marcus · marcus · Mar 24, 2026
diff --git a/internal/analysis/db.go b/internal/analysis/db.go
@@ -60,112 +60,3 @@ func (result *BusFactorResult) Store(db *sql.DB) error {
 
 	return nil
 }
-
-// LoadLatest loads the most recent bus-factor result for a component.
-func LoadLatest(db *sql.DB, component string) (*BusFactorResult, error) {
-	if db == nil {
-		return nil, fmt.Errorf("database is nil")
-	}
-
-	query := `
-		SELECT id, component, timestamp, metrics, contributors, risk_level, report_path
-		FROM bus_factor_results
-		WHERE component = ?
-		ORDER BY timestamp DESC
-		LIMIT 1
-	`
-
-	row := db.QueryRow(query, component)
-
-	result := &BusFactorResult{}
-	var metricsJSON, contributorsJSON string
-
-	err := row.Scan(
-		&result.ID,
-		&result.Component,
-		&result.Timestamp,
-		&metricsJSON,
-		&contributorsJSON,
-		&result.RiskLevel,
-		&result.ReportPath,
-	)
-	if err != nil {
-		if err == sql.ErrNoRows {
-			return nil, nil
-		}
-		return nil, fmt.Errorf("querying bus factor result: %w", err)
-	}
-
-	// Deserialize metrics and contributors
-	if err := json.Unmarshal([]byte(metricsJSON), &result.Metrics); err != nil {
-		return nil, fmt.Errorf("unmarshaling metrics: %w", err)
-	}
-
-	if err := json.Unmarshal([]byte(contributorsJSON), &result.Contributors); err != nil {
-		return nil, fmt.Errorf("unmarshaling contributors: %w", err)
-	}
-
-	return result, nil
-}
-
-// LoadAll loads all bus-factor results for a component, optionally filtered by date range.
-func LoadAll(db *sql.DB, component string, since time.Time) ([]BusFactorResult, error) {
-	if db == nil {
-		return nil, fmt.Errorf("database is nil")
-	}
-
-	query := `
-		SELECT id, component, timestamp, metrics, contributors, risk_level, report_path
-		FROM bus_factor_results
-		WHERE component = ?
-	`
-	args := []any{component}
-
-	if !since.IsZero() {
-		query += " AND timestamp >= ?"
-		args = append(args, since)
-	}
-
-	query += " ORDER BY timestamp DESC"
-
-	rows, err := db.Query(query, args...)
-	if err != nil {
-		return nil, fmt.Errorf("querying bus factor results: %w", err)
-	}
-	defer func() { _ = rows.Close() }()
-
-	var results []BusFactorResult
-	for rows.Next() {
-		result := BusFactorResult{}
-		var metricsJSON, contributorsJSON string
-
-		err := rows.Scan(
-			&result.ID,
-			&result.Component,
-			&result.Timestamp,
-			&metricsJSON,
-			&contributorsJSON,
-			&result.RiskLevel,
-			&result.ReportPath,
-		)
-		if err != nil {
-			return nil, fmt.Errorf("scanning bus factor result: %w", err)
-		}
-
-		if err := json.Unmarshal([]byte(metricsJSON), &result.Metrics); err != nil {
-			return nil, fmt.Errorf("unmarshaling metrics: %w", err)
-		}
-
-		if err := json.Unmarshal([]byte(contributorsJSON), &result.Contributors); err != nil {
-			return nil, fmt.Errorf("unmarshaling contributors: %w", err)
-		}
-
-		results = append(results, result)
-	}
-
-	if err := rows.Err(); err != nil {
-		return nil, fmt.Errorf("iterating bus factor results: %w", err)
-	}
-
-	return results, nil
-}
diff --git a/internal/logging/logging.go b/internal/logging/logging.go
@@ -195,11 +195,6 @@ func (l *Logger) WithComponent(component string) *Logger {
 	}
 }
 
-// With returns a new Logger with additional context fields.
-func (l *Logger) With() zerolog.Context {
-	return l.zl.With()
-}
-
 // Debug logs a debug message.
 func (l *Logger) Debug(msg string) {
 	l.zl.Debug().Msg(msg)
@@ -276,25 +271,6 @@ func (l *Logger) ErrorCtx(msg string, fields map[string]any) {
 	event.Msg(msg)
 }
 
-// Err logs an error with the error field.
-func (l *Logger) Err(err error) *zerolog.Event {
-	return l.zl.Error().Err(err)
-}
-
-// Event returns a new log event at the specified level.
-func (l *Logger) Event(level string) *zerolog.Event {
-	switch level {
-	case "debug":
-		return l.zl.Debug()
-	case "warn":
-		return l.zl.Warn()
-	case "error":
-		return l.zl.Error()
-	default:
-		return l.zl.Info()
-	}
-}
-
 // Close closes the log file.
 func (l *Logger) Close() error {
 	l.mu.Lock()

diff --git a/internal/orchestrator/orchestrator.go b/internal/orchestrator/orchestrator.go
@@ -113,8 +113,7 @@
 // Orchestrator manages agent execution using plan-implement-review loop.
 type Orchestrator struct {
 	agent        agents.Agent
 	budget       *budget.Tracker
-	queue        *tasks.Queue
 	config       Config
 	logger       *logging.Logger
 	eventHandler EventHandler // optional callback for real-time events
@@ -131,20 +130,6 @@
 	}
 }
 
-// WithBudget sets the budget tracker.
-func WithBudget(b *budget.Tracker) Option {
-	return func(o *Orchestrator) {
-		o.budget = b
-	}
-}
-
-// WithQueue sets the task queue.
-func WithQueue(q *tasks.Queue) Option {
-	return func(o *Orchestrator) {
-		o.queue = q
-	}
-}
-
 // WithConfig sets orchestrator configuration.
 func WithConfig(c Config) Option {
 	return func(o *Orchestrator) {
@@ -672,36 +657,8 @@
 }
 
 // Run processes all tasks in queue until empty or budget exhausted.
-func (o *Orchestrator) Run(ctx context.Context) error {
-	if o.queue == nil {
-		return errors.New("no task queue configured")
-	}
-
-	for {
-		select {
-		case <-ctx.Done():
-			return ctx.Err()
-		default:
-		}
-
-		task := o.queue.Next()
-		if task == nil {
-			o.logger.Info("queue empty, stopping")
-			return nil
-		}
-
-		// Check budget before running
-		// TODO: Implement budget check based on task cost estimate
-
-		result, err := o.RunTask(ctx, task, o.config.WorkDir)
-		if err != nil {
-			o.logger.Errorf("task %s failed: %v", task.ID, err)
-			continue
-		}
-
-		o.logger.Infof("task %s: status=%s iterations=%d duration=%s",
-			result.TaskID, result.Status, result.Iterations, result.Duration)
-	}
+func (o *Orchestrator) Run(_ context.Context) error {
+	return errors.New("no task queue configured")
 }
 
 // Prompt builders

diff --git a/internal/scheduler/scheduler.go b/internal/scheduler/scheduler.go
@@ -472,13 +472,3 @@ func (s *Scheduler) ScheduleInterval(d time.Duration, job func()) error {
 	})
 	return nil
 }
-
-// Schedule adds a one-time job to run at the specified time.
-func (s *Scheduler) Schedule(at time.Time, job func()) {
-	s.AddJob(func(ctx context.Context) error {
-		if time.Now().After(at) {
-			job()
-		}
-		return nil
-	})
-}
diff --git a/internal/security/audit.go b/internal/security/audit.go
@@ -258,31 +258,6 @@ func (l *AuditLogger) Close() error {
 	return nil
 }
 
-// RotateIfNeeded checks if the log file needs rotation (new day).
-func (l *AuditLogger) RotateIfNeeded() error {
-	l.mu.Lock()
-	defer l.mu.Unlock()
-
-	expectedFilename := fmt.Sprintf("audit-%s.jsonl", time.Now().Format("2006-01-02"))
-	expectedPath := filepath.Join(l.logDir, expectedFilename)
-
-	if l.file != nil {
-		currentPath := l.file.Name()
-		if currentPath == expectedPath {
-			// No rotation needed
-			return nil
-		}
-
-		// Close old file
-		if err := l.file.Close(); err != nil {
-			return fmt.Errorf("closing old audit log: %w", err)
-		}
-	}
-
-	// Open new file
-	return l.openLogFile()
-}
-
 // GetLogFiles returns a list of all audit log files.
 func (l *AuditLogger) GetLogFiles() ([]string, error) {
 	entries, err := os.ReadDir(l.logDir)

diff --git a/internal/security/credentials.go b/internal/security/credentials.go
@@ -90,11 +90,6 @@ func (m *CredentialManager) HasOpenAIKey() bool {
 	return os.Getenv(EnvOpenAIKey) != ""
 }
 
-// GetWarnings returns any warnings generated during validation.
-func (m *CredentialManager) GetWarnings() []string {
-	return m.warnings
-}
-
 // CheckConfigForCredentials scans config content for potential credential leaks.
 // Returns error if credentials appear to be stored in config.
 func (m *CredentialManager) CheckConfigForCredentials(content string) error {
@@ -129,24 +124,6 @@ func (m *CredentialManager) CheckConfigForCredentials(content string) error {
 	return nil
 }
 
-// EnsureNoCredentialsInFile checks a file for potential credential storage.
-func (m *CredentialManager) EnsureNoCredentialsInFile(path string) error {
-	// Skip non-config files
-	if !isConfigFile(path) {
-		return nil
-	}
-
-	content, err := os.ReadFile(path)
-	if err != nil {
-		if os.IsNotExist(err) {
-			return nil
-		}
-		return fmt.Errorf("reading file: %w", err)
-	}
-
-	return m.CheckConfigForCredentials(string(content))
-}
-
 // maskCredential returns a masked version of a credential for safe display.
 func maskCredential(value string) string {
 	if len(value) < 8 {

diff --git a/internal/security/sandbox.go b/internal/security/sandbox.go
@@ -5,7 +5,6 @@ package security
 import (
 	"context"
 	"fmt"
-	"io"
 	"os"
 	"os/exec"
 	"path/filepath"
@@ -143,46 +142,6 @@ func (s *Sandbox) Execute(ctx context.Context, name string, args ...string) (*Ex
 	return result, nil
 }
 
-// ExecuteWithIO runs a command with custom IO streams.
-func (s *Sandbox) ExecuteWithIO(ctx context.Context, stdin io.Reader, stdout, stderr io.Writer, name string, args ...string) error {
-	s.mu.Lock()
-	s.active = true
-	s.mu.Unlock()
-
-	defer func() {
-		s.mu.Lock()
-		s.active = false
-		s.mu.Unlock()
-	}()
-
-	// Apply timeout
-	if s.config.MaxDuration > 0 {
-		var cancel context.CancelFunc
-		ctx, cancel = context.WithTimeout(ctx, s.config.MaxDuration)
-		defer cancel()
-	}
-
-	// Validate command
-	if err := s.validateCommand(name); err != nil {
-		return err
-	}
-
-	cmd := exec.CommandContext(ctx, name, args...)
-
-	if s.config.WorkDir != "" {
-		cmd.Dir = s.config.WorkDir
-	} else {
-		cmd.Dir = s.tempDir
-	}
-
-	cmd.Env = s.buildEnvironment()
-	cmd.Stdin = stdin
-	cmd.Stdout = stdout
-	cmd.Stderr = stderr
-
-	return cmd.Run()
-}
-
 // ExecResult holds the result of a sandboxed execution.
 type ExecResult struct {
 	Stdout   string