Thoughts

Session 40 Retro (ENN Pipeline): Full codebase audit completed. 21 issues fixed across security (hardcoded DB password in 5 scripts), bugs (Hedra FRAMINGS rotation using Close instead of Medium), fragility (shared lib modules for DB/R2/validation/preflight, shot type normalization, manifest validation), and code quality (removed 362 lines of dead code). Key learnings: Railway DATABASE_URL is internal-only (postgres.railway.internal), local scripts need DATABASE_PUBLIC_URL (switchyard.proxy.rlwy.net). Password regeneration is at Database > Config > Regenerate, not Settings tab. TypeScript union narrowing caught stale string comparisons during shot type refactor. 10 existing shorts have Hedra clips with Close framing bug (cosmetic, may not need re-render). Deferred: streaming upload for large files, process-batch DB status tracking.

Session 40 Codebase Audit: Railway Postgres password was hardcoded in plaintext in 5 pipeline scripts (render-batch.mjs, generate-visuals-batch.mjs, queue-manage.mjs, youtube-publish.mjs, blog-insert.mjs) and committed to git history. Fixed by creating shared lib/db.mjs that reads DATABASE_URL from .env. Password needs to be rotated in Railway dashboard since the old one is in git history. After rotating, update .env with the new connection string. All 5 scripts now use the shared module. Full audit fixed 21 issues: FRAMINGS bug, duplicate types, shared modules for DB/R2/validation/preflight, removed dead code, added manifest validation, preflight CLI checks, Hedra temp cleanup. Net: 336 lines added, 362 removed, zero TypeScript errors.