Conversation
Recovers the two remaining trust-signal files from 5c6db97 onto the current branch: - SECURITY.md: private disclosure email, response timeline (72h ack, 1 week assessment, 30 day fix), scope (runtime server only), supported versions table - .github/ISSUE_TEMPLATE/config.yml: enables template picker, adds docs + discussions contact links These were the last two gaps identified in the launch-day trust-signal audit. All contributor-surface artifacts are now present. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The release workflow built the Docker image but never started it, so runtime failures (provider misconfiguration, broken DB connection, missing env vars, startup crashes) would pass CI and ship in a tagged release. Added `npm run test:docker-smoke` between the Docker build and GitHub Release steps. The smoke test script (scripts/docker-smoke-test.sh) runs 8 test groups against the real compose stack: health, provider reachability, DB connectivity, ingest, search, cleanup, and input validation. Fully hermetic — the smoke compose overlay uses EMBEDDING_PROVIDER= transformers (local WASM, no external API calls). Self-contained Postgres via docker-compose.yml, no conflict with the workflow's service container. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The Docker smoke step added in bf76ff1 would have failed on first tag push because docker-compose.yml declares env_file: .env, but CI has no .env file. Verified locally with `docker compose config`: Before: "env file /path/to/.env not found" After: exits 0, config resolves cleanly The smoke overlay (docker-compose.smoke.yml) sets its own EMBEDDING_PROVIDER=transformers, EMBEDDING_DIMENSIONS=384, etc., which override whatever is in .env. The placeholder .env just needs to exist to satisfy the env_file directive — .env.example's content doesn't affect smoke test behavior. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
README no longer carries the "Not production-hardened yet — alpha quality, evolving API" caveat. Core now stands on its launch-ready trust signals (CI, tests, release harness, SECURITY.md) rather than pre-announcing its own instability. CONTRIBUTING loses the "What Belongs Here vs Research" section. The repository-boundary question is now covered by the ADR in atomicmemory-research (adr-core-vs-research-boundary-2026-04-15) and no longer needs to live inline in the contributor guide. PROVENANCE.md is removed. Extraction history is captured in the extraction plan and ADR in research; duplicating it in core creates a second source of truth that has to be kept in sync.
Core's schema.sql was dropping every table on every app startup, so any container restart wiped the database. Ports the idempotent-DDL fix that already landed on atomicmemory-research `main` (e333ccc). Changes: - schema.sql: remove all 16 `DROP TABLE IF EXISTS` statements - schema.sql: convert every `CREATE TABLE` → `CREATE TABLE IF NOT EXISTS` (17 occurrences) and every `CREATE INDEX` → `CREATE INDEX IF NOT EXISTS` (44 occurrences) - schema.sql: update header comment to state idempotency contract and flag that new columns on existing tables need explicit ALTER TABLE statements - migrate.ts: relax `stripVectorIndexes` regex so it matches both `CREATE INDEX` and `CREATE INDEX IF NOT EXISTS` forms (ports abb5b82 from research) Tradeoff noted: this makes re-running `schema.sql` a no-op on existing tables. Any future column-type change (e.g. a TEXT → UUID migration) must now be expressed as an ALTER TABLE block, since the `IF NOT EXISTS` guard silently skips the column spec when the table already exists. Pre-commit checks: tsc clean, fallow 0 above threshold (maintainability 90.9), 869/869 tests pass. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
ethanj
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Repo polish — idempotent schema, SECURITY.md, Docker smoke in release, docs cleanup
Overview
Closes out the launch-readiness audit by landing the last trust-signal files,
hardening the release workflow so tagged releases can't ship a broken Docker
image, porting an idempotent-DDL fix from
atomicmemory-researchso coredoesn't silently drop user data on every container restart, and tightening
the repo's docs surface now that core stands on its own.
Key Features
🔒 Security & Contributor Surface
(72h acknowledgment, 1 week assessment, 30 day fix best-effort), scope
limited to the runtime server, supported versions table.
.github/ISSUE_TEMPLATE/config.ymlenables thetemplate picker and adds Docs + Discussions contact links so drive-by
visitors see the community surface before filing issues.
💾 Idempotent Schema Migration (data-loss fix)
schema.sqlwas dropping every table on every app startup, so anycontainer restart wiped the database. This was the same bug
atomicmemory-researchfixed ine333ccc; core hadn't received the port.schema.sqlis now idempotent:DROP TABLE IF EXISTS …statements.CREATE TABLE→CREATE TABLE IF NOT EXISTS.CREATE INDEX→CREATE INDEX IF NOT EXISTS.ALTER-TABLE caveat for future column changes.
migrate.ts:stripVectorIndexesregex now matches bothCREATE INDEXandCREATE INDEX IF NOT EXISTSforms (portsabb5b82from research).
schema.sqlis now a no-op on existing tables.Any future column-type change (e.g. a TEXT → UUID migration) has to be
expressed as an explicit
ALTER TABLEblock — a plain column definitioninside
CREATE TABLE IF NOT EXISTSgets silently skipped when the tablealready exists.
🔧 Release Workflow Hardening
release.ymlnow runsnpm run test:docker-smokebetween the image build and the GitHub Releasestep. Eight test groups (health, provider, DB, ingest, search, cleanup,
input validation) run against the real compose stack using the local-WASM
transformersprovider — fully hermetic, no external API calls..envplaceholder fix:docker-compose.ymldeclaresenv_file: .env,which CI doesn't have. Workflow now copies
.env.example → .envbefore thesmoke step so compose config resolves. The smoke overlay still sets its own
env vars, so the placeholder content doesn't affect behavior.
📝 Docs Cleanup
Core now stands on its launch-ready trust signals (CI, tests, release
harness, SECURITY.md) rather than pre-announcing its own instability.
section. Repository-boundary rules live in the
adr-core-vs-research-boundary-2026-04-15ADR inatomicmemory-research/docs/core-repo/; duplicating them in CONTRIBUTINGcreated two sources of truth.
plan + ADR in research. A separate PROVENANCE file in core only added
sync overhead.
Implementation Details
New Files
SECURITY.md— private disclosure policy.github/ISSUE_TEMPLATE/config.yml— template picker + contact linksModified Files
src/db/schema.sql— idempotent DDL; no drops;IF NOT EXISTSon everyCREATE; updated header
src/db/migrate.ts—stripVectorIndexesregex handles both CREATE INDEXforms
.github/workflows/release.yml— add Docker smoke test step and.envplaceholder setup
README.md— drop alpha caveat lineCONTRIBUTING.md— drop "What Belongs Here vs Research" sectionRemoved Files
PROVENANCE.md— consolidated into research-repo ADR + extraction planCode Quality
Metrics
Pre-commit Checks
npx tsc --noEmit— cleanfallow --no-cache— 0 above threshold, maintainability 90.9 (good)npm test— 869 / 869 tests pass (79 test files)Testing
(previously would have failed at the new smoke step without the
.envplaceholder fix).
with Docs + Discussions contact links.
security@atomicmemory.aimailbox is actually monitored before announcing publicly.
memories, stop the container, start it again, confirm memories survive.
Previously this was a guaranteed data-wipe.
Deployment Note — schema change
This PR changes
schema.sqlfrom drop-and-recreate to idempotentIF NOT EXISTS. There is no runtime action required to apply the fix —the next
pnpm migrate(or app startup) will simply stop dropping tables.Existing deployments will keep their data from this point forward.
However: this PR does not migrate any column types or add new columns
on existing tables. If you need to apply such a change in the future, write
an explicit
ALTER TABLEblock (for example, inside aDO $$ BEGIN IF NOT EXISTS … END $$guard) — theIF NOT EXISTSguard silently skips newcolumn definitions inside
CREATE TABLEwhen the table already exists.Checklist
stripVectorIndexeshandles bothCREATE INDEXformsboundary section, no redundant PROVENANCE)
🤖 Generated with Claude Code