) 7 opened P1 issues >14d │
+│ 2) 3 MRs blocked by unresolved │
+│ 3) auth/ has +42% note velocity │
@@ 6. User Flows @@
+### 6.9 Flow: "Risk-first morning sweep"
+Dashboard -> select insight -> jump to pre-filtered list/detail
```
These 10 changes stay clear of your `Rejected Recommendations` list and materially improve correctness, operability, and product value without adding speculative architecture.

150
plans/tui-prd-v2-frankentui.feedback-6.md
View File

@@ -1,150 +0,0 @@
Your plan is strong and unusually detailed. The biggest upgrades Id make are around build isolation, async correctness, terminal correctness, and turning existing data into sharper triage workflows.
## 1) Fix toolchain isolation so stable builds cannot accidentally pull nightly
Rationale: a `rust-toolchain.toml` inside `crates/lore-tui` is not a complete guard when running workspace commands from repo root. You should structurally prevent stable workflows from touching nightly-only code.
```diff
@@ 3.2 Nightly Rust Strategy
-[workspace]
-members = [".", "crates/lore-tui"]
+[workspace]
+members = ["."]
+exclude = ["crates/lore-tui"]
+`crates/lore-tui` is built as an isolated workspace/package with explicit toolchain invocation:
+ cargo +nightly-2026-02-08 check --manifest-path crates/lore-tui/Cargo.toml
+Core repo remains:
+ cargo +stable check --workspace
```
## 2) Add an explicit `lore` <-> `lore-tui` compatibility contract
Rationale: runtime delegation is correct, but version drift between binaries will become the #1 support failure mode. Add a handshake before launch.
```diff
@@ 10.19 CLI Integration — Adding `lore tui`
+Before spawning `lore-tui`, `lore` runs:
+ lore-tui --print-contract-json
+and validates:
+ - minimum_core_version
+ - supported_db_schema_range
+ - contract_version
+On mismatch, print actionable remediation:
+ cargo install --path crates/lore-tui
```
## 3) Make TaskSupervisor truly authoritative (remove split async paths)
Rationale: the document says supervisor is the only path, but examples still use direct `Cmd::task` and `search_request_id`. Close that contradiction now to avoid stale-data races.
```diff
@@ 4.4 App — Implementing the Model Trait
- search_request_id: u64,
+ task_supervisor: TaskSupervisor,
@@ 4.5.1 Task Supervisor
-The `search_request_id` field in `LoreApp` is superseded...
+`search_request_id` is removed. All async work uses TaskSupervisor generations.
+No direct `Cmd::task` from screen handlers or ad-hoc helpers.
```
## 4) Resolve keybinding conflicts and implement real go-prefix timeout
Rationale: `Ctrl+I` collides with `Tab` in terminals. Also your 500ms go-prefix timeout is described but not enforced in code.
```diff
@@ 8.1 Global (Available Everywhere)
-| `Ctrl+I` | Jump forward in jump list (entity hops) |
+| `Alt+o` | Jump forward in jump list (entity hops) |
@@ 8.2 Keybinding precedence
+Go-prefix timeout is enforced by timestamped state + tick check.
+Backspace global-back behavior is implemented (currently documented but not wired).
```
## 5) Add a shared display-width text utility (Unicode-safe truncation and alignment)
Rationale: current `truncate()` implementations use byte/char length and will misalign CJK/emoji/full-width text in tables and trees.
```diff
@@ 10.1 New Files
+crates/lore-tui/src/text_width.rs # grapheme-safe truncation + display width helpers
@@ 10.5 Dashboard View / 10.13 Issue List / 10.16 Who View
-fn truncate(s: &str, max: usize) -> String { ... }
+use crate::text_width::truncate_display_width;
+// all column fitting/truncation uses terminal display width, not bytes/chars
```
## 6) Upgrade sync streaming to a QoS event bus with sequence IDs
Rationale: today progress/log events can be dropped under load with weak observability. Keep UI responsive while guaranteeing completion semantics and visible gap accounting.
```diff
@@ 4.4 start_sync_task()
-let (tx, rx) = std::sync::mpsc::sync_channel::<SyncUiEvent>(2048);
+let (ctrl_tx, ctrl_rx) = std::sync::mpsc::sync_channel::<SyncCtrlEvent>(256); // never-drop
+let (data_tx, data_rx) = std::sync::mpsc::sync_channel::<SyncDataEvent>(4096); // coalescible
+Every streamed event carries seq_no.
+UI detects gaps and renders: "Dropped N log/progress events due to backpressure."
+Terminal events (started/completed/failed/cancelled) remain lossless.
```
## 7) Make list pagination truly keyset-driven in state, not just in prose
Rationale: plan text promises windowed keyset paging, but state examples still keep a single list without cursor model. Encode pagination state explicitly.
```diff
@@ 10.10 state/issue_list.rs
-pub items: Vec<IssueListRow>,
+pub window: Vec<IssueListRow>,
+pub next_cursor: Option<IssueCursor>,
+pub prev_cursor: Option<IssueCursor>,
+pub prefetch: Option<Vec<IssueListRow>>,
+pub window_size: usize, // default 200
@@ 5.2 Issue List
-Pagination: Windowed keyset pagination...
+Pagination: Keyset cursor model is first-class state with forward/back cursors and prefetch buffer.
```
## 8) Harden session restore with atomic persistence + integrity checksum
Rationale: versioning/quarantine is good, but you still need crash-safe write semantics and tamper/corruption detection to avoid random boot failures.
```diff
@@ 10.1 New Files
-crates/lore-tui/src/session.rs # Versioned session state persistence + validation + corruption quarantine
+crates/lore-tui/src/session.rs # + atomic write (tmp->fsync->rename), checksum, max-size guard
@@ 11. Assumptions
+Session writes are atomic and checksummed.
+Invalid checksum or oversized file triggers quarantine and fresh boot.
```
## 9) Evolve Doctor from read-only text into actionable remediation
Rationale: your CLI already returns machine-actionable `actions`. TUI should surface those as one-key fixes; this materially increases usefulness.
```diff
@@ 5.11 Doctor / Stats (Info Screens)
-Simple read-only views rendering the output...
+Doctor is interactive:
+ - shows health checks + severity
+ - exposes suggested `actions` from robot-mode errors
+ - Enter runs selected action command (with confirmation modal)
+Stats remains read-only.
```
## 10) Add a Dependency Lens to Issue/MR detail (high-value triage feature)
Rationale: you already have cross-refs + discussions + timeline. A compact dependency panel (blocked-by / blocks / unresolved threads) makes this data operational for prioritization.
```diff
@@ 5.3 Issue Detail
-│ ┌─ Cross-References ─────────────────────────────────────────┐ │
+│ ┌─ Dependency Lens ──────────────────────────────────────────┐ │
+│ │ Blocked by: #1198 (open, stale 9d) │ │
+│ │ Blocks: !458 (opened, 2 unresolved threads) │ │
+│ │ Risk: High (P1 + stale blocker + open MR discussion) │ │
+│ └────────────────────────────────────────────────────────────┘ │
@@ 9.2 Phases
+Dependency Lens (issue/mr detail, computed risk score) :p3e, after p2e, 1d
```
---
If you want, I can next produce a consolidated **“v2.1 patch”** of the PRD with all these edits merged into one coherent updated document structure.

264
plans/tui-prd-v2-frankentui.feedback-7.md
View File

@@ -1,264 +0,0 @@
1. **Fix a critical contradiction in workspace/toolchain isolation**
Rationale: Section `3.2` says `crates/lore-tui` is excluded from the root workspace, but Section `9.1` currently adds it as a member. That inconsistency will cause broken CI/tooling behavior and confusion about whether stable-only workflows remain safe.
```diff
--- a/PRD.md
+++ b/PRD.md
@@ 9.1 Dependency Changes
-# Root Cargo.toml changes
-[workspace]
-members = [".", "crates/lore-tui"]
+# Root Cargo.toml changes
+[workspace]
+members = ["."]
+exclude = ["crates/lore-tui"]
@@
-# Add workspace member (no lore-tui dep, no tui feature)
+# Keep lore-tui EXCLUDED from root workspace (nightly isolation boundary)
@@ 9.3 Phase 0 — Toolchain Gate
-1. `cargo check --all-targets` passes on pinned nightly (TUI crate) and stable (core)
+1. `cargo +stable check --workspace --all-targets` passes for root workspace
+2. `cargo +nightly-2026-02-08 check --manifest-path crates/lore-tui/Cargo.toml --all-targets` passes
```
2. **Replace global loading spinner with per-screen stale-while-revalidate**
Rationale: A single `is_loading` flag causes full-screen flicker and blocked context during quick refreshes. Per-screen load states keep existing data visible while background refresh runs, improving perceived performance and usability.
```diff
--- a/PRD.md
+++ b/PRD.md
@@ 10.10 State Module — Complete
- pub is_loading: bool,
+ pub load_state: ScreenLoadStateMap,
@@
- pub fn set_loading(&mut self, loading: bool) {
- self.is_loading = loading;
- }
+ pub fn set_loading(&mut self, screen: ScreenId, state: LoadState) {
+ self.load_state.insert(screen, state);
+ }
+
+pub enum LoadState {
+ Idle,
+ LoadingInitial,
+ Refreshing, // stale data remains visible
+ Error(String),
+}
@@ 4.4 App — Implementing the Model Trait
- // Loading spinner overlay (while async data is fetching)
- if self.state.is_loading {
- crate::tui::view::common::render_loading(frame, body);
- } else {
- match self.navigation.current() { ... }
- }
+ // Always render screen; show lightweight refresh indicator when needed.
+ match self.navigation.current() { ... }
+ crate::tui::view::common::render_refresh_indicator_if_needed(
+ self.navigation.current(), &self.state.load_state, frame, body
+ );
```
3. **Make `TaskSupervisor` a real scheduler (not just token registry)**
Rationale: Current design declares priority lanes but still dispatches directly with `Cmd::task`, and debounce uses `thread::sleep` per keystroke (wastes worker threads). A bounded scheduler with queued tasks and timer-driven debounce will reduce contention and tail latency.
```diff
--- a/PRD.md
+++ b/PRD.md
@@ 4.5.1 Task Supervisor (Dedup + Cancellation + Priority)
-pub struct TaskSupervisor {
- active: HashMap<TaskKey, Arc<CancelToken>>,
- generation: AtomicU64,
-}
+pub struct TaskSupervisor {
+ active: HashMap<TaskKey, Arc<CancelToken>>,
+ generation: AtomicU64,
+ queue: BinaryHeap<ScheduledTask>,
+ inflight: HashMap<TaskPriority, usize>,
+ limits: TaskLaneLimits, // e.g. Input=4, Navigation=2, Background=1
+}
@@
-// 200ms debounce via cancelable scheduled event (not thread::sleep).
-Cmd::task(move || {
- std::thread::sleep(std::time::Duration::from_millis(200));
- ...
-})
+// Debounce via runtime timer message; no sleeping worker thread.
+self.state.search.debounce_deadline = Some(now + 200ms);
+Cmd::none()
@@ 4.4 update()
+Msg::Tick => {
+ if self.state.search.debounce_expired(now) {
+ return self.dispatch_supervised(TaskKey::Search, TaskPriority::Input, ...);
+ }
+ self.task_supervisor.dispatch_ready(now)
+}
```
4. **Add a sync run ledger for exact “new since sync” navigation**
Rationale: “Since last sync” based on timestamps is ambiguous with partial failures, retries, and clock drift. A lightweight `sync_runs` + `sync_deltas` ledger makes summary-mode drill-down exact and auditable without implementing full resumable checkpoints.
```diff
--- a/PRD.md
+++ b/PRD.md
@@ 5.9 Sync
-- `i` navigates to Issue List pre-filtered to "since last sync"
-- `m` navigates to MR List pre-filtered to "since last sync"
+- `i` navigates to Issue List pre-filtered to `sync_run_id=<last_run>`
+- `m` navigates to MR List pre-filtered to `sync_run_id=<last_run>`
+- Filters are driven by persisted `sync_deltas` rows (exact entity keys changed in run)
@@ 10.1 New Files
+src/core/migrations/00xx_add_sync_run_ledger.sql
@@ New migration (appendix)
+CREATE TABLE sync_runs (
+ id INTEGER PRIMARY KEY,
+ started_at_ms INTEGER NOT NULL,
+ completed_at_ms INTEGER,
+ status TEXT NOT NULL
+);
+CREATE TABLE sync_deltas (
+ sync_run_id INTEGER NOT NULL,
+ entity_kind TEXT NOT NULL,
+ project_id INTEGER NOT NULL,
+ iid INTEGER NOT NULL,
+ change_kind TEXT NOT NULL
+);
+CREATE INDEX idx_sync_deltas_run_kind ON sync_deltas(sync_run_id, entity_kind);
@@ 11 Assumptions
-16. No new SQLite tables needed for v1
+16. Two small v1 tables are added: `sync_runs` and `sync_deltas` for deterministic post-sync UX.
```
5. **Expand the GA index set to match actual filter surface**
Rationale: Current required indexes only cover default sort paths; they do not match common filters like `author`, `assignee`, `reviewer`, `target_branch`, label-based filtering. This will likely miss p95 SLOs at M tier.
```diff
--- a/PRD.md
+++ b/PRD.md
@@ 9.3.1 Required Indexes (GA Blocker)
CREATE INDEX IF NOT EXISTS idx_issues_list_default
ON issues(project_id, state, updated_at DESC, iid DESC);
+CREATE INDEX IF NOT EXISTS idx_issues_author_updated
+ ON issues(project_id, state, author_username, updated_at DESC, iid DESC);
+CREATE INDEX IF NOT EXISTS idx_issues_assignee_updated
+ ON issues(project_id, state, assignee_username, updated_at DESC, iid DESC);
@@
CREATE INDEX IF NOT EXISTS idx_mrs_list_default
ON merge_requests(project_id, state, updated_at DESC, iid DESC);
+CREATE INDEX IF NOT EXISTS idx_mrs_reviewer_updated
+ ON merge_requests(project_id, state, reviewer_username, updated_at DESC, iid DESC);
+CREATE INDEX IF NOT EXISTS idx_mrs_target_updated
+ ON merge_requests(project_id, state, target_branch, updated_at DESC, iid DESC);
+CREATE INDEX IF NOT EXISTS idx_mrs_source_updated
+ ON merge_requests(project_id, state, source_branch, updated_at DESC, iid DESC);
@@
+-- If labels are normalized through join table:
+CREATE INDEX IF NOT EXISTS idx_issue_labels_label_issue ON issue_labels(label, issue_id);
+CREATE INDEX IF NOT EXISTS idx_mr_labels_label_mr ON mr_labels(label, mr_id);
@@ CI enforcement
-asserts that none show `SCAN TABLE` for the primary entity tables
+asserts that none show full scans for primary tables under default filters AND top 8 user-facing filter combinations
```
6. **Add DB schema compatibility preflight (separate from binary compat)**
Rationale: Binary compat (`--compat-version`) does not protect against schema mismatches. Add explicit schema version checks before booting the TUI to avoid runtime SQL errors deep in navigation paths.
```diff
--- a/PRD.md
+++ b/PRD.md
@@ 3.2 Nightly Rust Strategy
-- **Compatibility contract:** Before spawning `lore-tui`, the `lore tui` subcommand runs `lore-tui --compat-version` ...
+- **Compatibility contract:** Before spawning `lore-tui`, `lore tui` validates:
+ 1) binary compat version (`lore-tui --compat-version`)
+ 2) DB schema range (`lore-tui --check-schema <db-path>`)
+If schema is out-of-range, print remediation: `lore migrate`.
@@ 9.3 Phase 0 — Toolchain Gate
+17. Schema preflight test: incompatible DB schema yields actionable error and non-zero exit before entering TUI loop.
```
7. **Refine terminal sanitization to preserve legitimate Unicode while blocking control attacks**
Rationale: Current sanitizer strips zero-width joiners and similar characters, which breaks emoji/grapheme rendering and undermines your own `text_width` goals. Keep benign Unicode, remove only dangerous controls/bidi spoof vectors, and sanitize markdown link targets too.
```diff
--- a/PRD.md
+++ b/PRD.md
@@ 10.4.1 Terminal Safety — Untrusted Text Sanitization
-- Strip bidi overrides ... and zero-width/invisible controls ...
+- Strip ANSI/OSC/control chars and bidi spoof controls.
+- Preserve legitimate grapheme-joining characters (ZWJ/ZWNJ/combining marks) for correct Unicode rendering.
+- Sanitize markdown link targets with strict URL allowlist before rendering clickable links.
@@ safety.rs
- // Strip zero-width and invisible controls
- '\u{200B}' | '\u{200C}' | '\u{200D}' | '\u{FEFF}' | '\u{00AD}' => {}
+ // Preserve grapheme/emoji join behavior; remove only harmful controls.
+ // (ZWJ/ZWNJ/combining marks are retained)
@@ Enforcement rule
- Search result snippets
- Author names and labels
+- Markdown link destinations (scheme + origin validation before render/open)
```
8. **Add key normalization layer for terminal portability**
Rationale: Collision notes are good, but you still need a canonicalization layer because terminals emit different sequences for Alt/Meta/Backspace/Enter variants. This reduces “works in iTerm, broken in tmux/SSH” bugs.
```diff
--- a/PRD.md
+++ b/PRD.md
@@ 8.2 List Screens
**Terminal keybinding safety notes:**
@@
- `Ctrl+M` is NOT used — it collides with `Enter` ...
+
+**Key normalization layer (new):**
+- Introduce `KeyNormalizer` before `interpret_key()`:
+ - normalize Backspace variants (`^H`, `DEL`)
+ - normalize Alt/Meta prefixes
+ - normalize Shift+Tab vs Tab where terminal supports it
+ - normalize kitty/CSI-u enhanced key protocols when present
@@ 9.2 Phases
+ Key normalization integration tests :p5d, after p5c, 1d
+ Terminal profile replay tests :p5e, after p5d, 1d
```
9. **Add deterministic event-trace capture for crash reproduction**
Rationale: Panic logs without recent event context are often insufficient for TUI race bugs. Persist last-N normalized events + active screen + task state snapshot on panic for one-command repro.
```diff
--- a/PRD.md
+++ b/PRD.md
@@ 3.1 Risk Matrix
| Runtime panic leaves user blocked | High | Medium | Panic hook writes crash report, restores terminal, offers fallback CLI command |
+| Hard-to-reproduce input race bugs | Medium | Medium | Persist last 2k normalized events + state hash on panic for deterministic replay |
@@ 10.3 Entry Point / panic hook
- // 2. Write crash dump
+ // 2. Write crash dump + event trace snapshot
+ // Includes: last 2000 normalized events, current screen, in-flight task keys/generations
@@ 10.9.1 Non-Snapshot Tests
+/// Replay captured event trace from panic artifact and assert no panic.
+#[test]
+fn replay_trace_artifact_is_stable() { ... }
```
10. **Do a plan-wide consistency pass on pseudocode contracts**
Rationale: There are internal mismatches that will create implementation churn (`search_request_id` still referenced after replacement, `items` vs `window`, keybinding mismatch `Ctrl+I` vs `Alt+o`). Tightening these now saves real engineering time later.
```diff
--- a/PRD.md
+++ b/PRD.md
@@ 4.4 LoreApp::new
- search_request_id: 0,
+ // dedup generation handled by TaskSupervisor
@@ 8.1 Global
-| `Ctrl+O` | Jump backward in jump list (entity hops) |
-| `Alt+o` | Jump forward in jump list (entity hops) |
+| `Ctrl+O` | Jump backward in jump list (entity hops) |
+| `Alt+o` | Jump forward in jump list (entity hops) |
@@ 10.10 IssueListState
- pub fn selected_item(&self) -> Option<&IssueListRow> {
- self.items.get(self.selected_index)
- }
+ pub fn selected_item(&self) -> Option<&IssueListRow> {
+ self.window.get(self.selected_index)
+ }
```
If you want, I can now produce a single consolidated unified diff patch of the full PRD with these revisions merged end-to-end.

211
plans/tui-prd-v2-frankentui.feedback-8.md
View File

@@ -1,211 +0,0 @@
Below are the strongest revisions Id make. I intentionally avoided anything in your `## Rejected Recommendations`.
1. **Unify commands/keybindings/help/palette into one registry**
Rationale: your plan currently duplicates action definitions across `execute_palette_action`, `ShowCliEquivalent`, help overlay text, and status hints. That will drift quickly and create correctness bugs. A single `CommandRegistry` makes behavior consistent and testable.
```diff
diff --git a/PRD.md b/PRD.md
@@ 4.1 Module Structure
+ commands.rs # Single source of truth for actions, keybindings, CLI equivalents
@@ 4.4 App — Implementing the Model Trait
- fn execute_palette_action(&self, action_id: &str) -> Cmd<Msg> { ... big match ... }
+ fn execute_palette_action(&self, action_id: &str) -> Cmd<Msg> {
+ if let Some(spec) = self.commands.get(action_id) {
+ return self.update(spec.to_msg(self.navigation.current()));
+ }
+ Cmd::none()
+ }
@@ 8. Keybinding Reference
+All keybinding/help/status/palette definitions are generated from `commands.rs`.
+No hardcoded duplicate maps in view/state modules.
```
2. **Replace ad-hoc key flags with explicit input state machine**
Rationale: `pending_go` + `go_prefix_instant` is fragile and already inconsistent with documented behavior. A typed `InputMode` removes edge-case bugs and makes prefix timeout deterministic.
```diff
diff --git a/PRD.md b/PRD.md
@@ 4.4 LoreApp struct
- pending_go: bool,
- go_prefix_instant: Option<std::time::Instant>,
+ input_mode: InputMode, // Normal | Text | Palette | GoPrefix { started_at }
@@ 8.2 List Screens
-| `g` `g` | Jump to top |
+| `g` `g` | Jump to top (current list screen) |
@@ 4.4 interpret_key
- KeyCode::Char('g') => Msg::IssueListScrollToTop
+ KeyCode::Char('g') => Msg::ScrollToTopCurrentScreen
```
3. **Fix TaskSupervisor contract and message schema drift**
Rationale: the plan mixes `request_id` and `generation`, and `TaskKey::Search { generation }` defeats dedup by making every key unique. This can silently reintroduce stale-result races.
```diff
diff --git a/PRD.md b/PRD.md
@@ 4.3 Core Types (Msg)
- SearchRequestStarted { request_id: u64, query: String },
- SearchExecuted { request_id: u64, results: SearchResults },
+ SearchRequestStarted { generation: u64, query: String },
+ SearchExecuted { generation: u64, results: SearchResults },
@@ 4.5.1 Task Supervisor
- Search { generation: u64 },
+ Search,
+ struct TaskStamp { key: TaskKey, generation: u64 }
@@ 10.9.1 Non-Snapshot Tests
- Msg::SearchExecuted { request_id: 3, ... }
+ Msg::SearchExecuted { generation: 3, ... }
```
4. **Add a `Clock` boundary everywhere time is computed**
Rationale: you call `SystemTime::now()` in many query/render paths, causing inconsistent relative-time labels inside one frame and flaky tests. Injected clock gives deterministic rendering and lower per-frame overhead.
```diff
diff --git a/PRD.md b/PRD.md
@@ 4.1 Module Structure
+ clock.rs # Clock trait: SystemClock/FakeClock
@@ 4.4 LoreApp struct
+ clock: Arc<dyn Clock>,
@@ 10.11 action.rs
- let now_ms = std::time::SystemTime::now()...
+ let now_ms = clock.now_ms();
@@ 9.3 Phase 0 success criteria
+19. Relative-time rendering deterministic under FakeClock across snapshot runs.
```
5. **Upgrade text truncation to grapheme-safe width handling**
Rationale: `unicode-width` alone is not enough for safe truncation; it can split grapheme clusters (emoji ZWJ sequences, skin tones, flags). You need width + grapheme segmentation together.
```diff
diff --git a/PRD.md b/PRD.md
@@ 10.1 New Files
-crates/lore-tui/src/text_width.rs # ... using unicode-width crate
+crates/lore-tui/src/text_width.rs # Grapheme-safe width/truncation using unicode-width + unicode-segmentation
@@ 10.1 New Files
+Cargo.toml (lore-tui): unicode-segmentation = "1"
@@ 9.3 Phase 0 success criteria
+20. Unicode rendering tests pass for CJK, emoji ZWJ, combining marks, RTL text.
```
6. **Redact sensitive values in logs and crash dumps**
Rationale: current crash/log strategy risks storing tokens/credentials in plain text. This is a serious operational/security gap for local tooling too.
```diff
diff --git a/PRD.md b/PRD.md
@@ 4.1 Module Structure
safety.rs # sanitize_for_terminal(), safe_url_policy()
+ redact.rs # redact_sensitive() for logs/crash reports
@@ 10.3 install_panic_hook_for_tui
- let _ = std::fs::write(&crash_path, format!("{panic_info:#?}"));
+ let report = redact_sensitive(format!("{panic_info:#?}"));
+ let _ = std::fs::write(&crash_path, report);
@@ 9.3 Phase 0 success criteria
+21. Redaction tests confirm tokens/Authorization headers never appear in persisted crash/log artifacts.
```
7. **Add search capability detection and mode fallback UX**
Rationale: semantic/hybrid mode should not silently degrade when embeddings are absent/stale. Explicit capability state increases trust and avoids “why are results weird?” confusion.
```diff
diff --git a/PRD.md b/PRD.md
@@ 5.6 Search
+Capability-aware modes:
+- If embeddings unavailable/stale, semantic mode is disabled with inline reason.
+- Hybrid mode auto-falls back to lexical and shows badge: "semantic unavailable".
@@ 4.3 Core Types
+ SearchCapabilitiesLoaded(SearchCapabilities)
@@ 9.3 Phase 0 success criteria
+22. Mode availability checks validated: lexical/hybrid/semantic correctly enabled/disabled by fixture capabilities.
```
8. **Define sync cancel latency SLO and enforce fine-grained checks**
Rationale: “check cancel between phases” is too coarse on big projects. Users need fast cancel acknowledgment and bounded stop time.
```diff
diff --git a/PRD.md b/PRD.md
@@ 5.9 Sync
-CANCELLATION: checked between sync phases
+CANCELLATION: checked at page boundaries, batch upsert boundaries, and before each network request.
+UX target: cancel acknowledged <250ms, sync stop p95 <2s after Esc.
@@ 9.3 Phase 0 success criteria
+23. Cancel latency test passes: p95 stop time <2s under M-tier fixtures.
```
9. **Add a “Hotspots” screen for risk/churn triage**
Rationale: this is high-value and uses existing data (events, unresolved discussions, stale items). It makes the TUI more compelling without needing new sync tables or rejected features.
```diff
diff --git a/PRD.md b/PRD.md
@@ 1. Executive Summary
+- **Hotspots** — file/path risk ranking by churn × unresolved discussion pressure × staleness
@@ 5. Screen Taxonomy
+### 5.12 Hotspots
+Shows top risky paths with drill-down to related issues/MRs/timeline.
@@ 8.1 Global
+| `gx` | Go to Hotspots |
@@ 10.1 New Files
+crates/lore-tui/src/state/hotspots.rs
+crates/lore-tui/src/view/hotspots.rs
```
10. **Add degraded startup mode when compat/schema checks fail**
Rationale: hard-exit on mismatch blocks users. A degraded mode that shells to `lore --robot` for read-only summary/doctor keeps the product usable and gives guided recovery.
```diff
diff --git a/PRD.md b/PRD.md
@@ 3.2 Nightly Rust Strategy
- On mismatch: actionable error and exit
+ On mismatch: actionable error with `--degraded` option.
+ `--degraded` launches limited TUI (Dashboard/Doctor/Stats via `lore --robot` subprocess calls).
@@ 10.3 TuiCli
+ /// Allow limited mode when schema/compat checks fail
+ #[arg(long)]
+ degraded: bool,
```
11. **Harden query-plan CI checks (dont rely on `SCAN TABLE` string matching)**
Rationale: SQLite planner text varies by version. Parse opcode structure and assert index usage semantically; otherwise CI will be flaky or miss regressions.
```diff
diff --git a/PRD.md b/PRD.md
@@ 9.3.1 Required Indexes (CI enforcement)
- asserts that none show `SCAN TABLE`
+ parses EXPLAIN QUERY PLAN rows and asserts:
+ - top-level loop uses expected index families
+ - no full scan on primary entity tables under default and top filter combos
+ - join order remains bounded (no accidental cartesian expansions)
```
12. **Enforce single-instance lock for session/state safety**
Rationale: assumption says no concurrent TUI sessions, but accidental double-launch will still happen. Locking prevents state corruption and confusing interleaved sync actions.
```diff
diff --git a/PRD.md b/PRD.md
@@ 10.1 New Files
+crates/lore-tui/src/instance_lock.rs # lock file with stale-lock recovery
@@ 11. Assumptions
-21. No concurrent TUI sessions.
+21. Concurrent sessions unsupported and actively prevented by instance lock (with clear error message).
```
If you want, I can turn this into a consolidated patched PRD (single unified diff) next.

198
plans/tui-prd-v2-frankentui.feedback-9.md
View File

@@ -1,198 +0,0 @@
I reviewed the full PRD end-to-end and avoided all items already listed in `## Rejected Recommendations`.
These are the highest-impact revisions Id make.
1. **Fix keybinding/state-machine correctness gaps (critical)**
The plan currently has an internal conflict: the doc says jump-forward is `Alt+o`, but code sample uses `Ctrl+i` (which collides with `Tab` in many terminals). Also, `g`-prefix timeout depends on `Tick`, but `Tick` isnt guaranteed when idle, so prefix mode can get “stuck.” This is a correctness bug, not polish.
```diff
@@ 8.1 Global (Available Everywhere)
-| `Ctrl+O` | Jump backward in jump list (entity hops) |
-| `Alt+o` | Jump forward in jump list (entity hops) |
+| `Ctrl+O` | Jump backward in jump list (entity hops) |
+| `Alt+o` | Jump forward in jump list (entity hops) |
+| `Backspace` | Go back (when no text input is focused) |
@@ 4.4 LoreApp::interpret_key
- (KeyCode::Char('i'), m) if m.contains(Modifiers::CTRL) => {
- return Some(Msg::JumpForward);
- }
+ (KeyCode::Char('o'), m) if m.contains(Modifiers::ALT) => {
+ return Some(Msg::JumpForward);
+ }
+ (KeyCode::Backspace, Modifiers::NONE) => {
+ return Some(Msg::GoBack);
+ }
@@ 4.4 Model::subscriptions
+ // Go-prefix timeout enforcement must tick even when nothing is loading.
+ if matches!(self.input_mode, InputMode::GoPrefix { .. }) {
+ subs.push(Box::new(
+ Every::with_id(2, Duration::from_millis(50), || Msg::Tick)
+ ));
+ }
```
2. **Make `TaskSupervisor` API internally consistent and enforceable**
The plan uses `submit()`/`is_current()` in one place and `register()`/`next_generation()` in another. That inconsistency will cause implementation drift and stale-result bugs. Use one coherent API with a returned handle containing `{key, generation, cancel_token}`.
```diff
@@ 4.5.1 Task Supervisor (Dedup + Cancellation + Priority)
-pub struct TaskSupervisor {
- active: HashMap<TaskKey, Arc<CancelToken>>,
- generation: AtomicU64,
-}
+pub struct TaskSupervisor {
+ active: HashMap<TaskKey, TaskHandle>,
+}
+
+pub struct TaskHandle {
+ pub key: TaskKey,
+ pub generation: u64,
+ pub cancel: Arc<CancelToken>,
+}
- pub fn register(&mut self, key: TaskKey) -> Arc<CancelToken>
- pub fn next_generation(&self) -> u64
+ pub fn submit(&mut self, key: TaskKey) -> TaskHandle
+ pub fn is_current(&self, key: &TaskKey, generation: u64) -> bool
+ pub fn complete(&mut self, key: &TaskKey, generation: u64)
```
3. **Replace thread-sleep debounce with runtime timer messages**
`std::thread::sleep(200ms)` inside task closures wastes pool threads under fast typing and reduces responsiveness under contention. Use timer-driven debounce messages and only fire the latest generation. This improves latency stability on large datasets.
```diff
@@ 4.3 Core Types (Msg enum)
+ SearchDebounceArmed { generation: u64, query: String },
+ SearchDebounceFired { generation: u64 },
@@ 4.4 maybe_debounced_query
- Cmd::task(move || {
- std::thread::sleep(std::time::Duration::from_millis(200));
- ...
- })
+ // Arm debounce only; runtime timer emits SearchDebounceFired.
+ Cmd::msg(Msg::SearchDebounceArmed { generation, query })
@@ 4.4 subscriptions()
+ if self.state.search.debounce_pending() {
+ subs.push(Box::new(
+ Every::with_id(3, Duration::from_millis(200), || Msg::SearchDebounceFired { generation: ... })
+ ));
+ }
```
4. **Harden `DbManager` API to avoid lock-poison panics and accidental long-held guards**
Returning raw `MutexGuard<Connection>` invites accidental lock scope expansion and `expect("lock poisoned")` panics. Move to closure-based access (`with_reader`, `with_writer`) returning `Result`, and use cached statements. This reduces deadlock risk and tail latency.
```diff
@@ 4.4 DbManager
- pub fn reader(&self) -> MutexGuard<'_, Connection> { ...expect("reader lock poisoned") }
- pub fn writer(&self) -> MutexGuard<'_, Connection> { ...expect("writer lock poisoned") }
+ pub fn with_reader<T>(&self, f: impl FnOnce(&Connection) -> Result<T, LoreError>) -> Result<T, LoreError>
+ pub fn with_writer<T>(&self, f: impl FnOnce(&Connection) -> Result<T, LoreError>) -> Result<T, LoreError>
@@ 10.11 action.rs
- let conn = db.reader();
- match fetch_issues(&conn, &filter) { ... }
+ match db.with_reader(|conn| fetch_issues(conn, &filter)) { ... }
+ // Query hot paths use prepare_cached() to reduce parse overhead.
```
5. **Add read-path entity cache (LRU) for repeated drill-in/out workflows**
Your core daily flow is Enter/Esc bouncing between list/detail. Without caching, identical detail payloads are re-queried repeatedly. A bounded LRU by `EntityKey` with invalidation on sync completion gives near-instant reopen behavior and reduces DB pressure.
```diff
@@ 4.1 Module Structure
+ entity_cache.rs # Bounded LRU cache for detail payloads
@@ app.rs LoreApp fields
+ entity_cache: EntityCache,
@@ load_screen(Screen::IssueDetail / MrDetail)
+ if let Some(cached) = self.entity_cache.get_issue(&key) {
+ return Cmd::msg(Msg::IssueDetailLoaded { key, detail: cached.clone() });
+ }
@@ Msg::IssueDetailLoaded / Msg::MrDetailLoaded handlers
+ self.entity_cache.put_issue(key.clone(), detail.clone());
@@ Msg::SyncCompleted
+ self.entity_cache.invalidate_all();
```
6. **Tighten sync-stream observability and drop semantics without adding heavy architecture**
You already handle backpressure, but operators need visibility when it happens. Track dropped-progress count and max queue depth in state and surface it in running/summary views. This keeps the current simple design while making reliability measurable.
```diff
@@ 4.3 Msg
+ SyncStreamStats { dropped_progress: u64, max_queue_depth: usize },
@@ 5.9 Sync (Running mode footer)
-| Esc cancel f full sync e embed after d dry-run l log level|
+| Esc cancel f full sync e embed after d dry-run l log level stats:drop=12 qmax=1847 |
@@ 9.3 Success criteria
+24. Sync stream stats are emitted and rendered; terminal events (completed/failed/cancelled) delivery is 100% under induced backpressure.
```
7. **Make crash reporting match the promised diagnostic value**
The PRD promises event replay context, but sample hook writes only panic text. Add explicit crash context capture (`last events`, `current screen`, `task handles`, `build id`, `db fingerprint`) and retention policy. This materially improves post-mortem debugging.
```diff
@@ 4.1 Module Structure
+ crash_context.rs # ring buffer of normalized events + task/screen snapshot
@@ 10.3 install_panic_hook_for_tui()
- let report = crate::redact::redact_sensitive(&format!("{panic_info:#?}"));
+ let ctx = crate::crash_context::snapshot();
+ let report = crate::redact::redact_sensitive(&format!("{panic_info:#?}\n{ctx:#?}"));
+ // Retention: keep latest 20 crash files, delete oldest metadata entries only.
```
8. **Add Search Facets panel for faster triage (high-value feature, low risk)**
Search is central, but right now filtering requires manual field edits. Add facet counts (`issues`, `MRs`, `discussions`, top labels/projects/authors) with one-key apply. This makes search more compelling and actionable without introducing schema changes.
```diff
@@ 5.6 Search
-- Layout: Split pane — results list (left) + preview (right)
+- Layout: Three-pane on wide terminals — results (left) + preview (center) + facets (right)
+**Facets panel:**
+- Entity type counts (issue/MR/discussion)
+- Top labels/projects/authors for current query
+- `1/2/3` quick-apply type facet; `l` cycles top label facet
@@ 8.2 List/Search keybindings
+| `1` `2` `3` | Apply facet: Issue / MR / Discussion |
+| `l` | Apply next top-label facet |
```
9. **Strengthen text sanitization for terminal edge cases**
Current sanitizer is strong, but still misses some control-space edge cases (C1 controls, directional marks beyond the listed bidi set). Add those and test them. This closes spoofing/render confusion gaps with minimal complexity.
```diff
@@ 10.4.1 sanitize_for_terminal()
+ // Strip C1 control block (U+0080..U+009F) and additional directional marks
+ c if ('\u{0080}'..='\u{009F}').contains(&c) => {}
+ '\u{200E}' | '\u{200F}' | '\u{061C}' => {} // LRM, RLM, ALM
@@ tests
+ #[test] fn strips_c1_controls() { ... }
+ #[test] fn strips_lrm_rlm_alm() { ... }
```
10. **Add an explicit vertical-slice gate before broad screen expansion**
The plan is comprehensive, but risk is still front-loaded on framework + runtime behavior. Insert a strict vertical slice gate (`Dashboard + IssueList + IssueDetail + Sync running`) with perf and stability thresholds before Phase 3 features. This reduces rework if foundational assumptions break.
```diff
@@ 9.2 Phases
+section Phase 2.5 — Vertical Slice Gate
+Dashboard + IssueList + IssueDetail + Sync (running) integrated :p25a, after p2c, 3d
+Gate: p95 nav latency < 75ms on M tier; zero stuck-input-state bugs; cancel p95 < 2s :p25b, after p25a, 1d
+Only then proceed to Search/Timeline/Who/Palette expansion.
```
If you want, I can produce a full consolidated `diff` block against the entire PRD text (single patch), but the above is the set Id prioritize first.

357
src/cli/autocorrect.rs
View File

@@ -22,6 +22,10 @@ pub enum CorrectionRule {
CaseNormalization, CaseNormalization,
FuzzyFlag, FuzzyFlag,
SubcommandAlias, SubcommandAlias,
/// Fuzzy subcommand match: "issuess" → "issues"
SubcommandFuzzy,
/// Flag-style subcommand: "--robot-docs" → "robot-docs"
FlagAsSubcommand,
ValueNormalization, ValueNormalization,
ValueFuzzy, ValueFuzzy,
FlagPrefix, FlagPrefix,
@@ -294,6 +298,7 @@ const COMMAND_FLAGS: &[(&str, &[&str])] = &[
"--issues", "--issues",
"--mrs", "--mrs",
"--activity", "--activity",
"--mentions",
"--since", "--since",
"--project", "--project",
"--all", "--all",
@@ -351,6 +356,51 @@ const FUZZY_FLAG_THRESHOLD: f64 = 0.8;
/// avoid misleading agents. Still catches obvious typos like `--projct`. /// avoid misleading agents. Still catches obvious typos like `--projct`.
const FUZZY_FLAG_THRESHOLD_STRICT: f64 = 0.9; const FUZZY_FLAG_THRESHOLD_STRICT: f64 = 0.9;
/// Fuzzy subcommand threshold — higher than flags because subcommand names
/// are shorter words where JW scores inflate more easily.
const FUZZY_SUBCMD_THRESHOLD: f64 = 0.85;
/// All canonical subcommand names for fuzzy matching and flag-as-subcommand
/// detection. Includes hidden commands so agents that know about them can
/// still benefit from typo correction.
const CANONICAL_SUBCOMMANDS: &[&str] = &[
"issues",
"mrs",
"notes",
"ingest",
"count",
"status",
"auth",
"doctor",
"version",
"init",
"search",
"stats",
"generate-docs",
"embed",
"sync",
"migrate",
"health",
"robot-docs",
"completions",
"timeline",
"who",
"me",
"file-history",
"trace",
"drift",
"related",
"cron",
"token",
// Hidden but still valid
"backup",
"reset",
"list",
"show",
"auth-test",
"sync-status",
];
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------
// Core logic // Core logic
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------
@@ -474,13 +524,15 @@ pub fn correct_args(raw: Vec<String>, strict: bool) -> CorrectionResult {
} }
} }
/// Phase A: Replace subcommand aliases with their canonical names. /// Phase A: Replace subcommand aliases with their canonical names, fuzzy-match
/// typo'd subcommands, and detect flag-style subcommands (`--robot-docs`).
/// ///
/// Handles forms that can't be expressed as clap `alias`/`visible_alias` /// Three-step pipeline:
/// (underscores, no-separator forms). Case-insensitive matching. /// - A1: Exact alias match (underscore/no-separator forms)
/// - A2: Fuzzy subcommand match ("issuess" → "issues")
/// - A3: Flag-as-subcommand ("--robot-docs" → "robot-docs")
fn correct_subcommand(mut args: Vec<String>, corrections: &mut Vec<Correction>) -> Vec<String> { fn correct_subcommand(mut args: Vec<String>, corrections: &mut Vec<Correction>) -> Vec<String> {
// Find the subcommand position index, then check the alias map. // Find the subcommand position index.
// Can't use iterators easily because we need to mutate args[i].
let mut skip_next = false; let mut skip_next = false;
let mut subcmd_idx = None; let mut subcmd_idx = None;
for (i, arg) in args.iter().enumerate().skip(1) { for (i, arg) in args.iter().enumerate().skip(1) {
@@ -500,8 +552,10 @@ fn correct_subcommand(mut args: Vec<String>, corrections: &mut Vec<Correction>)
subcmd_idx = Some(i); subcmd_idx = Some(i);
break; break;
} }
if let Some(i) = subcmd_idx
&& let Some((_, canonical)) = SUBCOMMAND_ALIASES if let Some(i) = subcmd_idx {
// A1: Exact alias match (existing logic)
if let Some((_, canonical)) = SUBCOMMAND_ALIASES
.iter() .iter()
.find(|(alias, _)| alias.eq_ignore_ascii_case(&args[i])) .find(|(alias, _)| alias.eq_ignore_ascii_case(&args[i]))
{ {
@@ -513,6 +567,91 @@ fn correct_subcommand(mut args: Vec<String>, corrections: &mut Vec<Correction>)
}); });
args[i] = (*canonical).to_string(); args[i] = (*canonical).to_string();
} }
// A2: Fuzzy subcommand match — only if not already a canonical name
else {
let lower = args[i].to_lowercase();
if !CANONICAL_SUBCOMMANDS.contains(&lower.as_str()) {
// Guard: don't fuzzy-match words that look like misplaced global flags
// (e.g., "robot" should not match "robot-docs")
let as_flag = format!("--{lower}");
let is_flag_word = GLOBAL_FLAGS
.iter()
.any(|f| f.eq_ignore_ascii_case(&as_flag));
// Guard: don't fuzzy-match if it's a valid prefix of a canonical command
// (clap's infer_subcommands handles prefix resolution)
let is_prefix = CANONICAL_SUBCOMMANDS
.iter()
.any(|cmd| cmd.starts_with(&*lower) && *cmd != lower);
if !is_flag_word && !is_prefix {
let best = CANONICAL_SUBCOMMANDS
.iter()
.map(|cmd| (*cmd, jaro_winkler(&lower, cmd)))
.max_by(|a, b| a.1.partial_cmp(&b.1).unwrap_or(std::cmp::Ordering::Equal));
if let Some((cmd, score)) = best
&& score >= FUZZY_SUBCMD_THRESHOLD
{
corrections.push(Correction {
original: args[i].clone(),
corrected: cmd.to_string(),
rule: CorrectionRule::SubcommandFuzzy,
confidence: score,
});
args[i] = cmd.to_string();
}
}
}
}
} else {
// A3: No subcommand detected — check for flag-style subcommands.
// Agents sometimes type `--robot-docs` or `--generate-docs` as flags.
let mut flag_as_subcmd: Option<(usize, String)> = None;
let mut flag_skip = false;
for (i, arg) in args.iter().enumerate().skip(1) {
if flag_skip {
flag_skip = false;
continue;
}
if !arg.starts_with("--") || arg.contains('=') {
continue;
}
let arg_lower = arg.to_lowercase();
// Skip clap built-in flags (--help, --version)
if CLAP_BUILTINS
.iter()
.any(|b| b.eq_ignore_ascii_case(&arg_lower))
{
continue;
}
// Skip known global flags
if GLOBAL_FLAGS.iter().any(|f| f.to_lowercase() == arg_lower) {
if matches!(arg_lower.as_str(), "--config" | "--color" | "--log-format") {
flag_skip = true;
}
continue;
}
let stripped = arg_lower[2..].to_string();
if CANONICAL_SUBCOMMANDS.contains(&stripped.as_str()) {
flag_as_subcmd = Some((i, stripped));
break;
}
}
if let Some((i, subcmd)) = flag_as_subcmd {
corrections.push(Correction {
original: args[i].clone(),
corrected: subcmd.clone(),
rule: CorrectionRule::FlagAsSubcommand,
confidence: 1.0,
});
args[i] = subcmd;
}
}
args args
} }
@@ -888,6 +1027,18 @@ pub fn format_teaching_note(correction: &Correction) -> String {
correction.corrected, correction.original correction.corrected, correction.original
) )
} }
CorrectionRule::SubcommandFuzzy => {
format!(
"Correct command spelling: lore {} (not lore {})",
correction.corrected, correction.original
)
}
CorrectionRule::FlagAsSubcommand => {
format!(
"Commands are positional, not flags: lore {} (not lore --{})",
correction.corrected, correction.corrected
)
}
CorrectionRule::ValueNormalization => { CorrectionRule::ValueNormalization => {
format!( format!(
"Values are lowercase: {} (not {})", "Values are lowercase: {} (not {})",
@@ -1451,6 +1602,198 @@ mod tests {
assert_eq!(detect_subcommand(&args("lore --robot")), None); assert_eq!(detect_subcommand(&args("lore --robot")), None);
} }
// ---- Fuzzy subcommand matching (A2) ----
#[test]
fn fuzzy_subcommand_issuess() {
let result = correct_args(args("lore --robot issuess -n 10"), false);
assert!(
result
.corrections
.iter()
.any(|c| c.rule == CorrectionRule::SubcommandFuzzy && c.corrected == "issues"),
"expected 'issuess' to fuzzy-match 'issues'"
);
assert!(result.args.contains(&"issues".to_string()));
}
#[test]
fn fuzzy_subcommand_timline() {
let result = correct_args(args("lore timline \"auth\""), false);
assert!(
result.corrections.iter().any(|c| c.corrected == "timeline"),
"expected 'timline' to fuzzy-match 'timeline'"
);
}
#[test]
fn fuzzy_subcommand_serach() {
let result = correct_args(args("lore --robot serach \"auth bug\""), false);
assert!(
result.corrections.iter().any(|c| c.corrected == "search"),
"expected 'serach' to fuzzy-match 'search'"
);
}
#[test]
fn fuzzy_subcommand_already_valid_untouched() {
let result = correct_args(args("lore issues -n 10"), false);
assert!(
!result
.corrections
.iter()
.any(|c| c.rule == CorrectionRule::SubcommandFuzzy)
);
}
#[test]
fn fuzzy_subcommand_robot_not_matched_to_robot_docs() {
// "robot" looks like a misplaced --robot flag, not a typo for "robot-docs"
let result = correct_args(args("lore robot issues"), false);
assert!(
!result
.corrections
.iter()
.any(|c| c.rule == CorrectionRule::SubcommandFuzzy),
"expected 'robot' NOT to fuzzy-match 'robot-docs' (it's a misplaced flag)"
);
}
#[test]
fn fuzzy_subcommand_prefix_deferred_to_clap() {
// "iss" is a prefix of "issues" — clap's infer_subcommands handles this
let result = correct_args(args("lore iss -n 10"), false);
assert!(
!result
.corrections
.iter()
.any(|c| c.rule == CorrectionRule::SubcommandFuzzy),
"expected prefix 'iss' NOT to be fuzzy-matched (clap handles it)"
);
}
#[test]
fn fuzzy_subcommand_wildly_wrong_not_matched() {
let result = correct_args(args("lore xyzzyplugh"), false);
assert!(
!result
.corrections
.iter()
.any(|c| c.rule == CorrectionRule::SubcommandFuzzy),
"expected gibberish NOT to fuzzy-match any command"
);
}
// ---- Flag-as-subcommand (A3) ----
#[test]
fn flag_as_subcommand_robot_docs() {
let result = correct_args(args("lore --robot-docs"), false);
assert!(
result
.corrections
.iter()
.any(|c| c.rule == CorrectionRule::FlagAsSubcommand && c.corrected == "robot-docs"),
"expected '--robot-docs' to be corrected to 'robot-docs'"
);
assert!(result.args.contains(&"robot-docs".to_string()));
}
#[test]
fn flag_as_subcommand_generate_docs() {
let result = correct_args(args("lore --generate-docs"), false);
assert!(
result
.corrections
.iter()
.any(|c| c.corrected == "generate-docs"),
"expected '--generate-docs' to be corrected to 'generate-docs'"
);
}
#[test]
fn flag_as_subcommand_with_robot_flag() {
// `lore --robot --robot-docs` — --robot is a valid global flag, --robot-docs is not
let result = correct_args(args("lore --robot --robot-docs"), false);
assert!(
result
.corrections
.iter()
.any(|c| c.corrected == "robot-docs"),
);
assert_eq!(result.args, args("lore --robot robot-docs"));
}
#[test]
fn flag_as_subcommand_does_not_touch_real_flags() {
// --robot is a real global flag, should NOT be rewritten to "robot"
let result = correct_args(args("lore --robot issues"), false);
assert!(
!result
.corrections
.iter()
.any(|c| c.rule == CorrectionRule::FlagAsSubcommand),
);
}
#[test]
fn flag_as_subcommand_not_triggered_when_subcommand_present() {
// A subcommand IS detected, so A3 shouldn't activate
let result = correct_args(args("lore issues --robot-docs"), false);
assert!(
!result
.corrections
.iter()
.any(|c| c.rule == CorrectionRule::FlagAsSubcommand),
"expected A3 not to trigger when subcommand is already present"
);
}
// ---- Teaching notes for new rules ----
#[test]
fn teaching_note_subcommand_fuzzy() {
let c = Correction {
original: "issuess".to_string(),
corrected: "issues".to_string(),
rule: CorrectionRule::SubcommandFuzzy,
confidence: 0.92,
};
let note = format_teaching_note(&c);
assert!(note.contains("spelling"));
assert!(note.contains("issues"));
}
#[test]
fn teaching_note_flag_as_subcommand() {
let c = Correction {
original: "--robot-docs".to_string(),
corrected: "robot-docs".to_string(),
rule: CorrectionRule::FlagAsSubcommand,
confidence: 1.0,
};
let note = format_teaching_note(&c);
assert!(note.contains("positional"));
assert!(note.contains("robot-docs"));
}
// ---- Canonical subcommands registry drift test ----
#[test]
fn canonical_subcommands_covers_clap() {
use clap::CommandFactory;
let cmd = crate::cli::Cli::command();
for sub in cmd.get_subcommands() {
let name = sub.get_name();
assert!(
CANONICAL_SUBCOMMANDS.contains(&name),
"Clap subcommand '{name}' is missing from CANONICAL_SUBCOMMANDS. \
Add it to autocorrect.rs."
);
}
}
// ---- Registry drift test ---- // ---- Registry drift test ----
// This test uses clap introspection to verify our static registry covers // This test uses clap introspection to verify our static registry covers
// all long flags defined in the Cli struct. // all long flags defined in the Cli struct.

353
src/cli/commands/me/me_tests.rs
View File

@@ -835,8 +835,300 @@ fn since_last_check_ignores_domain_like_text() {
); );
} }
// ─── Mentioned In Tests ─────────────────────────────────────────────────────
#[test]
fn mentioned_in_finds_mention_on_unassigned_issue() {
let conn = setup_test_db();
insert_project(&conn, 1, "group/repo");
insert_issue(&conn, 10, 1, 42, "someone");
// alice is NOT assigned to issue 42
let disc_id = 100;
insert_discussion(&conn, disc_id, 1, None, Some(10));
let t = now_ms() - 1000;
insert_note_at(
&conn,
200,
disc_id,
1,
"bob",
false,
"hey @alice can you look?",
t,
);
let recency_cutoff = now_ms() - 7 * 24 * 3600 * 1000;
let results = query_mentioned_in(&conn, "alice", &[], recency_cutoff).unwrap();
assert_eq!(results.len(), 1);
assert_eq!(results[0].entity_type, "issue");
assert_eq!(results[0].iid, 42);
}
#[test]
fn mentioned_in_excludes_assigned_issue() {
let conn = setup_test_db();
insert_project(&conn, 1, "group/repo");
insert_issue(&conn, 10, 1, 42, "someone");
insert_assignee(&conn, 10, "alice"); // alice IS assigned
let disc_id = 100;
insert_discussion(&conn, disc_id, 1, None, Some(10));
let t = now_ms() - 1000;
insert_note_at(&conn, 200, disc_id, 1, "bob", false, "hey @alice", t);
let recency_cutoff = now_ms() - 7 * 24 * 3600 * 1000;
let results = query_mentioned_in(&conn, "alice", &[], recency_cutoff).unwrap();
assert!(results.is_empty(), "should exclude assigned issues");
}
#[test]
fn mentioned_in_excludes_authored_issue() {
let conn = setup_test_db();
insert_project(&conn, 1, "group/repo");
insert_issue(&conn, 10, 1, 42, "alice"); // alice IS author
let disc_id = 100;
insert_discussion(&conn, disc_id, 1, None, Some(10));
let t = now_ms() - 1000;
insert_note_at(&conn, 200, disc_id, 1, "bob", false, "hey @alice", t);
let recency_cutoff = now_ms() - 7 * 24 * 3600 * 1000;
let results = query_mentioned_in(&conn, "alice", &[], recency_cutoff).unwrap();
assert!(results.is_empty(), "should exclude authored issues");
}
#[test]
fn mentioned_in_finds_mention_on_non_authored_mr() {
let conn = setup_test_db();
insert_project(&conn, 1, "group/repo");
insert_mr(&conn, 10, 1, 99, "bob", "opened", false);
// alice is NOT author or reviewer
let disc_id = 100;
insert_discussion(&conn, disc_id, 1, Some(10), None);
let t = now_ms() - 1000;
insert_note_at(&conn, 200, disc_id, 1, "bob", false, "cc @alice", t);
let recency_cutoff = now_ms() - 7 * 24 * 3600 * 1000;
let results = query_mentioned_in(&conn, "alice", &[], recency_cutoff).unwrap();
assert_eq!(results.len(), 1);
assert_eq!(results[0].entity_type, "mr");
assert_eq!(results[0].iid, 99);
}
#[test]
fn mentioned_in_excludes_authored_mr() {
let conn = setup_test_db();
insert_project(&conn, 1, "group/repo");
insert_mr(&conn, 10, 1, 99, "alice", "opened", false); // alice IS author
let disc_id = 100;
insert_discussion(&conn, disc_id, 1, Some(10), None);
let t = now_ms() - 1000;
insert_note_at(&conn, 200, disc_id, 1, "bob", false, "@alice thoughts?", t);
let recency_cutoff = now_ms() - 7 * 24 * 3600 * 1000;
let results = query_mentioned_in(&conn, "alice", &[], recency_cutoff).unwrap();
assert!(results.is_empty(), "should exclude authored MRs");
}
#[test]
fn mentioned_in_excludes_reviewer_mr() {
let conn = setup_test_db();
insert_project(&conn, 1, "group/repo");
insert_mr(&conn, 10, 1, 99, "bob", "opened", false);
insert_reviewer(&conn, 10, "alice"); // alice IS reviewer
let disc_id = 100;
insert_discussion(&conn, disc_id, 1, Some(10), None);
let t = now_ms() - 1000;
insert_note_at(&conn, 200, disc_id, 1, "charlie", false, "@alice fyi", t);
let recency_cutoff = now_ms() - 7 * 24 * 3600 * 1000;
let results = query_mentioned_in(&conn, "alice", &[], recency_cutoff).unwrap();
assert!(
results.is_empty(),
"should exclude MRs where user is reviewer"
);
}
#[test]
fn mentioned_in_includes_recently_closed_issue() {
let conn = setup_test_db();
insert_project(&conn, 1, "group/repo");
insert_issue_with_state(&conn, 10, 1, 42, "someone", "closed");
// Update updated_at to recent (within 7-day window)
conn.execute(
"UPDATE issues SET updated_at = ?1 WHERE id = 10",
rusqlite::params![now_ms() - 2 * 24 * 3600 * 1000], // 2 days ago
)
.unwrap();
let disc_id = 100;
insert_discussion(&conn, disc_id, 1, None, Some(10));
let t = now_ms() - 1000;
insert_note_at(&conn, 200, disc_id, 1, "bob", false, "hey @alice", t);
let recency_cutoff = now_ms() - 7 * 24 * 3600 * 1000;
let results = query_mentioned_in(&conn, "alice", &[], recency_cutoff).unwrap();
assert_eq!(results.len(), 1, "recently closed issue should be included");
assert_eq!(results[0].state, "closed");
}
#[test]
fn mentioned_in_excludes_old_closed_issue() {
let conn = setup_test_db();
insert_project(&conn, 1, "group/repo");
insert_issue_with_state(&conn, 10, 1, 42, "someone", "closed");
// Update updated_at to old (outside 7-day window)
conn.execute(
"UPDATE issues SET updated_at = ?1 WHERE id = 10",
rusqlite::params![now_ms() - 30 * 24 * 3600 * 1000], // 30 days ago
)
.unwrap();
let disc_id = 100;
insert_discussion(&conn, disc_id, 1, None, Some(10));
let t = now_ms() - 1000;
insert_note_at(&conn, 200, disc_id, 1, "bob", false, "hey @alice", t);
let recency_cutoff = now_ms() - 7 * 24 * 3600 * 1000;
let results = query_mentioned_in(&conn, "alice", &[], recency_cutoff).unwrap();
assert!(results.is_empty(), "old closed issue should be excluded");
}
#[test]
fn mentioned_in_attention_needs_attention_when_unreplied() {
let conn = setup_test_db();
insert_project(&conn, 1, "group/repo");
insert_issue(&conn, 10, 1, 42, "someone");
let disc_id = 100;
insert_discussion(&conn, disc_id, 1, None, Some(10));
let t = now_ms() - 1000;
insert_note_at(
&conn,
200,
disc_id,
1,
"bob",
false,
"@alice please review",
t,
);
// alice has NOT replied
let recency_cutoff = now_ms() - 7 * 24 * 3600 * 1000;
let results = query_mentioned_in(&conn, "alice", &[], recency_cutoff).unwrap();
assert_eq!(results.len(), 1);
assert_eq!(results[0].attention_state, AttentionState::NeedsAttention);
}
#[test]
fn mentioned_in_attention_awaiting_when_replied() {
let conn = setup_test_db();
insert_project(&conn, 1, "group/repo");
insert_issue(&conn, 10, 1, 42, "someone");
let disc_id = 100;
insert_discussion(&conn, disc_id, 1, None, Some(10));
let t1 = now_ms() - 5000;
let t2 = now_ms() - 1000;
insert_note_at(
&conn,
200,
disc_id,
1,
"bob",
false,
"@alice please review",
t1,
);
insert_note_at(&conn, 201, disc_id, 1, "alice", false, "looks good", t2);
let recency_cutoff = now_ms() - 7 * 24 * 3600 * 1000;
let results = query_mentioned_in(&conn, "alice", &[], recency_cutoff).unwrap();
assert_eq!(results.len(), 1);
assert_eq!(results[0].attention_state, AttentionState::AwaitingResponse);
}
#[test]
fn mentioned_in_project_filter() {
let conn = setup_test_db();
insert_project(&conn, 1, "group/repo-a");
insert_project(&conn, 2, "group/repo-b");
insert_issue(&conn, 10, 1, 42, "someone");
insert_issue(&conn, 11, 2, 43, "someone");
let disc_a = 100;
let disc_b = 101;
insert_discussion(&conn, disc_a, 1, None, Some(10));
insert_discussion(&conn, disc_b, 2, None, Some(11));
let t = now_ms() - 1000;
insert_note_at(&conn, 200, disc_a, 1, "bob", false, "@alice", t);
insert_note_at(&conn, 201, disc_b, 2, "bob", false, "@alice", t);
let recency_cutoff = now_ms() - 7 * 24 * 3600 * 1000;
let results = query_mentioned_in(&conn, "alice", &[1], recency_cutoff).unwrap();
assert_eq!(results.len(), 1);
assert_eq!(results[0].project_path, "group/repo-a");
}
#[test]
fn mentioned_in_deduplicates_multiple_mentions_same_entity() {
let conn = setup_test_db();
insert_project(&conn, 1, "group/repo");
insert_issue(&conn, 10, 1, 42, "someone");
let disc_id = 100;
insert_discussion(&conn, disc_id, 1, None, Some(10));
let t1 = now_ms() - 5000;
let t2 = now_ms() - 1000;
// Two different people mention alice on the same issue
insert_note_at(&conn, 200, disc_id, 1, "bob", false, "@alice thoughts?", t1);
insert_note_at(&conn, 201, disc_id, 1, "charlie", false, "@alice +1", t2);
let recency_cutoff = now_ms() - 7 * 24 * 3600 * 1000;
let results = query_mentioned_in(&conn, "alice", &[], recency_cutoff).unwrap();
assert_eq!(results.len(), 1, "should deduplicate to one entity");
}
#[test]
fn mentioned_in_rejects_false_positive_email() {
let conn = setup_test_db();
insert_project(&conn, 1, "group/repo");
insert_issue(&conn, 10, 1, 42, "someone");
let disc_id = 100;
insert_discussion(&conn, disc_id, 1, None, Some(10));
let t = now_ms() - 1000;
insert_note_at(
&conn,
200,
disc_id,
1,
"bob",
false,
"email foo@alice.com",
t,
);
let recency_cutoff = now_ms() - 7 * 24 * 3600 * 1000;
let results = query_mentioned_in(&conn, "alice", &[], recency_cutoff).unwrap();
assert!(results.is_empty(), "email-like text should not match");
}
// ─── Helper Tests ────────────────────────────────────────────────────────── // ─── Helper Tests ──────────────────────────────────────────────────────────
#[test]
fn mentioned_in_sql_materializes_core_ctes() {
let sql = build_mentioned_in_sql("");
assert!(
sql.contains("candidate_issues AS MATERIALIZED"),
"candidate_issues should be materialized"
);
assert!(
sql.contains("candidate_mrs AS MATERIALIZED"),
"candidate_mrs should be materialized"
);
assert!(
sql.contains("note_ts_issue AS MATERIALIZED"),
"note_ts_issue should be materialized"
);
assert!(
sql.contains("note_ts_mr AS MATERIALIZED"),
"note_ts_mr should be materialized"
);
}
#[test] #[test]
fn parse_attention_state_all_variants() { fn parse_attention_state_all_variants() {
assert_eq!( assert_eq!(
@@ -856,6 +1148,67 @@ fn parse_attention_state_all_variants() {
assert_eq!(parse_attention_state("unknown"), AttentionState::NotStarted); assert_eq!(parse_attention_state("unknown"), AttentionState::NotStarted);
} }
#[test]
fn format_attention_reason_not_started() {
let reason = format_attention_reason(&AttentionState::NotStarted, None, None, None);
assert_eq!(reason, "No discussion yet");
}
#[test]
fn format_attention_reason_not_ready() {
let reason = format_attention_reason(&AttentionState::NotReady, None, None, None);
assert_eq!(reason, "Draft with no reviewers assigned");
}
#[test]
fn format_attention_reason_stale_with_timestamp() {
let stale_ts = now_ms() - 35 * 24 * 3600 * 1000; // 35 days ago
let reason = format_attention_reason(&AttentionState::Stale, None, None, Some(stale_ts));
assert!(reason.starts_with("No activity for"), "got: {reason}");
// 35 days = 1 month in our duration bucketing
assert!(reason.contains("1 month"), "got: {reason}");
}
#[test]
fn format_attention_reason_needs_attention_both_timestamps() {
let my_ts = now_ms() - 2 * 86_400_000; // 2 days ago
let others_ts = now_ms() - 3_600_000; // 1 hour ago
let reason = format_attention_reason(
&AttentionState::NeedsAttention,
Some(my_ts),
Some(others_ts),
Some(others_ts),
);
assert!(reason.contains("Others replied"), "got: {reason}");
assert!(reason.contains("you last commented"), "got: {reason}");
}
#[test]
fn format_attention_reason_needs_attention_no_self_comment() {
let others_ts = now_ms() - 3_600_000; // 1 hour ago
let reason = format_attention_reason(
&AttentionState::NeedsAttention,
None,
Some(others_ts),
Some(others_ts),
);
assert!(reason.contains("Others commented"), "got: {reason}");
assert!(reason.contains("you haven't replied"), "got: {reason}");
}
#[test]
fn format_attention_reason_awaiting_response() {
let my_ts = now_ms() - 7_200_000; // 2 hours ago
let reason = format_attention_reason(
&AttentionState::AwaitingResponse,
Some(my_ts),
None,
Some(my_ts),
);
assert!(reason.contains("You replied"), "got: {reason}");
assert!(reason.contains("awaiting others"), "got: {reason}");
}
#[test] #[test]
fn parse_event_type_all_variants() { fn parse_event_type_all_variants() {
assert_eq!(parse_event_type("note"), ActivityEventType::Note); assert_eq!(parse_event_type("note"), ActivityEventType::Note);

23
src/cli/commands/me/mod.rs
View File

@@ -17,7 +17,7 @@ use crate::core::project::resolve_project;
use crate::core::time::parse_since; use crate::core::time::parse_since;
use self::queries::{ use self::queries::{
query_activity, query_authored_mrs, query_open_issues, query_reviewing_mrs, query_activity, query_authored_mrs, query_mentioned_in, query_open_issues, query_reviewing_mrs,
query_since_last_check, query_since_last_check,
}; };
use self::types::{AttentionState, MeDashboard, MeSummary, SinceLastCheck}; use self::types::{AttentionState, MeDashboard, MeSummary, SinceLastCheck};
@@ -25,6 +25,8 @@ use self::types::{AttentionState, MeDashboard, MeSummary, SinceLastCheck};
/// Default activity lookback: 1 day in milliseconds. /// Default activity lookback: 1 day in milliseconds.
const DEFAULT_ACTIVITY_SINCE_DAYS: i64 = 1; const DEFAULT_ACTIVITY_SINCE_DAYS: i64 = 1;
const MS_PER_DAY: i64 = 24 * 60 * 60 * 1000; const MS_PER_DAY: i64 = 24 * 60 * 60 * 1000;
/// Recency window for closed/merged items in the "Mentioned In" section: 7 days.
const RECENCY_WINDOW_MS: i64 = 7 * MS_PER_DAY;
/// Resolve the effective username from CLI flag or config. /// Resolve the effective username from CLI flag or config.
/// ///
@@ -126,6 +128,7 @@ pub fn run_me(config: &Config, args: &MeArgs, robot_mode: bool) -> Result<()> {
let want_issues = show_all || args.issues; let want_issues = show_all || args.issues;
let want_mrs = show_all || args.mrs; let want_mrs = show_all || args.mrs;
let want_activity = show_all || args.activity; let want_activity = show_all || args.activity;
let want_mentions = show_all || args.mentions;
// 6. Run queries for requested sections // 6. Run queries for requested sections
let open_issues = if want_issues { let open_issues = if want_issues {
@@ -146,6 +149,13 @@ pub fn run_me(config: &Config, args: &MeArgs, robot_mode: bool) -> Result<()> {
Vec::new() Vec::new()
}; };
let mentioned_in = if want_mentions {
let recency_cutoff = crate::core::time::now_ms() - RECENCY_WINDOW_MS;
query_mentioned_in(&conn, username, &project_ids, recency_cutoff)?
} else {
Vec::new()
};
let activity = if want_activity { let activity = if want_activity {
query_activity(&conn, username, &project_ids, since_ms)? query_activity(&conn, username, &project_ids, since_ms)?
} else { } else {
@@ -187,6 +197,10 @@ pub fn run_me(config: &Config, args: &MeArgs, robot_mode: bool) -> Result<()> {
.filter(|m| m.attention_state == AttentionState::NeedsAttention) .filter(|m| m.attention_state == AttentionState::NeedsAttention)
.count() .count()
+ reviewing_mrs + reviewing_mrs
.iter()
.filter(|m| m.attention_state == AttentionState::NeedsAttention)
.count()
+ mentioned_in
.iter() .iter()
.filter(|m| m.attention_state == AttentionState::NeedsAttention) .filter(|m| m.attention_state == AttentionState::NeedsAttention)
.count(); .count();
@@ -202,12 +216,16 @@ pub fn run_me(config: &Config, args: &MeArgs, robot_mode: bool) -> Result<()> {
for m in &reviewing_mrs { for m in &reviewing_mrs {
project_paths.insert(&m.project_path); project_paths.insert(&m.project_path);
} }
for m in &mentioned_in {
project_paths.insert(&m.project_path);
}
let summary = MeSummary { let summary = MeSummary {
project_count: project_paths.len(), project_count: project_paths.len(),
open_issue_count: open_issues.len(), open_issue_count: open_issues.len(),
authored_mr_count: open_mrs_authored.len(), authored_mr_count: open_mrs_authored.len(),
reviewing_mr_count: reviewing_mrs.len(), reviewing_mr_count: reviewing_mrs.len(),
mentioned_in_count: mentioned_in.len(),
needs_attention_count, needs_attention_count,
}; };
@@ -219,6 +237,7 @@ pub fn run_me(config: &Config, args: &MeArgs, robot_mode: bool) -> Result<()> {
open_issues, open_issues,
open_mrs_authored, open_mrs_authored,
reviewing_mrs, reviewing_mrs,
mentioned_in,
activity, activity,
since_last_check, since_last_check,
}; };
@@ -237,6 +256,7 @@ pub fn run_me(config: &Config, args: &MeArgs, robot_mode: bool) -> Result<()> {
single_project, single_project,
want_issues, want_issues,
want_mrs, want_mrs,
want_mentions,
want_activity, want_activity,
); );
} }
@@ -313,6 +333,7 @@ mod tests {
issues: false, issues: false,
mrs: false, mrs: false,
activity: false, activity: false,
mentions: false,
since: None, since: None,
project: None, project: None,
all: false, all: false,

311
src/cli/commands/me/queries.rs
View File

@@ -12,13 +12,77 @@ use regex::Regex;
use std::collections::HashMap; use std::collections::HashMap;
use super::types::{ use super::types::{
ActivityEventType, AttentionState, MeActivityEvent, MeIssue, MeMr, SinceCheckEvent, ActivityEventType, AttentionState, MeActivityEvent, MeIssue, MeMention, MeMr, SinceCheckEvent,
SinceCheckGroup, SinceCheckGroup,
}; };
/// Stale threshold: items with no activity for 30 days are marked "stale". /// Stale threshold: items with no activity for 30 days are marked "stale".
const STALE_THRESHOLD_MS: i64 = 30 * 24 * 3600 * 1000; const STALE_THRESHOLD_MS: i64 = 30 * 24 * 3600 * 1000;
// ─── Attention Reason ───────────────────────────────────────────────────────
/// Format a human-readable duration from a millisecond epoch to now.
/// Returns e.g. "3 hours", "2 days", "1 week".
fn relative_duration(ms_epoch: i64) -> String {
let diff = crate::core::time::now_ms() - ms_epoch;
if diff < 60_000 {
return "moments".to_string();
}
let (n, unit) = match diff {
d if d < 3_600_000 => (d / 60_000, "minute"),
d if d < 86_400_000 => (d / 3_600_000, "hour"),
d if d < 604_800_000 => (d / 86_400_000, "day"),
d if d < 2_592_000_000 => (d / 604_800_000, "week"),
d => (d / 2_592_000_000, "month"),
};
if n == 1 {
format!("1 {unit}")
} else {
format!("{n} {unit}s")
}
}
/// Build a human-readable reason explaining why the attention state was set.
pub(super) fn format_attention_reason(
state: &AttentionState,
my_ts: Option<i64>,
others_ts: Option<i64>,
any_ts: Option<i64>,
) -> String {
match state {
AttentionState::NotReady => "Draft with no reviewers assigned".to_string(),
AttentionState::Stale => {
if let Some(ts) = any_ts {
format!("No activity for {}", relative_duration(ts))
} else {
"No activity for over 30 days".to_string()
}
}
AttentionState::NeedsAttention => {
let others_ago = others_ts
.map(|ts| format!("{} ago", relative_duration(ts)))
.unwrap_or_else(|| "recently".to_string());
if let Some(ts) = my_ts {
format!(
"Others replied {}; you last commented {} ago",
others_ago,
relative_duration(ts)
)
} else {
format!("Others commented {}; you haven't replied", others_ago)
}
}
AttentionState::AwaitingResponse => {
if let Some(ts) = my_ts {
format!("You replied {} ago; awaiting others", relative_duration(ts))
} else {
"Awaiting response from others".to_string()
}
}
AttentionState::NotStarted => "No discussion yet".to_string(),
}
}
// ─── Open Issues (AC-5.1, Task #7) ───────────────────────────────────────── // ─── Open Issues (AC-5.1, Task #7) ─────────────────────────────────────────
/// Query open issues assigned to the user via issue_assignees. /// Query open issues assigned to the user via issue_assignees.
@@ -51,7 +115,8 @@ pub fn query_open_issues(
WHEN nt.my_ts IS NOT NULL AND nt.my_ts >= COALESCE(nt.others_ts, 0) WHEN nt.my_ts IS NOT NULL AND nt.my_ts >= COALESCE(nt.others_ts, 0)
THEN 'awaiting_response' THEN 'awaiting_response'
ELSE 'not_started' ELSE 'not_started'
END AS attention_state END AS attention_state,
nt.my_ts, nt.others_ts, nt.any_ts
FROM issues i FROM issues i
JOIN issue_assignees ia ON ia.issue_id = i.id JOIN issue_assignees ia ON ia.issue_id = i.id
JOIN projects p ON i.project_id = p.id JOIN projects p ON i.project_id = p.id
@@ -84,6 +149,11 @@ pub fn query_open_issues(
let mut stmt = conn.prepare(&sql)?; let mut stmt = conn.prepare(&sql)?;
let rows = stmt.query_map(param_refs.as_slice(), |row| { let rows = stmt.query_map(param_refs.as_slice(), |row| {
let attention_str: String = row.get(6)?; let attention_str: String = row.get(6)?;
let my_ts: Option<i64> = row.get(7)?;
let others_ts: Option<i64> = row.get(8)?;
let any_ts: Option<i64> = row.get(9)?;
let state = parse_attention_state(&attention_str);
let reason = format_attention_reason(&state, my_ts, others_ts, any_ts);
Ok(MeIssue { Ok(MeIssue {
iid: row.get(0)?, iid: row.get(0)?,
title: row.get::<_, Option<String>>(1)?.unwrap_or_default(), title: row.get::<_, Option<String>>(1)?.unwrap_or_default(),
@@ -91,7 +161,8 @@ pub fn query_open_issues(
status_name: row.get(3)?, status_name: row.get(3)?,
updated_at: row.get(4)?, updated_at: row.get(4)?,
web_url: row.get(5)?, web_url: row.get(5)?,
attention_state: parse_attention_state(&attention_str), attention_state: state,
attention_reason: reason,
labels: Vec::new(), labels: Vec::new(),
}) })
})?; })?;
@@ -135,7 +206,8 @@ pub fn query_authored_mrs(
WHEN nt.my_ts IS NOT NULL AND nt.my_ts >= COALESCE(nt.others_ts, 0) WHEN nt.my_ts IS NOT NULL AND nt.my_ts >= COALESCE(nt.others_ts, 0)
THEN 'awaiting_response' THEN 'awaiting_response'
ELSE 'not_started' ELSE 'not_started'
END AS attention_state END AS attention_state,
nt.my_ts, nt.others_ts, nt.any_ts
FROM merge_requests m FROM merge_requests m
JOIN projects p ON m.project_id = p.id JOIN projects p ON m.project_id = p.id
LEFT JOIN note_ts nt ON nt.merge_request_id = m.id LEFT JOIN note_ts nt ON nt.merge_request_id = m.id
@@ -163,6 +235,11 @@ pub fn query_authored_mrs(
let mut stmt = conn.prepare(&sql)?; let mut stmt = conn.prepare(&sql)?;
let rows = stmt.query_map(param_refs.as_slice(), |row| { let rows = stmt.query_map(param_refs.as_slice(), |row| {
let attention_str: String = row.get(7)?; let attention_str: String = row.get(7)?;
let my_ts: Option<i64> = row.get(8)?;
let others_ts: Option<i64> = row.get(9)?;
let any_ts: Option<i64> = row.get(10)?;
let state = parse_attention_state(&attention_str);
let reason = format_attention_reason(&state, my_ts, others_ts, any_ts);
Ok(MeMr { Ok(MeMr {
iid: row.get(0)?, iid: row.get(0)?,
title: row.get::<_, Option<String>>(1)?.unwrap_or_default(), title: row.get::<_, Option<String>>(1)?.unwrap_or_default(),
@@ -171,7 +248,8 @@ pub fn query_authored_mrs(
detailed_merge_status: row.get(4)?, detailed_merge_status: row.get(4)?,
updated_at: row.get(5)?, updated_at: row.get(5)?,
web_url: row.get(6)?, web_url: row.get(6)?,
attention_state: parse_attention_state(&attention_str), attention_state: state,
attention_reason: reason,
author_username: None, author_username: None,
labels: Vec::new(), labels: Vec::new(),
}) })
@@ -214,7 +292,8 @@ pub fn query_reviewing_mrs(
WHEN nt.my_ts IS NOT NULL AND nt.my_ts >= COALESCE(nt.others_ts, 0) WHEN nt.my_ts IS NOT NULL AND nt.my_ts >= COALESCE(nt.others_ts, 0)
THEN 'awaiting_response' THEN 'awaiting_response'
ELSE 'not_started' ELSE 'not_started'
END AS attention_state END AS attention_state,
nt.my_ts, nt.others_ts, nt.any_ts
FROM merge_requests m FROM merge_requests m
JOIN mr_reviewers r ON r.merge_request_id = m.id JOIN mr_reviewers r ON r.merge_request_id = m.id
JOIN projects p ON m.project_id = p.id JOIN projects p ON m.project_id = p.id
@@ -242,6 +321,11 @@ pub fn query_reviewing_mrs(
let mut stmt = conn.prepare(&sql)?; let mut stmt = conn.prepare(&sql)?;
let rows = stmt.query_map(param_refs.as_slice(), |row| { let rows = stmt.query_map(param_refs.as_slice(), |row| {
let attention_str: String = row.get(8)?; let attention_str: String = row.get(8)?;
let my_ts: Option<i64> = row.get(9)?;
let others_ts: Option<i64> = row.get(10)?;
let any_ts: Option<i64> = row.get(11)?;
let state = parse_attention_state(&attention_str);
let reason = format_attention_reason(&state, my_ts, others_ts, any_ts);
Ok(MeMr { Ok(MeMr {
iid: row.get(0)?, iid: row.get(0)?,
title: row.get::<_, Option<String>>(1)?.unwrap_or_default(), title: row.get::<_, Option<String>>(1)?.unwrap_or_default(),
@@ -251,7 +335,8 @@ pub fn query_reviewing_mrs(
author_username: row.get(5)?, author_username: row.get(5)?,
updated_at: row.get(6)?, updated_at: row.get(6)?,
web_url: row.get(7)?, web_url: row.get(7)?,
attention_state: parse_attention_state(&attention_str), attention_state: state,
attention_reason: reason,
labels: Vec::new(), labels: Vec::new(),
}) })
})?; })?;
@@ -687,6 +772,218 @@ fn group_since_check_events(rows: Vec<RawSinceCheckRow>) -> Vec<SinceCheckGroup>
result result
} }
// ─── Mentioned In (issues/MRs where user is @mentioned but not formally associated)
/// Raw row from the mentioned-in query.
struct RawMentionRow {
entity_type: String,
iid: i64,
title: String,
project_path: String,
state: String,
updated_at: i64,
web_url: Option<String>,
my_ts: Option<i64>,
others_ts: Option<i64>,
any_ts: Option<i64>,
mention_body: String,
}
fn build_mentioned_in_sql(project_clause: &str) -> String {
format!(
"WITH candidate_issues AS MATERIALIZED (
SELECT i.id, i.iid, i.title, p.path_with_namespace, i.state,
i.updated_at, i.web_url
FROM issues i
JOIN projects p ON i.project_id = p.id
WHERE (i.state = 'opened' OR (i.state = 'closed' AND i.updated_at > ?2))
AND (i.author_username IS NULL OR i.author_username != ?1)
AND NOT EXISTS (
SELECT 1 FROM issue_assignees ia
WHERE ia.issue_id = i.id AND ia.username = ?1
)
{project_clause}
),
candidate_mrs AS MATERIALIZED (
SELECT m.id, m.iid, m.title, p.path_with_namespace, m.state,
m.updated_at, m.web_url
FROM merge_requests m
JOIN projects p ON m.project_id = p.id
WHERE (m.state = 'opened'
OR (m.state IN ('merged', 'closed') AND m.updated_at > ?2))
AND m.author_username != ?1
AND NOT EXISTS (
SELECT 1 FROM mr_reviewers rv
WHERE rv.merge_request_id = m.id AND rv.username = ?1
)
{project_clause}
),
note_ts_issue AS MATERIALIZED (
SELECT d.issue_id,
MAX(CASE WHEN n.author_username = ?1 THEN n.created_at END) AS my_ts,
MAX(CASE WHEN n.author_username != ?1 THEN n.created_at END) AS others_ts,
MAX(n.created_at) AS any_ts
FROM notes n
JOIN discussions d ON n.discussion_id = d.id
JOIN candidate_issues ci ON ci.id = d.issue_id
WHERE n.is_system = 0
GROUP BY d.issue_id
),
note_ts_mr AS MATERIALIZED (
SELECT d.merge_request_id,
MAX(CASE WHEN n.author_username = ?1 THEN n.created_at END) AS my_ts,
MAX(CASE WHEN n.author_username != ?1 THEN n.created_at END) AS others_ts,
MAX(n.created_at) AS any_ts
FROM notes n
JOIN discussions d ON n.discussion_id = d.id
JOIN candidate_mrs cm ON cm.id = d.merge_request_id
WHERE n.is_system = 0
GROUP BY d.merge_request_id
)
-- Issue mentions (scoped to candidate entities only)
SELECT 'issue', ci.iid, ci.title, ci.path_with_namespace, ci.state,
ci.updated_at, ci.web_url,
nt.my_ts, nt.others_ts, nt.any_ts,
n.body
FROM notes n
JOIN discussions d ON n.discussion_id = d.id
JOIN candidate_issues ci ON ci.id = d.issue_id
LEFT JOIN note_ts_issue nt ON nt.issue_id = ci.id
WHERE n.is_system = 0
AND n.author_username != ?1
AND LOWER(n.body) LIKE '%@' || LOWER(?1) || '%'
UNION ALL
-- MR mentions (scoped to candidate entities only)
SELECT 'mr', cm.iid, cm.title, cm.path_with_namespace, cm.state,
cm.updated_at, cm.web_url,
nt.my_ts, nt.others_ts, nt.any_ts,
n.body
FROM notes n
JOIN discussions d ON n.discussion_id = d.id
JOIN candidate_mrs cm ON cm.id = d.merge_request_id
LEFT JOIN note_ts_mr nt ON nt.merge_request_id = cm.id
WHERE n.is_system = 0
AND n.author_username != ?1
AND LOWER(n.body) LIKE '%@' || LOWER(?1) || '%'
ORDER BY 6 DESC
LIMIT 500",
)
}
/// Query issues and MRs where the user is @mentioned but not assigned/authored/reviewing.
///
/// Includes open items unconditionally, plus recently-closed/merged items
/// (where `updated_at > recency_cutoff_ms`).
///
/// Returns deduplicated results sorted by attention priority then recency.
pub fn query_mentioned_in(
conn: &Connection,
username: &str,
project_ids: &[i64],
recency_cutoff_ms: i64,
) -> Result<Vec<MeMention>> {
let project_clause = build_project_clause_at("p.id", project_ids, 3);
// Materialized CTEs avoid pathological query plans for project-scoped mentions.
let sql = build_mentioned_in_sql(&project_clause);
let mut params: Vec<Box<dyn rusqlite::types::ToSql>> = Vec::new();
params.push(Box::new(username.to_string()));
params.push(Box::new(recency_cutoff_ms));
for &pid in project_ids {
params.push(Box::new(pid));
}
let param_refs: Vec<&dyn rusqlite::types::ToSql> = params.iter().map(|p| p.as_ref()).collect();
let mention_re = build_exact_mention_regex(username);
let mut stmt = conn.prepare(&sql)?;
let rows = stmt.query_map(param_refs.as_slice(), |row| {
Ok(RawMentionRow {
entity_type: row.get(0)?,
iid: row.get(1)?,
title: row.get::<_, Option<String>>(2)?.unwrap_or_default(),
project_path: row.get(3)?,
state: row.get(4)?,
updated_at: row.get(5)?,
web_url: row.get(6)?,
my_ts: row.get(7)?,
others_ts: row.get(8)?,
any_ts: row.get(9)?,
mention_body: row.get::<_, Option<String>>(10)?.unwrap_or_default(),
})
})?;
let raw: Vec<RawMentionRow> = rows.collect::<std::result::Result<Vec<_>, _>>()?;
// Post-filter with exact mention regex and deduplicate by entity
let mut seen: HashMap<(String, i64, String), RawMentionRow> = HashMap::new();
for row in raw {
if !contains_exact_mention(&row.mention_body, &mention_re) {
continue;
}
let key = (row.entity_type.clone(), row.iid, row.project_path.clone());
// Keep the first occurrence (most recent due to ORDER BY updated_at DESC)
seen.entry(key).or_insert(row);
}
let mut mentions: Vec<MeMention> = seen
.into_values()
.map(|row| {
let state = compute_mention_attention(row.my_ts, row.others_ts, row.any_ts);
let reason = format_attention_reason(&state, row.my_ts, row.others_ts, row.any_ts);
MeMention {
entity_type: row.entity_type,
iid: row.iid,
title: row.title,
project_path: row.project_path,
state: row.state,
attention_state: state,
attention_reason: reason,
updated_at: row.updated_at,
web_url: row.web_url,
}
})
.collect();
// Sort by attention priority (needs_attention first), then by updated_at DESC
mentions.sort_by(|a, b| {
a.attention_state
.cmp(&b.attention_state)
.then_with(|| b.updated_at.cmp(&a.updated_at))
});
Ok(mentions)
}
/// Compute attention state for a mentioned-in item.
/// Same logic as the other sections, but without the not_ready variant
/// since it's less relevant for mention-only items.
fn compute_mention_attention(
my_ts: Option<i64>,
others_ts: Option<i64>,
any_ts: Option<i64>,
) -> AttentionState {
// Stale check
if let Some(ts) = any_ts
&& ts < crate::core::time::now_ms() - STALE_THRESHOLD_MS
{
return AttentionState::Stale;
}
// Others commented after me (or I never engaged but others have)
if let Some(ots) = others_ts
&& my_ts.is_none_or(|mts| ots > mts)
{
return AttentionState::NeedsAttention;
}
// I replied and my reply is >= others' latest
if let Some(mts) = my_ts
&& mts >= others_ts.unwrap_or(0)
{
return AttentionState::AwaitingResponse;
}
AttentionState::NotStarted
}
// ─── Helpers ──────────────────────────────────────────────────────────────── // ─── Helpers ────────────────────────────────────────────────────────────────
/// Parse attention state string from SQL CASE result. /// Parse attention state string from SQL CASE result.

65
src/cli/commands/me/render_human.rs
View File

@@ -1,8 +1,8 @@
use crate::cli::render::{self, Align, GlyphMode, Icons, LoreRenderer, StyledCell, Table, Theme}; use crate::cli::render::{self, Align, GlyphMode, Icons, LoreRenderer, StyledCell, Table, Theme};
use super::types::{ use super::types::{
ActivityEventType, AttentionState, MeActivityEvent, MeDashboard, MeIssue, MeMr, MeSummary, ActivityEventType, AttentionState, MeActivityEvent, MeDashboard, MeIssue, MeMention, MeMr,
SinceLastCheck, MeSummary, SinceLastCheck,
}; };
// ─── Layout Helpers ───────────────────────────────────────────────────────── // ─── Layout Helpers ─────────────────────────────────────────────────────────
@@ -164,12 +164,19 @@ pub fn print_summary_header(summary: &MeSummary, username: &str) {
Theme::dim().render("0 need attention") Theme::dim().render("0 need attention")
}; };
let mentioned = if summary.mentioned_in_count > 0 {
format!(" {} mentioned", summary.mentioned_in_count)
} else {
String::new()
};
println!( println!(
" {} projects {} issues {} authored MRs {} reviewing MRs {}", " {} projects {} issues {} authored MRs {} reviewing MRs{} {}",
summary.project_count, summary.project_count,
summary.open_issue_count, summary.open_issue_count,
summary.authored_mr_count, summary.authored_mr_count,
summary.reviewing_mr_count, summary.reviewing_mr_count,
mentioned,
needs, needs,
); );
@@ -342,6 +349,53 @@ pub fn print_reviewing_mrs_section(mrs: &[MeMr], single_project: bool) {
} }
} }
// ─── Mentioned In Section ────────────────────────────────────────────────
/// Print the "Mentioned In" section for items where user is @mentioned but
/// not assigned, authored, or reviewing.
pub fn print_mentioned_in_section(mentions: &[MeMention], single_project: bool) {
if mentions.is_empty() {
return;
}
println!(
"{}",
render::section_divider(&format!("Mentioned In ({})", mentions.len()))
);
for item in mentions {
let attn = styled_attention(&item.attention_state);
let ref_str = match item.entity_type.as_str() {
"issue" => format!("#{}", item.iid),
"mr" => format!("!{}", item.iid),
_ => format!("{}:{}", item.entity_type, item.iid),
};
let ref_style = match item.entity_type.as_str() {
"issue" => Theme::issue_ref(),
"mr" => Theme::mr_ref(),
_ => Theme::bold(),
};
let state_tag = match item.state.as_str() {
"opened" => String::new(),
other => format!(" [{}]", other),
};
let time = render::format_relative_time(item.updated_at);
println!(
" {} {} {}{} {}",
attn,
ref_style.render(&ref_str),
render::truncate(&item.title, title_width(43)),
Theme::dim().render(&state_tag),
Theme::dim().render(&time),
);
if !single_project {
println!(" {}", Theme::dim().render(&item.project_path));
}
}
}
// ─── Activity Feed ─────────────────────────────────────────────────────────── // ─── Activity Feed ───────────────────────────────────────────────────────────
/// Print the activity feed section (Task #17). /// Print the activity feed section (Task #17).
@@ -587,6 +641,7 @@ pub fn print_me_dashboard(dashboard: &MeDashboard, single_project: bool) {
print_issues_section(&dashboard.open_issues, single_project); print_issues_section(&dashboard.open_issues, single_project);
print_authored_mrs_section(&dashboard.open_mrs_authored, single_project); print_authored_mrs_section(&dashboard.open_mrs_authored, single_project);
print_reviewing_mrs_section(&dashboard.reviewing_mrs, single_project); print_reviewing_mrs_section(&dashboard.reviewing_mrs, single_project);
print_mentioned_in_section(&dashboard.mentioned_in, single_project);
print_activity_section(&dashboard.activity, single_project); print_activity_section(&dashboard.activity, single_project);
println!(); println!();
} }
@@ -597,6 +652,7 @@ pub fn print_me_dashboard_filtered(
single_project: bool, single_project: bool,
show_issues: bool, show_issues: bool,
show_mrs: bool, show_mrs: bool,
show_mentions: bool,
show_activity: bool, show_activity: bool,
) { ) {
if let Some(ref since) = dashboard.since_last_check { if let Some(ref since) = dashboard.since_last_check {
@@ -611,6 +667,9 @@ pub fn print_me_dashboard_filtered(
print_authored_mrs_section(&dashboard.open_mrs_authored, single_project); print_authored_mrs_section(&dashboard.open_mrs_authored, single_project);
print_reviewing_mrs_section(&dashboard.reviewing_mrs, single_project); print_reviewing_mrs_section(&dashboard.reviewing_mrs, single_project);
} }
if show_mentions {
print_mentioned_in_section(&dashboard.mentioned_in, single_project);
}
if show_activity { if show_activity {
print_activity_section(&dashboard.activity, single_project); print_activity_section(&dashboard.activity, single_project);
} }

59
src/cli/commands/me/render_robot.rs
View File

@@ -4,8 +4,8 @@ use crate::cli::robot::RobotMeta;
use crate::core::time::ms_to_iso; use crate::core::time::ms_to_iso;
use super::types::{ use super::types::{
ActivityEventType, AttentionState, MeActivityEvent, MeDashboard, MeIssue, MeMr, MeSummary, ActivityEventType, AttentionState, MeActivityEvent, MeDashboard, MeIssue, MeMention, MeMr,
SinceCheckEvent, SinceCheckGroup, SinceLastCheck, MeSummary, SinceCheckEvent, SinceCheckGroup, SinceLastCheck,
}; };
// ─── Robot JSON Output (Task #18) ──────────────────────────────────────────── // ─── Robot JSON Output (Task #18) ────────────────────────────────────────────
@@ -28,11 +28,15 @@ pub fn print_me_json(
// Apply --fields filtering (Task #19) // Apply --fields filtering (Task #19)
if let Some(f) = fields { if let Some(f) = fields {
let expanded = crate::cli::robot::expand_fields_preset(f, "me_items"); let expanded = crate::cli::robot::expand_fields_preset(f, "me_items");
// Filter all item arrays // Filter issue/MR arrays with the items preset
for key in &["open_issues", "open_mrs_authored", "reviewing_mrs"] { for key in &["open_issues", "open_mrs_authored", "reviewing_mrs"] {
crate::cli::robot::filter_fields(&mut value, key, &expanded); crate::cli::robot::filter_fields(&mut value, key, &expanded);
} }
// Mentioned-in gets its own preset (needs entity_type + state to disambiguate)
let mentions_expanded = crate::cli::robot::expand_fields_preset(f, "me_mentions");
crate::cli::robot::filter_fields(&mut value, "mentioned_in", &mentions_expanded);
// Activity gets its own minimal preset // Activity gets its own minimal preset
let activity_expanded = crate::cli::robot::expand_fields_preset(f, "me_activity"); let activity_expanded = crate::cli::robot::expand_fields_preset(f, "me_activity");
crate::cli::robot::filter_fields(&mut value, "activity", &activity_expanded); crate::cli::robot::filter_fields(&mut value, "activity", &activity_expanded);
@@ -84,6 +88,7 @@ struct MeDataJson {
open_issues: Vec<IssueJson>, open_issues: Vec<IssueJson>,
open_mrs_authored: Vec<MrJson>, open_mrs_authored: Vec<MrJson>,
reviewing_mrs: Vec<MrJson>, reviewing_mrs: Vec<MrJson>,
mentioned_in: Vec<MentionJson>,
activity: Vec<ActivityJson>, activity: Vec<ActivityJson>,
} }
@@ -97,6 +102,7 @@ impl MeDataJson {
open_issues: d.open_issues.iter().map(IssueJson::from).collect(), open_issues: d.open_issues.iter().map(IssueJson::from).collect(),
open_mrs_authored: d.open_mrs_authored.iter().map(MrJson::from).collect(), open_mrs_authored: d.open_mrs_authored.iter().map(MrJson::from).collect(),
reviewing_mrs: d.reviewing_mrs.iter().map(MrJson::from).collect(), reviewing_mrs: d.reviewing_mrs.iter().map(MrJson::from).collect(),
mentioned_in: d.mentioned_in.iter().map(MentionJson::from).collect(),
activity: d.activity.iter().map(ActivityJson::from).collect(), activity: d.activity.iter().map(ActivityJson::from).collect(),
} }
} }
@@ -110,6 +116,7 @@ struct SummaryJson {
open_issue_count: usize, open_issue_count: usize,
authored_mr_count: usize, authored_mr_count: usize,
reviewing_mr_count: usize, reviewing_mr_count: usize,
mentioned_in_count: usize,
needs_attention_count: usize, needs_attention_count: usize,
} }
@@ -120,6 +127,7 @@ impl From<&MeSummary> for SummaryJson {
open_issue_count: s.open_issue_count, open_issue_count: s.open_issue_count,
authored_mr_count: s.authored_mr_count, authored_mr_count: s.authored_mr_count,
reviewing_mr_count: s.reviewing_mr_count, reviewing_mr_count: s.reviewing_mr_count,
mentioned_in_count: s.mentioned_in_count,
needs_attention_count: s.needs_attention_count, needs_attention_count: s.needs_attention_count,
} }
} }
@@ -134,6 +142,7 @@ struct IssueJson {
title: String, title: String,
state: String, state: String,
attention_state: String, attention_state: String,
attention_reason: String,
status_name: Option<String>, status_name: Option<String>,
labels: Vec<String>, labels: Vec<String>,
updated_at_iso: String, updated_at_iso: String,
@@ -148,6 +157,7 @@ impl From<&MeIssue> for IssueJson {
title: i.title.clone(), title: i.title.clone(),
state: "opened".to_string(), state: "opened".to_string(),
attention_state: attention_state_str(&i.attention_state), attention_state: attention_state_str(&i.attention_state),
attention_reason: i.attention_reason.clone(),
status_name: i.status_name.clone(), status_name: i.status_name.clone(),
labels: i.labels.clone(), labels: i.labels.clone(),
updated_at_iso: ms_to_iso(i.updated_at), updated_at_iso: ms_to_iso(i.updated_at),
@@ -165,6 +175,7 @@ struct MrJson {
title: String, title: String,
state: String, state: String,
attention_state: String, attention_state: String,
attention_reason: String,
draft: bool, draft: bool,
detailed_merge_status: Option<String>, detailed_merge_status: Option<String>,
author_username: Option<String>, author_username: Option<String>,
@@ -181,6 +192,7 @@ impl From<&MeMr> for MrJson {
title: m.title.clone(), title: m.title.clone(),
state: "opened".to_string(), state: "opened".to_string(),
attention_state: attention_state_str(&m.attention_state), attention_state: attention_state_str(&m.attention_state),
attention_reason: m.attention_reason.clone(),
draft: m.draft, draft: m.draft,
detailed_merge_status: m.detailed_merge_status.clone(), detailed_merge_status: m.detailed_merge_status.clone(),
author_username: m.author_username.clone(), author_username: m.author_username.clone(),
@@ -191,6 +203,37 @@ impl From<&MeMr> for MrJson {
} }
} }
// ─── Mention ─────────────────────────────────────────────────────────────
#[derive(Serialize)]
struct MentionJson {
entity_type: String,
project: String,
iid: i64,
title: String,
state: String,
attention_state: String,
attention_reason: String,
updated_at_iso: String,
web_url: Option<String>,
}
impl From<&MeMention> for MentionJson {
fn from(m: &MeMention) -> Self {
Self {
entity_type: m.entity_type.clone(),
project: m.project_path.clone(),
iid: m.iid,
title: m.title.clone(),
state: m.state.clone(),
attention_state: attention_state_str(&m.attention_state),
attention_reason: m.attention_reason.clone(),
updated_at_iso: ms_to_iso(m.updated_at),
web_url: m.web_url.clone(),
}
}
}
// ─── Activity ──────────────────────────────────────────────────────────────── // ─── Activity ────────────────────────────────────────────────────────────────
#[derive(Serialize)] #[derive(Serialize)]
@@ -365,6 +408,7 @@ mod tests {
title: "Fix auth bug".to_string(), title: "Fix auth bug".to_string(),
project_path: "group/repo".to_string(), project_path: "group/repo".to_string(),
attention_state: AttentionState::NeedsAttention, attention_state: AttentionState::NeedsAttention,
attention_reason: "Others commented recently; you haven't replied".to_string(),
status_name: Some("In progress".to_string()), status_name: Some("In progress".to_string()),
labels: vec!["bug".to_string()], labels: vec!["bug".to_string()],
updated_at: 1_700_000_000_000, updated_at: 1_700_000_000_000,
@@ -373,6 +417,10 @@ mod tests {
let json = IssueJson::from(&issue); let json = IssueJson::from(&issue);
assert_eq!(json.iid, 42); assert_eq!(json.iid, 42);
assert_eq!(json.attention_state, "needs_attention"); assert_eq!(json.attention_state, "needs_attention");
assert_eq!(
json.attention_reason,
"Others commented recently; you haven't replied"
);
assert_eq!(json.state, "opened"); assert_eq!(json.state, "opened");
assert_eq!(json.status_name, Some("In progress".to_string())); assert_eq!(json.status_name, Some("In progress".to_string()));
} }
@@ -384,6 +432,7 @@ mod tests {
title: "Add feature".to_string(), title: "Add feature".to_string(),
project_path: "group/repo".to_string(), project_path: "group/repo".to_string(),
attention_state: AttentionState::AwaitingResponse, attention_state: AttentionState::AwaitingResponse,
attention_reason: "You replied moments ago; awaiting others".to_string(),
draft: true, draft: true,
detailed_merge_status: Some("mergeable".to_string()), detailed_merge_status: Some("mergeable".to_string()),
author_username: Some("alice".to_string()), author_username: Some("alice".to_string()),
@@ -394,6 +443,10 @@ mod tests {
let json = MrJson::from(&mr); let json = MrJson::from(&mr);
assert_eq!(json.iid, 99); assert_eq!(json.iid, 99);
assert_eq!(json.attention_state, "awaiting_response"); assert_eq!(json.attention_state, "awaiting_response");
assert_eq!(
json.attention_reason,
"You replied moments ago; awaiting others"
);
assert!(json.draft); assert!(json.draft);
assert_eq!(json.author_username, Some("alice".to_string())); assert_eq!(json.author_username, Some("alice".to_string()));
} }

19
src/cli/commands/me/types.rs
View File

@@ -44,6 +44,7 @@ pub struct MeSummary {
pub open_issue_count: usize, pub open_issue_count: usize,
pub authored_mr_count: usize, pub authored_mr_count: usize,
pub reviewing_mr_count: usize, pub reviewing_mr_count: usize,
pub mentioned_in_count: usize,
pub needs_attention_count: usize, pub needs_attention_count: usize,
} }
@@ -53,6 +54,7 @@ pub struct MeIssue {
pub title: String, pub title: String,
pub project_path: String, pub project_path: String,
pub attention_state: AttentionState, pub attention_state: AttentionState,
pub attention_reason: String,
pub status_name: Option<String>, pub status_name: Option<String>,
pub labels: Vec<String>, pub labels: Vec<String>,
pub updated_at: i64, pub updated_at: i64,
@@ -65,6 +67,7 @@ pub struct MeMr {
pub title: String, pub title: String,
pub project_path: String, pub project_path: String,
pub attention_state: AttentionState, pub attention_state: AttentionState,
pub attention_reason: String,
pub draft: bool, pub draft: bool,
pub detailed_merge_status: Option<String>, pub detailed_merge_status: Option<String>,
pub author_username: Option<String>, pub author_username: Option<String>,
@@ -114,6 +117,21 @@ pub struct SinceLastCheck {
pub total_event_count: usize, pub total_event_count: usize,
} }
/// An issue or MR where the user is @mentioned but not formally associated.
pub struct MeMention {
/// "issue" or "mr"
pub entity_type: String,
pub iid: i64,
pub title: String,
pub project_path: String,
/// "opened", "closed", or "merged"
pub state: String,
pub attention_state: AttentionState,
pub attention_reason: String,
pub updated_at: i64,
pub web_url: Option<String>,
}
/// The complete dashboard result. /// The complete dashboard result.
pub struct MeDashboard { pub struct MeDashboard {
pub username: String, pub username: String,
@@ -122,6 +140,7 @@ pub struct MeDashboard {
pub open_issues: Vec<MeIssue>, pub open_issues: Vec<MeIssue>,
pub open_mrs_authored: Vec<MeMr>, pub open_mrs_authored: Vec<MeMr>,
pub reviewing_mrs: Vec<MeMr>, pub reviewing_mrs: Vec<MeMr>,
pub mentioned_in: Vec<MeMention>,
pub activity: Vec<MeActivityEvent>, pub activity: Vec<MeActivityEvent>,
pub since_last_check: Option<SinceLastCheck>, pub since_last_check: Option<SinceLastCheck>,
} }

6
src/cli/mod.rs
View File

@@ -1103,6 +1103,10 @@ pub struct MeArgs {
#[arg(long, help_heading = "Sections")] #[arg(long, help_heading = "Sections")]
pub activity: bool, pub activity: bool,
/// Show items you're @mentioned in (not assigned/authored/reviewing)
#[arg(long, help_heading = "Sections")]
pub mentions: bool,
/// Activity window (e.g. 7d, 2w, 30d). Default: 30d. Only affects activity section. /// Activity window (e.g. 7d, 2w, 30d). Default: 30d. Only affects activity section.
#[arg(long, help_heading = "Filters")] #[arg(long, help_heading = "Filters")]
pub since: Option<String>, pub since: Option<String>,
@@ -1131,7 +1135,7 @@ pub struct MeArgs {
impl MeArgs { impl MeArgs {
/// Returns true if no section flags were passed (show all sections). /// Returns true if no section flags were passed (show all sections).
pub fn show_all_sections(&self) -> bool { pub fn show_all_sections(&self) -> bool {
!self.issues && !self.mrs && !self.activity !self.issues && !self.mrs && !self.activity && !self.mentions
} }
} }

20
src/cli/robot.rs
View File

@@ -68,7 +68,25 @@ pub fn expand_fields_preset(fields: &[String], entity: &str) -> Vec<String> {
.iter() .iter()
.map(|s| (*s).to_string()) .map(|s| (*s).to_string())
.collect(), .collect(),
"me_items" => ["iid", "title", "attention_state", "updated_at_iso"] "me_items" => [
"iid",
"title",
"attention_state",
"attention_reason",
"updated_at_iso",
]
.iter()
.map(|s| (*s).to_string())
.collect(),
"me_mentions" => [
"entity_type",
"iid",
"title",
"state",
"attention_state",
"attention_reason",
"updated_at_iso",
]
.iter() .iter()
.map(|s| (*s).to_string()) .map(|s| (*s).to_string())
.collect(), .collect(),

78
src/ingestion/issues.rs
View File

@@ -36,6 +36,9 @@ struct SyncCursor {
tie_breaker_id: Option<i64>, tie_breaker_id: Option<i64>,
} }
// Keep comfortably below SQLite's default 999 bind-parameter limit.
const BATCH_LINK_ROWS_MAX: usize = 400;
pub async fn ingest_issues( pub async fn ingest_issues(
conn: &Connection, conn: &Connection,
client: &GitLabClient, client: &GitLabClient,
@@ -252,22 +255,19 @@ fn process_issue_in_transaction(
[local_issue_id], [local_issue_id],
)?; )?;
let mut label_ids = Vec::with_capacity(label_names.len());
for label_name in label_names { for label_name in label_names {
let label_id = upsert_label_tx(tx, project_id, label_name, &mut labels_created)?; let label_id = upsert_label_tx(tx, project_id, label_name, &mut labels_created)?;
link_issue_label_tx(tx, local_issue_id, label_id)?; label_ids.push(label_id);
} }
link_issue_labels_batch_tx(tx, local_issue_id, &label_ids)?;
tx.execute( tx.execute(
"DELETE FROM issue_assignees WHERE issue_id = ?", "DELETE FROM issue_assignees WHERE issue_id = ?",
[local_issue_id], [local_issue_id],
)?; )?;
for username in assignee_usernames { insert_issue_assignees_batch_tx(tx, local_issue_id, assignee_usernames)?;
tx.execute(
"INSERT OR IGNORE INTO issue_assignees (issue_id, username) VALUES (?, ?)",
(local_issue_id, username),
)?;
}
Ok(labels_created) Ok(labels_created)
} }
@@ -296,11 +296,65 @@ fn upsert_label_tx(
Ok(id) Ok(id)
} }
fn link_issue_label_tx(tx: &Transaction<'_>, issue_id: i64, label_id: i64) -> Result<()> { fn link_issue_labels_batch_tx(
tx.execute( tx: &Transaction<'_>,
"INSERT OR IGNORE INTO issue_labels (issue_id, label_id) VALUES (?, ?)", issue_id: i64,
(issue_id, label_id), label_ids: &[i64],
)?; ) -> Result<()> {
if label_ids.is_empty() {
return Ok(());
}
for chunk in label_ids.chunks(BATCH_LINK_ROWS_MAX) {
let placeholders = (0..chunk.len())
.map(|idx| format!("(?1, ?{})", idx + 2))
.collect::<Vec<_>>()
.join(", ");
let sql = format!(
"INSERT OR IGNORE INTO issue_labels (issue_id, label_id) VALUES {}",
placeholders
);
let mut params: Vec<&dyn rusqlite::types::ToSql> = Vec::with_capacity(chunk.len() + 1);
params.push(&issue_id);
for label_id in chunk {
params.push(label_id);
}
tx.execute(&sql, params.as_slice())?;
}
Ok(())
}
fn insert_issue_assignees_batch_tx(
tx: &Transaction<'_>,
issue_id: i64,
usernames: &[String],
) -> Result<()> {
if usernames.is_empty() {
return Ok(());
}
for chunk in usernames.chunks(BATCH_LINK_ROWS_MAX) {
let placeholders = (0..chunk.len())
.map(|idx| format!("(?1, ?{})", idx + 2))
.collect::<Vec<_>>()
.join(", ");
let sql = format!(
"INSERT OR IGNORE INTO issue_assignees (issue_id, username) VALUES {}",
placeholders
);
let mut params: Vec<&dyn rusqlite::types::ToSql> = Vec::with_capacity(chunk.len() + 1);
params.push(&issue_id);
for username in chunk {
params.push(username);
}
tx.execute(&sql, params.as_slice())?;
}
Ok(()) Ok(())
} }

101
src/ingestion/issues_tests.rs
View File

@@ -1,5 +1,6 @@
use super::*; use super::*;
use crate::gitlab::types::GitLabAuthor; use crate::gitlab::types::GitLabAuthor;
use rusqlite::Connection;
fn passes_cursor_filter(issue: &GitLabIssue, cursor: &SyncCursor) -> Result<bool> { fn passes_cursor_filter(issue: &GitLabIssue, cursor: &SyncCursor) -> Result<bool> {
let Some(cursor_ts) = cursor.updated_at_cursor else { let Some(cursor_ts) = cursor.updated_at_cursor else {
@@ -47,6 +48,26 @@ fn make_test_issue(id: i64, updated_at: &str) -> GitLabIssue {
} }
} }
fn setup_link_tables() -> Connection {
let conn = Connection::open_in_memory().unwrap();
conn.execute_batch(
"
CREATE TABLE issue_labels (
issue_id INTEGER NOT NULL,
label_id INTEGER NOT NULL,
PRIMARY KEY(issue_id, label_id)
);
CREATE TABLE issue_assignees (
issue_id INTEGER NOT NULL,
username TEXT NOT NULL,
PRIMARY KEY(issue_id, username)
);
",
)
.unwrap();
conn
}
#[test] #[test]
fn cursor_filter_allows_newer_issues() { fn cursor_filter_allows_newer_issues() {
let cursor = SyncCursor { let cursor = SyncCursor {
@@ -93,3 +114,83 @@ fn cursor_filter_allows_all_when_no_cursor() {
let issue = make_test_issue(1, "2020-01-01T00:00:00.000Z"); let issue = make_test_issue(1, "2020-01-01T00:00:00.000Z");
assert!(passes_cursor_filter(&issue, &cursor).unwrap_or(false)); assert!(passes_cursor_filter(&issue, &cursor).unwrap_or(false));
} }
#[test]
fn batch_issue_label_insert_deduplicates_ids() {
let conn = setup_link_tables();
let tx = conn.unchecked_transaction().unwrap();
link_issue_labels_batch_tx(&tx, 42, &[9, 3, 9, 1]).unwrap();
tx.commit().unwrap();
let ids: Vec<i64> = conn
.prepare("SELECT label_id FROM issue_labels WHERE issue_id = 42 ORDER BY label_id")
.unwrap()
.query_map([], |row| row.get(0))
.unwrap()
.collect::<std::result::Result<Vec<_>, _>>()
.unwrap();
assert_eq!(ids, vec![1, 3, 9]);
}
#[test]
fn batch_issue_assignee_insert_deduplicates_usernames() {
let conn = setup_link_tables();
let tx = conn.unchecked_transaction().unwrap();
let users = vec![
"alice".to_string(),
"bob".to_string(),
"alice".to_string(),
"carol".to_string(),
];
insert_issue_assignees_batch_tx(&tx, 7, &users).unwrap();
tx.commit().unwrap();
let names: Vec<String> = conn
.prepare("SELECT username FROM issue_assignees WHERE issue_id = 7 ORDER BY username")
.unwrap()
.query_map([], |row| row.get(0))
.unwrap()
.collect::<std::result::Result<Vec<_>, _>>()
.unwrap();
assert_eq!(names, vec!["alice", "bob", "carol"]);
}
#[test]
fn batch_issue_links_handle_multiple_chunks() {
let conn = setup_link_tables();
let tx = conn.unchecked_transaction().unwrap();
let mut label_ids: Vec<i64> = (0..(BATCH_LINK_ROWS_MAX as i64 + 3))
.map(|idx| idx + 10)
.collect();
label_ids.push(10);
let mut users: Vec<String> = (0..(BATCH_LINK_ROWS_MAX + 5))
.map(|idx| format!("user-{idx}"))
.collect();
users.push("user-0".to_string());
link_issue_labels_batch_tx(&tx, 11, &label_ids).unwrap();
insert_issue_assignees_batch_tx(&tx, 11, &users).unwrap();
tx.commit().unwrap();
let label_count: i64 = conn
.query_row(
"SELECT COUNT(*) FROM issue_labels WHERE issue_id = 11",
[],
|row| row.get(0),
)
.unwrap();
let user_count: i64 = conn
.query_row(
"SELECT COUNT(*) FROM issue_assignees WHERE issue_id = 11",
[],
|row| row.get(0),
)
.unwrap();
assert_eq!(label_count, BATCH_LINK_ROWS_MAX as i64 + 3);
assert_eq!(user_count, (BATCH_LINK_ROWS_MAX + 5) as i64);
}

242
src/ingestion/merge_requests.rs
View File

@@ -36,6 +36,9 @@ struct SyncCursor {
tie_breaker_id: Option<i64>, tie_breaker_id: Option<i64>,
} }
// Keep comfortably below SQLite's default 999 bind-parameter limit.
const BATCH_LINK_ROWS_MAX: usize = 400;
pub async fn ingest_merge_requests( pub async fn ingest_merge_requests(
conn: &Connection, conn: &Connection,
client: &GitLabClient, client: &GitLabClient,
@@ -252,37 +255,26 @@ fn process_mr_in_transaction(
"DELETE FROM mr_labels WHERE merge_request_id = ?", "DELETE FROM mr_labels WHERE merge_request_id = ?",
[local_mr_id], [local_mr_id],
)?; )?;
let mut label_ids = Vec::with_capacity(transformed.label_names.len());
for label_name in &transformed.label_names { for label_name in &transformed.label_names {
let label_id = upsert_label_tx(tx, project_id, label_name, &mut labels_created)?; let label_id = upsert_label_tx(tx, project_id, label_name, &mut labels_created)?;
tx.execute( label_ids.push(label_id);
"INSERT OR IGNORE INTO mr_labels (merge_request_id, label_id) VALUES (?, ?)",
(local_mr_id, label_id),
)?;
} }
insert_mr_labels_batch_tx(tx, local_mr_id, &label_ids)?;
tx.execute( tx.execute(
"DELETE FROM mr_assignees WHERE merge_request_id = ?", "DELETE FROM mr_assignees WHERE merge_request_id = ?",
[local_mr_id], [local_mr_id],
)?; )?;
let assignees_linked = transformed.assignee_usernames.len(); let assignees_linked = transformed.assignee_usernames.len();
for username in &transformed.assignee_usernames { insert_mr_assignees_batch_tx(tx, local_mr_id, &transformed.assignee_usernames)?;
tx.execute(
"INSERT OR IGNORE INTO mr_assignees (merge_request_id, username) VALUES (?, ?)",
(local_mr_id, username),
)?;
}
tx.execute( tx.execute(
"DELETE FROM mr_reviewers WHERE merge_request_id = ?", "DELETE FROM mr_reviewers WHERE merge_request_id = ?",
[local_mr_id], [local_mr_id],
)?; )?;
let reviewers_linked = transformed.reviewer_usernames.len(); let reviewers_linked = transformed.reviewer_usernames.len();
for username in &transformed.reviewer_usernames { insert_mr_reviewers_batch_tx(tx, local_mr_id, &transformed.reviewer_usernames)?;
tx.execute(
"INSERT OR IGNORE INTO mr_reviewers (merge_request_id, username) VALUES (?, ?)",
(local_mr_id, username),
)?;
}
Ok(ProcessMrResult { Ok(ProcessMrResult {
labels_created, labels_created,
@@ -315,6 +307,99 @@ fn upsert_label_tx(
Ok(id) Ok(id)
} }
fn insert_mr_labels_batch_tx(
tx: &Transaction<'_>,
merge_request_id: i64,
label_ids: &[i64],
) -> Result<()> {
if label_ids.is_empty() {
return Ok(());
}
for chunk in label_ids.chunks(BATCH_LINK_ROWS_MAX) {
let placeholders = (0..chunk.len())
.map(|idx| format!("(?1, ?{})", idx + 2))
.collect::<Vec<_>>()
.join(", ");
let sql = format!(
"INSERT OR IGNORE INTO mr_labels (merge_request_id, label_id) VALUES {}",
placeholders
);
let mut params: Vec<&dyn rusqlite::types::ToSql> = Vec::with_capacity(chunk.len() + 1);
params.push(&merge_request_id);
for label_id in chunk {
params.push(label_id);
}
tx.execute(&sql, params.as_slice())?;
}
Ok(())
}
fn insert_mr_assignees_batch_tx(
tx: &Transaction<'_>,
merge_request_id: i64,
usernames: &[String],
) -> Result<()> {
if usernames.is_empty() {
return Ok(());
}
for chunk in usernames.chunks(BATCH_LINK_ROWS_MAX) {
let placeholders = (0..chunk.len())
.map(|idx| format!("(?1, ?{})", idx + 2))
.collect::<Vec<_>>()
.join(", ");
let sql = format!(
"INSERT OR IGNORE INTO mr_assignees (merge_request_id, username) VALUES {}",
placeholders
);
let mut params: Vec<&dyn rusqlite::types::ToSql> = Vec::with_capacity(chunk.len() + 1);
params.push(&merge_request_id);
for username in chunk {
params.push(username);
}
tx.execute(&sql, params.as_slice())?;
}
Ok(())
}
fn insert_mr_reviewers_batch_tx(
tx: &Transaction<'_>,
merge_request_id: i64,
usernames: &[String],
) -> Result<()> {
if usernames.is_empty() {
return Ok(());
}
for chunk in usernames.chunks(BATCH_LINK_ROWS_MAX) {
let placeholders = (0..chunk.len())
.map(|idx| format!("(?1, ?{})", idx + 2))
.collect::<Vec<_>>()
.join(", ");
let sql = format!(
"INSERT OR IGNORE INTO mr_reviewers (merge_request_id, username) VALUES {}",
placeholders
);
let mut params: Vec<&dyn rusqlite::types::ToSql> = Vec::with_capacity(chunk.len() + 1);
params.push(&merge_request_id);
for username in chunk {
params.push(username);
}
tx.execute(&sql, params.as_slice())?;
}
Ok(())
}
fn passes_cursor_filter_with_ts(gitlab_id: i64, mr_ts: i64, cursor: &SyncCursor) -> bool { fn passes_cursor_filter_with_ts(gitlab_id: i64, mr_ts: i64, cursor: &SyncCursor) -> bool {
let Some(cursor_ts) = cursor.updated_at_cursor else { let Some(cursor_ts) = cursor.updated_at_cursor else {
return true; return true;
@@ -425,6 +510,32 @@ fn parse_timestamp(ts: &str) -> Result<i64> {
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::*; use super::*;
use rusqlite::Connection;
fn setup_link_tables() -> Connection {
let conn = Connection::open_in_memory().unwrap();
conn.execute_batch(
"
CREATE TABLE mr_labels (
merge_request_id INTEGER NOT NULL,
label_id INTEGER NOT NULL,
PRIMARY KEY(merge_request_id, label_id)
);
CREATE TABLE mr_assignees (
merge_request_id INTEGER NOT NULL,
username TEXT NOT NULL,
PRIMARY KEY(merge_request_id, username)
);
CREATE TABLE mr_reviewers (
merge_request_id INTEGER NOT NULL,
username TEXT NOT NULL,
PRIMARY KEY(merge_request_id, username)
);
",
)
.unwrap();
conn
}
#[test] #[test]
fn result_default_has_zero_counts() { fn result_default_has_zero_counts() {
@@ -478,4 +589,103 @@ mod tests {
let old_ts = 1577836800000; let old_ts = 1577836800000;
assert!(passes_cursor_filter_with_ts(1, old_ts, &cursor)); assert!(passes_cursor_filter_with_ts(1, old_ts, &cursor));
} }
#[test]
fn batch_mr_label_insert_deduplicates_ids() {
let conn = setup_link_tables();
let tx = conn.unchecked_transaction().unwrap();
insert_mr_labels_batch_tx(&tx, 99, &[5, 2, 5, 1]).unwrap();
tx.commit().unwrap();
let ids: Vec<i64> = conn
.prepare("SELECT label_id FROM mr_labels WHERE merge_request_id = 99 ORDER BY label_id")
.unwrap()
.query_map([], |row| row.get(0))
.unwrap()
.collect::<std::result::Result<Vec<_>, _>>()
.unwrap();
assert_eq!(ids, vec![1, 2, 5]);
}
#[test]
fn batch_mr_assignee_and_reviewer_insert_deduplicates_usernames() {
let conn = setup_link_tables();
let tx = conn.unchecked_transaction().unwrap();
let users = vec!["alice".to_string(), "bob".to_string(), "alice".to_string()];
insert_mr_assignees_batch_tx(&tx, 33, &users).unwrap();
insert_mr_reviewers_batch_tx(&tx, 33, &users).unwrap();
tx.commit().unwrap();
let assignees: Vec<String> = conn
.prepare(
"SELECT username FROM mr_assignees WHERE merge_request_id = 33 ORDER BY username",
)
.unwrap()
.query_map([], |row| row.get(0))
.unwrap()
.collect::<std::result::Result<Vec<_>, _>>()
.unwrap();
let reviewers: Vec<String> = conn
.prepare(
"SELECT username FROM mr_reviewers WHERE merge_request_id = 33 ORDER BY username",
)
.unwrap()
.query_map([], |row| row.get(0))
.unwrap()
.collect::<std::result::Result<Vec<_>, _>>()
.unwrap();
assert_eq!(assignees, vec!["alice", "bob"]);
assert_eq!(reviewers, vec!["alice", "bob"]);
}
#[test]
fn batch_mr_links_handle_multiple_chunks() {
let conn = setup_link_tables();
let tx = conn.unchecked_transaction().unwrap();
let mut label_ids: Vec<i64> = (0..(BATCH_LINK_ROWS_MAX as i64 + 3))
.map(|idx| idx + 100)
.collect();
label_ids.push(100);
let mut users: Vec<String> = (0..(BATCH_LINK_ROWS_MAX + 5))
.map(|idx| format!("user-{idx}"))
.collect();
users.push("user-0".to_string());
insert_mr_labels_batch_tx(&tx, 77, &label_ids).unwrap();
insert_mr_assignees_batch_tx(&tx, 77, &users).unwrap();
insert_mr_reviewers_batch_tx(&tx, 77, &users).unwrap();
tx.commit().unwrap();
let label_count: i64 = conn
.query_row(
"SELECT COUNT(*) FROM mr_labels WHERE merge_request_id = 77",
[],
|row| row.get(0),
)
.unwrap();
let assignee_count: i64 = conn
.query_row(
"SELECT COUNT(*) FROM mr_assignees WHERE merge_request_id = 77",
[],
|row| row.get(0),
)
.unwrap();
let reviewer_count: i64 = conn
.query_row(
"SELECT COUNT(*) FROM mr_reviewers WHERE merge_request_id = 77",
[],
|row| row.get(0),
)
.unwrap();
assert_eq!(label_count, BATCH_LINK_ROWS_MAX as i64 + 3);
assert_eq!(assignee_count, (BATCH_LINK_ROWS_MAX + 5) as i64);
assert_eq!(reviewer_count, (BATCH_LINK_ROWS_MAX + 5) as i64);
}
} }

110
src/main.rs
View File

@@ -1,3 +1,5 @@
#![recursion_limit = "256"]
use clap::Parser; use clap::Parser;
use dialoguer::{Confirm, Input}; use dialoguer::{Confirm, Input};
use serde::Serialize; use serde::Serialize;
@@ -606,6 +608,38 @@ fn handle_clap_error(e: clap::Error, robot_mode: bool, corrections: &CorrectionR
}); });
(suggestion, None, vals_vec) (suggestion, None, vals_vec)
} }
ErrorKind::MissingRequiredArgument => {
let suggestion = format!(
"A required argument is missing. {}",
if let Some(subcmd) = extract_subcommand_from_context(&e) {
format!(
"Example: {}. Run 'lore {subcmd} --help' for required arguments",
command_example(&subcmd)
)
} else {
"Run 'lore robot-docs' for command reference".to_string()
}
);
(suggestion, None, None)
}
ErrorKind::MissingSubcommand => {
let suggestion =
"No command specified. Common commands: issues, mrs, search, sync, \
timeline, who, me. Run 'lore robot-docs' for the full list"
.to_string();
(suggestion, None, None)
}
ErrorKind::TooFewValues | ErrorKind::TooManyValues => {
let suggestion = if let Some(subcmd) = extract_subcommand_from_context(&e) {
format!(
"Example: {}. Run 'lore {subcmd} --help' for usage",
command_example(&subcmd)
)
} else {
"Run 'lore robot-docs' for command reference".to_string()
};
(suggestion, None, None)
}
_ => ( _ => (
"Run 'lore robot-docs' for valid commands".to_string(), "Run 'lore robot-docs' for valid commands".to_string(),
None, None,
@@ -720,6 +754,45 @@ fn extract_invalid_value_context(e: &clap::Error) -> (Option<String>, Option<Vec
(flag, valid_values) (flag, valid_values)
} }
/// Extract the subcommand context from a clap error for better suggestions.
/// Looks at the error message to find which command was being invoked.
fn extract_subcommand_from_context(e: &clap::Error) -> Option<String> {
let msg = e.to_string();
let known = [
"issues",
"mrs",
"notes",
"search",
"sync",
"ingest",
"count",
"status",
"auth",
"doctor",
"stats",
"timeline",
"who",
"me",
"drift",
"related",
"trace",
"file-history",
"generate-docs",
"embed",
"token",
"cron",
"init",
"migrate",
];
for cmd in known {
if msg.contains(&format!("lore {cmd}")) || msg.contains(&format!("'{cmd}'")) {
return Some(cmd.to_string());
}
}
None
}
/// Phase 4: Suggest similar command using fuzzy matching /// Phase 4: Suggest similar command using fuzzy matching
fn suggest_similar_command(invalid: &str) -> String { fn suggest_similar_command(invalid: &str) -> String {
// Primary commands + common aliases for fuzzy matching // Primary commands + common aliases for fuzzy matching
@@ -755,6 +828,15 @@ fn suggest_similar_command(invalid: &str) -> String {
("drift", "drift"), ("drift", "drift"),
("file-history", "file-history"), ("file-history", "file-history"),
("trace", "trace"), ("trace", "trace"),
("related", "related"),
("me", "me"),
("token", "token"),
("cron", "cron"),
// Hidden but may be known to agents
("list", "list"),
("show", "show"),
("reset", "reset"),
("backup", "backup"),
]; ];
let invalid_lower = invalid.to_lowercase(); let invalid_lower = invalid.to_lowercase();
@@ -798,6 +880,16 @@ fn command_example(cmd: &str) -> &'static str {
"robot-docs" => "lore robot-docs", "robot-docs" => "lore robot-docs",
"trace" => "lore --robot trace src/main.rs", "trace" => "lore --robot trace src/main.rs",
"init" => "lore init", "init" => "lore init",
"related" => "lore --robot related issues 42 -n 5",
"me" => "lore --robot me",
"drift" => "lore --robot drift issues 42",
"file-history" => "lore --robot file-history src/main.rs",
"token" => "lore --robot token show",
"cron" => "lore --robot cron status",
"auth" => "lore --robot auth",
"doctor" => "lore --robot doctor",
"migrate" => "lore --robot migrate",
"completions" => "lore completions bash",
_ => "lore --robot <command>", _ => "lore --robot <command>",
} }
} }
@@ -3186,31 +3278,33 @@ fn handle_robot_docs(robot_mode: bool, brief: bool) -> Result<(), Box<dyn std::e
} }
}, },
"me": { "me": {
"description": "Personal work dashboard: open issues, authored/reviewing MRs, activity feed, and cursor-based since-last-check inbox with computed attention states", "description": "Personal work dashboard: open issues, authored/reviewing MRs, @mentioned-in items, activity feed, and cursor-based since-last-check inbox with computed attention states",
"flags": ["--issues", "--mrs", "--activity", "--since <period>", "-p/--project <path>", "--all", "--user <username>", "--fields <list|minimal>", "--reset-cursor"], "flags": ["--issues", "--mrs", "--mentions", "--activity", "--since <period>", "-p/--project <path>", "--all", "--user <username>", "--fields <list|minimal>", "--reset-cursor"],
"example": "lore --robot me", "example": "lore --robot me",
"response_schema": { "response_schema": {
"ok": "bool", "ok": "bool",
"data": { "data": {
"username": "string", "username": "string",
"since_iso": "string?", "since_iso": "string?",
"summary": {"project_count": "int", "open_issue_count": "int", "authored_mr_count": "int", "reviewing_mr_count": "int", "needs_attention_count": "int"}, "summary": {"project_count": "int", "open_issue_count": "int", "authored_mr_count": "int", "reviewing_mr_count": "int", "mentioned_in_count": "int", "needs_attention_count": "int"},
"since_last_check": "{cursor_iso:string, total_event_count:int, groups:[{entity_type:string, entity_iid:int, entity_title:string, project:string, events:[{timestamp_iso:string, event_type:string, actor:string?, summary:string, body_preview:string?}]}]}?", "since_last_check": "{cursor_iso:string, total_event_count:int, groups:[{entity_type:string, entity_iid:int, entity_title:string, project:string, events:[{timestamp_iso:string, event_type:string, actor:string?, summary:string, body_preview:string?}]}]}?",
"open_issues": "[{project:string, iid:int, title:string, state:string, attention_state:string, status_name:string?, labels:[string], updated_at_iso:string, web_url:string?}]", "open_issues": "[{project:string, iid:int, title:string, state:string, attention_state:string, attention_reason:string, status_name:string?, labels:[string], updated_at_iso:string, web_url:string?}]",
"open_mrs_authored": "[{project:string, iid:int, title:string, state:string, attention_state:string, draft:bool, detailed_merge_status:string?, author_username:string?, labels:[string], updated_at_iso:string, web_url:string?}]", "open_mrs_authored": "[{project:string, iid:int, title:string, state:string, attention_state:string, attention_reason:string, draft:bool, detailed_merge_status:string?, author_username:string?, labels:[string], updated_at_iso:string, web_url:string?}]",
"reviewing_mrs": "[same as open_mrs_authored]", "reviewing_mrs": "[same as open_mrs_authored]",
"mentioned_in": "[{entity_type:string, project:string, iid:int, title:string, state:string, attention_state:string, attention_reason:string, updated_at_iso:string, web_url:string?}]",
"activity": "[{timestamp_iso:string, event_type:string, entity_type:string, entity_iid:int, project:string, actor:string?, is_own:bool, summary:string, body_preview:string?}]" "activity": "[{timestamp_iso:string, event_type:string, entity_type:string, entity_iid:int, project:string, actor:string?, is_own:bool, summary:string, body_preview:string?}]"
}, },
"meta": {"elapsed_ms": "int"} "meta": {"elapsed_ms": "int"}
}, },
"fields_presets": { "fields_presets": {
"me_items_minimal": ["iid", "title", "attention_state", "updated_at_iso"], "me_items_minimal": ["iid", "title", "attention_state", "attention_reason", "updated_at_iso"],
"me_mentions_minimal": ["entity_type", "iid", "title", "state", "attention_state", "attention_reason", "updated_at_iso"],
"me_activity_minimal": ["timestamp_iso", "event_type", "entity_iid", "actor"] "me_activity_minimal": ["timestamp_iso", "event_type", "entity_iid", "actor"]
}, },
"notes": { "notes": {
"attention_states": "needs_attention | not_started | awaiting_response | stale | not_ready", "attention_states": "needs_attention | not_started | awaiting_response | stale | not_ready",
"event_types": "note | status_change | label_change | assign | unassign | review_request | milestone_change", "event_types": "note | status_change | label_change | assign | unassign | review_request | milestone_change",
"section_flags": "If none of --issues/--mrs/--activity specified, all sections returned", "section_flags": "If none of --issues/--mrs/--mentions/--activity specified, all sections returned",
"since_default": "1d for activity feed", "since_default": "1d for activity feed",
"issue_filter": "Only In Progress / In Review status issues shown", "issue_filter": "Only In Progress / In Review status issues shown",
"since_last_check": "Cursor-based inbox showing events since last run. Null on first run (no cursor yet). Groups events by entity (issue/MR). Sources: others' comments on your items, @mentions, assignment/review-request notes. Cursor auto-advances after each run. Use --reset-cursor to clear.", "since_last_check": "Cursor-based inbox showing events since last run. Null on first run (no cursor yet). Groups events by entity (issue/MR). Sources: others' comments on your items, @mentions, assignment/review-request notes. Cursor auto-advances after each run. Use --reset-cursor to clear.",
@@ -3372,6 +3466,8 @@ fn handle_robot_docs(robot_mode: bool, brief: bool) -> Result<(), Box<dyn std::e
{"type": "flag_prefix", "example": "--proj -> --project (when unambiguous)", "mode": "all"}, {"type": "flag_prefix", "example": "--proj -> --project (when unambiguous)", "mode": "all"},
{"type": "fuzzy_flag", "example": "--projct -> --project", "mode": "all (threshold 0.9 in robot, 0.8 in human)"}, {"type": "fuzzy_flag", "example": "--projct -> --project", "mode": "all (threshold 0.9 in robot, 0.8 in human)"},
{"type": "subcommand_alias", "example": "merge_requests -> mrs, robotdocs -> robot-docs", "mode": "all"}, {"type": "subcommand_alias", "example": "merge_requests -> mrs, robotdocs -> robot-docs", "mode": "all"},
{"type": "subcommand_fuzzy", "example": "issuess -> issues, timline -> timeline, serach -> search", "mode": "all (threshold 0.85)"},
{"type": "flag_as_subcommand", "example": "--robot-docs -> robot-docs, --generate-docs -> generate-docs", "mode": "all"},
{"type": "value_normalization", "example": "--state Opened -> --state opened", "mode": "all"}, {"type": "value_normalization", "example": "--state Opened -> --state opened", "mode": "all"},
{"type": "value_fuzzy", "example": "--state opend -> --state opened", "mode": "all"}, {"type": "value_fuzzy", "example": "--state opend -> --state opened", "mode": "all"},
{"type": "prefix_matching", "example": "lore iss -> lore issues, lore time -> lore timeline", "mode": "all (via clap infer_subcommands)"} {"type": "prefix_matching", "example": "lore iss -> lore issues, lore time -> lore timeline", "mode": "all (via clap infer_subcommands)"}

141
tests/perf_benchmark.rs
View File

@@ -54,6 +54,11 @@ fn setup_db() -> Connection {
label_id INTEGER NOT NULL REFERENCES labels(id), label_id INTEGER NOT NULL REFERENCES labels(id),
PRIMARY KEY(issue_id, label_id) PRIMARY KEY(issue_id, label_id)
); );
CREATE TABLE issue_assignees (
issue_id INTEGER NOT NULL REFERENCES issues(id),
username TEXT NOT NULL,
PRIMARY KEY(issue_id, username)
);
CREATE TABLE documents ( CREATE TABLE documents (
id INTEGER PRIMARY KEY, id INTEGER PRIMARY KEY,
@@ -145,6 +150,55 @@ fn insert_labels_batch(conn: &Connection, doc_id: i64, labels: &[&str]) {
} }
} }
/// Simulate OLD ingestion approach: individual INSERT per assignee.
fn insert_issue_assignees_individual(conn: &Connection, issue_id: i64, usernames: &[&str]) {
conn.execute(
"DELETE FROM issue_assignees WHERE issue_id = ?1",
[issue_id],
)
.unwrap();
for username in usernames {
conn.execute(
"INSERT OR IGNORE INTO issue_assignees (issue_id, username) VALUES (?1, ?2)",
rusqlite::params![issue_id, username],
)
.unwrap();
}
}
/// Simulate NEW ingestion approach: chunked batch INSERTs.
fn insert_issue_assignees_batch(conn: &Connection, issue_id: i64, usernames: &[&str]) {
conn.execute(
"DELETE FROM issue_assignees WHERE issue_id = ?1",
[issue_id],
)
.unwrap();
if usernames.is_empty() {
return;
}
const BATCH_ROWS_MAX: usize = 400;
for chunk in usernames.chunks(BATCH_ROWS_MAX) {
let placeholders = (0..chunk.len())
.map(|idx| format!("(?1, ?{})", idx + 2))
.collect::<Vec<_>>()
.join(", ");
let sql = format!(
"INSERT OR IGNORE INTO issue_assignees (issue_id, username) VALUES {}",
placeholders
);
let mut params: Vec<&dyn rusqlite::types::ToSql> = Vec::with_capacity(chunk.len() + 1);
params.push(&issue_id);
for username in chunk {
params.push(username);
}
conn.execute(&sql, params.as_slice()).unwrap();
}
}
/// Simulate OLD string building: format! + push_str /// Simulate OLD string building: format! + push_str
fn build_content_old( fn build_content_old(
iid: i64, iid: i64,
@@ -197,6 +251,22 @@ const LABEL_SETS: &[&[&str]] = &[
], ],
]; ];
const ASSIGNEE_SETS: &[&[&str]] = &[
&["alice", "bob", "carol", "dave", "eve", "alice", "bob"],
&[
"frontend1",
"frontend2",
"frontend3",
"frontend4",
"frontend5",
],
&["ops1", "ops2", "ops3", "ops1"],
&["writer1", "writer2"],
&[
"oncall1", "oncall2", "oncall3", "oncall4", "oncall5", "oncall6",
],
];
#[test] #[test]
fn bench_label_insert_individual_vs_batch() { fn bench_label_insert_individual_vs_batch() {
let conn = setup_db(); let conn = setup_db();
@@ -273,6 +343,77 @@ fn bench_label_insert_individual_vs_batch() {
); );
} }
#[test]
fn bench_issue_assignee_insert_individual_vs_batch() {
let conn = setup_db();
conn.execute(
"INSERT INTO issues (id, gitlab_id, project_id, iid, title, state, created_at, updated_at, last_seen_at)
VALUES (2, 20, 1, 43, 'Assignee Issue', 'opened', 1000, 2000, 3000)",
[],
)
.unwrap();
let iterations = 20_000;
// Warm up
for users in ASSIGNEE_SETS {
insert_issue_assignees_individual(&conn, 2, users);
insert_issue_assignees_batch(&conn, 2, users);
}
// Benchmark OLD
let start = Instant::now();
for i in 0..iterations {
let users = ASSIGNEE_SETS[i % ASSIGNEE_SETS.len()];
insert_issue_assignees_individual(&conn, 2, users);
}
let old_elapsed = start.elapsed();
// Benchmark NEW
let start = Instant::now();
for i in 0..iterations {
let users = ASSIGNEE_SETS[i % ASSIGNEE_SETS.len()];
insert_issue_assignees_batch(&conn, 2, users);
}
let new_elapsed = start.elapsed();
let speedup = old_elapsed.as_nanos() as f64 / new_elapsed.as_nanos() as f64;
println!(
"\n=== Issue Assignee INSERT Benchmark ({} iterations) ===",
iterations
);
println!("Individual INSERTs: {:?}", old_elapsed);
println!("Batch INSERT: {:?}", new_elapsed);
println!("Speedup: {:.2}x", speedup);
println!();
// Verify correctness: both approaches produce identical rows.
insert_issue_assignees_individual(&conn, 2, &["alice", "bob", "alice", "carol"]);
let old_rows: Vec<String> = conn
.prepare("SELECT username FROM issue_assignees WHERE issue_id = 2 ORDER BY username")
.unwrap()
.query_map([], |row| row.get(0))
.unwrap()
.collect::<std::result::Result<Vec<_>, _>>()
.unwrap();
insert_issue_assignees_batch(&conn, 2, &["alice", "bob", "alice", "carol"]);
let new_rows: Vec<String> = conn
.prepare("SELECT username FROM issue_assignees WHERE issue_id = 2 ORDER BY username")
.unwrap()
.query_map([], |row| row.get(0))
.unwrap()
.collect::<std::result::Result<Vec<_>, _>>()
.unwrap();
assert_eq!(
old_rows, new_rows,
"Both approaches must produce identical rows"
);
}
#[test] #[test]
fn bench_string_building_old_vs_new() { fn bench_string_building_old_vs_new() {
let iterations = 50_000; let iterations = 50_000;