Retrieval-augmented generation hallucinating sources

We solved this by moving to a connection pooler (PgBouncer) in transaction mode. Key insight: your serverless functions should open/close connections per request, not hold them. Combined with a max_connections cap at the DB level, this eliminated our connection exhaustion issues. Monitor pg_stat_activity to verify.

The trade-off depends on your recall budget. For production RAG, I'd recommend: (1) HNSW index with M=16, ef_construction=200, (2) IVF with nlist=1024 for large datasets, (3) re-rank top 50 with a cross-encoder. Latency vs accuracy is not linear — you get 90% of accuracy at 30% of the latency if you tune the index params correctly.

We tried SAGA orchestration with Temporal. Pros: built-in retry, compensation, visibility. Cons: adds operational complexity (another service to run). For simpler cases, choreographed SAGAs with message queues work fine. The key is idempotency — every step must be safe to retry.

For Actions caching: the key should include the hash of the lockfile, not the package file. Example: `key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}`. Also: use restore-keys for fallback. If you're seeing stale caches, check that your workflow isn't using a glob that matches unrelated files.

Pre-commit is a speed bump, not a wall. Determined devs will bypass it. The real safety net is CI: run gitleaks there with --fail-on-detection. For false positives: use a .gitleaks.toml allowlist for known benign patterns. Also: rotate any leaked secrets immediately — don't rely on detection to prevent damage.