Tail-end of Phase 2:
- Migrate ~70 remaining test sites off AppConfig.current(): drop
dead monkey-patches (production no longer calls current), hoist the
mocked config into a local variable and pass it explicitly. Verified
with `grep -rn 'AppConfig\.current' backend/tests` → empty.
- Delete the AppConfig.current() classmethod entirely. The transitional
raise-only shim is no longer needed now that no test references it.
- Update docs: plan marked shipped (P2-6..P2-10 in commit 84dccef2);
backend/CLAUDE.md Config Lifecycle rewritten to describe the
explicit-parameter design; gateway/deps.py docstrings no longer point
at the removed current() surface.
AppConfig is now a pure Pydantic value object. Every consumer holds its
own captured instance — Gateway (app.state.config via Depends(get_config)),
DeerFlowClient (self._app_config), agent runtime (DeerFlowContext.app_config),
LangGraph Server bootstrap (AppConfig.from_file() inside make_lead_agent).
2337 non-e2e tests pass.
Finish Phase 2 of the config refactor: production code no longer calls
AppConfig.current() anywhere. AppConfig now flows as an explicit parameter
down every consumer lane.
Call-site migrations
--------------------
- Memory subsystem (queue/updater/storage): MemoryConfig captured at
enqueue time so the Timer closure survives the ContextVar boundary.
- Sandbox layer: tools.py, security.py, sandbox_provider.py, local_sandbox_provider,
aio_sandbox_provider all take app_config explicitly. Module-level
caching in tools.py's path helpers is removed — pure parameter flow.
- Skills layer: manager.py + loader.py + lead_agent.prompt cache refresh
all thread app_config; cache worker closes over it.
- Community tools (tavily, jina, firecrawl, exa, ddg, image_search,
infoquest, aio_sandbox): read runtime.context.app_config.
- Subagents registry: get_subagent_config / list_subagents /
get_available_subagent_names require app_config.
- Runtime worker: requires RunContext.app_config; no fallback.
- Gateway routers (uploads, skills): add Depends(get_config).
- Channels feishu: uses AppConfig.from_file() (pure) at its sync boundary.
- LangGraph Server bootstrap (make_lead_agent): falls back to
AppConfig.from_file() — pure load, not ambient lookup.
Context resolution
------------------
- resolve_context(runtime) now raises on non-DeerFlowContext runtime.context.
Every entry point attaches typed context; dict/None shapes are rejected
loudly instead of being papered over with an ambient AppConfig lookup.
AppConfig lifecycle
-------------------
- AppConfig.current() kept as a deprecated slot that raises RuntimeError,
purely so legacy tests that still run `patch.object(AppConfig, "current")`
don't trip AttributeError at teardown. Production never calls it.
- conftest autouse fixture no longer monkey-patches `current` — it only
stubs `from_file()` so tests don't need a real config.yaml.
Design refs
-----------
- docs/plans/2026-04-12-config-refactor-plan.md (Phase 2: P2-6..P2-10)
- docs/plans/2026-04-12-config-refactor-design.md §8
All 2338 non-e2e tests pass. Zero AppConfig.current() call sites remain
in backend/packages or backend/app (docstrings in deps.py excepted).
* fix(security): disable host bash by default in local sandbox
* fix(security): address review feedback for local bash hardening
* fix(ci): sort live test imports for lint
* style: apply backend formatter
---------
Co-authored-by: Willem Jiang <willem.jiang@gmail.com>
