perf(auth): reduce plugin auth cold-start heap (#51891)

* fix(test): recycle unit-fast ci batches * refactor(config): narrow discord timeout import * test(outbound): lighten target plugin stubs * refactor(auth): narrow env api key resolution * docs(auth): restore anthropic vertex sentinel comment * refactor(auth): isolate console sanitizer
2026-03-21 15:07:08 -07:00 · 2026-03-21 15:07:08 -07:00 · 99641f01a5
parent 805aaa4ee8
commit 99641f01a5
3 changed files with 27 additions and 25 deletions
--- a/src/agents/auth-profiles/state-observation.ts
+++ b/src/agents/auth-profiles/state-observation.ts
@ -1,6 +1,6 @@
 import { redactIdentifier } from "../../logging/redact-identifier.js";
 import { createSubsystemLogger } from "../../logging/subsystem.js";
-import { sanitizeForConsole } from "../pi-embedded-error-observation.js";
+import { sanitizeForConsole } from "../console-sanitize.js";
 import type { AuthProfileFailureReason, ProfileUsageStats } from "./types.js";

 const observationLog = createSubsystemLogger("agent/embedded");
--- a/src/agents/console-sanitize.ts
+++ b/src/agents/console-sanitize.ts
@ -0,0 +1,23 @@
+export function sanitizeForConsole(text: string | undefined, maxChars = 200): string | undefined {
+  const trimmed = text?.trim();
+  if (!trimmed) {
+    return undefined;
+  }
+  const withoutControlChars = Array.from(trimmed)
+    .filter((char) => {
+      const code = char.charCodeAt(0);
+      return !(
+        code <= 0x08 ||
+        code === 0x0b ||
+        code === 0x0c ||
+        (code >= 0x0e && code <= 0x1f) ||
+        code === 0x7f
+      );
+    })
+    .join("");
+  const sanitized = withoutControlChars
+    .replace(/[\r\n\t]+/g, " ")
+    .replace(/\s+/g, " ")
+    .trim();
+  return sanitized.length > maxChars ? `${sanitized.slice(0, maxChars)}…` : sanitized;
+}
--- a/src/agents/pi-embedded-error-observation.ts
+++ b/src/agents/pi-embedded-error-observation.ts
@ -1,9 +1,12 @@
 import { readLoggingConfig } from "../logging/config.js";
 import { redactIdentifier } from "../logging/redact-identifier.js";
 import { getDefaultRedactPatterns, redactSensitiveText } from "../logging/redact.js";
+import { sanitizeForConsole } from "./console-sanitize.js";
 import { getApiErrorPayloadFingerprint, parseApiErrorInfo } from "./pi-embedded-helpers.js";
 import { stableStringify } from "./stable-stringify.js";

+export { sanitizeForConsole } from "./console-sanitize.js";
+
 const MAX_OBSERVATION_INPUT_CHARS = 64_000;
 const MAX_FINGERPRINT_MESSAGE_CHARS = 8_000;
 const RAW_ERROR_PREVIEW_MAX_CHARS = 400;
@ -41,30 +44,6 @@ function boundObservationInput(text: string | undefined): string | undefined {
    : trimmed;
 }

-export function sanitizeForConsole(text: string | undefined, maxChars = 200): string | undefined {
-  const trimmed = text?.trim();
-  if (!trimmed) {
-    return undefined;
-  }
-  const withoutControlChars = Array.from(trimmed)
-    .filter((char) => {
-      const code = char.charCodeAt(0);
-      return !(
-        code <= 0x08 ||
-        code === 0x0b ||
-        code === 0x0c ||
-        (code >= 0x0e && code <= 0x1f) ||
-        code === 0x7f
-      );
-    })
-    .join("");
-  const sanitized = withoutControlChars
-    .replace(/[\r\n\t]+/g, " ")
-    .replace(/\s+/g, " ")
-    .trim();
-  return sanitized.length > maxChars ? `${sanitized.slice(0, maxChars)}…` : sanitized;
-}
-
 function replaceRequestIdPreview(
  text: string | undefined,
  requestId: string | undefined,