Skip to content

Agents#148

Draft
AnthonyRonning wants to merge 34 commits into
masterfrom
agents
Draft

Agents#148
AnthonyRonning wants to merge 34 commits into
masterfrom
agents

Conversation

@AnthonyRonning

Copy link
Copy Markdown
Contributor

No description provided.

@coderabbitai

coderabbitai Bot commented Feb 23, 2026

Copy link
Copy Markdown

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 4f4e4d15-5e26-4f4b-813c-294cae37812c

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch agents

Comment @coderabbitai help to get the list of available commands and usage tips.

user_id UUID NOT NULL REFERENCES users(uuid) ON DELETE CASCADE,

label TEXT NOT NULL,
description TEXT,

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think we need to persist description here. Probably best it is hardcoded into the code in case we need to configure this later

label TEXT NOT NULL,
description TEXT,
value_enc BYTEA NOT NULL,
char_limit INTEGER NOT NULL DEFAULT 5000,

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we need to enforce char_limit at the db layer or allow it to be configured? another case for this just being hard coded.

conversation_id BIGINT REFERENCES conversations(id) ON DELETE SET NULL,

enabled BOOLEAN NOT NULL DEFAULT FALSE,
model TEXT NOT NULL DEFAULT 'kimi-k2-5',

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

remove kimi default from sql layer, we should always pass this in

@AnthonyRonning

Copy link
Copy Markdown
Contributor Author

Latest status after a full review of the branch diff against origin/master (not just the latest commit):

Readiness

Yes, with caveats for a dev-server deploy.

I think the branch is architecturally sound enough for dev and is broadly the right long-term direction. I would not call it prod-ready yet, but I also do not think the core Sage-in-Maple model is likely to be rewritten again.

Scope reviewed

  • 19 commits ahead of origin/master
  • 34 files changed
  • roughly +10.2k / -295

Main buckets:

  • RAG foundation / encrypted embedding storage and search
  • explicit agent system (agents, memory_blocks, conversation_summaries)
  • DSRS-backed runtime, SSE loop, typing events, vision preprocessing
  • main agent + subagents + shared memory model
  • conversation integration (hide main agent, show subagents)
  • dev-only reset/delete and agent history APIs

What feels stable / foundational

These look like the right long-term decisions and likely won't change much:

  • explicit agents table
  • 1 main agent + many subagents
  • one conversation per agent
  • shared per-user memory / recall
  • per-thread summaries
  • separate agent runtime from Responses runtime
  • hide the main agent from generic conversation lists while keeping subagents visible
  • prompts/models/tuning owned by code rather than user config rows

Main caveats before dev deploy

  1. Shared recall looks only partially landed
    I did not find a clear Responses-path auto-embedding flow into user_embeddings, so the intended “main agent + subagents + Responses threads share recall” story does not look fully complete yet.

  2. Main-agent reset semantics may still be incomplete
    DELETE /v1/agent resets conversations and memory blocks, but it does not appear to clear archival embeddings. That may be fine, but it should be an intentional product choice.

  3. Agent-specific test coverage is still light
    The repo validates cleanly overall, but the new agent surface would benefit from stronger end-to-end coverage around bootstrap/chat/list/reset behavior.

  4. Dev deploy plumbing still has one real caveat
    nix build .#default --dry-run is fine, but nix build .#eif-dev --dry-run currently fails because nitro-toolkit/traffic_forwarder.py is missing in the flake source path.

Bottom line

My current view is:

  • good enough for dev server
  • not prod ready yet
  • core architecture looks durable
  • most remaining work looks like integration/polish/testing/operational cleanup, not a likely re-think of the main-agent/subagent/shared-memory design

If we keep this direction, the next highest-value items look like:

  • finish shared recall ingestion from the Responses path (if that is still the intended product model)
  • clarify reset semantics around archival memory
  • add stronger agent integration coverage
  • fix the #eif-dev build path

@AnthonyRonning

AnthonyRonning commented Mar 8, 2026

Copy link
Copy Markdown
Contributor Author

Pushed the latest backend/docs update in 1f3d36e.

I think the next follow-up work should be:

  1. Fix the remaining cross-user device ownership leak: do not transfer an existing push_devices row across users, and add a worker-side guard that rejects any notification_event.user_id != push_device.user_id mismatch before send.
  2. Make temporary FCM OAuth token-exchange failures retryable instead of permanently failing Android deliveries.
  3. Add targeted tests for push registration ownership transitions, worker delivery state transitions, and APNs/FCM error classification/request shape.
  4. Clean up small contract drift (collapse_key example in docs, and clarifying that encrypted_preview_enabled controls sending the encrypted preview envelope, not falling back to plaintext content).
  5. After that, circle back to the Android encrypted-preview path as a separate follow-up rather than blocking these core server-side correctness fixes.

For the current privacy bar, I do not think the remaining provider-visible routing metadata is a blocker so long as plaintext assistant content never leaves the enclave or gets placed in the provider-visible notification shell.

AnthonyRonning and others added 18 commits April 4, 2026 14:48
Enables encrypted user embedding storage + cosine search with experimental /v1/rag endpoints for local/dev testing.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Use Sage's 20k default char_limit and reject oversized updates via /v1/agent/memory/blocks/:label.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Restructure agent chat to emit messages per-step via SSE instead of
batching all messages into a single JSON response. This mirrors Sage's
Signal delivery pattern: messages are sent immediately as produced,
persisted synchronously (so the next step sees them in context), and
embeddings update async.

- Split process_message into prepare() + public step() so the handler
  drives the loop
- Chat handler emits agent.message, agent.done, agent.error SSE events
- Persistence moved from runtime to handler (send first, store sync,
  embed async)
- Added ExecutedTool to carry tool results for handler-side persistence
- Updated sage-in-maple doc to reflect conversations API isolation done

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Sage uses kimi-k2 as the default model with a 256k context window.
The agent config was incorrectly defaulting to deepseek-r1-0528 with
100k context. Fixed in both the runtime code and the migration SQL.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
The get_or_create_agent_config helper in mod.rs still had the old
deepseek-r1-0528 / 100k defaults. Extracted DEFAULT_MODEL,
DEFAULT_CONTEXT_WINDOW, DEFAULT_COMPACTION_THRESHOLD as pub constants
in runtime.rs and use them from both creation sites.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Adds encrypted attachment_text storage and a vision pre-step for input_image so agents and embeddings see [Uploaded Image: ...] descriptions.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Use custom rustPlatform from rust-overlay to match rust-toolchain.toml.
Add outputHashes for baml-ids, minijinja, and rig-core git dependencies.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Hide the primary Maple relationship behind a main agent thread while giving users focused subagent chats that share memory and code-owned runtime defaults.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Mirror the conversations API so clients can list agents and browse main-agent and subagent items with consistent cursor semantics.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
AnthonyRonning and others added 3 commits April 4, 2026 14:48
Allow Sage development flows to fully reset the main agent, its subagents, and shared memory without changing production behavior.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Reflect the Maple AI secure messaging identity across agent prompts, push copy, and migration naming.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
AnthonyRonning and others added 13 commits April 7, 2026 12:04
Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Prevent cross-user device reuse from leaking queued notifications, reclaim expired leases, respect deferred sends, and clarify that v1 protects plaintext notification content rather than all provider-visible metadata.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Reuse same-install device bindings across re-registration, add logout cleanup revoke behavior, and document the expected push lifecycle so account switches and reinstalls behave predictably.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Prevent stale workers from overwriting notification delivery results, fold the platform/provider integrity check into the base push migration, and align the push design doc with the shipped backend behavior.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
APNs requires ALPN-negotiated HTTP/2, so the Nitro push path now uses an HTTP/2-only client and exposes the same startup TCP checks as the other outbound push endpoints.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Record the current iOS, macOS, and Android push behavior so the backend design doc reflects the shipped disconnect-triggered v1 scope and the remaining hardening gaps.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Seed onboarding messages during init, return them directly to clients, and persist user locale/timezone so Maple's first-run experience is durable and predictable.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Let Maple schedule future agent turns with recurring rules, timezone-aware execution, and normal agent.message push delivery.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Avoid silently treating follow-user schedules as UTC so future local reminder times are not rejected as already in the past.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Expose a set_preference tool so Maple can persist timezone and locale during conversations and keep follow-user schedules aligned with timezone changes.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Persist reactions as message metadata and surface them in Maple SSE and prompts while keeping continuation turns and observability predictable.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Simplify agent SSE delivery by sending one persisted message per event and using minimal typing and done signals for clients.

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant