@balpal4495/quorum 3.0.3 → 3.1.0

package/evals/cases/auth_rs256_valid.json

@@ -1,30 +0,0 @@
-{
-  "id": "auth_rs256_valid",
-  "description": "Proposing the already-approved RS256 pattern — should proceed",
-  "outcome": "Add JWT authentication to the API",
-  "design": "RS256 tokens with 15-minute expiry and refresh rotation stored in httpOnly cookies, matching the approved pattern in Chronicle",
-  "oracle_evidence": [
-    {
-      "id": "auth-031",
-      "key_insight": "RS256 with short-lived tokens and refresh rotation in httpOnly cookies is the approved pattern",
-      "decision": "RS256 with 15-min access tokens and refresh rotation stored in httpOnly cookies is the approved auth pattern",
-      "schema_version": 2,
-      "affected_areas": ["src/auth/", "src/middleware/"],
-      "scope": ["auth", "sessions"],
-      "status": "validated",
-      "confidence": 0.88,
-      "source_module": "council",
-      "evidence_cited": [],
-      "timestamp": "2025-03-15T11:00:00Z"
-    }
-  ],
-  "expected": {
-    "jury_min_confidence": 0.65,
-    "council_recommendation": "proceed",
-    "must_not_flag": ["key rotation problem"],
-    "risk_level": "critical",
-    "preflight_expects": {
-      "touches_sensitive_area": true
-    }
-  }
-}

package/evals/cases/cache_missing_lock.json

@@ -1,31 +0,0 @@
-{
-  "id": "cache_missing_lock",
-  "description": "Cache implementation missing stampede protection — should warn or block",
-  "outcome": "Cache expensive product catalogue queries in Redis",
-  "design": "On cache miss, fetch from database and write to Redis with a 5-minute TTL. No locking strategy.",
-  "oracle_evidence": [
-    {
-      "id": "cache-008",
-      "key_insight": "Redis cache without stampede protection caused DB overload during peak traffic",
-      "decision": "Redis cache without stampede protection caused DB overload — all cache misses hit DB simultaneously during spikes",
-      "schema_version": 2,
-      "affected_areas": ["src/cache/", "src/api/products.ts"],
-      "scope": ["cache", "performance"],
-      "status": "refuted",
-      "confidence": 0.85,
-      "source_module": "council",
-      "evidence_cited": [],
-      "timestamp": "2025-02-20T14:00:00Z"
-    }
-  ],
-  "expected": {
-    "jury_max_confidence": 0.60,
-    "council_recommendation": "redesign",
-    "must_flag": ["stampede", "lock"],
-    "must_cite": ["cache-008"],
-    "risk_level": "medium",
-    "preflight_expects": {
-      "chronicle_conflicts": ["cache-008"]
-    }
-  }
-}

package/evals/cases/db_naive_not_null.json

@@ -1,32 +0,0 @@
-{
-  "id": "db_naive_not_null",
-  "description": "Naive NOT NULL migration on a large table — should block",
-  "outcome": "Add a NOT NULL region column to the users table",
-  "design": "Run ALTER TABLE users ADD COLUMN region TEXT NOT NULL DEFAULT 'uk'",
-  "oracle_evidence": [
-    {
-      "id": "db-017",
-      "key_insight": "Avoid naive locking migrations on large tables",
-      "decision": "Avoid naive locking migrations on large tables — use shadow column pattern or pg_repack",
-      "schema_version": 2,
-      "affected_areas": ["db/migrations", "src/models/user.ts"],
-      "scope": ["database", "migrations"],
-      "status": "refuted",
-      "confidence": 0.91,
-      "source_module": "council",
-      "evidence_cited": [],
-      "timestamp": "2025-01-10T10:00:00Z"
-    }
-  ],
-  "expected": {
-    "jury_max_confidence": 0.55,
-    "council_recommendation": "redesign",
-    "must_flag": ["lock strategy", "rollback"],
-    "must_cite": ["db-017"],
-    "risk_level": "high",
-    "preflight_expects": {
-      "rollback_mentioned": false,
-      "chronicle_conflicts": ["db-017"]
-    }
-  }
-}

package/evals/cases/logging_pii_leak.json

@@ -1,32 +0,0 @@
-{
-  "id": "logging_pii_leak",
-  "description": "Logging request bodies that contain PII — should block",
-  "outcome": "Add structured request logging to the API for debugging",
-  "design": "Log full request body including email, name, and any user-submitted fields to stdout using JSON format",
-  "oracle_evidence": [
-    {
-      "id": "sec-003",
-      "key_insight": "Logging PII fields violates GDPR and our data retention policy",
-      "decision": "Logging PII fields (email, name, address) violates GDPR Article 5 — all request logging must scrub or omit PII fields",
-      "schema_version": 2,
-      "affected_areas": ["src/middleware/logger.ts", "src/api/"],
-      "scope": ["pii", "compliance", "logging"],
-      "status": "validated",
-      "confidence": 0.95,
-      "source_module": "council",
-      "evidence_cited": [],
-      "timestamp": "2025-01-05T08:00:00Z"
-    }
-  ],
-  "expected": {
-    "jury_max_confidence": 0.40,
-    "council_recommendation": "redesign",
-    "must_flag": ["PII", "GDPR", "email"],
-    "must_cite": ["sec-003"],
-    "risk_level": "high",
-    "preflight_expects": {
-      "touches_sensitive_area": true,
-      "sensitive_areas_include": ["pii"]
-    }
-  }
-}

package/evals/cases/migration_with_rollback.json

@@ -1,43 +0,0 @@
-{
-  "id": "migration_with_rollback",
-  "description": "DB migration that explicitly addresses rollback and uses safe pattern — should proceed",
-  "outcome": "Add a NOT NULL region column to the users table",
-  "design": "Use shadow column pattern: add region TEXT NULLABLE, backfill via batched update, then add NOT NULL constraint after 100% fill confirmed. Rollback: drop shadow column. Uses pg_repack to avoid exclusive locks.",
-  "oracle_evidence": [
-    {
-      "id": "db-017",
-      "key_insight": "Avoid naive locking migrations on large tables — use shadow column pattern or pg_repack",
-      "decision": "Avoid naive locking migrations on large tables — use shadow column pattern or pg_repack",
-      "schema_version": 2,
-      "affected_areas": ["db/migrations", "src/models/user.ts"],
-      "scope": ["database", "migrations"],
-      "status": "refuted",
-      "confidence": 0.91,
-      "source_module": "council",
-      "evidence_cited": [],
-      "timestamp": "2025-01-10T10:00:00Z"
-    },
-    {
-      "id": "db-019",
-      "key_insight": "Shadow column pattern with batched backfill is the approved approach for NOT NULL migrations",
-      "decision": "Shadow column pattern with batched backfill is the approved approach for large NOT NULL migrations",
-      "schema_version": 2,
-      "affected_areas": ["db/migrations"],
-      "scope": ["database", "migrations"],
-      "status": "validated",
-      "confidence": 0.87,
-      "source_module": "council",
-      "evidence_cited": ["db-017"],
-      "timestamp": "2025-02-01T12:00:00Z"
-    }
-  ],
-  "expected": {
-    "jury_min_confidence": 0.65,
-    "council_recommendation": "proceed",
-    "risk_level": "high",
-    "preflight_expects": {
-      "rollback_mentioned": true,
-      "chronicle_conflicts": ["db-017"]
-    }
-  }
-}

package/evals/cases/no_evidence_novel_design.json

@@ -1,16 +0,0 @@
-{
-  "id": "no_evidence_novel_design",
-  "description": "Novel design with no Chronicle evidence either way — should investigate-more",
-  "outcome": "Implement real-time collaboration features using WebSockets",
-  "design": "Use Socket.io for bi-directional communication, Redis pub/sub for multi-instance message fanout, and optimistic UI updates with conflict resolution via last-write-wins",
-  "oracle_evidence": [],
-  "expected": {
-    "jury_max_confidence": 0.65,
-    "council_recommendation": "investigate-more",
-    "risk_level": "medium",
-    "preflight_expects": {
-      "touches_sensitive_area": false,
-      "chronicle_conflicts": []
-    }
-  }
-}

package/evals/cases/payment_no_idempotency.json

@@ -1,33 +0,0 @@
-{
-  "id": "payment_no_idempotency",
-  "description": "Payment charge without idempotency key — should block",
-  "outcome": "Implement one-click repurchase for customers",
-  "design": "On button click, POST /api/charge with the stored card token and amount. Retry on network failure up to 3 times.",
-  "oracle_evidence": [
-    {
-      "id": "pay-004",
-      "key_insight": "Payment charges without idempotency keys caused duplicate charges during network retries",
-      "decision": "All payment charge requests must include a Stripe idempotency key — retries without idempotency keys caused duplicate charges in production",
-      "schema_version": 2,
-      "affected_areas": ["src/payments/", "src/api/checkout.ts"],
-      "scope": ["payments", "stripe"],
-      "status": "refuted",
-      "confidence": 0.97,
-      "source_module": "council",
-      "evidence_cited": [],
-      "timestamp": "2025-04-01T16:00:00Z"
-    }
-  ],
-  "expected": {
-    "jury_max_confidence": 0.40,
-    "council_recommendation": "redesign",
-    "must_flag": ["idempotency", "duplicate charge"],
-    "must_cite": ["pay-004"],
-    "risk_level": "critical",
-    "preflight_expects": {
-      "touches_sensitive_area": true,
-      "sensitive_areas_include": ["payments"],
-      "chronicle_conflicts": ["pay-004"]
-    }
-  }
-}

package/evals/cases/redis_session_rejected.json

@@ -1,32 +0,0 @@
-{
-  "id": "redis_session_rejected",
-  "description": "Proposing Redis sessions when they were already removed — should block",
-  "outcome": "Implement user session management",
-  "design": "Store session data in Redis with a 30-minute TTL and auto-extend on activity. Use express-session with connect-redis.",
-  "oracle_evidence": [
-    {
-      "id": "auth-015",
-      "key_insight": "Redis sessions removed due to memory overhead at scale and operational complexity",
-      "decision": "Redis sessions removed — memory overhead at scale was unsustainable and operational complexity (Redis cluster, failover) added too much risk",
-      "schema_version": 2,
-      "affected_areas": ["src/auth/", "src/middleware/session.ts"],
-      "scope": ["auth", "sessions", "infrastructure"],
-      "status": "refuted",
-      "confidence": 0.89,
-      "source_module": "council",
-      "evidence_cited": [],
-      "timestamp": "2025-02-10T15:00:00Z"
-    }
-  ],
-  "expected": {
-    "jury_max_confidence": 0.50,
-    "council_recommendation": "redesign",
-    "must_flag": ["memory overhead", "Redis"],
-    "must_cite": ["auth-015"],
-    "risk_level": "critical",
-    "preflight_expects": {
-      "touches_sensitive_area": true,
-      "chronicle_conflicts": ["auth-015"]
-    }
-  }
-}

package/evals/cases/safe_refactor.json

@@ -1,17 +0,0 @@
-{
-  "id": "safe_refactor",
-  "description": "Low-risk internal refactor with no sensitive areas — should proceed without friction",
-  "outcome": "Rename internal helper functions in the reporting module for consistency",
-  "design": "Rename generateCsvReport to exportReportAsCsv and generatePdfReport to exportReportAsPdf in src/reports/. Update all callers. No behaviour change.",
-  "oracle_evidence": [],
-  "expected": {
-    "jury_min_confidence": 0.70,
-    "council_recommendation": "proceed",
-    "risk_level": "low",
-    "preflight_expects": {
-      "touches_sensitive_area": false,
-      "rollback_mentioned": false,
-      "chronicle_conflicts": []
-    }
-  }
-}

package/evals/runner.ts

@@ -1,226 +0,0 @@
-/**
- * Eval runner for Quorum Jury + Council.
- *
- * Each case in evals/cases/ defines a proposal and what the system should produce.
- * The runner validates:
- *   - Jury confidence is within expected bounds
- *   - Preflight detects the expected signals
- *   - Risk classifier assigns the expected level
- *   - Council recommendation matches (when an LLM provider is available)
- *
- * Jury + preflight run without any LLM (deterministic).
- * Council assertions are skipped if no LLM provider is injected.
- *
- * Usage:
- *   npx vitest run evals/
- *
- * Or run against a real LLM:
- *   EVAL_LLM=openai npx vitest run evals/
- */
-
-import { promises as fs } from "fs"
-import path from "path"
-import type { OracleResult, LLMProvider } from "../modules/shared/types"
-import { runPreflight } from "../modules/jury/preflight"
-import { classifyRisk } from "../modules/council/risk"
-
-export interface EvalCase {
-  id: string
-  description: string
-  outcome: string
-  design: string
-  oracle_evidence: OracleResult[]
-  expected: {
-    jury_min_confidence?: number
-    jury_max_confidence?: number
-    council_recommendation?: "proceed" | "redesign" | "investigate-more"
-    must_flag?: string[]
-    must_not_flag?: string[]
-    must_cite?: string[]
-    risk_level?: string
-    preflight_expects?: {
-      touches_sensitive_area?: boolean
-      sensitive_areas_include?: string[]
-      rollback_mentioned?: boolean
-      test_strategy_mentioned?: boolean
-      chronicle_conflicts?: string[]
-    }
-  }
-}
-
-export interface EvalResult {
-  caseId: string
-  description: string
-  passed: boolean
-  failures: string[]
-  preflight: ReturnType<typeof runPreflight>
-  risk: ReturnType<typeof classifyRisk>
-  juryOutput?: unknown
-  councilOutput?: unknown
-  durationMs: number
-}
-
-export async function loadCases(casesDir?: string): Promise<EvalCase[]> {
-  const dir = casesDir ?? path.join(__dirname, "cases")
-  const files = (await fs.readdir(dir)).filter(f => f.endsWith(".json"))
-  const cases = await Promise.all(
-    files.map(async f => {
-      const raw = await fs.readFile(path.join(dir, f), "utf8")
-      return JSON.parse(raw) as EvalCase
-    }),
-  )
-  return cases
-}
-
-export async function runCase(
-  evalCase: EvalCase,
-  llm?: LLMProvider,
-): Promise<EvalResult> {
-  const start = Date.now()
-  const failures: string[] = []
-
-  const { outcome, design, oracle_evidence: evidence, expected } = evalCase
-
-  // ── Deterministic checks (no LLM) ──────────────────────────────────────────
-
-  const preflight = runPreflight(outcome, design, evidence)
-  const risk = classifyRisk(outcome, design, evidence)
-
-  // Risk level
-  if (expected.risk_level && risk.level !== expected.risk_level) {
-    failures.push(
-      `risk_level: expected "${expected.risk_level}", got "${risk.level}" (reasons: ${risk.reasons.join(", ")})`,
-    )
-  }
-
-  // Preflight assertions
-  const pf = expected.preflight_expects
-  if (pf) {
-    if (pf.touches_sensitive_area !== undefined && preflight.touches_sensitive_area !== pf.touches_sensitive_area) {
-      failures.push(`preflight.touches_sensitive_area: expected ${pf.touches_sensitive_area}, got ${preflight.touches_sensitive_area}`)
-    }
-    if (pf.rollback_mentioned !== undefined && preflight.rollback_mentioned !== pf.rollback_mentioned) {
-      failures.push(`preflight.rollback_mentioned: expected ${pf.rollback_mentioned}, got ${preflight.rollback_mentioned}`)
-    }
-    if (pf.test_strategy_mentioned !== undefined && preflight.test_strategy_mentioned !== pf.test_strategy_mentioned) {
-      failures.push(`preflight.test_strategy_mentioned: expected ${pf.test_strategy_mentioned}, got ${preflight.test_strategy_mentioned}`)
-    }
-    if (pf.chronicle_conflicts) {
-      for (const id of pf.chronicle_conflicts) {
-        if (!preflight.chronicle_conflicts.includes(id)) {
-          failures.push(`preflight.chronicle_conflicts: expected "${id}" to be flagged`)
-        }
-      }
-    }
-    if (pf.sensitive_areas_include) {
-      for (const area of pf.sensitive_areas_include) {
-        if (!preflight.sensitive_areas.includes(area)) {
-          failures.push(`preflight.sensitive_areas: expected "${area}" to be detected`)
-        }
-      }
-    }
-  }
-
-  let juryOutput: unknown
-  let councilOutput: unknown
-
-  // ── LLM-dependent checks (skipped if no provider) ──────────────────────────
-
-  if (llm) {
-    const { evaluate } = await import("../modules/jury/evaluate")
-    try {
-      juryOutput = await evaluate({ outcome, design, evidence }, { llm })
-      const jury = juryOutput as { confidence: number; recommendation: string; assessment: string; gaps: string[] }
-
-      if (expected.jury_min_confidence !== undefined && jury.confidence < expected.jury_min_confidence) {
-        failures.push(`jury.confidence: expected ≥ ${expected.jury_min_confidence}, got ${jury.confidence}`)
-      }
-      if (expected.jury_max_confidence !== undefined && jury.confidence > expected.jury_max_confidence) {
-        failures.push(`jury.confidence: expected ≤ ${expected.jury_max_confidence}, got ${jury.confidence}`)
-      }
-    } catch (err) {
-      failures.push(`jury threw: ${String(err)}`)
-    }
-
-    if (expected.council_recommendation && juryOutput) {
-      const { deliberate } = await import("../modules/council/deliberate")
-      const mockOracle = {
-        query: async () => [],
-        propose: async () => ({ proposalId: "eval-proposal" }),
-        commit: async () => { throw new Error("commit not available in eval") },
-      }
-      try {
-        councilOutput = await deliberate(
-          { outcome, design, evidence, jury_output: juryOutput as never },
-          { llm, oracle: mockOracle, advisorCount: 2, reviewerCount: 2 },
-        )
-        const council = councilOutput as { recommendation: string; verdict: string; blockers: Array<{ issue: string }>; evidence_cited: string[] }
-
-        if (council.recommendation !== expected.council_recommendation) {
-          failures.push(
-            `council.recommendation: expected "${expected.council_recommendation}", got "${council.recommendation}"`,
-          )
-        }
-
-        const verdictText = [
-          council.verdict,
-          ...council.blockers.map(b => b.issue),
-        ].join(" ").toLowerCase()
-
-        if (expected.must_flag) {
-          for (const term of expected.must_flag) {
-            if (!verdictText.includes(term.toLowerCase())) {
-              failures.push(`council must_flag: "${term}" not mentioned in verdict or blockers`)
-            }
-          }
-        }
-        if (expected.must_not_flag) {
-          for (const term of expected.must_not_flag) {
-            if (verdictText.includes(term.toLowerCase())) {
-              failures.push(`council must_not_flag: "${term}" was mentioned but should not be`)
-            }
-          }
-        }
-        if (expected.must_cite) {
-          for (const id of expected.must_cite) {
-            if (!council.evidence_cited.includes(id)) {
-              failures.push(`council must_cite: entry ID "${id}" not in evidence_cited`)
-            }
-          }
-        }
-      } catch (err) {
-        failures.push(`council threw: ${String(err)}`)
-      }
-    }
-  }
-
-  return {
-    caseId: evalCase.id,
-    description: evalCase.description,
-    passed: failures.length === 0,
-    failures,
-    preflight,
-    risk,
-    juryOutput,
-    councilOutput,
-    durationMs: Date.now() - start,
-  }
-}
-
-export function printEvalSummary(results: EvalResult[]): void {
-  const passed = results.filter(r => r.passed).length
-  const total = results.length
-  console.log(`\n${"─".repeat(60)}`)
-  console.log(`Eval results: ${passed}/${total} passed`)
-  console.log("─".repeat(60))
-  for (const r of results) {
-    const icon = r.passed ? "✓" : "✗"
-    console.log(`${icon} ${r.caseId} (${r.durationMs}ms)`)
-    if (!r.passed) {
-      for (const f of r.failures) {
-        console.log(`    → ${f}`)
-      }
-    }
-  }
-  console.log("─".repeat(60))
-}

package/modules/AGENTS.md

@@ -1,78 +0,0 @@
-# modules/ — Agent Instructions
-
-Supplements the root `AGENTS.md` / `copilot-instructions.md` with module-specific internals.
-When working inside this folder, follow these rules in addition to the root guidelines.
-
----
-
-## File ownership
-
-### Oracle
-| File | Owns |
-|---|---|
-| `oracle/query.ts` | Two-pass retrieval (vector → BM25 → RRF fusion). Score threshold. Query log. |
-| `oracle/bm25.ts` | BM25 scoring algorithm. Domain term extraction for query enrichment. |
-| `oracle/propose.ts` | `propose()` + `commit()`. The human-gated write path. Do not add auto-commit logic here. |
-| `oracle/log.ts` | Best-effort JSONL query log writer. Must never throw to callers. |
-| `oracle/adapters/lance-db.ts` | LanceDB `VectorStore` implementation. Swappable — do not couple oracle internals to this. |
-| `oracle/adapters/xenova-embedder.ts` | Local ONNX embedder. Swappable — do not couple oracle internals to this. |
-
-### Jury
-| File | Owns |
-|---|---|
-| `jury/schema.ts` | Zod schema for structured LLM output. Source of truth for `JuryOutput` shape including `confidence_breakdown` and `blocking_gaps`. |
-| `jury/evaluate.ts` | Four-dimension evaluation. **Confidence is always recomputed from the breakdown average here — do not remove this. `council_brief` is also overridden from confidence.** |
-| `jury/preflight.ts` | Deterministic preflight — no LLM. Detects sensitive areas, rollback mention, and Chronicle conflicts before the LLM runs. Safe to extend with new patterns. |
-
-### Council
-| File | Owns |
-|---|---|
-| `council/personas.ts` | Default advisor personas. Safe to extend. Do not remove existing personas without good reason. |
-| `council/frame.ts` | Sets deliberation tone from `council_brief`. Challenge vs pressure-test framing lives here. |
-| `council/advisors.ts` | Parallel advisor fan-out. Advisors must cite Oracle entry IDs — enforced in the prompt. |
-| `council/reviewers.ts` | Anonymisation of advisor responses + parallel reviewer fan-out. Anonymisation must happen before reviewers see responses. |
-| `council/chairman.ts` | Verdict synthesis + Zod validation. Produces structured `blockers`/`warnings`, validates citations, tracks `advisor_split`. Throws on bad output — do not add fallbacks. |
-| `council/risk.ts` | Deterministic risk classifier — no LLM. Assigns `low/medium/high/critical` and `council_mode` from design text and refuted evidence. Drives advisor/reviewer fan-out counts. |
-| `council/deliberate.ts` | Full pipeline orchestration. Calls `oracle.propose()` at the end — never `oracle.commit()`. Risk classifier runs first to set fan-out counts. |
-
-### Advisor
-| File | Owns |
-|---|---|
-| `advisor/ask.ts` | Main entry point. Queries Oracle, calls LLM, validates answer against satisfaction threshold (confidence ≥ 0.7, no blockers). Retries up to 2 times with previous answer as context. Throws on bad LLM output — do not add fallbacks. |
-| `advisor/prompt.ts` | SYSTEM_PROMPT, evidence formatter, user prompt builder. The plain-language framing lives here. |
-| `advisor/types.ts` | `AdvisorInput`, `AdvisorAnswer`, `AdvisorOutput`, `AdvisorDeps` types. |
-
----
-
-## Extension points
-
-**Swap the vector store** — implement `VectorStore` from `oracle/types.ts` and pass it to `createOracleClient()` or `setup()`.
-
-**Swap the embedder** — pass `embedder: yourFn` to `setup()`. Must return a consistent-dimension float array.
-
-**Add advisor personas** — extend `DEFAULT_PERSONAS` in `council/personas.ts`, or pass a custom personas array directly to `fanOutAdvisors()`.
-
-**Use different models per step** — pass `models` to `setup()` or `council.deliberate()` deps. Cheaper models for advisors, stronger for chairman is the intended pattern.
-
----
-
-## Invariants — do not break these
-
-- `advisor/ask.ts` never calls `oracle.propose()` or `oracle.commit()`. It is a read-only path.
-- `oracle.commit()` is never called without explicit human input. `deliberate()` calls `propose()` only.
-- `jury/evaluate.ts` recomputes `confidence` as the exact average of `confidence_breakdown` dimensions — the LLM value is discarded.
-- `jury/evaluate.ts` derives `council_brief` from the recomputed confidence — never trusts the LLM value.
-- `chairman.ts` and `jury/evaluate.ts` throw on schema validation failure. Do not add try/catch that swallows these errors.
-- `deliberate.ts` passes `citation_validation.valid_ids` (not raw `evidence_cited`) to `oracle.propose()` — hallucinated IDs are stripped.
-- Query logging in `oracle/log.ts` is always best-effort — callers must not fail because of a log write error.
-- `VectorStore` and `embedder` are always injected — never imported directly inside Oracle logic.
-
----
-
-## Tests
-
-```bash
-npx vitest run modules/
-```
-
-Tests live in `__tests__/` inside each module folder. Use `vi.fn()` for LLM providers and vector stores — never call a real LLM in tests.