agents-orchestrator/agent-orchestrator
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

docs: add 10 Electrobun hardening features to TODO (from Codex audit #3)

Browse source
This commit is contained in:
Hibryda 2026-03-22 02:45:15 +01:00
parent 1cd4558740
commit 4e86e97fd9
1 changed files with 13 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

13
TODO.md
View file

@ -12,6 +12,19 @@
- [ ] **Per-project settings** — Deeper per-project configuration beyond current fields. Per-project theme override, per-project keybindings, per-project plugin enable/disable, per-project environment variables, per-project shell, per-project model preferences. Cascade: global → group → project (most specific wins).
- [ ] **Custom editors (AI-augmented)** — Specialized editor panes for non-code content: image editor (crop, annotate, AI inpaint/upscale via stable diffusion API), video editor (trim, subtitle, AI transcription), audio editor (waveform, AI transcription/TTS), 3D viewer/editor (glTF/OBJ, AI mesh generation). Each as a ProjectBox tab, triggered by file extension. Evaluate: WebGL for 3D (blocked by WebKit2GTK — ties into Tauri vs WGPU decision), Canvas for 2D, Web Audio API for audio.
## Electrobun Hardening (from Codex Audit #3)
- [ ] **Durable event sequencing** — Monotonic message indexes per session, idempotent replay on reconnect, conflict-safe persistence. Prevents message loss during concurrent agent output. Useful for session replay/debugging.
- [ ] **File-save conflict detection** — Track `mtime` + content hash before write. Atomic temp-file rename on save. Show conflict dialog if file changed externally between read and write. Prevents silent overwrites.
- [ ] **Remote credential vault** — Secure storage for relay tokens (encrypted at rest). Auto-reconnect uses stored token without re-prompting. Integrates with system keyring when available, falls back to encrypted SQLite blob.
- [ ] **Push-based task/relay updates** — Replace 5-second polling in TaskBoardTab and CommsTab with WebSocket push from btmsg/bttask backends. Request tokens or revision numbers for stale-response detection. Reduces CPU + network overhead.
- [ ] **Sidecar backpressure guard** — Max NDJSON line size (10MB), max pending stdout buffer, max terminal paste chunk (64KB). Prevents memory exhaustion from buggy/malicious sidecar runners.
- [ ] **Per-project retention controls** — Configurable session history retention (last N sessions, or N days). `untrackProject()` cleans up health store, agent store, search index. Prevents unbounded memory/disk growth.
- [ ] **Channel membership/ACL enforcement** — btmsg group_id validation (sender + recipient same group), channel membership checks before send, auto-add creator on channel create. Prevents cross-tenant message leakage.
- [ ] **Transport diagnostics panel** — Real-time view of PTY/relay/session persistence health. Dropped event counters, reconnection history, RPC latency histogram, buffer fill levels. Useful for debugging multi-machine setups.
- [ ] **Plugin sandbox policy layer** — Per-plugin network egress control (allow/deny), CPU time quotas (terminate after N seconds), memory limits, filesystem access scope. Prevents malicious plugins from exfiltrating data or DoS.
- [ ] **Multi-tool health tracking** — Replace `toolInFlight: boolean` with `toolsInFlight: number` counter. Accurate state machine for concurrent tool execution. Prevents false idle/stalled transitions during parallel tool use.
## Dual-Repo & Commercial
- [ ] **CLA setup** — Configure CLA-assistant.io on community repo (DexterFromLab/agent-orchestrator) before accepting external PRs.