Skip to content

feat(mcp-server)!: remove identity/soul diary-entry profile mechanism (#1401)#1406

Draft
legreffier[bot] wants to merge 1 commit into
mainfrom
issue-1401-moltnet-whoami-conflates-identities
Draft

feat(mcp-server)!: remove identity/soul diary-entry profile mechanism (#1401)#1406
legreffier[bot] wants to merge 1 commit into
mainfrom
issue-1401-moltnet-whoami-conflates-identities

Conversation

@legreffier

@legreffier legreffier Bot commented Jun 17, 2026

Copy link
Copy Markdown
Contributor

Summary

Closes #1401. moltnet_whoami repeatedly conflated agent identities because it joined the authenticated caller with identity/soul diary entries authored by anyone in a (possibly shared) diary — a recurrence of #889. Rather than re-patch the join a third time, this removes the identity/soul diary-entry profile mechanism entirely.

The authenticated identity block was always correct; the diary-entry profile join was the recurring source of bugs. With it gone, the conflation class is structurally impossible — moltnet_whoami never reads diary entries.

What changed

  • moltnet_whoami: takes no arguments, returns only the authenticated identity (identityId, clientId, publicKey, fingerprint). No more profile/whoami/soul/hint; no diary_id input.
  • Deleted: profile-utils.ts, the moltnet://diaries/{id}/self/whoami + self/soul MCP resources, and the identity_bootstrap + write_identity prompts.
  • entry_type enum: identity and soul removed across the DB enum, @moltnet/models, MCP/REST schemas, diary-service/diary-ui, and both generated clients (TS hey-api + Go ogen). Now: episodic | semantic | procedural | reflection.
  • Migration 0021: drops diary_search() before recreating the enum (the function depends on the type — the auto-generated SQL omitted this and would have failed on DROP TYPE), remaps existing identity/soul rows to semantic, then recreates the function verbatim.
  • Skill (legreffier), docs, Go CLI help text, and the judge-pack signing rule updated.

⚠️ Breaking change

  • entry_type no longer accepts identity/soul (existing rows remapped to semantic — no data loss).
  • moltnet_whoami no longer returns profile/soul/hint or accepts diary_id.

Published consumers (@themoltnet/cli, SDK) warrant a major version bump.

Verification

  • ✅ Typecheck (8 affected projects), lint (0 errors)
  • ✅ Unit tests: models, mcp-server, diary-service, api-client, pi-extension, entry-explore, rest-api (482)
  • ✅ Go CLI tests + go build
  • Migration verified against real Postgres: fresh apply of all 22 migrations, diary_search recreated and callable, identity/soul→semantic remap preserves rows
  • Not run: mcp-server + rest-api e2e suites (need the full Docker stack) — assertions updated and typechecked, but not executed locally

Notes

The identityId-per-fingerprint discrepancy originally bundled into this issue (OAuth2 client metadata.identity_id drifting from the agents table, surfaced via the token-validator fallback) is no longer reachable through whoami since whoami no longer joins diary entries. If you still want the auth-layer reconciliation fix, I can file a focused follow-up — say the word.

@legreffier
feat(mcp-server)!: remove identity/soul diary-entry profile mechanism (
4ff138d 
…#1401)

moltnet_whoami conflated agent identities by joining the authenticated caller
with identity/soul diary entries authored by anyone in a (possibly shared)
diary — a recurrence of #889. Remove the mechanism instead of re-patching:

- moltnet_whoami returns only the authenticated identity block (no diary_id
  input, no profile/soul/hint).
- Delete self/whoami + self/soul MCP resources and identity_bootstrap /
  write_identity prompts; delete profile-utils.
- Remove 'identity'/'soul' from the entry_type enum across DB, @moltnet/models,
  MCP schemas, diary-service/diary-ui, and the generated TS + Go clients.
- Migration 0021 drops diary_search() before recreating the enum (it depends on
  the type), remaps existing identity/soul rows to 'semantic', then recreates
  the function. Verified against Postgres: fresh apply + data remap.

BREAKING CHANGE: entry_type no longer accepts 'identity'/'soul'; moltnet_whoami
no longer returns profile/soul/hint or accepts diary_id. Published consumers
need a major version bump.

MoltNet-Diary: 71fa4937-8ed6-42a0-97c8-e0fada5f0325
Task-Group: remove-identity-soul-profile
Task-Family: refactor
Task-Completes: true
@github-actions

github-actions Bot commented Jun 17, 2026

Copy link
Copy Markdown
Contributor

⚠️ CLI go.mod is behind internal Go module releases

The CLI release is intentionally decoupled from same-run Go lib releases, so apps/moltnet-cli/go.mod must already be bumped in a normal PR.

Detected drift:

  • moltnet-api-client: go.mod has v1.32.0, expected v1.32.1
  • dspy-adapters: go.mod has v0.9.2, expected v0.9.3

Run these commands from apps/moltnet-cli:

GOWORK=off go get github.com/getlarge/themoltnet/libs/moltnet-api-client@v1.32.1
GOWORK=off go get github.com/getlarge/themoltnet/libs/dspy-adapters@v0.9.3
GOWORK=off go mod tidy

@github-actions

github-actions Bot commented Jun 17, 2026

Copy link
Copy Markdown
Contributor

🚨 Dependency Audit — Vulnerabilities found

Full report 
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ critical            │ fast-jwt: Incomplete fix for CVE-2023-48223: JWT       │
│                     │ Algorithm Confusion via Whitespace-Prefixed RSA Public │
│                     │ Key                                                    │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ fast-jwt                                               │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ <=6.1.0                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=6.2.0                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__mcp-server>@getlarge/fastify-mcp>@fastify/       │
│                     │ jwt>fast-jwt                                           │
│                     │                                                        │
│                     │ apps__mcp-server>@getlarge/fastify-mcp>fast-jwt        │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-mvf2-f6gm-w987      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ critical            │ fast-jwt: Cache Confusion via cacheKeyBuilder          │
│                     │ Collisions Can Return Claims From a Different Token    │
│                     │ (Identity/Authorization Mixup)                         │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ fast-jwt                                               │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ >=0.0.1 <6.2.0                                         │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=6.2.0                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__mcp-server>@getlarge/fastify-mcp>@fastify/       │
│                     │ jwt>fast-jwt                                           │
│                     │                                                        │
│                     │ apps__mcp-server>@getlarge/fastify-mcp>fast-jwt        │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-rp9m-7r4c-75qg      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ critical            │ Arbitrary code execution in protobufjs                 │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ protobufjs                                             │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ >=8.0.0 <8.0.1                                         │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=8.0.1                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__agent-daemon>@opentelemetry/exporter-trace-otlp- │
│                     │ proto>@opentelemetry/otlp-transformer>protobufjs       │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-xq3m-2v4x-88gg      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ critical            │ fast-jwt: JWT auth bypass due to empty HMAC secret     │
│                     │ accepted by async key resolver                         │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ fast-jwt                                               │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ <=6.2.3                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=6.2.4                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__mcp-server>@getlarge/fastify-mcp>@fastify/       │
│                     │ jwt>fast-jwt                                           │
│                     │                                                        │
│                     │ apps__mcp-server>@getlarge/fastify-mcp>fast-jwt        │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-gmvf-9v4p-v8jc      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ high                │ fast-jwt accepts unknown `crit` header extensions (RFC │
│                     │ 7515 violation)                                        │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ fast-jwt                                               │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ <=6.1.0                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ <0.0.0                                                 │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__mcp-server>@getlarge/fastify-mcp>@fastify/       │
│                     │ jwt>fast-jwt                                           │
│                     │                                                        │
│                     │ apps__mcp-server>@getlarge/fastify-mcp>fast-jwt        │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-hm7r-c7qw-ghp6      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ high                │ protobuf.js: Code injection through bytes field        │
│                     │ defaults in generated toObject code                    │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ protobufjs                                             │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ >=8.0.0 <=8.0.1                                        │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=8.0.2                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__agent-daemon>@opentelemetry/exporter-trace-otlp- │
│                     │ proto>@opentelemetry/otlp-transformer>protobufjs       │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-66ff-xgx4-vchm      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ high                │ protobuf.js: Code generation gadget after prototype    │
│                     │ pollution                                              │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ protobufjs                                             │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ >=8.0.0 <=8.0.1                                        │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=8.0.2                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__agent-daemon>@opentelemetry/exporter-trace-otlp- │
│                     │ proto>@opentelemetry/otlp-transformer>protobufjs       │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-75px-5xx7-5xc7      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ high                │ protobuf.js: Process-wide denial of service through    │
│                     │ unsafe option paths                                    │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ protobufjs                                             │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ >=8.0.0 <=8.0.1                                        │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=8.0.2                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__agent-daemon>@opentelemetry/exporter-trace-otlp- │
│                     │ proto>@opentelemetry/otlp-transformer>protobufjs       │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-jvwf-75h9-cwgg      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ high                │ protobuf.js: Denial of service through unbounded       │
│                     │ protobuf recursion                                     │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ protobufjs                                             │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ >=8.0.0 <=8.0.1                                        │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=8.0.2                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__agent-daemon>@opentelemetry/exporter-trace-otlp- │
│                     │ proto>@opentelemetry/otlp-transformer>protobufjs       │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-685m-2w69-288q      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ high                │ protobufjs: Denial of service through unbounded Any    │
│                     │ expansion during JSON conversion                       │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ protobufjs                                             │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ >=8.0.0 <=8.4.0                                        │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=8.4.1                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__agent-daemon>@opentelemetry/exporter-trace-otlp- │
│                     │ proto>@opentelemetry/otlp-transformer>protobufjs       │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-wcpc-wj8m-hjx6      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ moderate            │ fast-jwt has a ReDoS when using RegExp in allowed*     │
│                     │ leading to CPU exhaustion during token verification    │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ fast-jwt                                               │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ >=5.0.0 <=6.2.0                                        │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=6.2.1                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__mcp-server>@getlarge/fastify-mcp>@fastify/       │
│                     │ jwt>fast-jwt                                           │
│                     │                                                        │
│                     │ apps__mcp-server>@getlarge/fastify-mcp>fast-jwt        │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-cjw9-ghj4-fwxf      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ moderate            │ fast-jwt: Stateful RegExp (/g or /y) causes            │
│                     │ non-deterministic allowed-claim validation (logical    │
│                     │ DoS)                                                   │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ fast-jwt                                               │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ <6.2.1                                                 │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=6.2.1                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__mcp-server>@getlarge/fastify-mcp>@fastify/       │
│                     │ jwt>fast-jwt                                           │
│                     │                                                        │
│                     │ apps__mcp-server>@getlarge/fastify-mcp>fast-jwt        │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-3j8v-cgw4-2g6q      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ moderate            │ ip-address has XSS in Address6 HTML-emitting methods   │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ ip-address                                             │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ <=10.1.0                                               │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=10.1.1                                               │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__mcp-host>@modelcontextprotocol/sdk>express-rate- │
│                     │ limit>ip-address                                       │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-v2v4-37r5-5v8g      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ moderate            │ protobuf.js: Denial of service from crafted field      │
│                     │ names in generated code                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ protobufjs                                             │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ >=8.0.0 <=8.0.1                                        │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=8.0.2                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__agent-daemon>@opentelemetry/exporter-trace-otlp- │
│                     │ proto>@opentelemetry/otlp-transformer>protobufjs       │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-2pr8-phx7-x9h3      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ moderate            │ protobuf.js: Prototype injection in generated message  │
│                     │ constructors                                           │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ protobufjs                                             │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ >=8.0.0 <=8.0.1                                        │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=8.0.2                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__agent-daemon>@opentelemetry/exporter-trace-otlp- │
│                     │ proto>@opentelemetry/otlp-transformer>protobufjs       │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-fx83-v9x8-x52w      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ moderate            │ protobufjs has overlong UTF-8 decoding                 │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ protobufjs                                             │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ >=8.0.0 <=8.0.1                                        │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=8.0.2                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__agent-daemon>@opentelemetry/exporter-trace-otlp- │
│                     │ proto>@opentelemetry/otlp-transformer>protobufjs       │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-q6x5-8v7m-xcrf      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ moderate            │ protobufjs: Denial of Service via unbounded recursive  │
│                     │ JSON descriptor expansion                              │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ protobufjs                                             │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ >=8.0.0 <8.2.0                                         │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=8.2.0                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__agent-daemon>@opentelemetry/exporter-trace-otlp- │
│                     │ proto>@opentelemetry/otlp-transformer>protobufjs       │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-jggg-4jg4-v7c6      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ moderate            │ uuid: Missing buffer bounds check in v3/v5/v6 when buf │
│                     │ is provided                                            │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ uuid                                                   │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ <11.1.1                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=11.1.1                                               │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__mcp-server>@getlarge/fastify-mcp>mqemitter-      │
│                     │ redis>hyperid>uuid                                     │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-w5hq-g745-h8pq      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ moderate            │ protobufjs : Schema-derived names can shadow           │
│                     │ runtime-significant properties                         │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ protobufjs                                             │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ >=8.0.0 <=8.5.0                                        │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=8.6.0                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__agent-daemon>@opentelemetry/exporter-trace-otlp- │
│                     │ proto>@opentelemetry/otlp-transformer>protobufjs       │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-f38q-mgvj-vph7      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ moderate            │ OpenTelemetry Core: Unbounded memory allocation in W3C │
│                     │ Baggage propagation                                    │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ @opentelemetry/core                                    │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ <2.8.0                                                 │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=2.8.0                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ apps__agent-daemon>@opentelemetry/exporter-trace-otlp- │
│                     │ proto>@opentelemetry/core                              │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-8988-4f7v-96qf      │
└─────────────────────┴────────────────────────────────────────────────────────┘
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ low                 │ Elliptic Uses a Cryptographic Primitive with a Risky   │
│                     │ Implementation                                         │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ elliptic                                               │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ <=6.6.1                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ <0.0.0                                                 │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ libs__auth>get-jwks>jwk-to-pem>elliptic                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-848j-6mx2-7j84      │
└─────────────────────┴────────────────────────────────────────────────────────┘
27 vulnerabilities found
Severity: 1 low | 12 moderate | 7 high | 7 critical

@github-actions

github-actions Bot commented Jun 17, 2026

Copy link
Copy Markdown
Contributor

⚠️ Knip — Unused code or dependencies found

Run pnpm run knip locally to see details, or pnpm run knip:fix to auto-fix some of them.

Full report 
�[93m�[4mUnused files�[24m�[39m (37)
.agents/skills/monitor-ci/scripts/ci-poll-decide.mjs                                       
.agents/skills/monitor-ci/scripts/ci-state-update.mjs                                      
apps/agent-daemon/src/node-sqlite.d.ts                                                     
apps/console/e2e/seed-diary-browser.ts                                                     
apps/landing/src/hooks/useFeedSSE.ts                                                       
apps/mcp-host/server.mjs                                                                   
apps/mcp-host/src/sandbox.ts                                                               
apps/mcp-server/src/schemas/index.ts                                                       
apps/rest-api/src/migrate.ts                                                               
apps/rest-api/src/sse/public-feed-poller.ts                                                
apps/rest-api/src/sse/sse-writer.ts                                                        
apps/rest-api/src/typebox-schema-id.d.ts                                                   
docs/.vitepress/env.d.ts                                                                   
evals/moltnet-practices/auth-middleware-early-return/fixtures/auth-plugin.ts               
evals/moltnet-practices/auth-middleware-early-return/fixtures/team-resolver.ts             
evals/moltnet-practices/e2e-raw-fetch-vs-api-client/fixtures/sdk.gen.ts                    
evals/moltnet-practices/repository-tenant-scope-bypass/fixtures/consolidate-workflow.ts    
evals/moltnet-practices/repository-tenant-scope-bypass/fixtures/diary-entry.repository.ts  
evals/moltnet-practices/rest-error-boundary/fixtures/pack-routes.ts                        
evals/moltnet-practices/rest-error-boundary/fixtures/verification-routes.ts                
evals/moltnet-practices/webhook-auth-status-code/fixtures/hooks.ts                         
examples/diary-create.ts                                                                   
examples/diary-search.ts                                                                   
examples/register.ts                                                                       
examples/sign-entry.ts                                                                     
test-fixtures/generate-ssh-vectors.mjs                                                     
test-fixtures/generate-x25519-vectors.mjs                                                  
tools/db/backfill-content-hashes.ts                                                        
tools/db/backfill-diary-team-links.ts                                                      
tools/db/backfill-keto-subject-set.ts                                                      
tools/db/backfill-personal-teams.ts                                                        
tools/db/backfill-team-relations-plural.ts                                                 
tools/db/cleanup-legacy-diary-tuples.ts                                                    
tools/generators/split-tsconfigs/index.ts                                                  
tools/generators/split-tsconfigs/schema.d.ts                                               
tools/src/tasks/seed-judge-fixture.ts                                                      
tools/src/verify-task-context.ts                                                           
�[93m�[4mUnused dependencies�[24m�[39m (48)
@earendil-works/gondolin                     apps/agent-daemon/package.json:38:6        
@opentelemetry/instrumentation               apps/agent-daemon/package.json:43:6        
@opentelemetry/instrumentation-dns           apps/agent-daemon/package.json:44:6        
@opentelemetry/instrumentation-http          apps/agent-daemon/package.json:45:6        
@opentelemetry/instrumentation-net           apps/agent-daemon/package.json:46:6        
@opentelemetry/instrumentation-pg            apps/agent-daemon/package.json:47:6        
@opentelemetry/instrumentation-pino          apps/agent-daemon/package.json:48:6        
@opentelemetry/instrumentation-undici        apps/agent-daemon/package.json:49:6        
pino-pretty                                  apps/agent-daemon/package.json:59:6        
@moltnet/models                              apps/console/package.json:11:6             
@moltnet/entry-explore-mcp-app               apps/mcp-server/package.json:30:6          
@themoltnet/design-system                    apps/mcp-server/package.json:34:6          
@fastify/otel                                apps/mcp-server/package.json:36:6          
@opentelemetry/exporter-metrics-otlp-proto   apps/mcp-server/package.json:38:6          
@opentelemetry/exporter-trace-otlp-proto     apps/mcp-server/package.json:39:6          
@opentelemetry/instrumentation               apps/mcp-server/package.json:40:6          
@opentelemetry/instrumentation-dns           apps/mcp-server/package.json:41:6          
@opentelemetry/instrumentation-http          apps/mcp-server/package.json:42:6          
@opentelemetry/instrumentation-net           apps/mcp-server/package.json:43:6          
@opentelemetry/instrumentation-pino          apps/mcp-server/package.json:44:6          
@opentelemetry/instrumentation-pg            apps/mcp-server/package.json:45:6          
@opentelemetry/instrumentation-runtime-node  apps/mcp-server/package.json:46:6          
@opentelemetry/instrumentation-undici        apps/mcp-server/package.json:47:6          
@opentelemetry/resources                     apps/mcp-server/package.json:48:6          
@opentelemetry/sdk-metrics                   apps/mcp-server/package.json:49:6          
@opentelemetry/sdk-trace-base                apps/mcp-server/package.json:50:6          
@opentelemetry/sdk-trace-node                apps/mcp-server/package.json:51:6          
@opentelemetry/semantic-conventions          apps/mcp-server/package.json:52:6          
pino                                         apps/mcp-server/package.json:56:6          
pino-opentelemetry-transport                 apps/mcp-server/package.json:57:6          
thread-stream                                apps/mcp-server/package.json:58:6          
multiformats                                 apps/rest-api/package.json:38:6            
@huggingface/transformers                    apps/rest-api/package.json:40:6            
@opentelemetry/exporter-metrics-otlp-proto   apps/rest-api/package.json:50:6            
@opentelemetry/instrumentation               apps/rest-api/package.json:52:6            
@opentelemetry/resources                     apps/rest-api/package.json:60:6            
@opentelemetry/sdk-metrics                   apps/rest-api/package.json:61:6            
@opentelemetry/sdk-trace-base                apps/rest-api/package.json:62:6            
@opentelemetry/sdk-trace-node                apps/rest-api/package.json:63:6            
@opentelemetry/semantic-conventions          apps/rest-api/package.json:64:6            
pino-pretty                                  apps/rest-api/package.json:73:6            
thread-stream                                apps/rest-api/package.json:74:6            
@noble/hashes                                libs/context-pack-service/package.json:19:6
tslib                                        package.json:145:6                         
@moltnet/auth                                tools/package.json:39:6                    
@moltnet/models                              tools/package.json:46:6                    
drizzle-orm                                  tools/package.json:54:6                    
fastq                                        tools/package.json:55:6                    
�[93m�[4mUnused devDependencies�[24m�[39m (21)
@moltnet/database           apps/console/package.json:23:6              
@moltnet/bootstrap          apps/mcp-server/package.json:61:6           
@moltnet/database           apps/mcp-server/package.json:62:6           
drizzle-orm                 apps/mcp-server/package.json:65:6           
pino-pretty                 apps/mcp-server/package.json:66:6           
vitest                      libs/bootstrap/package.json:24:6            
@moltnet/crypto-service     libs/context-distill/package.json:17:6      
@moltnet/database           libs/context-distill/package.json:18:6      
@testcontainers/postgresql  libs/context-distill/package.json:19:6      
drizzle-orm                 libs/context-distill/package.json:20:6      
pg                          libs/context-distill/package.json:21:6      
@types/pg                   libs/context-distill/package.json:22:6      
testcontainers              libs/diary-service/package.json:29:6        
@testing-library/react      libs/entry-explore-mcp-app/package.json:30:6
vitest                      libs/mcp-test-harness/package.json:22:6     
@nx/devkit                  package.json:71:6                           
@swc/helpers                package.json:83:6                           
husky                       package.json:92:6                           
lint-staged                 package.json:97:6                           
vite-plugin-dts             package.json:105:6                          
@types/figlet               tools/package.json:61:6                     
�[93m�[4mReferenced optional peerDependencies�[24m�[39m (1)
ink  libs/design-system/package.json
�[93m�[4mUnlisted dependencies�[24m�[39m (2)
@moltnet/database  evals/moltnet-practices/e2e-raw-fetch-vs-api-client/fixtures/governance.e2e.test.ts:19:46
pg                 libs/diary-service/__tests__/diary-service.dbos.integration.test.ts:38:27                
�[93m�[4mUnlisted binaries�[24m�[39m (8)
openssl                                             .github/actions/legreffier-run-task/action.yml
python3                                             .github/workflows/ci.yml                      
clawhub                                             .github/workflows/release.yml                 
gofmt                                               .lintstagedrc.mjs                             
go                                                  package.json                                  
gofmt                                               package.json                                  
packages/openclaw-skill/scripts/publish-clawhub.sh  package.json                                  
packages/openclaw-skill/scripts/package.sh          package.json                                  
�[93m�[4mUnused exports�[24m�[39m (97)
COMMON_REQUIRED_FLAGS                       apps/agent-daemon/src/lib/help.ts:3:14                        
COMMON_MODEL_FLAGS                          apps/agent-daemon/src/lib/help.ts:7:14                        
COMMON_OPTIONAL_FLAGS                       apps/agent-daemon/src/lib/help.ts:13:14                       
buildDaemonSlotId                 function  apps/agent-daemon/src/lib/task-execution-plan.ts:76:17        
ENTRY_TYPE_LABELS                           apps/console/src/diaries/utils.ts:14:3                        
ENTRY_TYPES                                 apps/console/src/diaries/utils.ts:15:3                        
estimateTokenCount                          apps/console/src/diaries/utils.ts:16:3                        
formatDateTime                              apps/console/src/diaries/utils.ts:17:3                        
ENTRY_TYPE_OPTIONS                          apps/console/src/diaries/utils.ts:21:14                       
getEntryTypeQuery                 function  apps/console/src/diaries/utils.ts:29:17                       
MOBILE_BREAKPOINT                           apps/console/src/hooks/useIsMobile.ts:3:14                    
TABLET_BREAKPOINT                           apps/console/src/hooks/useIsMobile.ts:4:14                    
groupTasksByLane                            apps/console/src/tasks/status.ts:25:3                         
statusToLane                                apps/console/src/tasks/status.ts:26:3                         
TASK_LANES                                  apps/console/src/tasks/status.ts:27:3                         
consoleCorrelationUrl             function  apps/issue-lifecycle/src/status-comment.ts:36:17              
consoleAttemptUrl                 function  apps/issue-lifecycle/src/status-comment.ts:48:17              
outputState                       function  apps/issue-lifecycle/src/test-fakes.ts:41:17                  
API_BASE_URL                                apps/landing/src/api.ts:16:14                                 
handleDiaryTags                   function  apps/mcp-server/src/diary-tools.ts:315:23                     
handleGrantCreate                 function  apps/mcp-server/src/grant-tools.ts:38:23                      
handleGrantRevoke                 function  apps/mcp-server/src/grant-tools.ts:70:23                      
handleGrantList                   function  apps/mcp-server/src/grant-tools.ts:102:23                     
handlePacksUpdate                 function  apps/mcp-server/src/pack-tools.ts:295:23                      
handleRenderedPacksUpdate         function  apps/mcp-server/src/pack-tools.ts:385:23                      
handlePacksDiff                   function  apps/mcp-server/src/pack-tools.ts:487:23                      
EntryMapZoneSearchSchema                    apps/mcp-server/src/schemas/entry-explore-schemas.ts:9:14     
EntryMapZoneProvenanceSchema                apps/mcp-server/src/schemas/entry-explore-schemas.ts:24:14    
EntryMapZoneSchema                          apps/mcp-server/src/schemas/entry-explore-schemas.ts:47:14    
EntryMapDataSchema                          apps/mcp-server/src/schemas/entry-explore-schemas.ts:88:14    
CustomPackEntrySelectionSchema              apps/mcp-server/src/schemas/pack-schemas.ts:107:14            
handleTasksContinue               function  apps/mcp-server/src/task-tools.ts:163:23                      
handleTeamsList                   function  apps/mcp-server/src/team-tools.ts:62:23                       
handleTeamMembersList             function  apps/mcp-server/src/team-tools.ts:84:23                       
handleTeamsCreate                 function  apps/mcp-server/src/team-tools.ts:109:23                      
handleTeamsJoin                   function  apps/mcp-server/src/team-tools.ts:132:23                      
handleTeamsDelete                 function  apps/mcp-server/src/team-tools.ts:155:23                      
handleTeamsInviteCreate           function  apps/mcp-server/src/team-tools.ts:178:23                      
handleTeamsInviteList             function  apps/mcp-server/src/team-tools.ts:211:23                      
handleTeamsInviteDelete           function  apps/mcp-server/src/team-tools.ts:236:23                      
handleTeamsMemberRemove           function  apps/mcp-server/src/team-tools.ts:264:23                      
ServerConfigSchema                          apps/rest-api/src/config.ts:27:14                             
DatabaseConfigSchema                        apps/rest-api/src/config.ts:39:14                             
WebhookConfigSchema                         apps/rest-api/src/config.ts:44:14                             
RecoveryConfigSchema                        apps/rest-api/src/config.ts:48:14                             
OryConfigSchema                             apps/rest-api/src/config.ts:52:14                             
ObservabilityConfigSchema                   apps/rest-api/src/config.ts:63:14                             
EmbeddingConfigSchema                       apps/rest-api/src/config.ts:99:14                             
SecurityConfigSchema                        apps/rest-api/src/config.ts:106:14                            
loadEmbeddingConfig               function  apps/rest-api/src/config.ts:305:17                            
loadPackGcConfig                  function  apps/rest-api/src/config.ts:315:17                            
loadTaskOrphanSweeperConfig       function  apps/rest-api/src/config.ts:325:17                            
acceptsProblemJson                          apps/rest-api/src/problems/index.ts:2:3                       
findProblemTypeByCode                       apps/rest-api/src/problems/index.ts:8:3                       
findProblemTypeByStatus                     apps/rest-api/src/problems/index.ts:9:3                       
getTypeUri                                  apps/rest-api/src/problems/index.ts:10:3                      
problemTypes                                apps/rest-api/src/problems/index.ts:12:3                      
DiaryTagCountSchema                         apps/rest-api/src/schemas/diary.ts:58:14                      
PublicAuthorSchema                          apps/rest-api/src/schemas/diary.ts:104:14                     
ContextPackEntrySchema                      apps/rest-api/src/schemas/packs.ts:9:14                       
TaskTypeDescriptorSchema                    apps/rest-api/src/schemas/tasks.ts:290:14                     
inflateRowCreator                 function  apps/rest-api/src/utils/auth-principal.ts:142:23              
resolvePrincipal                            apps/rest-api/src/utils/auth-principal.ts:191:10              
HumanOnboardingError              class     apps/rest-api/src/workflows/human-onboarding-workflow.ts:36:14
diaryTransferWorkflow                       apps/rest-api/src/workflows/index.ts:4:3                      
TRANSFER_DECISION_EVENT                     apps/rest-api/src/workflows/index.ts:7:3                      
HumanOnboardingError                        apps/rest-api/src/workflows/index.ts:12:3                     
DEFAULT_WORKFLOW_TIMEOUT_MS                 apps/rest-api/src/workflows/index.ts:46:3                     
runWorkflow                                 apps/rest-api/src/workflows/index.ts:47:3                     
FOUNDING_ACCEPT_EVENT                       apps/rest-api/src/workflows/index.ts:51:3                     
TeamFoundingTimeoutError                    apps/rest-api/src/workflows/index.ts:57:3                     
teamFoundingWorkflow                        apps/rest-api/src/workflows/index.ts:58:3                     
DEFAULT_WORKFLOW_TIMEOUT_MS                 apps/rest-api/src/workflows/run-workflow.ts:14:14             
runWorkflow                       function  apps/rest-api/src/workflows/run-workflow.ts:33:23             
TeamFoundingTimeoutError          class     apps/rest-api/src/workflows/team-founding-workflow.ts:32:14   
DEFAULT_E2E_REST_API_URL                    libs/bootstrap/src/e2e-harness.ts:26:14                       
DEFAULT_E2E_DATABASE_URL                    libs/bootstrap/src/e2e-harness.ts:27:14                       
DEFAULT_E2E_HYDRA_PUBLIC_URL                libs/bootstrap/src/e2e-harness.ts:29:14                       
DEFAULT_E2E_HYDRA_ADMIN_URL                 libs/bootstrap/src/e2e-harness.ts:30:14                       
DEFAULT_E2E_KETO_READ_URL                   libs/bootstrap/src/e2e-harness.ts:31:14                       
DEFAULT_E2E_KETO_WRITE_URL                  libs/bootstrap/src/e2e-harness.ts:32:14                       
DEFAULT_E2E_KRATOS_ADMIN_URL                libs/bootstrap/src/e2e-harness.ts:33:14                       
DEFAULT_E2E_AGENT_SCOPES                    libs/bootstrap/src/e2e-harness.ts:34:14                       
DBOSWorkflowConflictError                   libs/database/src/dbos.ts:154:3                               
DEFAULT_DISPATCH_TIMEOUT_SECONDS            libs/database/src/workflows/task-workflows.ts:135:14          
DEFAULT_RUNNING_TIMEOUT_SECONDS             libs/database/src/workflows/task-workflows.ts:139:14          
MAX_PUBLIC_CONTENT_LENGTH                   libs/diary-service/src/diary-service.ts:51:14                 
nextStepId                        function  libs/entry-explore-mcp-app/src/state/map.ts:117:17            
abortError                        function  libs/pi-extension/src/abort-utils.ts:9:17                     
resolveTaskScratchPath            function  libs/pi-extension/src/runtime/task-workspace.ts:130:17        
makeClient                        function  packages/legreffier-cli/src/api.ts:78:17                      
formatPortIssues                  function  packages/legreffier-cli/src/phases/portValidate.ts:213:17     
gitMergeBase                      function  tools/src/tasksmith/gh-client.ts:151:23                       
gitShowFileAtRef                  function  tools/src/tasksmith/gh-client.ts:206:23                       
SEED_INSTRUCTION                            tools/src/tasksmith/task-extractor.ts:538:10                  
verifyTask                        function  tools/src/tasksmith/verify.ts:356:23                          
cleanupPrArtifacts                function  tools/src/tasksmith/verify.ts:480:23                          
�[93m�[4mUnused exported types�[24m�[39m (59)
PiAgentDirSource                type       apps/agent-daemon/src/lib/pi-agent-dir.ts:4:13                    
MailRecord                      interface  apps/console/e2e/helpers/mailslurper.ts:3:18                      
GroupedTasks                    type       apps/console/src/tasks/status.ts:24:8                             
TaskLane                        type       apps/console/src/tasks/status.ts:28:8                             
TaskLaneId                      type       apps/console/src/tasks/status.ts:29:8                             
UiResourceData                  interface  apps/mcp-host/src/implementation.ts:25:18                         
EntryMapZoneSearch              type       apps/mcp-server/src/schemas/entry-explore-schemas.ts:22:13        
EntryMapZone                    type       apps/mcp-server/src/schemas/entry-explore-schemas.ts:86:13        
CorsPluginOptions               interface  apps/rest-api/src/plugins/cors.ts:11:18                           
RateLimitPluginOptions          interface  apps/rest-api/src/plugins/rate-limit.ts:19:18                     
ProblemType                     type       apps/rest-api/src/problems/index.ts:11:8                          
AgentPrincipal                  type       apps/rest-api/src/schemas/principal.ts:37:8                       
HumanPrincipal                  type       apps/rest-api/src/schemas/principal.ts:39:8                       
PrincipalIdentity               type       apps/rest-api/src/schemas/principal.ts:41:8                       
CreateTaskInput                 type       apps/rest-api/src/services/task.service.ts:2:8                    
AuthContext                     type       apps/rest-api/src/types.ts:14:3                                   
PermissionChecker               type       apps/rest-api/src/types.ts:15:3                                   
RelationshipReader              type       apps/rest-api/src/types.ts:16:3                                   
RelationshipWriter              type       apps/rest-api/src/types.ts:17:3                                   
DiaryTransferDeps               type       apps/rest-api/src/workflows/index.ts:2:8                          
DiaryTransferResult             type       apps/rest-api/src/workflows/index.ts:3:8                          
TransferDecision                type       apps/rest-api/src/workflows/index.ts:8:8                          
HumanOnboardingDeps             type       apps/rest-api/src/workflows/index.ts:11:8                         
HumanOnboardingResult           type       apps/rest-api/src/workflows/index.ts:13:8                         
LegreffierOnboardingDeps        type       apps/rest-api/src/workflows/index.ts:24:8                         
MaintenanceDeps                 type       apps/rest-api/src/workflows/index.ts:33:8                         
RegistrationDeps                type       apps/rest-api/src/workflows/index.ts:38:8                         
RegistrationResult              type       apps/rest-api/src/workflows/index.ts:39:8                         
RunWorkflowOptions              type       apps/rest-api/src/workflows/index.ts:48:8                         
FoundingMember                  type       apps/rest-api/src/workflows/index.ts:52:8                         
TeamFoundingDeps                type       apps/rest-api/src/workflows/index.ts:55:8                         
TeamFoundingResult              type       apps/rest-api/src/workflows/index.ts:56:8                         
RunWorkflowOptions              interface  apps/rest-api/src/workflows/run-workflow.ts:21:18                 
AdoptionState                   interface  docs/.vitepress/theme/auth/useAdoption.ts:38:18                   
AdoptionStageKey                type       docs/.vitepress/theme/auth/useAdoption.ts:284:13                  
AdoptionStage                   interface  docs/.vitepress/theme/auth/useAdoption.ts:292:18                  
DocsTeam                        interface  docs/.vitepress/theme/auth/useTeamSelection.ts:9:18               
SessionResolverLogger           interface  libs/auth/src/session-resolver.ts:24:18                           
GroupCreator                    interface  libs/database/src/repositories/group.repository.ts:15:18          
EntriesListArgs                 interface  libs/entry-explore-mcp-app/src/adapter/tool-calls.ts:22:18        
EntriesSearchArgs               interface  libs/entry-explore-mcp-app/src/adapter/tool-calls.ts:32:18        
DiaryTagsArgs                   interface  libs/entry-explore-mcp-app/src/adapter/tool-calls.ts:44:18        
EntriesGetArgs                  interface  libs/entry-explore-mcp-app/src/adapter/tool-calls.ts:51:18        
PacksCreateArgs                 interface  libs/entry-explore-mcp-app/src/adapter/tool-calls.ts:57:18        
PacksUpdateArgs                 interface  libs/entry-explore-mcp-app/src/adapter/tool-calls.ts:65:18        
PacksProvenanceArgs             interface  libs/entry-explore-mcp-app/src/adapter/tool-calls.ts:71:18        
CommandRegistrar                type       libs/pi-extension/src/commands/index.ts:5:3                       
SessionMeta                     type       libs/pi-extension/src/commands/index.ts:7:3                       
RateLimitRetryOptions           type       libs/sdk/src/retry.ts:5:15                                        
SuccessCriteriaRubricCriterion  interface  libs/task-ui/src/success-criteria.ts:80:18                        
RubricTemplate                  interface  libs/task-ui/src/success-criteria.ts:123:18                       
AgentAdapter                    type       packages/legreffier-cli/src/adapters/index.ts:11:15               
AgentAdapterOptions             type       packages/legreffier-cli/src/adapters/index.ts:11:29               
ResolveInstallationStatus       type       packages/legreffier-cli/src/phases/portResolveInstallation.ts:6:13
VerifyInstallationStatus        type       packages/legreffier-cli/src/phases/portVerifyInstallation.ts:4:13 
InitPhase                       type       packages/legreffier-cli/src/state.ts:4:13                         
EvalMode                        type       tools/src/tasks/scenario.ts:31:13                                 
EvalWorkspace                   type       tools/src/tasks/scenario.ts:32:13                                 
ScenarioCriterion               interface  tools/src/tasks/scenario.ts:34:18                                 
�[93m�[4mUnused catalog entries�[24m�[39m (4)
@anthropic-ai/claude-agent-sdk  default  pnpm-workspace.yaml:25:4 
@fastify/static                 default  pnpm-workspace.yaml:36:4 
@openai/codex-sdk               default  pnpm-workspace.yaml:61:4 
zod                             default  pnpm-workspace.yaml:150:3
�[33m�[4mConfiguration hints�[24m (4)�[39m
. �[90m(root)�[39m         knip.config.ts  �[90mAdd �[97mentry�[90m and/or refine �[97mproject�[90m files in �[97mworkspaces["."]�[90m (16 unused files)�[39m           
tools            knip.config.ts  �[90mAdd �[97mentry�[90m and/or refine �[97mproject�[90m files in �[97mworkspaces["tools"]�[90m (10 unused files)�[39m       
apps/rest-api    knip.config.ts  �[90mAdd �[97mentry�[90m and/or refine �[97mproject�[90m files in �[97mworkspaces["apps/rest-api"]�[90m (4 unused files)�[39m
apps/mcp-host    knip.config.ts  �[90mAdd �[97mentry�[90m and/or refine �[97mproject�[90m files in �[97mworkspaces["apps/mcp-host"]�[90m (2 unused files)�[39m
 ELIFECYCLE  Command failed with exit code 1.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

moltnet_whoami conflates multiple distinct agent identities in one response

0 participants