Skip to content

Commit 156960a

Browse files
bug-opsbug-ops
authored
feat: architecture improvements, performance optimizations, security hardening (M24) (#417)
* feat: architecture improvements, performance optimizations, security hardening (M24) Extract ProviderKind enum replacing stringly-typed provider selection. Group Agent loose fields into RuntimeConfig struct. Consolidate provider construction via shared create_named_provider. Add AnyProvider::embed_fn() eliminating duplicate closures. Move AnyChannel to zeph-channels crate. Trim default features to minimal set (qdrant, self-learning, vault-age). Performance: String::with_capacity in context loops, buffer_unordered(20), embedding timeout wrappers, inline cosine_similarity. Security: reject empty Telegram allowed_users, Config::validate() with bounds checking, sanitize_paths() for error message path disclosure. Resolves #392, #394, #395, #396, #397, #399, #401, #403, #404, #405, #408, #409, #412, #415, #416 * fix: update integration test for ProviderKind enum Replace string comparison with ProviderKind::Ollama in config defaults test. * docs: update documentation, changelog, and readme for M24 Update feature-flags, configuration, channels, architecture, and security docs to reflect ProviderKind enum, minimal default features, Telegram auth guard, config validation, and path sanitization. Add doc tests step to CI workflow. Update CHANGELOG.md with Unreleased section for M24 changes. Update README.md with new feature flags and architecture notes.
1 parent 0b8825f commit 156960a

File tree

26 files changed

+627
-429
lines changed

26 files changed

+627
-429
lines changed

.github/workflows/ci.yml

Lines changed: 9 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ jobs:
4444
cache-targets: "false"
4545
- uses: mozilla-actions/sccache-action@v0.0.9
4646
- name: Clippy
47-
run: cargo clippy --workspace -- -D warnings
47+
run: cargo clippy --workspace --features full -- -D warnings
4848
env:
4949
RUSTC_WRAPPER: sccache
5050
SCCACHE_GHA_ENABLED: "true"
@@ -67,7 +67,12 @@ jobs:
6767
- uses: mozilla-actions/sccache-action@v0.0.9
6868
- uses: taiki-e/install-action@nextest
6969
- name: Run tests
70-
run: cargo nextest run --workspace --lib --bins
70+
run: cargo nextest run --workspace --features full --lib --bins
71+
env:
72+
RUSTC_WRAPPER: sccache
73+
SCCACHE_GHA_ENABLED: "true"
74+
- name: Run doc tests
75+
run: cargo test --workspace --features full --doc
7176
env:
7277
RUSTC_WRAPPER: sccache
7378
SCCACHE_GHA_ENABLED: "true"
@@ -86,7 +91,7 @@ jobs:
8691
- uses: mozilla-actions/sccache-action@v0.0.9
8792
- uses: taiki-e/install-action@nextest
8893
- name: Run integration tests (testcontainers)
89-
run: cargo nextest run --workspace --profile ci --test '*integration*'
94+
run: cargo nextest run --workspace --features full --profile ci --test '*integration*'
9095
env:
9196
RUSTC_WRAPPER: sccache
9297
SCCACHE_GHA_ENABLED: "true"
@@ -106,7 +111,7 @@ jobs:
106111
- uses: taiki-e/install-action@cargo-llvm-cov
107112
- uses: taiki-e/install-action@nextest
108113
- name: Generate coverage
109-
run: cargo llvm-cov nextest --workspace --lib --bins --lcov --output-path lcov.info
114+
run: cargo llvm-cov nextest --workspace --features full --lib --bins --lcov --output-path lcov.info
110115
env:
111116
RUSTC_WRAPPER: sccache
112117
SCCACHE_GHA_ENABLED: "true"

CHANGELOG.md

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,34 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
66

77
## [Unreleased]
88

9+
### Added
10+
- `ProviderKind` enum for type-safe provider selection in config
11+
- `RuntimeConfig` struct grouping agent runtime fields
12+
- `AnyProvider::embed_fn()` shared embedding closure helper
13+
- `Config::validate()` with bounds checking for critical config values
14+
- `sanitize_paths()` for stripping absolute paths from error messages
15+
- 10-second timeout wrapper for embedding API calls
16+
- `full` feature flag enabling all optional features
17+
18+
### Changed
19+
- `AnyChannel` moved from main.rs to zeph-channels crate
20+
- Default features reduced to minimal set (qdrant, self-learning, vault-age, compatible, index)
21+
- Skill matcher concurrency reduced from 50 to 20
22+
- `String::with_capacity` in context building loops
23+
- CI updated to use `--features full`
24+
25+
### Breaking
26+
- `LlmConfig.provider` changed from `String` to `ProviderKind` enum
27+
- Default features reduced -- users needing a2a, candle, mcp, openai, orchestrator, router, tui must enable explicitly or use `--features full`
28+
- Telegram channel rejects empty `allowed_users` at startup
29+
- Config with extreme values now rejected by `Config::validate()`
30+
31+
### Deprecated
32+
- `ToolExecutor::execute()` string-based dispatch (use `execute_tool_call()` instead)
33+
34+
### Fixed
35+
- Closed #410 (clap dropped atty), #411 (rmcp updated quinn-udp), #413 (A2A body limit already present)
36+
937
## [0.9.9] - 2026-02-17
1038

1139
### Added

0 commit comments

Comments
 (0)