Migrate to Peer Paradigm

[dr-frmr]

Summary by CodeRabbit

• New Features

  • Added utility functions for database schema inspection.
  • Introduced workspace and peer-based API endpoints, replacing the app/user model.
  • Added comprehensive peer and session management with feature flags and configuration.
  • Enabled batch message operations and enhanced message querying with token and message count limits.
  • Implemented search and summary functionalities scoped by workspace, peer, and session.
  • Added peer representation retrieval and chat endpoints.
  • Introduced session context retrieval with summaries and token allocation.

• Refactor

  • Migrated database schema to adopt workspace/peer/session naming and structure.
  • Replaced integer IDs with nanoid strings for primary keys.
  • Consolidated user representation and summaries into peer/session metadata and session metadata.
  • Updated authentication and JWT scopes to workspace/peer/session hierarchy.
  • Unified naming conventions and removed legacy app/user/collection models and routes.
  • Refined queue processing to work on granular work units instead of sessions.
  • Simplified function signatures by removing session_id parameters in inference and representation code.
  • Enhanced embedding store and CRUD operations to workspace/peer/collection context.
  • Streamlined summary handling by storing summaries in session metadata instead of metamessages.
  • Updated message token counting with tiktoken integration and fallback heuristic.
  • Replaced session chat endpoint with peer chat endpoint reflecting new naming conventions.
  • Updated queue and message processing to handle sender/target and task types for multi-peer scenarios.
  • Added strict payload validation for message processing.

• Bug Fixes

  • Improved error handling and validation for batch message operations and metadata.
  • Enhanced token counting for messages with fallback heuristics.

• Tests

  • Added extensive integration tests for message enqueueing, peer/session management, and schema validations.
  • Removed obsolete tests for apps, users, collections, documents, and metamessages.
  • Added new test suites covering workspaces, peers, sessions, messages, and scoped API behaviors.
  • Updated tests to reflect workspace/peer/session model and batch message formats.

• Chores

  • Updated dependencies to include tokenization package.
  • Added type annotations and improved payload validation.
  • Removed unused imports and simplified function signatures.
  • Replaced deprecated API routes with new workspace/peer/session routes.

[coderabbitai]

Actionable comments posted: 2

♻️ Duplicate comments (10)

src/models.py (4)

53-93: Association table uses mutable name-based foreign keys.

The session_peers_table references sessions and peers by their mutable name fields rather than immutable id fields. This creates the same cascading update issues flagged in past reviews when names change.

---

70-71: Mutable default {} pattern persists.

Multiple JSONB columns still use default={} which shares the same dictionary across all instances. This was flagged in previous reviews.

Also applies to: 105-107, 121-124, 131-131, 156-159, 167-167, 194-197, 255-258, 286-288

---

128-130: Foreign key references mutable workspace name.

The workspace_name foreign key in the Peer model references workspaces.name (mutable) instead of workspaces.id (immutable), creating cascading update issues when workspace names change.

---

164-166: Workspace foreign key reference pattern continues.

The Session model also references workspaces.name instead of the immutable id, perpetuating the same cascading update concern.

migrations/versions/d429de0e5338_adopt_peer_paradigm.py (2)

1048-1111: Token backfill performance issues remain unaddressed.

The token counting backfill still processes messages in Python with individual database round-trips despite previous performance concerns flagged in reviews.

---

1094-1108: UNNEST array binding may fail across database drivers.

The batch update using UNNEST with Python list binding could fail on certain PostgreSQL drivers that don't automatically cast Python lists to PostgreSQL arrays.

src/crud.py (4)

25-25: Add safe environment variable parsing with error handling.

The current implementation can raise ValueError if SESSION_PEERS_LIMIT contains non-integer data, potentially causing application startup failures.

---

868-869: Add configuration validation before storage.

Direct manipulation of configuration data without validation can lead to data integrity issues. Consider validating the configuration schema before storage.

---

180-181: Remove inner commit to maintain transaction atomicity.

get_or_create_peers() calls await db.commit() but is invoked by other functions that also commit (like get_or_create_session, set_peers_for_session). This breaks transaction atomicity as partial work can persist if later operations fail.

Remove the inner commit and let the caller control the transaction:

-    await db.commit()
-
-    # Return combined list of existing and new peers
-    return existing_peers + new_peers
+    # Return combined list; caller is responsible for committing
+    return existing_peers + new_peers

---

1274-1285: Message count limit has ordering inconsistency similar to token limit issue.

The current implementation orders by id DESC, applies a limit, then overwrites the ordering. This can cause the limit to be applied to the wrong set of messages after reordering.

Use a subquery pattern similar to the token limit logic:

-    if message_count_limit is not None:
-        stmt = select(models.Message).where(*base_conditions)
-        stmt = stmt.order_by(models.Message.id.desc()).limit(message_count_limit)
-        
-        if reverse:
-            stmt = stmt.order_by(models.Message.id.desc())
-        else:
-            stmt = stmt.order_by(models.Message.id.asc())
+    if message_count_limit is not None:
+        # Subquery to get the most recent N messages
+        inner = (
+            select(models.Message.id)
+            .where(*base_conditions)
+            .order_by(models.Message.id.desc())
+            .limit(message_count_limit)
+        ).subquery()
+        
+        stmt = (
+            select(models.Message)
+            .where(models.Message.id.in_(select(inner.c.id)))
+        )
+        
+        if reverse:
+            stmt = stmt.order_by(models.Message.id.desc())
+        else:
+            stmt = stmt.order_by(models.Message.id.asc())

🧹 Nitpick comments (2)

src/models.py (2)

2-2: Consider using structured logging configuration.

The logger is created using getLogger(__name__) but there's no logging configuration. Consider configuring log levels and formatters to ensure consistent logging behavior across the application.

Also applies to: 32-32

---

213-222: Complex composite foreign key constraints may impact performance.

The Message model has multiple composite foreign key constraints that reference name-based fields. Consider adding appropriate indexes on these composite key combinations if query performance becomes an issue.

If performance issues arise, consider adding composite indexes:

+        Index("idx_messages_session_workspace", "session_name", "workspace_name"),
+        Index("idx_messages_peer_workspace", "peer_name", "workspace_name"),

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 669531f and 36839ff.

📒 Files selected for processing (3)

• migrations/versions/d429de0e5338_adopt_peer_paradigm.py (1 hunks)
• src/crud.py (13 hunks)
• src/models.py (3 hunks)

🧰 Additional context used

🧠 Learnings (2)

migrations/versions/d429de0e5338_adopt_peer_paradigm.py (2)

Learnt from: Rajat-Ahuja1997
PR: plastic-labs/honcho#131
File: migrations/versions/d429de0e5338_adopt_peer_paradigm.py:188-194
Timestamp: 2025-06-18T15:58:51.164Z
Learning: In the migration file `migrations/versions/d429de0e5338_adopt_peer_paradigm.py`, the team has explicitly decided to accept SQL injection risks from f-string interpolation of schema names, despite the security concerns around DDL injection via the DATABASE_SCHEMA environment variable.

Learnt from: Rajat-Ahuja1997
PR: plastic-labs/honcho#131
File: migrations/versions/d429de0e5338_adopt_peer_paradigm.py:438-441
Timestamp: 2025-06-18T16:44:57.704Z
Learning: In the Honcho database schema, messages.app_id references workspaces.public_id (string nanoid), not workspaces.id (integer primary key). This means that during migrations when workspaces.public_id is renamed to workspaces.id, the foreign key relationship with messages.app_id remains valid.

src/crud.py (4)

Learnt from: Rajat-Ahuja1997
PR: plastic-labs/honcho#131
File: src/crud.py:503-505
Timestamp: 2025-06-18T14:50:59.925Z
Learning: The Honcho project prefers upsert behavior for update operations across all resources (sessions, peers, workspaces). Update operations should create the resource if it doesn't exist rather than failing fast. This is an explicit design decision that differs from typical REST semantics but provides a more forgiving API experience.

Learnt from: dr-frmr
PR: plastic-labs/honcho#131
File: src/routers/sessions.py:206-213
Timestamp: 2025-06-18T20:42:06.406Z
Learning: The `get_or_create_session` function in this codebase is designed to handle both session creation and adding peers to existing sessions. When called with peers, it will add those peers to an existing session rather than creating a duplicate session.

Learnt from: Rajat-Ahuja1997
PR: plastic-labs/honcho#131
File: src/crud.py:374-377
Timestamp: 2025-06-18T21:24:55.880Z
Learning: In the codebase, the API layer catches ValueError exceptions from the CRUD layer and converts them to ValidationException. This represents a layered error handling approach where business logic violations in the CRUD layer use standard Python exceptions, while the API layer handles the translation to domain-specific exceptions and appropriate HTTP responses.

Learnt from: Rajat-Ahuja1997
PR: plastic-labs/honcho#131
File: src/crud.py:374-377
Timestamp: 2025-06-18T21:24:55.880Z
Learning: The codebase uses a layered error handling approach where the CRUD layer raises ValueError for business rule violations (like peer limits), and the API layer catches these ValueError exceptions and translates them to appropriate domain-specific exceptions (ValidationException for validation errors, ResourceNotFoundException for missing resources). This provides clean separation of concerns between business logic and HTTP semantics.

🪛 Pylint (3.3.7)

src/models.py

[refactor] 96-96: Too few public methods (0/2)

(R0903)

---

[refactor] 117-117: Too few public methods (1/2)

(R0903)

---

[refactor] 151-151: Too few public methods (1/2)

(R0903)

---

[refactor] 184-184: Too few public methods (1/2)

(R0903)

---

[refactor] 247-247: Too few public methods (0/2)

(R0903)

---

[refactor] 283-283: Too few public methods (0/2)

(R0903)

---

[refactor] 341-341: Too few public methods (0/2)

(R0903)

---

[refactor] 366-366: Too few public methods (0/2)

(R0903)

migrations/versions/d429de0e5338_adopt_peer_paradigm.py

[refactor] 876-876: Too many branches (13/12)

(R0912)

---

[refactor] 1048-1048: Too many local variables (17/15)

(R0914)

---

[refactor] 1766-1766: Too many branches (16/12)

(R0912)

src/crud.py

[refactor] 530-530: Too many local variables (16/15)

(R0914)

---

[refactor] 1238-1238: Too many arguments (6/5)

(R0913)

---

[refactor] 1238-1238: Too many positional arguments (6/5)

(R0917)

---

[refactor] 1324-1324: Too many arguments (6/5)

(R0913)

---

[refactor] 1324-1324: Too many positional arguments (6/5)

(R0917)

---

[refactor] 1509-1509: Too many arguments (8/5)

(R0913)

---

[refactor] 1509-1509: Too many positional arguments (8/5)

(R0917)

🔇 Additional comments (4)

src/models.py (2)

34-49: Token counting implementation looks solid.

The token counting function includes proper error handling with fallback estimation and uses tiktoken efficiently. The warning log for failures includes truncated text for debugging without exposing full content.

---

241-244: Token count event listener implementation is efficient.

The SQLAlchemy event listener for calculating token counts on message insertion is well-implemented. It automatically calculates tokens before database insertion, ensuring data consistency.

migrations/versions/d429de0e5338_adopt_peer_paradigm.py (2)

79-82: Downgrade function implementation is comprehensive.

The downgrade function provides a complete reversal path for the migration, addressing previous concerns about missing rollback logic. The step-by-step approach mirrors the upgrade process in reverse.

---

495-518: ```shell
#!/bin/bash

Locate peer assignment logic in migrations by searching for session_peers references

grep -R -n "session_peers" -C5 migrations

</details>

</blockquote></details>

</details>

<!-- This is an auto-generated comment by CodeRabbit for review status -->

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (2)

src/crud.py (2)

868-869: Configuration validation already addressed.

This is similar to a past review comment about configuration validation. The current implementation using configuration.model_dump() provides implicit validation through the Pydantic model, which is appropriate for this use case.

---

1274-1285: Message ordering issue already identified.

This is similar to a past review comment about the ORDER BY clause potentially returning incorrect results. The current implementation may still have the same issue where the final ORDER BY overwrites the initial ordering used with LIMIT.

🧹 Nitpick comments (3)

src/crud.py (3)

530-628: Consider refactoring clone_session to reduce complexity.

The function has 16 local variables and handles multiple concerns (session cloning, message copying, peer relationships). Consider breaking it down into smaller helper functions for better maintainability.

async def clone_session(
    db: AsyncSession,
    workspace_name: str,
    original_session_name: str,
    cutoff_message_id: Optional[str] = None,
) -> models.Session:
    """Clone a session and its messages..."""
    original_session = await _get_original_session(db, workspace_name, original_session_name)
    cutoff_message = await _validate_cutoff_message(db, cutoff_message_id, original_session_name)
    
    new_session = await _create_cloned_session(db, workspace_name, original_session)
    await _clone_messages(db, workspace_name, original_session_name, new_session, cutoff_message)
    await _clone_session_peers(db, workspace_name, original_session_name, new_session)
    
    await db.commit()
    logger.info(f"Session {original_session_name} cloned successfully")
    return new_session

---

1238-1245: Consider using a configuration object to reduce parameter count.

The function has 6 parameters, which exceeds the recommended limit. Consider grouping related parameters into a configuration object.

+from dataclasses import dataclass
+
+@dataclass
+class MessageQueryConfig:
+    reverse: Optional[bool] = False
+    filter: Optional[dict] = None
+    token_limit: Optional[int] = None
+    message_count_limit: Optional[int] = None

async def get_messages(
    workspace_name: str,
    session_name: str,
-   reverse: Optional[bool] = False,
-   filter: Optional[dict] = None,
-   token_limit: Optional[int] = None,
-   message_count_limit: Optional[int] = None,
+   config: Optional[MessageQueryConfig] = None,
) -> Select:
+   config = config or MessageQueryConfig()
    # Use config.reverse, config.filter, etc.

---

1506-1515: Consider parameter reduction for better maintainability.

The function has 8 parameters which exceeds recommended limits. Consider grouping related parameters or using a configuration object.

+from dataclasses import dataclass
+
+@dataclass
+class DocumentQueryConfig:
+    filter: Optional[dict] = None
+    max_distance: Optional[float] = None
+    top_k: int = 5

async def query_documents(
    db: AsyncSession,
    workspace_name: str,
    peer_name: str,
    collection_name: str,
    query: str,
-   filter: Optional[dict] = None,
-   max_distance: Optional[float] = None,
-   top_k: int = 5,
+   config: Optional[DocumentQueryConfig] = None,
) -> Sequence[models.Document]:
+   config = config or DocumentQueryConfig()

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 36839ff and 9133505.

📒 Files selected for processing (1)

• src/crud.py (13 hunks)

🧰 Additional context used

🧠 Learnings (1)

src/crud.py (4)

Learnt from: Rajat-Ahuja1997
PR: plastic-labs/honcho#131
File: src/crud.py:503-505
Timestamp: 2025-06-18T14:50:59.925Z
Learning: The Honcho project prefers upsert behavior for update operations across all resources (sessions, peers, workspaces). Update operations should create the resource if it doesn't exist rather than failing fast. This is an explicit design decision that differs from typical REST semantics but provides a more forgiving API experience.

Learnt from: dr-frmr
PR: plastic-labs/honcho#131
File: src/routers/sessions.py:206-213
Timestamp: 2025-06-18T20:42:06.406Z
Learning: The `get_or_create_session` function in this codebase is designed to handle both session creation and adding peers to existing sessions. When called with peers, it will add those peers to an existing session rather than creating a duplicate session.

Learnt from: Rajat-Ahuja1997
PR: plastic-labs/honcho#131
File: src/crud.py:374-377
Timestamp: 2025-06-18T21:24:55.880Z
Learning: In the codebase, the API layer catches ValueError exceptions from the CRUD layer and converts them to ValidationException. This represents a layered error handling approach where business logic violations in the CRUD layer use standard Python exceptions, while the API layer handles the translation to domain-specific exceptions and appropriate HTTP responses.

Learnt from: Rajat-Ahuja1997
PR: plastic-labs/honcho#131
File: src/crud.py:374-377
Timestamp: 2025-06-18T21:24:55.880Z
Learning: The codebase uses a layered error handling approach where the CRUD layer raises ValueError for business rule violations (like peer limits), and the API layer catches these ValueError exceptions and translates them to appropriate domain-specific exceptions (ValidationException for validation errors, ResourceNotFoundException for missing resources). This provides clean separation of concerns between business logic and HTTP semantics.

🪛 Pylint (3.3.7)

src/crud.py

[refactor] 530-530: Too many local variables (16/15)

(R0914)

---

[refactor] 1238-1238: Too many arguments (6/5)

(R0913)

---

[refactor] 1238-1238: Too many positional arguments (6/5)

(R0917)

---

[refactor] 1324-1324: Too many arguments (6/5)

(R0913)

---

[refactor] 1324-1324: Too many positional arguments (6/5)

(R0917)

---

[refactor] 1506-1506: Too many arguments (8/5)

(R0913)

---

[refactor] 1506-1506: Too many positional arguments (8/5)

(R0917)

🔇 Additional comments (8)

src/crud.py (8)

1-26: LGTM! Clean imports and constants setup.

The imports are well-organized and the constants are appropriately defined. Note that there's already a past review comment addressing the environment variable parsing for SESSION_PEERS_LIMIT.

---

87-117: LGTM! Consistent with upsert design pattern.

The update_workspace function correctly uses the upsert pattern by calling get_or_create_workspace, which aligns with the project's design preference for forgiving update operations.

---

125-184: LGTM! Clean peer management with proper batch operations.

The get_or_create_peers function handles bulk operations efficiently and maintains transaction integrity by committing only at the end of the operation.

---

666-680: LGTM! Proper workspace filtering prevents cross-workspace data leaks.

The query correctly filters by both session_name and workspace_name, addressing the cross-workspace concern mentioned in previous reviews.

---

976-1057: LGTM! Excellent hybrid search implementation.

The search function intelligently handles both natural language queries (using PostgreSQL FTS) and special character queries (using ILIKE), with proper SQL parameterization to prevent injection attacks.

---

1060-1140: LGTM! Clean user representation management.

The functions properly handle both session-scoped and global peer-scoped user representations using appropriate SQLAlchemy JSON operations.

---

1446-1499: LGTM! Clean collection management following established patterns.

The collection methods are well-implemented and consistent with the codebase's upsert behavior and error handling patterns.

---

1659-1661: LGTM! Useful helper function for consistent naming.

The construct_collection_name function provides a clean pattern for generating collection names from peer and target names.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (4)

CHANGELOG.md (2)

8-8: Include release date in version header To align with dated entries (e.g., ## [0.0.14] — 2024-11-14), consider appending the release date to ## [2.0.0].

---

25-27: Fix missing comma for readability Add a comma after “peer” for correct grammar:

A session exists independently of any one peer, and peers can be added to and removed from sessions.

CLAUDE.md (2)

17-17: Refine terminology to avoid repetition Consider rephrasing to reduce the repeated “observe” verb, e.g., “Configurable observation settings (which peers monitor others)”.

---

87-89: Ensure project structure reflects actual code The directory listing should include all new modules introduced (e.g., keys.py, schemas.py, exceptions.py).

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9133505 and 285d547.

📒 Files selected for processing (5)

• CHANGELOG.md (1 hunks)
• CLAUDE.md (2 hunks)
• README.md (1 hunks)
• pyproject.toml (2 hunks)
• src/main.py (4 hunks)

✅ Files skipped from review due to trivial changes (1)

• README.md

🚧 Files skipped from review as they are similar to previous changes (2)

• pyproject.toml
• src/main.py

🧰 Additional context used

🪛 LanguageTool

CLAUDE.md

[style] ~19-~19: The words ‘observation’ and ‘observe’ are quite similar. Consider replacing ‘observe’ with a different word.
Context: ...rable observation settings (which peers observe which others) - Flexible identity manag...

(VERB_NOUN_SENT_LEVEL_REP)

CHANGELOG.md

[duplication] ~16-~16: Possible typo: you repeated a word.
Context: ...nalities scoped by workspace, peer, and session - Session context retrieval with summaries and to...

(ENGLISH_WORD_REPEAT_RULE)

---

[uncategorized] ~26-~26: Possible missing comma found.
Context: ...session exists independently of any one peer and peers can be added to and removed...

(AI_HYDRA_LEO_MISSING_COMMA)

🔇 Additional comments (4)

CHANGELOG.md (3)

12-18: Approve Added section The new capabilities are clearly listed and formatted correctly.

---

37-39: Approve Fixed section The improvements to error handling and validation are accurately summarized.

---

41-45: Approve Removed section The deprecated features are clearly documented as removed.

CLAUDE.md (1)

10-10: Approve multi-peer sessions bullet This addition clearly communicates the new multi-peer interaction capability.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (3)

README.md (3)

64-70: Refine feature list for clarity
The peer-based capabilities are well outlined. Consider rephrasing the “Configurable observation settings (which peers observe which others)” bullet for readability, for example:

Configurable observation settings (which peers can view others’ interactions)

---

84-85: Polish scalability statement
The phrase “peer-centric and easily scalable” works well. You might add a comma for emphasis:

peer-centric, easily scalable

---

90-99: Verify ASCII mapping diagram
The diagram accurately captures the workspace–peer–session relationships. To satisfy markdown lint, add a language to the code fence (e.g., ```text).

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 285d547 and 9a31da1.

📒 Files selected for processing (1)

• README.md (3 hunks)

🧰 Additional context used

🪛 LanguageTool

README.md

[style] ~67-~67: The words ‘observation’ and ‘observe’ are quite similar. Consider replacing ‘observe’ with a different word.
Context: ...rable observation settings (which peers observe which others) - Flexible identity manag...

(VERB_NOUN_SENT_LEVEL_REP)

---

[duplication] ~103-~103: Possible typo: you repeated a word.
Context: ...* - A Workspace contains multiple Peers - Peers and Sessions have a many-to-many ...

(ENGLISH_WORD_REPEAT_RULE)

---

[uncategorized] ~116-~116: If this is a compound adjective that modifies the following noun, use a hyphen.
Context: ...ing here. #### Workspaces This is the top level construct of Honcho (formerly called Ap...

(EN_COMPOUND_ADJECTIVE_INTERNAL)

---

[typographical] ~143-~143: Consider adding a comma after this introductory phrase.
Context: ... modeling. #### Collections At a high level a Collection is a named group of `Doc...

(AS_A_NN_COMMA)

---

[uncategorized] ~144-~144: This expression is usually spelled with a hyphen.
Context: ...f Documents. Developers familiar with RAG based applications will be familiar with thes...

(BASED_HYPHEN)

---

[uncategorized] ~155-~155: A comma might be missing here.
Context: ...esentations. #### Documents As stated before a Document is vector embedded data st...

(AI_EN_LECTOR_MISSING_PUNCTUATION_COMMA)

---

[uncategorized] ~173-~173: Possible missing comma found.
Context: ...r database To read more about how this works read our [Research Paper](https://arxiv...

(AI_HYDRA_LEO_MISSING_COMMA)

🪛 markdownlint-cli2 (0.17.2)

README.md

89-89: Fenced code blocks should have a language specified
null

(MD040, fenced-code-language)

🔇 Additional comments (6)

README.md (6)

3-3: Update version badge to 2.0.0
The version badge has been correctly bumped to reflect the new major release.

---

12-12: Revise project description to peer-centric model
The updated description accurately highlights Honcho’s social cognition and theory-of-mind focus for peers.

---

61-62: Introduce the “Peer Paradigm” section
The new header cleanly introduces the paradigm shift from users to peers.

---

81-81: Clarify peer data context
Good callout on peer-level data storage; ensure the sentence flow remains smooth across the line break.

---

87-87: Frame the primitives mapping
The intro line to the ASCII diagram is concise and sets up the diagram effectively.

---

102-110: Confirm relationship details bullets
The relationship bullets correctly mirror the updated data model, clearly distinguishing session- vs peer-level messages and collections.