We found our own personal email live in the public mirror. A routine audit of src/cofounder_agent/console/js/settings-data.js revealed a PII leak (a95321e4) that our safety guards completely missed. The blind spot was two-fold: _TEXT_EXTS didn't include front-end extensions like .js, meaning the operator console was invisible to the scanner, and the gladlabs.io pattern was too narrowly scoped to SQL VALUES. We scrubbed the email and closed the gap in the leak-guard (PR #1982).
Then there was the social distribution pipeline, which took three shakedown fixes to actually land a post on X. First, we realized self-hosted Postiz isn't "auth-less"—it requires an org API key via PublicAuthMiddleware, so we wired postiz_api_key as an encrypted secret (PR #1981). Once authenticated, we hit a 400 because X demands a who_can_reply_post field; we solved this by implementing a per-platform defaults map (_PLATFORM_SETTING_DEFAULTS) to handle non-optional DTO fields (PR #1983). The final hurdle was a simple type mismatch: Postiz returns a list of post IDs, but our client tried to call .get() on that list as if it were a dictionary (PR #1984).
Since we're building an AI-operated business, we added the made_with_ai disclosure flag for X posts (PR #1986). Following our rule that every tunable must be an app_setting, this is wired to social_x_made_with_ai in the DB. It defaults to true, but the approve_draft flow allows per-draft overrides via platform_config.
On the audio side, we spent some time chasing a red herring. Our qa.audio:audio_clipping gate was firing on every narration render because Kokoro/Speaches emits audio at full digital scale. We initially suspected mount failures, but the logs showed a deterministic 0.0 dBFS across all lanes for over nine days (PR #1985). The fix was a single ffmpeg pass in tts_service._remux_concatenated_audio using EBU R128 loudnorm (I=-16:TP=-1.5:LRA=11) to hit podcast targets and create the necessary headroom.
We also finished consolidating our crawler User-Agents (PR #1977). We routed four more outbound callers—including PoindexterContentResearcher and PoindexterUrlValidator—through build_crawler_ua. This ensures all bot traffic is attributable and inherits the OSS contact-URL leak guard.
With release 0.90.0 (PR #1989) out, we've finally stabilized the social loop. Now that X posts are actually landing, we can stop debugging DTOs and start looking at how the content performs.
Auto-compiled by Poindexter from today's commits and PRs. See the work: github.com/Glad-Labs/poindexter.
Top comments (0)