fix: disable ChromaDB telemetry to suppress posthog spam#782
fix: disable ChromaDB telemetry to suppress posthog spam#782OmkarKirpan wants to merge 1 commit intoMemPalace:developfrom
Conversation
OmkarKirpan
requested review from
bensig,
igorls and
milla-jovovich
as code owners
OmkarKirpan
force-pushed
the
fix/disable-chromadb-telemetry
branch
from
377db98 to
bb661b4
Compare
igorls
added
area/cli
|
hey @OmkarKirpan — this conflicts with develop now. pls rebase and we can merge it. thanks! |
OmkarKirpan
force-pushed
the
fix/disable-chromadb-telemetry
branch
from
bb661b4 to
6994133
Compare
Hi @bensig |
… output Closes two remaining Phase 0 security gaps (issue MemPalace#782, MemPalace#783): 1. ChromaDB telemetry (backends/chroma.py): - Add `Settings(anonymized_telemetry=False)` to both PersistentClient call sites (_client() and make_client()), ensuring no PostHog traffic regardless of which code path creates the client. - Set ANONYMIZED_TELEMETRY=False env var at import time as belt-and- suspenders (covers C-level telemetry before Python sees it). - Violates local-first guarantee without this fix — every query was being reported to posthog.com. 2. ensure_ascii=False in MCP output (mcp_server.py): - Tool result serialization (line 1653) and the main response writer (line 1700) both now pass ensure_ascii=False. - Without this, non-ASCII content (Chinese, Russian, accented chars) gets mangled into \uXXXX escapes before the LLM sees it. Previously fixed by PR MemPalace#812 (shell injection, path traversal) and PR MemPalace#811 (entity registry SSRF) — those are confirmed in place. Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
ChromaDB 0.6.3 with recent posthog versions floods stderr with "Failed to send telemetry event" on every operation. This adds Settings(anonymized_telemetry=False) via a shared CHROMA_SETTINGS constant in backends/chroma.py, used by all PersistentClient construction sites across the codebase. Closes MemPalace#458
OmkarKirpan
force-pushed
the
fix/disable-chromadb-telemetry
branch
from
6994133 to
b22ad82
Compare
|
Rebased onto latest develop (32ec74d). Conflicts in |
|
@bensig — rebased onto latest develop, conflicts resolved, tests green. Ready when you are. |
|
cc @milla-jovovich — rebased on develop, approved by @bensig, tests green. Could you take a look when you have a minute? |
3 participants
Summary
Closes #458
Every ChromaDB operation in mempalace 3.1.0+ floods stderr with posthog telemetry errors:
This PR:
CHROMA_SETTINGS = Settings(anonymized_telemetry=False)constant inbackends/chroma.pyPersistentClientconstruction sites across 6 files to use itSharedSystemClientsingleton conflict)Files changed
mempalace/backends/chroma.py— defines the shared constant, uses itmempalace/mcp_server.py— imports and usesCHROMA_SETTINGSmempalace/cli.py— usesCHROMA_SETTINGSincmd_repairandcmd_compressmempalace/dedup.py— usesCHROMA_SETTINGSin both client creation sitesmempalace/repair.py— usesCHROMA_SETTINGSin all 3 client creation sitesmempalace/migrate.py— usesCHROMA_SETTINGSin both client creation sitestests/test_backends.py— verification client usesCHROMA_SETTINGStests/test_mcp_server.py— test helper usesCHROMA_SETTINGSTest plan
pytest tests/test_backends.py tests/test_mcp_server.py::TestCacheInvalidation tests/test_cli.py— 53 passed)ruff checkandruff formatcleanmempalace mine/mempalace statusno longer prints telemetry errors to stderr