social-autoposter 1.6.32 → 1.6.34

package/bin/cli.js

@@ -1022,11 +1022,136 @@ function removeLegacyEngagementStylesSidecar() {
   }
 }
 
+// `doctor` (#6, added 2026-06-02) — single command that probes every known
+// failure mode of the install so the user can SEE what's broken instead of
+// learning about it via "Phase 1 returned 0 tweets" or "needs_login" with a
+// silent keychain failure underneath. Each check returns either ok=true or a
+// {ok:false, detail, fix} record. We print a green/red checklist and exit
+// non-zero if anything failed, so CI / setup wizards can gate on it.
+function doctor() {
+  console.log('social-autoposter doctor — probing install health\n');
+
+  const checks = [];
+  const add = (name, runner) => checks.push({ name, runner });
+
+  add('Node.js on PATH', () => ({ ok: true, detail: process.version }));
+
+  add('python3 on PATH', () => {
+    const r = spawnSync('python3', ['--version'], { encoding: 'utf8' });
+    if (r.status === 0) return { ok: true, detail: (r.stdout || r.stderr).trim() };
+    return { ok: false, detail: 'python3 not found', fix: 'install Python 3 (brew install python3 / xcode-select --install)' };
+  });
+
+  add('uv tool on PATH', () => {
+    const uv = findUvBin();
+    if (!uv) return { ok: false, detail: 'uv not found', fix: 'curl -LsSf https://astral.sh/uv/install.sh | sh' };
+    return { ok: true, detail: uv };
+  });
+
+  add('browser-harness CLI installed', () => {
+    const bh = path.join(HOME, '.local', 'bin', 'browser-harness');
+    if (!fs.existsSync(bh)) return { ok: false, detail: `not found at ${bh}`, fix: 'npx social-autoposter init' };
+    return { ok: true, detail: bh };
+  });
+
+  add('browser-harness CLI shape (stdin / -c)', () => {
+    const bh = path.join(HOME, '.local', 'bin', 'browser-harness');
+    if (!fs.existsSync(bh)) return { ok: false, detail: 'binary missing' };
+    const probe = spawnSync(bh, [], { encoding: 'utf8', timeout: 15000 });
+    const usage = `${probe.stdout || ''}${probe.stderr || ''}`;
+    const dashC = /\b-c\b/.test(usage);
+    const stdin = /<<'PY'|<<"PY"|<<PY\b/.test(usage);
+    if (!dashC && !stdin) return { ok: false, detail: 'CLI advertises neither shape', fix: 'reinstall via npx social-autoposter init' };
+    return { ok: true, detail: stdin ? 'stdin heredoc' : '-c flag' };
+  });
+
+  add('macOS Keychain: Chrome Safe Storage readable', () => {
+    if (process.platform !== 'darwin') return { ok: true, detail: 'skipped (non-macOS)' };
+    const r = spawnSync('security', ['find-generic-password', '-s', 'Chrome Safe Storage', '-a', 'Chrome', '-w'], {
+      encoding: 'utf8', timeout: 10000,
+    });
+    if (r.status === 0) return { ok: true, detail: 'accessible (cookie import will work)' };
+    const tail = (r.stderr || '').trim().split('\n').slice(-1)[0] || `exit ${r.status}`;
+    return {
+      ok: false,
+      detail: tail,
+      fix: 'security unlock-keychain ~/Library/Keychains/login.keychain-db   (then retry)',
+    };
+  });
+
+  add('harness Chrome on :9555', () => {
+    try {
+      const probe = spawnSync('curl', ['-sf', '--max-time', '2', '-o', '/dev/null', 'http://127.0.0.1:9555/json/version'], {
+        encoding: 'utf8',
+      });
+      if (probe.status === 0) return { ok: true, detail: 'CDP responding' };
+      return { ok: false, detail: 'no CDP on 9555', fix: 'will auto-launch on next cycle / connect_x call' };
+    } catch (e) {
+      return { ok: false, detail: e.message };
+    }
+  });
+
+  add('X session in harness Chrome', () => {
+    const setup = path.join(HOME, 'social-autoposter', 'scripts', 'setup_twitter_auth.py');
+    if (!fs.existsSync(setup)) return { ok: false, detail: 'setup script missing' };
+    const py = findPythonBin();
+    const r = spawnSync(py, [setup, 'status'], { encoding: 'utf8', timeout: 60000 });
+    let out;
+    try { out = JSON.parse((r.stdout || '').trim()); } catch { out = null; }
+    if (!out) return { ok: false, detail: 'status probe did not return JSON' };
+    if (out.connected) return { ok: true, detail: `state=${out.state}` };
+    return {
+      ok: false,
+      detail: `state=${out.state}`,
+      fix: 'python3 ~/social-autoposter/scripts/setup_twitter_auth.py connect',
+    };
+  });
+
+  add('x.com cookies persisted to SQLite', () => {
+    const cookiesDb = path.join(HOME, '.claude', 'browser-profiles', 'browser-harness', 'Default', 'Cookies');
+    if (!fs.existsSync(cookiesDb)) return { ok: false, detail: `${cookiesDb} missing`, fix: 'connect_x will create it' };
+    const py = findPythonBin();
+    const r = spawnSync(py, ['-c',
+      `import sqlite3; c=sqlite3.connect(${JSON.stringify(cookiesDb)}); ` +
+      `print(c.execute("SELECT COUNT(*) FROM cookies WHERE host_key LIKE '%x.com' OR host_key LIKE '%twitter.com'").fetchone()[0])`,
+    ], { encoding: 'utf8', timeout: 10000 });
+    const n = parseInt((r.stdout || '0').trim(), 10);
+    if (n > 0) return { ok: true, detail: `${n} rows persisted (durable across Chrome restart)` };
+    return {
+      ok: false,
+      detail: '0 x.com rows in SQLite',
+      fix: 'run setup_twitter_auth.py connect to import + auto-flush via #2 (1.6.34+)',
+    };
+  });
+
+  let pass = 0, fail = 0;
+  for (const c of checks) {
+    let res;
+    try { res = c.runner(); } catch (e) { res = { ok: false, detail: e.message }; }
+    if (res.ok) {
+      console.log(`  [OK]   ${c.name}: ${res.detail || ''}`);
+      pass++;
+    } else {
+      console.log(`  [FAIL] ${c.name}: ${res.detail || ''}`);
+      if (res.fix) console.log(`         fix: ${res.fix}`);
+      fail++;
+    }
+  }
+
+  console.log(`\n${pass}/${checks.length} checks passed.`);
+  if (fail > 0) {
+    console.log('Address the failures above and re-run `npx social-autoposter doctor`.');
+    process.exit(1);
+  }
+}
+
 const cmd = process.argv[2];
 if (cmd === 'init') {
   init();
 } else if (cmd === 'update') {
   update();
+} else if (cmd === 'doctor') {
+  doctor();
 } else if (cmd === 'bootstrap-vm') {
   bootstrapVm();
 } else if (cmd === 'export-cookies') {
@@ -1056,6 +1181,7 @@ if (cmd === 'init') {
   console.log('  npx social-autoposter              open the dashboard');
   console.log('  npx social-autoposter init          first-time setup');
   console.log('  npx social-autoposter update        update scripts, preserve config');
+  console.log('  npx social-autoposter doctor        probe install health (#6, 1.6.34+)');
   console.log('  npx social-autoposter bootstrap-vm  AppMaker VM self-bootstrap (DB-driven)');
   console.log('  npx social-autoposter export-cookies [dir]  export browser cookies');
   console.log('  npx social-autoposter import-cookies [dir]  import browser cookies');

package/mcp/manifest.json

@@ -51,7 +51,7 @@
       "title": "Social Autoposter repo path",
       "description": "Absolute path to your social-autoposter repo clone (the folder that contains config.json, scripts/, skill/). The MCP shells out to the pipeline scripts in this folder.",
       "required": true,
-      "default": "${HOME}/social-autoposter"
+      "default": "/Users/matthewdi/social-autoposter"
     },
     "saps_python": {
       "type": "string",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "social-autoposter",
-  "version": "1.6.32",
+  "version": "1.6.34",
   "description": "Automated social posting pipeline for Reddit, X/Twitter, LinkedIn, and Moltbook. Install as a Claude Code agent skill.",
   "bin": {
     "social-autoposter": "bin/cli.js"
@@ -16,6 +16,9 @@
     "!bin/auth.js",
     "scripts/*.py",
     "!scripts/db_direct.py",
+    "!scripts/backfill_real_clicks.py",
+    "!scripts/historical_engagement.py",
+    "!scripts/style_length_report.py",
     "!scripts/_dm_record_sent.sh",
     "!scripts/send_batch_dms.sh",
     "!scripts/mint_podlog_subpage_*.py",

package/scripts/_compute_allowlist.py

@@ -0,0 +1,58 @@
+import os, re, json, subprocess, glob
+REPO = os.path.expanduser("~/social-autoposter"); os.chdir(REPO)
+all_py = {os.path.basename(p) for p in glob.glob("scripts/*.py")}
+
+entry_surfaces = glob.glob("skill/*.sh") + glob.glob("skill/lib/*.sh")
+entry_surfaces += ["SKILL.md", "setup/SKILL.md", "bin/cli.js"]
+entry_surfaces += glob.glob("mcp/dist/*.js") + glob.glob("mcp/*.mjs")
+
+ref_re = re.compile(r"scripts/([A-Za-z0-9_]+)\.py")
+def refs_in_text(txt):
+    return {m+".py" for m in ref_re.findall(txt) if (m+".py") in all_py}
+
+entries, surface_hits = set(), {}
+for s in entry_surfaces:
+    if not os.path.exists(s): continue
+    txt = open(s, encoding="utf-8", errors="ignore").read()
+    # strip // comments for js, # comments for md is harder; keep simple: count all refs but mark cli.js comment lines
+    for fn in refs_in_text(txt):
+        entries.add(fn); surface_hits.setdefault(fn,set()).add(s)
+
+imp_res = [re.compile(r"^\s*import\s+([A-Za-z0-9_]+)", re.M),
+           re.compile(r"^\s*from\s+([A-Za-z0-9_]+)\s+import", re.M),
+           re.compile(r"^\s*from\s+scripts\s+import\s+([A-Za-z0-9_,\s]+)", re.M),
+           re.compile(r"^\s*from\s+scripts\.([A-Za-z0-9_]+)\s+import", re.M),
+           re.compile(r"^\s*import\s+scripts\.([A-Za-z0-9_]+)", re.M)]
+def expand(fn):
+    path=os.path.join("scripts",fn)
+    if not os.path.exists(path): return set()
+    txt=open(path,encoding="utf-8",errors="ignore").read()
+    found=set()
+    for rx in imp_res:
+        for g in rx.findall(txt):
+            for name in re.split(r"[,\s]+",g):
+                name=name.strip()
+                if name and (name+".py") in all_py: found.add(name+".py")
+    found |= refs_in_text(txt)   # NEW: intra-python subprocess scripts/X.py refs
+    # follow symlink targets too (update_stats.py -> stats.py)
+    if os.path.islink(path):
+        tgt=os.path.basename(os.readlink(path))
+        if tgt in all_py: found.add(tgt)
+    return found
+
+closure=set(entries); stack=list(entries)
+while stack:
+    for d in expand(stack.pop()):
+        if d not in closure: closure.add(d); stack.append(d)
+
+out=subprocess.run(["npm","pack","--dry-run","--json"],capture_output=True,text=True)
+shipped=sorted(os.path.basename(f["path"]) for f in json.loads(out.stdout)[0]["files"] if f["path"].startswith("scripts/") and f["path"].endswith(".py"))
+drop=sorted(set(shipped)-closure); keep=sorted(set(shipped)&closure)
+print("entries:",len(entries),"| closure:",len(closure),"| shipped:",len(shipped))
+print(f"\n=== KEEP (shipped & needed): {len(keep)}")
+print(f"=== DROP (shipped but unreferenced anywhere consumer): {len(drop)}")
+for d in drop:
+    if d=="_compute_allowlist.py": continue
+    print("   -",d)
+open("/tmp/keep.txt","w").write("\n".join(k for k in keep if k!="_compute_allowlist.py"))
+open("/tmp/drop.txt","w").write("\n".join(d for d in drop if d!="_compute_allowlist.py"))

package/scripts/setup_twitter_auth.py

@@ -412,6 +412,99 @@ def _import_from(source: str) -> dict:
     }
 
 
+# --- Headless / Keychain pre-flight (#3 + #4, added 2026-06-02) -------------
+# macOS Keychain access for Chrome's Safe Storage is GUI-session-gated. Calls
+# from SSH-invoked processes (cron, ansible, the macstadium test runner, etc.)
+# silently get errSecAuthFailed because there's no GUI to render an auth
+# prompt to. Without these helpers, copy_browser_cookies.py fails with a
+# generic "access denied", setup_twitter_auth re-classifies as needs_login,
+# and the user sees "log in manually" when the actual cause is "your process
+# can't read the OS keychain." This block detects the headless case up front
+# AND classifies the import error so the user-facing message is accurate.
+
+def _is_headless() -> bool:
+    """True when running without a GUI/interactive session — the case where
+    Keychain Safe Storage reads will silently deny without a prompt."""
+    if os.environ.get("SSH_CONNECTION") or os.environ.get("SSH_CLIENT"):
+        return True
+    try:
+        if not sys.stdin.isatty():
+            return True
+    except Exception:
+        pass
+    return False
+
+
+def _keychain_safe_storage_ok(browser_label: str = "Chrome") -> tuple[bool, str]:
+    """Probe whether the OS keychain entry for `<browser_label> Safe Storage`
+    is readable by THIS process. Returns (ok, detail_for_log)."""
+    svc = f"{browser_label} Safe Storage"
+    try:
+        r = subprocess.run(
+            ["security", "find-generic-password", "-s", svc, "-a", browser_label, "-w"],
+            capture_output=True, text=True, timeout=10,
+        )
+    except (FileNotFoundError, subprocess.TimeoutExpired) as e:
+        return False, f"security probe failed: {e}"
+    if r.returncode == 0:
+        return True, "accessible"
+    err_tail = (r.stderr or "").strip().splitlines()
+    return False, (err_tail[-1] if err_tail else f"exit {r.returncode}")
+
+
+def _classify_import_error(detail: str | None) -> str:
+    """Map a copy_browser_cookies.py error string to a structured type so the
+    upper layers (connect_x, the user) can show a precise remediation instead
+    of a generic 'needs_login'."""
+    if not detail:
+        return "unknown"
+    d = detail.lower()
+    # Keychain access issues — most common on headless runs.
+    if ("user interaction is not allowed" in d) or ("interaction is not allowed" in d):
+        return "keychain_locked"
+    if ("access denied" in d) or ("errsecauth" in d) or ("-25293" in d):
+        return "keychain_acl_denied"
+    if ("not be found in the keychain" in d) or ("errsecitemnotfound" in d):
+        return "keychain_entry_missing"
+    # Source profile / browser mapping
+    if ("no profile" in d) or ("available" in d and "profiles" in d):
+        return "source_profile_not_found"
+    # CDP injection
+    if ("websocket" in d) or ("connection refused" in d) or ("port" in d and "9555" in d):
+        return "cdp_inject_failed"
+    return "unknown"
+
+
+def _force_cookie_flush() -> tuple[bool, str]:
+    """Trigger Chrome's cookie-store flush via CDP Browser.close (#2).
+
+    Verified empirically on Chrome 148/macOS 26: Browser.close synchronously
+    commits the in-memory CookieMonster to the on-disk SQLite, but does NOT
+    actually terminate the process. We rely on the flush side-effect, so a
+    SIGKILL immediately after import no longer wipes the imported cookies.
+
+    Returns (ok, detail). ok=True if the RPC was issued cleanly; the process
+    still being alive afterwards is expected behavior, not a failure."""
+    bh = Path.home() / ".local" / "bin" / "browser-harness"
+    if not bh.exists():
+        return False, f"browser-harness CLI missing at {bh}"
+    env = os.environ.copy()
+    env["BU_CDP_URL"] = CDP
+    env.setdefault("BU_NAME", "twitter-harness")
+    env["PATH"] = f"{Path.home()}/.local/bin:" + env.get("PATH", "")
+    try:
+        r = subprocess.run(
+            [str(bh)],
+            input="cdp('Browser.close')\n",
+            env=env, capture_output=True, text=True, timeout=15,
+        )
+    except (subprocess.TimeoutExpired, OSError) as e:
+        return False, f"browser-harness invocation failed: {e}"
+    if r.returncode != 0:
+        return False, (r.stderr or r.stdout).strip()[:300]
+    return True, "Browser.close issued; cookie store flushed to SQLite"
+
+
 # --- Commands ---------------------------------------------------------------
 
 def cmd_status(args) -> dict:
@@ -462,26 +555,79 @@ def cmd_connect(args) -> dict:
     except Exception as e:
         return {"ok": False, "connected": False, "state": "error", "error": str(e), "cdp": CDP}
 
+    # 1b. Headless + Keychain pre-flight (#3 + #4, added 2026-06-02).
+    # On macOS, copy_browser_cookies.py needs to read the per-browser Safe
+    # Storage entry from the OS keychain. SSH-invoked processes get
+    # errSecAuthFailed silently — no prompt, no warning. We probe up front so
+    # the user sees "your keychain is locked / run unlock-keychain" instead of
+    # the misleading "log in manually" cascade.
+    headless = _is_headless()
+    if headless:
+        # Probe with the first source's likely browser label. We don't know
+        # which source will succeed yet, so probe Chrome (the autoposter
+        # default); if that's denied, all the AUTO_SOURCES will be too.
+        kc_ok, kc_detail = _keychain_safe_storage_ok("Chrome")
+        if not kc_ok:
+            return {
+                "ok": True,
+                "connected": False,
+                "state": "keychain_locked",
+                "error_type": "keychain_locked",
+                "headless": True,
+                "keychain_detail": kc_detail,
+                "note": (
+                    "Cookie import requires reading Chrome's Safe Storage from the macOS "
+                    "Keychain, but this process can't access it (probably running over SSH "
+                    "or another headless context). No GUI prompt is shown for this — macOS "
+                    "denies access silently. To fix, run this once in the same session:\n"
+                    "  security unlock-keychain ~/Library/Keychains/login.keychain-db\n"
+                    "Then re-run connect_x. If you're on the autoposter machine via SSH, you "
+                    "may also need to run it before every fresh shell, or persist with "
+                    "`security set-keychain-settings -lut 0`."
+                ),
+                "remediation_cmd": "security unlock-keychain ~/Library/Keychains/login.keychain-db",
+                "cdp": CDP,
+            }
+
     # 2. Import from the user's everyday browser.
     sources = [args.source] if args.source else AUTO_SOURCES
     attempts = []
     for src in sources:
         res = _import_from(src)
         copied = res.get("stdout", "")
-        attempts.append({"source": src, "ok": res.get("ok"), "detail": copied or res.get("error") or res.get("stderr")})
+        detail = copied or res.get("error") or res.get("stderr")
+        # #3: classify the error so the caller doesn't see string soup.
+        error_type = None if res.get("ok") else _classify_import_error(detail)
+        attempts.append({
+            "source": src,
+            "ok": res.get("ok"),
+            "detail": detail,
+            "error_type": error_type,
+        })
         if not res.get("ok"):
             continue
         # 3. Re-validate after this source.
         try:
             if _is_session_valid():
                 _save_session_to_store()
+                # #2: force a cookie-store flush via CDP Browser.close so the
+                # imported session survives any subsequent SIGKILL (e.g. the
+                # autoposter cron stopping Chrome with no grace window). Empty
+                # result on this build is success — Browser.close triggers the
+                # flush synchronously but doesn't actually terminate Chrome.
+                flush_ok, flush_detail = _force_cookie_flush()
                 return {
                     "ok": True,
                     "connected": True,
                     "state": "imported",
                     "source": src,
                     "attempts": attempts,
-                    "note": f"Imported your X session from {src} into the autoposter browser.",
+                    "flushed_to_disk": flush_ok,
+                    "flush_detail": flush_detail,
+                    "note": f"Imported your X session from {src} into the autoposter browser. "
+                            + ("Cookies flushed to disk (persists across Chrome restart)."
+                               if flush_ok else
+                               "Cookies are in RAM; a clean stop_chrome (1.6.32+) will flush them."),
                     "cdp": CDP,
                 }
         except Exception:
@@ -502,10 +648,18 @@ def cmd_connect(args) -> dict:
         "autoposter's own profile, so this is a one-time step. "
         "(Auto-import tried: " + ", ".join(sources) + ".)"
     )
+    # If every attempt classified to the same root cause, surface it so the
+    # caller doesn't keep telling the user "log in manually" when really the
+    # keychain is locked / no source profile exists / CDP isn't reachable.
+    distinct_error_types = {a.get("error_type") for a in attempts if a.get("error_type")}
+    rolled_up_error_type = (
+        next(iter(distinct_error_types)) if len(distinct_error_types) == 1 else None
+    )
     return {
         "ok": True,
         "connected": False,
         "state": "needs_login",
+        "error_type": rolled_up_error_type,
         "attempts": attempts,
         "login_window_opened": shown,
         "note": note,

package/skill/invent-supply-test.sh

@@ -65,18 +65,20 @@ echo "[invent-supply-test] twitter-browser lock held (pid=$$)" >&2
 
 # One harness invocation handles every query so we pay the CLI startup once.
 # Each scan() call appends a JSONL record to SCAN_TWEETS_FILE=$SCAN_OUT.
-# Installed browser-harness (v0.1.0) only accepts `-c "<script>"`; it does NOT
-# read from stdin (a heredoc just prints usage and exits with 0 tweets). Use
-# double-quoted -c so $REPO_DIR / $QUERIES_JSON still expand.
+# browser-harness upstream main reads the script from STDIN (the `-c` flag was
+# removed). Feed the body via a quoted heredoc and pass $REPO_DIR / $QUERIES_JSON
+# through the environment so the Python reads them from os.environ.
 BU_NAME=twitter-harness BU_CDP_URL=http://127.0.0.1:9555 \
 SCAN_TWEETS_FILE="$SCAN_OUT" \
 BATCH_ID="${BATCH_ID:-}" \
 FRESHNESS_HOURS_DISCOVER="$FRESHNESS_HOURS" \
-  "$HARNESS_BIN" -c "
+REPO_DIR="$REPO_DIR" \
+QUERIES_JSON="$QUERIES_JSON" \
+  "$HARNESS_BIN" <<'PY' 2>&1
 import sys, json, os, time
-sys.path.insert(0, '$REPO_DIR/scripts')
+sys.path.insert(0, os.environ['REPO_DIR'] + '/scripts')
 from twitter_scan import scan
-queries = json.load(open('$QUERIES_JSON'))
+queries = json.load(open(os.environ['QUERIES_JSON']))
 freshness = int(os.environ.get('FRESHNESS_HOURS_DISCOVER', '6'))
 for q in queries:
     project = q.get('project', '')
@@ -91,7 +93,7 @@ for q in queries:
     except Exception as e:
         dt = time.time() - t0
         print(f'  err project={project!r}  q={query[:50]!r}  in {dt:.1f}s  {type(e).__name__}: {e}', flush=True)
-" 2>&1
+PY
 
 release_lock "twitter-browser"
 echo "[invent-supply-test] done; results in $SCAN_OUT" >&2

package/skill/run-twitter-cycle.sh

@@ -699,7 +699,7 @@ ensure_twitter_browser_for_backend 2>&1 | tee -a "$LOG_FILE"
 # "reconnect X" message in the log.
 log "Pre-flight: probing harness Chrome for a live x.com auth_token..."
 _PREFLIGHT_OUT=$(BU_NAME=twitter-harness BU_CDP_URL=http://127.0.0.1:9555 \
-    "$HOME/.local/bin/browser-harness" -c "
+    "$HOME/.local/bin/browser-harness" <<'PY' 2>&1
 import sys, time
 try:
     raw = cdp('Network.getCookies', urls=['https://x.com/', 'https://twitter.com/'])
@@ -721,7 +721,8 @@ else:
         print('PREFLIGHT_FAIL auth_token_expired exp=' + str(int(exp)) + ' now=' + str(int(now)))
         sys.exit(0)
     print('PREFLIGHT_OK exp=' + str(int(exp)) + ' domain=' + domain)
-" 2>&1)
+PY
+)
 if printf '%s\n' "$_PREFLIGHT_OUT" | grep -q '^PREFLIGHT_OK'; then
     log "  Pre-flight OK: $(printf '%s\n' "$_PREFLIGHT_OUT" | grep '^PREFLIGHT_OK' | head -1)"
 else
@@ -1039,21 +1040,24 @@ except Exception: print(0)
 # $SCAN_TWEETS_FILE, which the existing shell-side parse below consumes.
 if [ "$QUERIES_COUNT" -gt 0 ]; then
     log "Lean Phase 1: executing $QUERIES_COUNT queries via browser-harness CDP"
-    # Installed browser-harness (v0.1.0) only accepts `-c "<script>"`; it does NOT
-    # read a script from stdin (a heredoc just makes it print its usage line and
-    # exit, producing 0 tweets). Use double-quoted -c so $REPO_DIR / $QUERIES_TMP
-    # still expand; the Python body uses single quotes internally so it nests fine.
+    # browser-harness upstream main reads the script from STDIN (the `-c` flag was
+    # removed). Feed the body via a quoted heredoc and pass $REPO_DIR / $QUERIES_TMP
+    # through the environment so the Python reads them from os.environ (no shell
+    # expansion inside the heredoc). Keep the local CLI in sync with upstream main:
+    # `uv tool install -e ~/Developer/browser-harness --force` after a git pull.
     BU_NAME=twitter-harness BU_CDP_URL=http://127.0.0.1:9555 \
     SCAN_TWEETS_FILE="$SCAN_TWEETS_FILE" \
     BATCH_ID="$BATCH_ID" \
     TWITTER_CYCLE_VARIANT="$TWITTER_CYCLE_VARIANT" \
     FRESHNESS_HOURS_DISCOVER="$FRESHNESS_HOURS_DISCOVER" \
     ENGAGED_TWEET_IDS="$ENGAGED_TWEET_IDS" \
-        "$HOME/.local/bin/browser-harness" -c "
+    REPO_DIR="$REPO_DIR" \
+    QUERIES_TMP="$QUERIES_TMP" \
+        "$HOME/.local/bin/browser-harness" <<'PY' 2>&1 | tee -a "$LOG_FILE"
 import sys, json, os, time
-sys.path.insert(0, '$REPO_DIR/scripts')
+sys.path.insert(0, os.environ['REPO_DIR'] + '/scripts')
 from twitter_scan import scan
-queries = json.load(open('$QUERIES_TMP'))
+queries = json.load(open(os.environ['QUERIES_TMP']))
 freshness = int(os.environ.get('FRESHNESS_HOURS_DISCOVER', '6'))
 skip_ids = json.loads(os.environ.get('ENGAGED_TWEET_IDS', '[]'))
 for q in queries:
@@ -1074,7 +1078,7 @@ for q in queries:
     except Exception as e:
         dt = time.time() - t0
         print(f'  err project={project!r}  q={query[:50]!r}  in {dt:.1f}s  {type(e).__name__}: {e}', flush=True)
-" 2>&1 | tee -a "$LOG_FILE"
+PY
 fi
 rm -f "$QUERIES_TMP"
 

package/scripts/backfill_real_clicks.py

@@ -1,257 +0,0 @@
-#!/usr/bin/env python3
-"""Backfill post_links.real_clicks and dm_links.real_clicks from PostHog.
-
-Background:
-  Pre 2026-05-07 the `clicks` integer on post_links / dm_links was incremented by
-  the redirector on every hit (humans + Twitter card prefetch + LinkedIn unfurl
-  + Slack preview bots). Live measurement on a8558aj9 found ~95% of those hits
-  were bots, only ~5% real humans. After 2026-05-07 we ship a per-click log
-  (post_link_clicks) that splits humans/bots by UA.
-
-  Historical rows have no per-click data, so this script asks PostHog for the
-  ground truth: count `$pageview` events with utm_content=<code> and timestamp
-  > minted_at. PostHog already filters bots out, so the count is the real
-  human-click number.
-
-What it does:
-  - Iterates every row of post_links and dm_links.
-  - Resolves the destination domain to a PostHog project_id via config.json.
-  - Runs a HogQL count() query per code via the /query endpoint.
-  - Writes the count into the new real_clicks column (default 0).
-  - For external destinations (github.com, claude.ai, t8r.tech without
-    PostHog, etc.) sets real_clicks=0 and prints a SKIP marker.
-
-Idempotent: re-runs overwrite the column with the latest PostHog count.
-
-Usage:
-  python3 scripts/backfill_real_clicks.py [--dry-run] [--limit N]
-"""
-
-import argparse
-import json
-import os
-import sys
-import time
-import urllib.error
-import urllib.parse
-import urllib.request
-from datetime import timezone
-
-REPO_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
-sys.path.insert(0, REPO_DIR)
-
-from scripts import db as dbmod  # noqa: E402
-
-CONFIG_PATH = os.path.join(REPO_DIR, "config.json")
-
-
-def load_config():
-    with open(CONFIG_PATH) as f:
-        return json.load(f)
-
-
-def domain_of(url):
-    try:
-        host = urllib.parse.urlparse(url).hostname or ""
-    except Exception:
-        return ""
-    host = host.lower()
-    if host.startswith("www."):
-        host = host[4:]
-    return host
-
-
-def build_domain_index(cfg):
-    """domain -> {project_id, api_key_env, name, has_posthog}"""
-    out = {}
-    for p in cfg.get("projects", []):
-        ph = p.get("posthog") or {}
-        pid = ph.get("project_id")
-        site = p.get("website") or ""
-        if not site:
-            continue
-        d = domain_of(site)
-        if not d:
-            continue
-        # collapse www. to bare
-        if d.startswith("www."):
-            d = d[4:]
-        out[d] = {
-            "project_id": str(pid) if pid is not None else None,
-            "api_key_env": ph.get("api_key_env") or "POSTHOG_PERSONAL_API_KEY",
-            "name": p.get("name"),
-            "has_posthog": pid is not None,
-        }
-    return out
-
-
-def project_for_url(url, idx):
-    d = domain_of(url)
-    if not d:
-        return None, None
-    if d.startswith("www."):
-        d = d[4:]
-    if d in idx:
-        return d, idx[d]
-    # also try bare suffix match (e.g. www.mediar.ai -> mediar.ai)
-    for k, v in idx.items():
-        if d.endswith("." + k) or d == k:
-            return k, v
-    return d, None
-
-
-def utm_content_from_url(url):
-    """Pull the utm_content query param from a target_url, if any."""
-    try:
-        qs = urllib.parse.urlparse(url).query
-        params = urllib.parse.parse_qs(qs)
-    except Exception:
-        return None
-    vals = params.get("utm_content")
-    if vals:
-        return vals[0]
-    # also check metadata[utm_content] used in cal.com links
-    for k, v in params.items():
-        if k.endswith("[utm_content]") and v:
-            return v[0]
-    return None
-
-
-def posthog_count_pageviews(api_key, project_id, utm_content_value, after_iso, host=None, timeout=30):
-    """HogQL count of $pageview matching utm_content AND ts >= after.
-
-    If `host` is supplied it is added to the WHERE so cross-domain noise from
-    shared PostHog projects (project 330744 hosts ~14 different sites) does
-    not leak in.
-    """
-    url = f"https://us.posthog.com/api/projects/{project_id}/query/"
-    where = [
-        "event = '$pageview'",
-        f"properties.utm_content = {sql_str(utm_content_value)}",
-        f"timestamp >= toDateTime({sql_str(after_iso)})",
-    ]
-    if host:
-        where.append(f"properties.$host = {sql_str(host)}")
-    hogql = "SELECT count() FROM events WHERE " + " AND ".join(where)
-    body = json.dumps({"query": {"kind": "HogQLQuery", "query": hogql}}).encode()
-    req = urllib.request.Request(
-        url,
-        data=body,
-        headers={
-            "Authorization": f"Bearer {api_key}",
-            "Content-Type": "application/json",
-        },
-        method="POST",
-    )
-    with urllib.request.urlopen(req, timeout=timeout) as resp:
-        data = json.loads(resp.read())
-    results = data.get("results") or []
-    if not results:
-        return 0
-    first = results[0]
-    if isinstance(first, list):
-        first = first[0] if first else 0
-    try:
-        return int(first or 0)
-    except (TypeError, ValueError):
-        return 0
-
-
-def sql_str(s):
-    return "'" + str(s).replace("'", "''") + "'"
-
-
-def to_iso(dt):
-    if dt is None:
-        return "1970-01-01T00:00:00"
-    if dt.tzinfo is None:
-        dt = dt.replace(tzinfo=timezone.utc)
-    return dt.astimezone(timezone.utc).strftime("%Y-%m-%dT%H:%M:%S")
-
-
-def backfill_table(conn, table, idx, dry_run=False, limit=None):
-    print(f"\n=== {table} ===", flush=True)
-    sql = f"SELECT code, target_url, minted_at FROM {table} ORDER BY minted_at"
-    if limit:
-        sql += f" LIMIT {int(limit)}"
-    cur = conn.execute(sql)
-    rows = cur.fetchall()
-    print(f"  {len(rows)} rows to process", flush=True)
-
-    last_pid = None
-    counters = {"updated": 0, "skipped_no_ph": 0, "errors": 0, "zero": 0}
-    for i, r in enumerate(rows, 1):
-        code = r["code"]
-        url = r["target_url"]
-        minted = r["minted_at"]
-        domain, info = project_for_url(url, idx)
-        if not info or not info["has_posthog"]:
-            print(f"  [{i:3d}/{len(rows)}] {code} dest={domain or url[:40]} SKIP (no posthog project)", flush=True)
-            if not dry_run:
-                conn.execute(f"UPDATE {table} SET real_clicks = 0 WHERE code = %s", (code,))
-            counters["skipped_no_ph"] += 1
-            continue
-        pid = info["project_id"]
-        api_env = info["api_key_env"]
-        api_key = os.environ.get(api_env)
-        if not api_key and api_env != "POSTHOG_PERSONAL_API_KEY":
-            api_key = os.environ.get("POSTHOG_PERSONAL_API_KEY")
-        if not api_key:
-            print(f"  [{i:3d}/{len(rows)}] {code} domain={domain} ERR no api key", flush=True)
-            counters["errors"] += 1
-            continue
-        # Pace 0.5s between PROJECT switches (rate-limit guard)
-        if last_pid is not None and last_pid != pid:
-            time.sleep(0.5)
-        last_pid = pid
-        after = to_iso(minted)
-        # Each target_url already carries its own utm_content (the post UUID
-        # for posts, dm_<id> for DMs); the redirector's short code isn't what
-        # PostHog sees, so we read the embedded utm_content instead.
-        utm_val = utm_content_from_url(url) or code
-        try:
-            count = posthog_count_pageviews(api_key, pid, utm_val, after, host=domain)
-        except (urllib.error.URLError, urllib.error.HTTPError) as e:
-            print(f"  [{i:3d}/{len(rows)}] {code} domain={domain} pid={pid} HTTP ERR {e}", flush=True)
-            counters["errors"] += 1
-            continue
-        except Exception as e:
-            print(f"  [{i:3d}/{len(rows)}] {code} domain={domain} pid={pid} ERR {e}", flush=True)
-            counters["errors"] += 1
-            continue
-        if not dry_run:
-            conn.execute(f"UPDATE {table} SET real_clicks = %s WHERE code = %s", (count, code))
-        if count == 0:
-            counters["zero"] += 1
-        counters["updated"] += 1
-        print(f"  [{i:3d}/{len(rows)}] {code} domain={domain} pid={pid} utm={utm_val[:50]} real_clicks={count}", flush=True)
-
-    if not dry_run:
-        conn.commit()
-    print(f"  Summary: {counters}", flush=True)
-    return counters
-
-
-def main():
-    ap = argparse.ArgumentParser()
-    ap.add_argument("--dry-run", action="store_true", help="Query but do not write to DB")
-    ap.add_argument("--limit", type=int, default=None, help="Process at most N rows per table")
-    ap.add_argument("--table", choices=["post_links", "dm_links", "both"], default="both")
-    args = ap.parse_args()
-
-    dbmod.load_env()
-    cfg = load_config()
-    idx = build_domain_index(cfg)
-    print(f"Domain index ({len(idx)} entries):", flush=True)
-    for d, v in sorted(idx.items()):
-        print(f"  {d:40s} -> pid={v['project_id']} ({v['name']})")
-
-    conn = dbmod.get_conn()
-    if args.table in ("post_links", "both"):
-        backfill_table(conn, "post_links", idx, dry_run=args.dry_run, limit=args.limit)
-    if args.table in ("dm_links", "both"):
-        backfill_table(conn, "dm_links", idx, dry_run=args.dry_run, limit=args.limit)
-
-
-if __name__ == "__main__":
-    main()

package/scripts/historical_engagement.py

@@ -1,96 +0,0 @@
-#!/usr/bin/env python3
-"""
-historical_engagement.py
-
-Per-(project, engagement_style) median engagement from the posts table.
-Returned as a compact markdown block to inject into posting prompts, so
-Claude can see which patterns earn upvotes/comments vs. which are dead.
-
-Used by run_moltbook_cycle.py and run_github_cycle.py for the feedback-loop
-reduction lever: stop drafting for patterns whose median engagement is 0
-over >=5 past posts.
-
-Usage:
-    python3 scripts/historical_engagement.py --platform moltbook
-    python3 scripts/historical_engagement.py --platform github --lookback-days 14
-"""
-import argparse
-import os
-import sys
-
-sys.path.insert(0, os.path.dirname(os.path.abspath(__file__)))
-import db as dbmod
-
-
-def fetch_per_project_style(platform, lookback_days=14, min_posts=3):
-    dbmod.load_env()
-    conn = dbmod.get_conn()
-    rows = conn.execute(
-        """
-        SELECT
-            COALESCE(project_name, '(none)') AS project,
-            COALESCE(engagement_style, '(none)') AS style,
-            COUNT(*) AS n,
-            COALESCE(percentile_cont(0.5) WITHIN GROUP (ORDER BY COALESCE(upvotes, 0)), 0) AS median_up,
-            COALESCE(percentile_cont(0.5) WITHIN GROUP (ORDER BY COALESCE(comments_count, 0)), 0) AS median_cm,
-            COALESCE(MAX(upvotes), 0) AS max_up,
-            COALESCE(MAX(comments_count), 0) AS max_cm
-        FROM posts
-        WHERE platform = %s
-          AND posted_at >= NOW() - (%s || ' days')::interval
-          AND engagement_updated_at IS NOT NULL
-        GROUP BY project_name, engagement_style
-        HAVING COUNT(*) >= %s
-        ORDER BY median_up DESC, median_cm DESC
-        """,
-        [platform, str(lookback_days), min_posts],
-    ).fetchall()
-    conn.close()
-    return rows
-
-
-def render_block(rows, platform):
-    if not rows:
-        return (
-            f"## Historical engagement (platform={platform})\n"
-            f"(no scored posts in lookback window)\n"
-        )
-
-    lines = [
-        f"## Historical engagement per (project, style) for {platform}",
-        "Median engagement over posts with status tracked. Prioritize rows labeled [good];",
-        "skip drafting for rows labeled [dead] unless the thread is an obvious on-topic fit.",
-        "",
-        f"{'project':<22} {'style':<20} {'n':>4} {'med_up':>7} {'med_cm':>7} {'best_up':>7} {'best_cm':>7}  label",
-    ]
-    for project, style, n, med_up, med_cm, max_up, max_cm in rows:
-        med_up = float(med_up or 0)
-        med_cm = float(med_cm or 0)
-        # Self-upvote inflates med_up by 1 on platforms like MoltBook;
-        # lean on max_up (organic high-water) and med_cm (replies) instead.
-        if max_cm >= 2 or max_up >= 3 or med_cm >= 1:
-            label = "[good]"
-        elif max_up <= 1 and med_cm == 0 and n >= 5:
-            label = "[dead]"
-        else:
-            label = ""
-        lines.append(
-            f"{project[:22]:<22} {style[:20]:<20} {n:>4} "
-            f"{med_up:>7.2f} {med_cm:>7.2f} {max_up:>7} {max_cm:>7}  {label}"
-        )
-    return "\n".join(lines) + "\n"
-
-
-def main():
-    p = argparse.ArgumentParser()
-    p.add_argument("--platform", required=True, choices=["moltbook", "github", "reddit", "twitter", "linkedin"])
-    p.add_argument("--lookback-days", type=int, default=14)
-    p.add_argument("--min-posts", type=int, default=3)
-    args = p.parse_args()
-
-    rows = fetch_per_project_style(args.platform, args.lookback_days, args.min_posts)
-    sys.stdout.write(render_block(rows, args.platform))
-
-
-if __name__ == "__main__":
-    main()

package/scripts/style_length_report.py

@@ -1,287 +0,0 @@
-#!/usr/bin/env python3
-"""Target-vs-realized comment-length report, grouped by engagement_style.
-
-The "fact" half of the target_chars system. Each engagement style now carries
-a `target_chars` (the length THIS style is supposed to win at, biased toward
-the top-human-reply median). This script answers: for the comments we actually
-posted, how long did they come out, and how far is that from the target?
-
-It joins two things per style:
-  1. target_chars  — the authoritative target from the live registry
-                     (engagement_styles.get_all_styles(); falls back to the
-                     in-process STYLES dict / DEFAULT_TARGET_CHARS if the API
-                     is unreachable).
-  2. realized length — LENGTH() of the comment text we posted, pulled from BOTH
-                     Twitter rails: the post rail (`posts`, platform='twitter')
-                     and the engage rail (`replies`, platform='x'). Reddit /
-                     LinkedIn / GitHub / Moltbook are selectable via --platform.
-
-For each style it reports n, the target, realized p25/p50/p75/avg, the delta
-(median realized minus target; positive = we ran long), and the engagement
-proxy (avg views, avg likes) so you can A/B whether landing near the target
-actually helps. Sorted by n desc.
-
-Usage
------
-  python3 scripts/style_length_report.py                 # twitter, last 30d
-  python3 scripts/style_length_report.py --days 14
-  python3 scripts/style_length_report.py --platform reddit
-  python3 scripts/style_length_report.py --json          # machine-readable
-  python3 scripts/style_length_report.py --min-n 10      # hide thin styles
-
-This is read-only. No writes, no locks.
-"""
-import argparse
-import json
-import os
-import sys
-
-REPO_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
-sys.path.insert(0, os.path.join(REPO_DIR, "scripts"))
-
-from db import get_conn  # noqa: E402
-
-# Per-platform mapping of where live comment text lives. Twitter is the only
-# platform that splits across two rails (post + engage); the rest live in one
-# table. Each spec: (table, text_col, time_col, platform_values, live_statuses,
-# views_col, likes_col).
-PLATFORM_RAILS = {
-    "twitter": [
-        ("posts", "our_content", "posted_at", ("twitter",),
-         ("active", "posted"), "views", "upvotes"),
-        ("replies", "our_reply_content", "replied_at", ("x",),
-         ("replied",), "views", "upvotes"),
-    ],
-    "reddit": [
-        ("posts", "our_content", "posted_at", ("reddit",),
-         ("active", "posted"), "views", "upvotes"),
-        ("replies", "our_reply_content", "replied_at", ("reddit",),
-         ("replied",), "views", "upvotes"),
-    ],
-    "linkedin": [
-        ("posts", "our_content", "posted_at", ("linkedin",),
-         ("active", "posted"), "views", "upvotes"),
-    ],
-    "github": [
-        ("posts", "our_content", "posted_at", ("github",),
-         ("active", "posted"), "views", "upvotes"),
-    ],
-    "moltbook": [
-        ("replies", "our_reply_content", "replied_at", ("moltbook",),
-         ("replied",), "views", "upvotes"),
-    ],
-}
-
-
-def fetch_rail_rows(conn, rail, days, core_only=False):
-    table, text_col, time_col, plats, statuses, views_col, likes_col = rail
-    plat_ph = ",".join(["%s"] * len(plats))
-    stat_ph = ",".join(["%s"] * len(statuses))
-    # target_chars is the per-post SNAPSHOT (frozen at post time). NULL on rows
-    # predating the snapshot wiring; summarize() falls back to the live registry
-    # target for those so coverage degrades gracefully.
-    #
-    # core_only: target_chars is enforced on the CORE COMMENT only; the tail
-    # link (a separate sentence + short URL the system appends afterward) is
-    # NOT part of the comment budget. The `posts` rail carries tail_link_variant
-    # ('link' | 'no_link'); restricting to no_link / NULL isolates rows whose
-    # LENGTH() is the pure comment, so realized-vs-target is apples-to-apples.
-    # Rails without that column (replies engage rail) are unaffected.
-    core_clause = ""
-    if core_only and table == "posts":
-        core_clause = (
-            " AND (tail_link_variant IS NULL OR tail_link_variant = 'no_link')"
-        )
-    sql = f"""
-        SELECT
-            COALESCE(engagement_style, '(none)')          AS style,
-            LENGTH(TRIM({text_col}))                       AS clen,
-            COALESCE({views_col}, 0)                       AS views,
-            COALESCE({likes_col}, 0)                       AS likes,
-            target_chars                                   AS snap_target
-        FROM {table}
-        WHERE platform IN ({plat_ph})
-          AND status   IN ({stat_ph})
-          AND {time_col} >= NOW() - (%s || ' days')::INTERVAL
-          AND {text_col} IS NOT NULL
-          AND LENGTH(TRIM({text_col})) > 0
-          {core_clause}
-    """
-    params = list(plats) + list(statuses) + [str(days)]
-    cur = conn.execute(sql, params)
-    rows = cur.fetchall()
-    cur.close()
-    return [
-        {"style": r[0], "clen": int(r[1]), "views": int(r[2]),
-         "likes": int(r[3]),
-         "snap_target": int(r[4]) if r[4] is not None else None}
-        for r in rows
-    ]
-
-
-def load_targets():
-    """name -> target_chars from the live registry (with cold-start fallback)."""
-    targets = {}
-    try:
-        from engagement_styles import get_all_styles, DEFAULT_TARGET_CHARS
-        for name, meta in get_all_styles().items():
-            tc = (meta or {}).get("target_chars")
-            try:
-                targets[name] = int(tc) if tc else DEFAULT_TARGET_CHARS
-            except (TypeError, ValueError):
-                targets[name] = DEFAULT_TARGET_CHARS
-    except Exception as e:
-        sys.stderr.write(
-            f"[style_length_report] could not load registry targets ({e}); "
-            "report will show target=? for all styles\n"
-        )
-    return targets
-
-
-def pct(sorted_vals, p):
-    if not sorted_vals:
-        return 0
-    k = (len(sorted_vals) - 1) * (p / 100.0)
-    lo = int(k)
-    hi = min(lo + 1, len(sorted_vals) - 1)
-    if lo == hi:
-        return sorted_vals[lo]
-    return round(sorted_vals[lo] + (sorted_vals[hi] - sorted_vals[lo]) * (k - lo))
-
-
-def summarize(rows, targets):
-    by_style = {}
-    for r in rows:
-        by_style.setdefault(r["style"], []).append(r)
-    out = []
-    for style, items in by_style.items():
-        lens = sorted(x["clen"] for x in items)
-        n = len(items)
-        med = pct(lens, 50)
-        # Headline target: the per-post snapshot median when any row carries one
-        # (frozen, drift-proof, the true "what we told it to aim for"), else the
-        # live registry target as fallback. snap_n shows how many rows are on
-        # the snapshot path yet.
-        snaps = sorted(x["snap_target"] for x in items if x["snap_target"])
-        if snaps:
-            target = pct(snaps, 50)
-        else:
-            target = targets.get(style)
-        out.append({
-            "style": style,
-            "n": n,
-            "snap_n": len(snaps),
-            "target_chars": target,
-            "p25": pct(lens, 25),
-            "p50": med,
-            "p75": pct(lens, 75),
-            "avg": round(sum(lens) / n),
-            "delta": (med - target) if target is not None else None,
-            "avg_views": round(sum(x["views"] for x in items) / n, 1),
-            "avg_likes": round(sum(x["likes"] for x in items) / n, 2),
-        })
-    out.sort(key=lambda d: d["n"], reverse=True)
-    return out
-
-
-def overall(rows, targets):
-    if not rows:
-        return {}
-    lens = sorted(r["clen"] for r in rows)
-    # target per row (so the weighted target reflects the style mix we posted):
-    # snapshot when present, else live registry target.
-    tlist = [
-        (r["snap_target"] if r["snap_target"] else targets.get(r["style"]))
-        for r in rows
-    ]
-    tlist = [t for t in tlist if t is not None]
-    snap_n = sum(1 for r in rows if r["snap_target"])
-    return {
-        "n": len(rows),
-        "snap_n": snap_n,
-        "realized_p50": pct(lens, 50),
-        "realized_avg": round(sum(lens) / len(lens)),
-        "target_p50_weighted": pct(sorted(tlist), 50) if tlist else None,
-        "target_avg_weighted": round(sum(tlist) / len(tlist)) if tlist else None,
-    }
-
-
-def render_table(report, ov, platform, days):
-    lines = []
-    lines.append(
-        f"Style length report  platform={platform}  window={days}d  "
-        f"comments={ov.get('n', 0)}  "
-        f"snapshotted={ov.get('snap_n', 0)} (rest fall back to live target)"
-    )
-    if ov:
-        lines.append(
-            f"  OVERALL realized median={ov['realized_p50']}  "
-            f"avg={ov['realized_avg']}   "
-            f"target(weighted) median={ov['target_p50_weighted']}  "
-            f"avg={ov['target_avg_weighted']}"
-        )
-        if ov.get("target_avg_weighted"):
-            over = ov["realized_avg"] - ov["target_avg_weighted"]
-            ratio = ov["realized_avg"] / ov["target_avg_weighted"]
-            lines.append(
-                f"  => running {over:+d} chars vs target on average "
-                f"({ratio:.1f}x)"
-            )
-    lines.append("")
-    hdr = (f"{'style':28} {'n':>5} {'snap':>5} {'tgt':>5} {'p25':>5} "
-           f"{'p50':>5} {'p75':>5} {'avg':>5} {'delta':>6} {'views':>7} "
-           f"{'likes':>6}")
-    lines.append(hdr)
-    lines.append("-" * len(hdr))
-    for r in report:
-        tgt = "?" if r["target_chars"] is None else str(r["target_chars"])
-        delta = "" if r["delta"] is None else f"{r['delta']:+d}"
-        lines.append(
-            f"{r['style'][:28]:28} {r['n']:>5} {r['snap_n']:>5} {tgt:>5} "
-            f"{r['p25']:>5} {r['p50']:>5} {r['p75']:>5} {r['avg']:>5} "
-            f"{delta:>6} {r['avg_views']:>7} {r['avg_likes']:>6}"
-        )
-    return "\n".join(lines)
-
-
-def main():
-    ap = argparse.ArgumentParser(description=__doc__.splitlines()[0])
-    ap.add_argument("--platform", default="twitter",
-                    choices=sorted(PLATFORM_RAILS.keys()))
-    ap.add_argument("--days", type=int, default=30)
-    ap.add_argument("--min-n", type=int, default=1,
-                    help="Hide styles with fewer than N comments.")
-    ap.add_argument("--core-only", action="store_true",
-                    help="Exclude link-bearing posts (tail_link_variant='link') "
-                         "so realized length reflects the CORE comment only, not "
-                         "the appended tail-link sentence + URL. twitter/posts "
-                         "rail only.")
-    ap.add_argument("--json", action="store_true")
-    args = ap.parse_args()
-
-    targets = load_targets()
-    conn = get_conn()
-    try:
-        rows = []
-        for rail in PLATFORM_RAILS[args.platform]:
-            rows.extend(fetch_rail_rows(conn, rail, args.days,
-                                        core_only=args.core_only))
-    finally:
-        conn.close()
-
-    report = [r for r in summarize(rows, targets) if r["n"] >= args.min_n]
-    ov = overall(rows, targets)
-
-    if args.json:
-        print(json.dumps(
-            {"platform": args.platform, "days": args.days,
-             "overall": ov, "styles": report},
-            indent=2, default=str,
-        ))
-    else:
-        print(render_table(report, ov, args.platform, args.days))
-    return 0
-
-
-if __name__ == "__main__":
-    sys.exit(main())