-
Notifications
You must be signed in to change notification settings - Fork 0
Changelog
BLUECARBONS Digital Agency edited this page Jul 13, 2026
·
3 revisions
All notable changes are documented here. Format follows Keep a Changelog.
- Security & cohesion audit: createRequire replaces bare require() in storage.js (ESM correctness), cli.js now imports DEFAULT_DB_PATH from the shared core/db-path.js module, CLI usage message corrected to agentic-rss binary name.
-
runAgenticParsernow acceptsconfig.maxItems— stops processing after N items are stored, fixing the MCPlimitdedup bug (#7) -
parseFeed()now surfacesfeedErrorsviaconsole.warnandresults.feedErrors(#6) - MCP server in-process semaphore (
enqueueToolCall) withAGENTIC_RSS_MAX_CONCURRENCYenv var support, default concurrency 3 (#8) -
createMemoryStorage().markProcessed()now honoursitem.processedAtfor backfill / migration / deterministic tests - New
src/core/db-path.jsmodule — single source of truth forDEFAULT_DB_PATHresolution (#9) -
attrRegexinparseXmlextended to handle unquoted attribute values and boolean flag attributes (#10) -
src/tools.jsnow re-exports everything fromsrc/index.js— no longer a partial stub (#11) -
src/core/db-path.jsadded to lint script
- Flaky
pruneOlderThantest replaced with deterministicprocessedAtbackdate pattern - Three
pruneOlderThanboundary tests added (old only, recent only, mixed) -
stripHtmlJSDoc rewritten to document both removal passes and<form>block removal
-
createMemoryStorage()— pluggable in-memoryStorageAdapterfor Node 18/20 and tests (#4) - Iterator-based
mapWithConcurrencyreplacing shared-index pattern (#5) - 26-test adversarial XML and
stripHtmltest suite (#3) -
config.storageparameter onrunAgenticParser— supply your ownStorageAdapter -
feedErrorsreturned fromrunAgenticParser(was silent before) - Stable SHA-256 item IDs (was
crypto.randomUUID()fallback — defeated deduplication) -
ParserCompat.parseFile()for local filesystem XML - Heuristic confidence polarity fix —
ignoreitems now scale confidence downward - Prompt injection mitigation in
provider.js(sanitizeForPrompt, control-char stripping) - LLM response body size cap (1 MB)
-
assertHttpUrl()incore/http.js— rejects non-HTTP URLs before network calls - MCP server
providerallowlist security guard -
DEFAULT_DB_PATHtwo-tier resolution strategy
-
contentSnippetdouble-assignment clobbering innormalizeItem -
isoDateraw string passthrough replaced withsafeIsoDate()(ISO 8601 or null) -
fetchFullArticlefetch trigger:item.contentSnippet?.trim()check instead of falsy check - Empty
choices/contentarray guards for OpenAI and Anthropic responses - Anthropic JSON parse wrapped in try/catch with descriptive error