Add memory retention cleanup during consolidation#17
Open
coe0718 wants to merge 2 commits intoghostwright:mainfrom
Open
Add memory retention cleanup during consolidation#17coe0718 wants to merge 2 commits intoghostwright:mainfrom
coe0718 wants to merge 2 commits intoghostwright:mainfrom
Conversation
Contributor
Author
|
Ill fix these if they are still wanted, if not close them |
imonlinux
added a commit
to imonlinux/phantom
that referenced
this pull request
Apr 24, 2026
Complete security review and implementation of fixes for Nextcloud Talk integration based on comprehensive security audit findings. HIGH PRIORITY fixes (security-critical): - ghostwright#1: Implement replay attack protection with LRU cache (5-minute TTL) - ghostwright#2: Add 64KB request size limit before body buffering - ghostwright#4: Replace Date.now() with crypto.randomUUID() for unique IDs - ghostwright#7: Fix JSON unwrap logic for ActivityStreams Note objects - ghostwright#11: Replace 'Error:' text sniffing with runtime error events Logic and security fixes: - ghostwright#3: Fix msgId/msg name collision in error handling - ghostwright#5: Improve parseConversationId to handle colons in tokens - ghostwright#6: Reject webhooks without target.id instead of silent fallback - ghostwright#8: Normalize emoji to avoid variation selector validation issues - ghostwright#9: Handle 404/409 reaction responses as success conditions - ghostwright#10: Make setReaction return boolean for proper error handling - ghostwright#12: Improve bot loop guard with actorId checking Best practices and polish: - ghostwright#13: Make port configurable instead of hardcoded 3200 - ghostwright#14: Move webhookPath default normalization to constructor - ghostwright#15: Fix health check path precedence (check webhook first) - ghostwright#16: Add exponential backoff retry for 5xx/429 responses - ghostwright#17: Add URL validation and encoding for talkServer config - ghostwright#18: Document HMAC signing asymmetry (inbound vs outbound) - ghostwright#20: Import randomUUID explicitly from node:crypto - ghostwright#21: Add reactions: true to channel capabilities - ghostwright#22: Namespace environment variables with NEXTCLOUD_ prefix Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Part of #1.
What changed
Why
The earlier memory PRs improved ranking, contradiction handling, and startup context, but stale memories were still only being down-ranked at retrieval time. This change adds the forgetting side of the system so low-value episodes and obsolete facts can age out during consolidation.
Validation
bun test src/memory/__tests__/episodic-retention.test.ts src/memory/__tests__/semantic-retention.test.ts src/memory/__tests__/consolidation.test.ts src/memory/__tests__/qdrant-client.test.tsbun run typecheckbun run lintbun test