# ADR-002: Use local config loader for legacy module ## Status Accepted ## Context Security gate for F-001 failed. Legacy PHP files still hold DB credentials, OpenAI keys, and production-coupled URLs. The module needs one small config mechanism without large refactor. ## Decision Add `bootstrap.php` to the legacy module root. Load config from `config/local.php` with fallback to `config/local.example.php`. Expose shared helper functions for config lookup and DB connection. Update web pages and worker to read DB, OpenAI, route, and URL values through this helper. Ignore `config/local.php` in git. ## Consequences - Good: - secrets leave tracked PHP source files - one config shape is reused by web pages and worker - local setup becomes explicit - Bad: - module still depends on local file management - fallback example config can still fail at runtime until maintainer fills real values ## Alternatives considered 1. Use environment variables only - rejected because this legacy module already expects file-based setup. 2. Keep secrets in PHP constants - rejected because tracked source would still hold sensitive values. 3. Full framework migration - rejected because scope is too large for this fix. ## Date 2026-05-25