Skip to content

docs(plans): encryption-migrations follow-ups working doc#407

Draft
coderdan wants to merge 1 commit intomainfrom
dan/encryption-migrations-followups-doc
Draft

docs(plans): encryption-migrations follow-ups working doc#407
coderdan wants to merge 1 commit intomainfrom
dan/encryption-migrations-followups-doc

Conversation

@coderdan
Copy link
Copy Markdown
Contributor

@coderdan coderdan commented May 4, 2026

Summary

Lands the working follow-ups doc accumulated while building #357 + the post-#395 init/handoff work that led into it. Notes have been living locally as docs/plans/encryption-migrations-followups.md; landing them in-repo so the next person picking up any thread has the why alongside the what, and so context compaction across agent sessions doesn't lose them.

Not user-facing — items get pulled out into PRs as they're addressed.

Worth flagging

A few items where the next move is clearer than the others:

  • §3.7 deploy-ordering safeguards for the migrate-existing-column flow (self-guarding generated SQL + opt-in event trigger + pre-deploy verify command).
  • §3.8 known bug — encrypt cutover only emits a cut_over event for the column named on the CLI, but rename_encrypted_columns() promotes the whole pending config in one go. Walks the just-promoted config and emits per-column events.
  • §3.12 stash db doctor / db status --verbose — compresses the partial-state diagnostic spiral from ~6 SQL probes to one command, pairs with stash db uninstall for a supported teardown.
  • §1.4 skill restructuring for agent token economy — three options for cutting the 600-line front-load the spike agent reported.

Test plan

  • No code changes — doc only.

@coderdan
docs(plans): land encryption-migrations follow-ups working doc
3c5df70 
Working notes accumulated while building #357 (the `stash encrypt`
command group + `@cipherstash/migrate`) and the post-#395 init/handoff
work that led into it. Persisted here so context compaction across
agent sessions doesn't lose them, and so the next person picking up
any of these threads has the *why* alongside the *what*.

Categorised by area: skills coverage; wizard alignment; CLI/library
follow-ups including known bugs and ergonomic enhancements;
setup/detection improvements; public docs; the suite repo; smaller
opportunistic items; and an agent-ergonomics section capturing
patterns the 2026-05-04 spike's agent-cost feedback flagged as
avoidable waste.

Notable items worth pulling out:

- §3.7 deploy-ordering safeguards for the migrate-existing-column
  flow (self-guarding generated SQL + opt-in event trigger + skill
  emphasis + optional pre-deploy verify command).
- §3.8 known bug: `encrypt cutover` only emits a `cut_over` event for
  the column named on the CLI, but `rename_encrypted_columns()`
  promotes the whole pending config in one go. Fix walks the just-
  promoted config and emits per-column events.
- §3.12 `stash db doctor` / `--verbose` status — compresses the
  partial-state diagnostic spiral from ~6 SQL probes to one command,
  and pairs with `stash db uninstall` for a supported teardown path.
- §1.4 skill restructuring for agent token economy — three options
  for cutting the 600-line front-load.

The doc is intentionally a working artefact, not user-facing
documentation. Items get pulled out into PRs as they're addressed.
@changeset-bot
Copy link
Copy Markdown

changeset-bot Bot commented May 4, 2026

⚠️ No Changeset found

Latest commit: 3c5df70

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented May 4, 2026

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2fcc82da-8752-400e-b94e-4cfde730cdf8

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch dan/encryption-migrations-followups-doc

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@coderdan