What is the 'Neural Link'?

The Neural Link is a bi-directional bridge that connects AI agents (like Gemini or Claude) directly to the Neo.mjs runtime. It allows agents to 'see' the application's Scene Graph, inspect component state, verify event listeners, and even mutate the running application in real-time. This turns the application into a 'glass box' for AI, enabling autonomous debugging and feature development.

Why is Neo.mjs called an 'Application Engine' instead of a framework?

Traditional frameworks are general-purpose libraries (like a Toyota) that help you organize code, but they compile away into ephemeral DOM nodes. Neo.mjs is a precision-engineered runtime (like an F1 car), similar to Unreal Engine for games. It maintains a persistent 'Scene Graph' of objects in a separate worker thread. These objects retain their identity, state, and relationships, allowing for advanced capabilities like multi-window orchestration, runtime permutation, and deep AI introspection that are impossible with 'melted plastic' DOM-based frameworks.

What is 'Context Engineering'?

Context Engineering is the practice of curating the environment and information flow for AI agents to maximize their autonomy. In Neo.mjs, this is implemented via three Model Context Protocol (MCP) servers: a Knowledge Base for semantic code understanding, a Memory Core for learning from past sessions, and a GitHub Workflow server for project management. This ecosystem allows agents to work as fully integrated members of the development team.

What is 'Object Permanence' in the context of Neo.mjs?

In Neo.mjs, UI components are persistent JavaScript objects living in the App Worker, not just transient rendering results. This 'Object Permanence' means a component (like a Dashboard) maintains its state (scroll position, user input, internal logic) even if it is detached from the DOM or moved to a different browser window. This is the 'Lego Technic' approach versus the 'Duplo' approach of traditional frameworks.

What is an 'Agent Operating System'?

Neo.mjs v11 introduced the concept of an Agent OS, where the platform itself provides the tools and interfaces for AI agents to operate. It combines a standalone, type-safe AI SDK for autonomous 'Code Execution' with the Neural Link for runtime control. This enables agents to monitor, debug, and heal the application autonomously, effectively acting as an operating system for synthetic intelligence.

How does Neo.mjs handle multi-window applications?

Neo.mjs uses shared web workers to run a single application instance across multiple browser windows. All windows share the same application state and data in real-time. Components can even move between windows while retaining their JavaScript instances. This enables desktop-class experiences like multi-window IDEs, browser-based email clients, and multi-screen control rooms.

What makes Neo.mjs different from React, Angular, or Vue?

Neo.mjs is fundamentally different in its architecture: (1) It uses True Multithreading via web workers to prevent UI jank, (2) It is an AI-Native Application Engine with built-in bridges for AI collaboration, and (3) It treats components as persistent objects in a Scene Graph, enabling native multi-window support and runtime permutation.

Frontmatter

id	10908
title	Chroma healthcheck fails in CI: chromadb/chroma image lacks curl
state	Closed
labels	bugaiarchitecturebuild
assignees	neo-opus-4-7
createdAt	May 7, 2026, 5:51 PM
updatedAt	May 9, 2026, 11:15 PM
githubUrl	https://github.com/neomjs/neo/issues/10908
author	neo-opus-4-7
commentsCount	0
parentIssue	null
subIssues	[]
subIssuesCompleted	0
subIssuesTotal	0
blockedBy	[]
blocking	[]
closedAt	May 7, 2026, 5:59 PM

Chroma healthcheck fails in CI: chromadb/chroma image lacks curl

Name: Neo.mjs Application Engine
Author: Neo.mjs

Closedbugaiarchitecturebuild

neo-opus-4-7 commented on May 7, 2026, 5:51 PM

Context

Surfaced 2026-05-07 by Lane C #10899 integration-row CI re-fire after #10904 (Dockerfile fix) merged. The Dockerfile fix unblocked the build path; the next failure mode is now visible: Chroma container's healthcheck fails because curl is not installed in the chromadb/chroma:1.5.9 base image, leading to dependency failed to start: container neo-integration-test-chroma-1 is unhealthy after 60s and a 240s webServer timeout in Playwright.

The Problem

ai/deploy/docker-compose.test.yml:7 declares:

healthcheck:
  test: ["CMD", "curl", "-f", "http://localhost:8000/api/v2/heartbeat"]
  interval: 5s
  timeout: 5s
  retries: 12

The chromadb/chroma:1.5.9 image is debian-slim-based and does not include curl by default. Docker reports the healthcheck as failing every 5s; after 12 retries (60s) the container is marked unhealthy. kb-server and mc-server both have depends_on: chroma: condition: service_healthy, so neither starts → composeWebServer.mjs waits → 240s webServer-timeout → integration suite fails.

Empirical anchor: Lane C CI run 25506320077 integration job, log lines:

15:45:28 — Chroma starts, banner output observed (process is healthy, server listening).
15:46:28 — dependency failed to start: container neo-integration-test-chroma-1 is unhealthy (exactly 60s, matching 5s × 12 retries).
15:48:39 — Error: Timed out waiting 240000ms from config.webServer.

The Chroma server itself is running and listening on port 8000 (verified via banner). The healthcheck just can't probe it because curl is absent.

Why this wasn't caught earlier

Same root pattern as #10902: local Docker layer caching. On a developer machine that previously ran docker compose up against an older Chroma image (which may have included curl) OR where --no-cache was never invoked, the cache masks the issue. Lane C (#10899) is the first PR to run a truly clean ubuntu-latest Docker build → bug surfaces on first --no-cache build of chromadb/chroma:1.5.9.

The Architectural Reality

ai/deploy/docker-compose.test.yml:7 — current healthcheck.
The chromadb/chroma:1.5.9 image is a Python application; Python is guaranteed to be present (it's the runtime). curl/wget are not.
The Chroma /api/v2/heartbeat endpoint exists and is the canonical health probe (verified via image documentation + previous PR-#10880 design intent).
We need a healthcheck that uses something guaranteed to exist in the image, not curl.

The Fix

Replace the curl-based healthcheck with a Python urllib-based check (uses the runtime that's already in the image):

   healthcheck:
-    test: ["CMD", "curl", "-f", "http://localhost:8000/api/v2/heartbeat"]
+    test: ["CMD", "python", "-c", "import urllib.request,sys; sys.exit(0 if urllib.request.urlopen('http://localhost:8000/api/v2/heartbeat',timeout=2).read() else 1)"]
     interval: 5s
     timeout: 5s
     retries: 12

The Python check:

Uses urllib.request.urlopen (stdlib, no dependencies).
2s socket timeout per probe (well under the 5s timeout envelope).
Returns exit 0 on any 2xx + non-empty body, exit 1 on any failure (HTTP error, connection refused, timeout, malformed response).
Compatible with all chromadb image variants (Python is the runtime).

Contract Ledger (T3)

Target Surface	Source of Authority	Proposed Behavior	Fallback / Edge Case	Docs	Evidence
`ai/deploy/docker-compose.test.yml:7` healthcheck	This ticket; surfaced by #10897 Lane C CI re-fire post-#10904	Healthcheck uses Python `urllib.request` (stdlib) instead of `curl` (absent from image). Same probe target (`http://localhost:8000/api/v2/heartbeat`), same interval/timeout/retries.	If chromadb ever ships an image variant without Python (unlikely — Chroma is a Python app), fallback to TCP-port check via `nc`/`netcat` or `bash`-builtin `/dev/tcp`. Document in inline comment.	Inline `docker-compose.test.yml` comment cross-linking this ticket.	L3 — Lane C CI (#10899) `integration` job runs green on the rebased head after this fix lands.

Acceptance Criteria

ai/deploy/docker-compose.test.yml:7 healthcheck uses the Python-stdlib probe per Ledger row 1.
Inline comment cross-links this ticket as the rationale.
Lane C CI (#10899) Tests / integration matrix row passes on next rebase + run.
No regression to local Docker workflow (still works for docker compose -f ai/deploy/docker-compose.test.yml up on dev machines).

Out of Scope

Audit of OTHER healthchecks elsewhere in the repo for similar curl-dependency assumptions (only ai/deploy/docker-compose.test.yml has compose-level healthchecks today; cross-substrate audit is future ticket).
Switching to a different chromadb base image variant.
Custom Dockerfile FROM the chromadb image with curl pre-installed (heavier intervention; Python-stdlib path is leaner).

Avoided Traps / Gold Standards Rejected

Rejected: install curl in a custom Chroma Dockerfile. Adds image-build complexity for a healthcheck-only utility. Python-stdlib path is leaner.
Rejected: drop the healthcheck + use service_started instead of service_healthy. Race condition: kb-server / mc-server may start before Chroma is actually ready and fail with connection-refused on first MCP request. Healthcheck is the right substrate.
Rejected: switch to wget. Same problem as curl — not guaranteed in chromadb image. Python is the safe-by-construction choice (it's the runtime).
Rejected: bash /dev/tcp probe. Requires bash (not just sh); chromadb image basis isn't guaranteed to have bash. Less portable than Python.

Surfacing context: Lane C CI run 25506320077 integration job, post-#10904 rebase.
Sibling substrate fix (predecessor): #10902 → PR #10904 — Dockerfile prepare-lifecycle fix. Same pattern: substrate config bug masked by local Docker layer caching, surfaced by clean-CI.
Original substrate: #10801 → PR #10880 (Docker artifacts). The current healthcheck shape was introduced there.
Downstream impact: Lane C #10899 (CI workflow gating depends on this), Lane B #10898 (rebased; integration evidence path live but blocked by this), and all future integration-test PRs.

Origin Session ID: 7e897a0b-33ce-4d6c-b1a9-a1ff93e4e571

Retrieval Hint: query_raw_memories(query="chroma healthcheck curl docker-compose Lane C CI integration substrate")

tobiu referenced in commit 3f94362 - "fix(deploy): use python urllib for Chroma healthcheck (curl missing) (#10908) (#10909) on May 7, 2026, 5:59 PM

tobiu closed this issue on May 7, 2026, 5:59 PM

tobiu referenced in commit 2a897c9 - "fix(deploy): use python3 binary in Chroma healthcheck (#10911) (#10912) on May 7, 2026, 6:17 PM