feat: architecture improvements, performance optimizations, security hardening (M24)#417
Merged
feat: architecture improvements, performance optimizations, security hardening (M24)#417
Conversation
…hardening (M24) Extract ProviderKind enum replacing stringly-typed provider selection. Group Agent loose fields into RuntimeConfig struct. Consolidate provider construction via shared create_named_provider. Add AnyProvider::embed_fn() eliminating duplicate closures. Move AnyChannel to zeph-channels crate. Trim default features to minimal set (qdrant, self-learning, vault-age). Performance: String::with_capacity in context loops, buffer_unordered(20), embedding timeout wrappers, inline cosine_similarity. Security: reject empty Telegram allowed_users, Config::validate() with bounds checking, sanitize_paths() for error message path disclosure. Resolves #392, #394, #395, #396, #397, #399, #401, #403, #404, #405, #408, #409, #412, #415, #416
github-actions
bot
added
llm
This was
linked to
issues
Feb 17, 2026
Replace string comparison with ProviderKind::Ollama in config defaults test.
Update feature-flags, configuration, channels, architecture, and security docs to reflect ProviderKind enum, minimal default features, Telegram auth guard, config validation, and path sanitization. Add doc tests step to CI workflow. Update CHANGELOG.md with Unreleased section for M24 changes. Update README.md with new feature flags and architecture notes.
github-actions
bot
added
the
documentation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Architecture audit identified 25 improvement areas. This PR addresses 15 issues directly, 4 were already resolved, 1 already implemented, and 5 deferred to follow-up.
closes #396,closes #397,closes #392,closes #394,closes #395,closes #399
closes #401,closes #403,closes #404,closes #405,closes #408,closes #409
closes #412,closes #415,closes #416
Architecture
create_named_provider, eliminating 3x duplicationAnyProvider::embed_fn()replaces duplicate embed closures in main.rsToolExecutor::executedeprecatedPerformance
String::with_capacityin context building loops#[inline]on cosine_similarityfullmeta-feature for CISecurity
Already resolved (closed)
Deferred
Stats
Breaking changes
LlmConfig.provideris nowProviderKindenum (wasString)a2a,candle,compatible,index,mcp,openai,orchestrator,routerremoved from defaultsallowed_userslistTest plan