## Issue Triage — 2026-02-28 ### 1) **[Bug] URL in message triggers duplicate LLM calls (webapp)** — **#6486** - **Current Status:** Open (GitHub) - **Impact Assessment:** - **User Impact:** High (anyone pasting URLs) - **Functional Impact:** Partial (responses still work, but duplicated) - **Brand Impact:** High (visible “double response”, cost blow-ups) - **Technical Classification:** - **Category:** Bug / Performance - **Component:** Webapp + Server message ingestion / SSE streaming (`attachments` vs `text`) - **Complexity:** Moderate effort - **Resource Requirements:** - **Required Expertise:** TS runtime message pipeline; attachment/url preview handling; SSE streaming - **Dependencies:** Need clarity on where URL preview is generated (client vs server) and how `convertToUIMessages`/attachment provider is invoked in webapp flow - **Estimated Effort:** 3/5 - **Recommended Priority:** **P1** - **Actionable Next Steps:** 1. Reproduce with instrumentation: log LLM call count + message “parts” classification (text vs attachment) for a URL message. 2. Enforce dedupe rule: URL content should be handled **either** as text **or** as attachment (single LLM request). 3. Add regression test: “message with URL produces exactly one LLM call and one streamed response”. 4. Confirm token metrics before/after (should halve LLM calls). - **Potential Assignees:** `lalalune` (runtime/message architecture), `borisudovicic` (chat endpoint familiarity), `anchapin` (defensive guards), with review by `greptile-apps` --- ### 2) **v2.0.0 bcrypt issue requires patches** — **DISCORD-2026-02-27-BCRYPT** - **Current Status:** Reported in Discord; not yet linked to a GitHub issue in provided data - **Impact Assessment:** - **User Impact:** High (anyone trying v2.0.0) - **Functional Impact:** Yes (likely install/runtime break if bcrypt fails) - **Brand Impact:** High (v2 onboarding friction; “alpha but broken” perception) - **Technical Classification:** - **Category:** Bug / Build & Runtime Compatibility - **Component:** Core runtime / dependency stack (Node native module or auth/security layer) - **Complexity:** Moderate effort (could become complex if cross-platform toolchain issues) - **Resource Requirements:** - **Required Expertise:** Node dependency management; native modules; cross-platform CI (Linux/macOS/Windows) - **Dependencies:** Identify exact failure mode (install, runtime, hashing, optional dependency) - **Estimated Effort:** 3/5 - **Recommended Priority:** **P0** - **Actionable Next Steps:** 1. Create/locate GitHub issue with exact error logs and environment matrix. 2. Decide strategy: replace bcrypt with `bcryptjs`/`@node-rs/bcrypt` or make bcrypt optional with clear fallback. 3. Add CI coverage for bcrypt path across major OS targets. 4. Publish “Known Issues” note for v2.0.0 until resolved. - **Potential Assignees:** `lalalune` (v2), `odilitime` (core stability), support from `anchapin` (robustness fixes) --- ### 3) **Most plugins broken out-of-the-box on 1.7.2 (plugin-linear, plugin-rolodex, plugin-memory)** — **DISCORD-2026-02-27-PLUGINS-1.7.2** - **Current Status:** Reported in Discord; not yet linked to GitHub issues in provided data - **Impact Assessment:** - **User Impact:** High (plugin users are a large portion of adopters) - **Functional Impact:** Yes (breaks common workflows: Linear + memory) - **Brand Impact:** High (“ecosystem is broken”) - **Technical Classification:** - **Category:** Bug / Compatibility - **Component:** Plugin System + runtime versioning (1.x vs v2 rollout) - **Complexity:** Complex solution (version skew) unless quick compatibility shims exist - **Resource Requirements:** - **Required Expertise:** Plugin API/versioning, semver discipline, release engineering - **Dependencies:** Clear compatibility matrix: runtime version ↔ plugin versions; registry metadata if applicable - **Estimated Effort:** 4/5 - **Recommended Priority:** **P0** - **Actionable Next Steps:** 1. Convert into tracked GitHub issues per plugin with minimal reproduction steps. 2. Publish an “official supported combo” (e.g., **v2-develop** for stable 1.x runtime + pinned plugin versions). 3. Add automated compatibility CI: smoke-test template agent + these plugins on release tags. 4. Implement deprecation warnings / runtime-plugin API version handshake (fail fast with actionable message). - **Potential Assignees:** `odilitime` (release/version guidance), `standujar` (workflow/tooling rigor), `lalalune` (runtime evolution), plugin maintainers as co-owners --- ### 4) **Review PR reintroducing plugins into core codebase** — **PR #6531 (Risk Item)** - **Current Status:** Needs review (Discord concern: “plugins creeping back in”) - **Impact Assessment:** - **User Impact:** Medium→High (affects maintainability and future breakage) - **Functional Impact:** Partial (architecture quality issue, can create recurring breakages) - **Brand Impact:** Medium (signals churn / unclear boundaries) - **Technical Classification:** - **Category:** Architectural / Maintenance Risk - **Component:** Core Framework vs Plugin boundaries - **Complexity:** Moderate effort (decision + refactor scope) - **Resource Requirements:** - **Required Expertise:** Architecture, modularization, build graph ownership - **Dependencies:** Agreement on boundary rules (what belongs in core vs plugins) - **Estimated Effort:** 2/5 (review) to 4/5 (if refactor required) - **Recommended Priority:** **P1** - **Actionable Next Steps:** 1. Define acceptance criteria: what “cannot” move into core and why (security, footprint, maintenance). 2. Review PR with a checklist: dependency creep, build size, public API stability, release impact. 3. If needed, request PR changes to keep implementation in plugins and expose minimal core hooks. - **Potential Assignees:** `odilitime` (raised concern), `lalalune` (core direction), reviewers: `greptile-apps` --- ### 5) **GitHub ↔ Linear bidirectional sync creating issue tracking “mess”** — **DISCORD-2026-02-25-LINEAR-SYNC** - **Current Status:** Known problem; cleanup required - **Impact Assessment:** - **User Impact:** Medium (contributors + maintainers) - **Functional Impact:** Partial (slows triage, duplicates, lost context) - **Brand Impact:** Medium (public repo hygiene) - **Technical Classification:** - **Category:** UX / Process / Tooling - **Component:** Project management tooling; automation integration - **Complexity:** Moderate effort - **Resource Requirements:** - **Required Expertise:** GitHub/Linear integration configuration; automation rules - **Dependencies:** Decide canonical source of truth; disable bidirectional or constrain event types - **Estimated Effort:** 3/5 - **Recommended Priority:** **P1** - **Actionable Next Steps:** 1. Freeze bidirectional sync temporarily; choose one-way sync (recommended) until rules are stable. 2. Deduplicate: close/merge mirrored issues; restore labels/owners; ensure links are preserved. 3. Document workflow: when to create in Linear vs GitHub; mapping rules for status/labels. - **Potential Assignees:** `Stan ⚡` (identified sync mode), `odilitime` (repo hygiene), support from `borisudovicic` (issue coordination) --- ### 6) **Implement compliance safeguards for credit-builder plugin (FCRA/ECOA/FDCPA) before broader adoption** — **DISCORD-2026-02-27-FCRA** - **Current Status:** Compliance question raised; unanswered; plugin released externally (`plugin-credit-builder`) - **Impact Assessment:** - **User Impact:** Medium now, potentially High if widely adopted - **Functional Impact:** Partial (plugin functions, but may enable harmful/illegal automation) - **Brand Impact:** High (legal/compliance blowback reflects on ecosystem) - **Technical Classification:** - **Category:** Security / Compliance / UX Guardrails - **Component:** Plugin System (external plugin), action confirmation flows, audit trails - **Complexity:** Complex solution (policy + product + technical controls) - **Resource Requirements:** - **Required Expertise:** Compliance/risk design, secure automation patterns, human-in-the-loop approvals, logging/audit - **Dependencies:** Define “plugin-form candidate” checklist for regulated domains; require explicit user verification steps - **Estimated Effort:** 4/5 - **Recommended Priority:** **P1** - **Actionable Next Steps:** 1. Add a compliance README section: intended use, required user attestations, jurisdiction warnings. 2. Implement mandatory **human confirmation** gates before sending letters; require evidence capture (user-provided docs). 3. Add audit log + immutable record of actions taken (timestamps, templates, inputs). 4. Consider a “restricted tools” capability flag in core for actions that send real-world communications. - **Potential Assignees:** Plugin author `Meme Broker` (implementation), `Caesar ⚔️` (raised compliance concerns, domain perspective), `odilitime` (plugin quality standards) --- ### 7) **Twitter input functionality issue (version unclear)** — **DISCORD-2026-02-26-TWITTER-INPUT** - **Current Status:** Unresolved; awaiting reporter details (version/product) - **Impact Assessment:** - **User Impact:** Medium (Twitter users) - **Functional Impact:** Partial (integration degraded) - **Brand Impact:** Medium - **Technical Classification:** - **Category:** Bug / Integration - **Component:** Model Integration / Plugin (likely Twitter plugin or MCP connector) - **Complexity:** Simple fix if config; Moderate if API change - **Resource Requirements:** - **Required Expertise:** Twitter plugin maintenance; API/auth changes - **Dependencies:** Reporter must provide version, logs, and whether using v1.x, v2.0.0, or plugin-twitter repo - **Estimated Effort:** 2/5 - **Recommended Priority:** **P2** - **Actionable Next Steps:** 1. Triage intake template: version, repo, auth method, sample payload, error logs. 2. If plugin-twitter: cross-check with recent auth/media changes (noted active maintainer work in ecosystem). - **Potential Assignees:** `2-A-M` (recent deep plugin-twitter fixes), `odilitime` (triage), reporter collaboration (`Jamie`) --- ### 8) **Feature Request: Custom OpenAI endpoint URL for OpenAI provider** — **#6490** - **Current Status:** Open (GitHub) - **Impact Assessment:** - **User Impact:** Medium (users of OpenAI-compatible providers) - **Functional Impact:** Partial (blocks some provider adoption) - **Brand Impact:** Medium (integration flexibility expectation) - **Technical Classification:** - **Category:** Feature Request - **Component:** Model Integration / Provider config - **Complexity:** Simple fix (config plumbing) to Moderate (docs + validation) - **Resource Requirements:** - **Required Expertise:** Provider abstraction; config management; security (SSRF considerations if server-side) - **Dependencies:** Decide config surface: env var vs config file; validation/allowlist if running as hosted service - **Estimated Effort:** 2/5 - **Recommended Priority:** **P2** - **Actionable Next Steps:** 1. Add `baseURL` (or equivalent) to OpenAI provider config with safe defaults. 2. Document examples (SiliconFlow, others). 3. Add basic validation + clear error when endpoint is unreachable. - **Potential Assignees:** `lalalune` (provider/runtime), `anchapin` (safe guards), reviewer `greptile-apps` --- ### 9) **Plugin Ollama: embedding failures on Linux** — **plugin-ollama #17** - **Current Status:** Open (GitHub, plugin repo) - **Impact Assessment:** - **User Impact:** Medium (Linux + Ollama users) - **Functional Impact:** Partial (embeddings/memory features impaired) - **Brand Impact:** Medium (cross-platform reliability) - **Technical Classification:** - **Category:** Bug - **Component:** Plugin System / Model Integration (Ollama embeddings) - **Complexity:** Moderate effort (environment-specific) - **Resource Requirements:** - **Required Expertise:** Linux runtime, Ollama embedding endpoints, dependency/version pinning - **Dependencies:** Reproduction details: distro, Ollama version, model, endpoint URL, TLS/proxy settings - **Estimated Effort:** 3/5 - **Recommended Priority:** **P2** - **Actionable Next Steps:** 1. Add minimal repro script + healthcheck endpoint verification in plugin. 2. Improve error messages (surface HTTP status/body, model name, request payload size). 3. Add CI smoke test on Linux runner if feasible. - **Potential Assignees:** Plugin maintainer(s), `standujar` (integration discipline), reporter `mbatini` for validation --- ## Top Priority Summary (Address Immediately: P0–P1) 1. **P0:** v2.0.0 **bcrypt** breakage (create/resolve tracked issue; add CI + fallback strategy). 2. **P0:** **Broken plugins on 1.7.2** (plugin-linear/rolodex/memory) — establish supported version matrix + smoke tests. 3. **P1:** **#6486 duplicate LLM calls on URL** (cost + UX regression; fix and add regression test). 4. **P1:** **PR #6531 architectural regression risk** (“plugins creeping back into core”) — review with boundary checklist. 5. **P1:** **GitHub↔Linear bidirectional sync mess** — disable/limit and clean up duplicates to restore sane triage. 6. **P1:** **Credit-builder compliance safeguards** (human-in-the-loop + audit + policy) before “plugin-form” endorsement. ## Patterns / Themes Indicating Deeper Issues - **Version fragmentation and breaking changes** are driving ecosystem instability (plugins “broken out-of-box”, alpha v2.0.0 patches). - **Unclear core vs plugin boundaries** (concern about plugins re-entering core) suggests architectural rules aren’t consistently enforced. - **Message processing duplication** (#6486) indicates insufficient normalization/deduping between **attachments**, **previews**, and **text** flows. - **Tooling/process drift** (GitHub↔Linear bidirectional sync) is creating noise that slows engineering response time. ## Process Improvement Recommendations - **Publish and enforce a compatibility matrix** (runtime version ↔ plugin versions), with “known good bundles” and automated smoke tests. - **Introduce a release gate**: no release tag unless (1) core install passes on major OS targets and (2) top plugins pass minimal integration tests. - **Adopt an architectural boundary RFC**: define what belongs in core vs plugins; require checklist approval for PRs that move code across boundary. - **Standardize issue intake templates** for integrations (Twitter/Ollama/etc.): version, logs, reproduction steps, environment matrix. - **Make GitHub the source of truth for OSS triage** and limit Linear to internal planning (one-way sync + strict mapping rules).