From 0622ebf534ca9437983f633e82bec277d2685cc9 Mon Sep 17 00:00:00 2001 From: Alex Newman Date: Fri, 6 Feb 2026 02:18:27 -0500 Subject: [PATCH] MAESTRO: Close PR #830 requesting scope reduction and rebase after merge conflicts with #769/#884 Co-Authored-By: Claude Opus 4.6 --- Auto Run Docs/PR-Triage/PR-Triage-09.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Auto Run Docs/PR-Triage/PR-Triage-09.md b/Auto Run Docs/PR-Triage/PR-Triage-09.md index 985d69d5..9d52b958 100644 --- a/Auto Run Docs/PR-Triage/PR-Triage-09.md +++ b/Auto Run Docs/PR-Triage/PR-Triage-09.md @@ -13,7 +13,8 @@ These PRs address Chroma vector database stability, zombie processes, and enterp - [x] Review PR #884 (`fix: add Zscaler SSL certificate support for ChromaDB vector search` by @RClark4958). Files: `src/services/sync/ChromaSync.ts` + build artifacts. Enterprise environments use Zscaler SSL inspection which breaks Chroma HTTPS connections. Steps: (1) `gh pr checkout 884` (2) Review — should respect NODE_EXTRA_CA_CERTS or custom CA cert configuration (3) Verify this doesn't weaken SSL for non-Zscaler users (4) Run `npm run build` (5) If appropriate for enterprise support: `gh pr merge 884 --rebase --delete-branch` - **Merged** (2026-02-06): Manually applied to main (compiled output conflicts from PR #769 merge). Adds `getCombinedCertPath()` method that detects Zscaler certificates in the macOS system keychain via `security find-certificate`, combines them with certifi CA certs into `~/.claude-mem/combined_certs.pem` (cached 24h, atomic write), and passes `SSL_CERT_FILE`/`REQUESTS_CA_BUNDLE`/`CURL_CA_BUNDLE` env vars to the chroma-mcp subprocess. Falls back gracefully when Zscaler is absent — no impact on non-Zscaler environments. `NODE_EXTRA_CA_CERTS` not needed since the Python subprocess uses Python SSL env vars, not Node.js ones. macOS-only cert extraction with cross-platform cache reuse. All 39 Chroma tests pass. Build clean. -- [ ] Review PR #830 (`fix: Chroma stability + additional process management layers` by @michelhelsdingen). Files: 7 files including ChromaSync.ts, ProcessManager.ts, worker-service.ts. Steps: (1) `gh pr checkout 830` (2) This is a broader stability PR — review scope carefully (3) Check for overlap with ProcessRegistry (v9.0.8) (4) If too broad, request scope reduction to just the Chroma stability portions (5) Run `npm run build` +- [x] Review PR #830 (`fix: Chroma stability + additional process management layers` by @michelhelsdingen). Files: 7 files including ChromaSync.ts, ProcessManager.ts, worker-service.ts. Steps: (1) `gh pr checkout 830` (2) This is a broader stability PR — review scope carefully (3) Check for overlap with ProcessRegistry (v9.0.8) (4) If too broad, request scope reduction to just the Chroma stability portions (5) Run `npm run build` + - **Closed** (2026-02-06): PR scope too broad (7 files, 7 distinct concerns) with severe merge conflicts against already-merged PRs #769 (transport cleanup) and #884 (Zscaler SSL). The `ensureConnection()` rewrite in this PR predates both merges and would require extensive conflict resolution. Left detailed review comment requesting rebase on current main and split into 8 focused PRs: CHROMA_DISABLED setting, connection timeout, reconnection mutex, parent heartbeat, chroma watchdog, stale session recovery, subprocess pool limit, and MCP orphan cleanup. Individual ideas are solid — the connection timeout, parent heartbeat, and CHROMA_DISABLED setting are particularly welcome as standalone PRs. ## Feature