From 311e44aac2cefb4bef4e17bbeddad27e3f283fd2 Mon Sep 17 00:00:00 2001 From: Siavash Sameni Date: Sun, 7 Jun 2026 06:57:29 +0400 Subject: [PATCH] =?UTF-8?q?docs:=20sync=20from=20backend=20b743b5e=20?= =?UTF-8?q?=E2=80=94=20dispute=20relation=20fks?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- 09 - Audits/Activity Log.md | 10 ++++++++++ 09 - Audits/DB Query & Schema Audit - 2026-06-06.md | 3 ++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/09 - Audits/Activity Log.md b/09 - Audits/Activity Log.md index 57c4aef..93b7e12 100644 --- a/09 - Audits/Activity Log.md +++ b/09 - Audits/Activity Log.md @@ -11,6 +11,16 @@ entries on top. Maintained by agents per the rule in `../AGENTS.md`. --- +### 2026-06-07 — backend@b743b5e, frontend@f1e5f3a — DB audit C7 dispute relation FKs + +**Commits:** `b743b5e` `f1e5f3a` +**Touched:** backend `src/db/schema/dispute.ts`, `src/db/migrations/0024_disputes_uuid_fks.sql`, `src/db/repositories/drizzle/DrizzleDisputeRepo.ts`, `__tests__/db-audit-critical-fks.test.ts`, `package.json`, `package-lock.json`; frontend `Dockerfile`, `package.json`; docs `09 - Audits/DB Query & Schema Audit - 2026-06-06.md`, `09 - Audits/Activity Log.md` +**Why:** Close Critical C7 from the DB Query & Schema Audit by converting dispute purchase-request/user relationship columns from loose text IDs to UUID FKs while keeping legacy Mongo ObjectId callers working through repo-level resolution and legacy display mapping. +**Verification:** backend `npm test -- --runTestsByPath __tests__/db-audit-critical-fks.test.ts --runInBand`, `scripts/smoke/db-audit-service-regressions.sh` (16 suites / 55 tests), `npm run typecheck`, scoped `git diff --check`; frontend scoped `git diff --check -- Dockerfile package.json`. Pushed to Forgejo; `origin` skipped. +**Linked docs updated:** [[09 - Audits/DB Query & Schema Audit - 2026-06-06]] + +--- + ### 2026-06-07 — frontend@607587c, backend@189b0ab — frontend Docker Yarn install hardening **Commits:** `607587c` `189b0ab` diff --git a/09 - Audits/DB Query & Schema Audit - 2026-06-06.md b/09 - Audits/DB Query & Schema Audit - 2026-06-06.md index 75d9c71..b150397 100644 --- a/09 - Audits/DB Query & Schema Audit - 2026-06-06.md +++ b/09 - Audits/DB Query & Schema Audit - 2026-06-06.md @@ -70,6 +70,7 @@ updated: 2026-06-06 | H25: `updatePoints` + `createPointTransaction` could run outside one transaction → runtime guard requires a transaction-bound repo or explicit tx for both money writes | `2c5e80d` v2.9.24 | | M16: `releaseDeletedUserEmail` read-then-write release race → one conditional `UPDATE ... WHERE email/status ... RETURNING` atomically releases deleted-user emails | `fcee958` v2.9.25 | | C6: `notifications.user_id` text recipient key → UUID FK to `users(id)` with legacy/UUID repo resolution and migration backfill | `38d0e76` v2.9.26 | +| C7: `disputes` purchase-request/user relationship columns text → UUID FKs with legacy/UUID repo resolution and migration backfill | `b743b5e` v2.9.28 | --- @@ -149,7 +150,7 @@ After fetching one page of `purchase_requests` rows, the method wraps every row ### 7. disputes FK columns (purchaseRequestId, buyerId, sellerId, adminId) stored as text instead of uuid -> **Category:** Wrong Schema | **File:** `src/db/schema/dispute.ts:83-86` +> **Category:** Wrong Schema | **File:** `src/db/schema/dispute.ts:83-86` | **FIXED** `b743b5e` v2.9.28 All four entity-reference columns on the disputes table are `text`, bypassing UUID type safety, FK integrity, and efficient indexed equality matching. A dispute can reference a deleted purchase request or user without any database-level error. The schema comment at line 8 acknowledges this as intentional during cutover, but there is no migration plan or deadline to fix it.