2026-03-17 — Eclectis

What shipped today

Continued the scout-driven hardening sprint that started over the weekend. Today’s session focused on engine reliability and web resilience — two themes that emerged from the /scout run on 3/16.

On the engine side, the poller got graceful shutdown (#261) so Railway deploys no longer kill mid-flight commands. The health endpoint was expanded (#267) to report poller liveness, scheduler state, and command queue depth — giving us real observability into whether the engine is actually working, not just responding to pings. The Brevo webhook got content-type validation and IP-based rate limiting (#266) to harden the ingest surface. And the database pool (#269) now has an acquire timeout and retry wrapper so the engine fails fast instead of hanging forever when connections are exhausted.

On the web side, the feeds page got a proper empty state (#263) with onboarding guidance and CTA buttons that interact with the existing add-feed form. Engagement tracking (#265) now captures errors to Sentry instead of silently dropping them, and all article mutation actions (vote, bookmark, mark-read) properly check and return errors.

Issue #264 (encrypting integration tokens at rest) was prepped but needs an architectural decision — posted three options as a clarification comment. The challenge is that both Next.js and the Python engine need to read tokens, so the encryption key management needs thought.

Completed

• #261 — Add graceful shutdown to engine poller
• #263 — Add empty state with onboarding guidance to feeds page
• #265 — Add engagement tracking error handling and retry
• #266 — Add Brevo webhook content-type validation and rate limiting
• #267 — Add comprehensive health checks to engine /health endpoint
• #269 — Add database pool circuit breaker to engine

Carry-over

• #264 — Encrypt integration tokens at rest (needs-clarification: architectural decision on shared encryption across Next.js + Python)
• Verify PostHog and Sentry are configured correctly (env vars, events firing, error capture working)
• Supabase migrations from #262 and #268 (indexes) need supabase db push to production

Risks

• The rate limiter in main.py is in-memory (defaultdict), which resets on deploy. Fine for single-instance Railway, but won’t work if we scale horizontally. Not urgent.
• Token encryption (#264) is the last meaningful security gap — integration tokens (Raindrop, Readwise) are stored as plaintext JSON.

Flags and watch-outs

• Engine tests requiring pytest-asyncio are skipped locally (missing dep in venv). The sync tests all pass (116).
• All milestones are closed. No active release pressure.

Next session

• Decide on token encryption approach for #264 and implement — this is the highest-impact remaining security issue
• Run supabase db push for the index migrations (#262, #268)
• Verify PostHog events and Sentry error capture are actually working end-to-end
• Consider another /scout run — the last one surfaced 11 useful issues, most now shipped