diff --git a/09 - Audits/Activity Log.md b/09 - Audits/Activity Log.md index 15ef326..dab6d76 100644 --- a/09 - Audits/Activity Log.md +++ b/09 - Audits/Activity Log.md @@ -11,6 +11,16 @@ entries on top. Maintained by agents per the rule in `../AGENTS.md`. --- +### 2026-06-07 — backend@38d0e76, frontend@051681f — DB audit C6 notification user FK + +**Commits:** `38d0e76` `051681f` +**Touched:** backend `src/db/schema/notification.ts`, `src/services/notification/notificationPostgresSchema.ts`, `src/db/repositories/drizzle/DrizzleNotificationRepo.ts`, `src/services/notification/NotificationService.ts`, `src/db/migrations/0023_notifications_user_uuid_fk.sql`, `__tests__/db-audit-critical-fks.test.ts`, `__tests__/drizzle-notification-repo-bulk.test.ts`, `scripts/smoke/db-audit-service-regressions.sh`, `package.json`, `package-lock.json`; frontend `package.json`; docs `09 - Audits/DB Query & Schema Audit - 2026-06-06.md`, `09 - Audits/Activity Log.md` +**Why:** Restart Critical/High work from the canonical DB Query & Schema Audit after verifying M16. C6 closes notification recipient schema integrity by converting `notifications.user_id` to a UUID FK to `users(id)` while preserving legacy caller compatibility through repo-level user ID resolution. +**Verification:** backend `npm test -- --runTestsByPath __tests__/auth-store-pg-query.test.ts --runInBand` (M16 still green), `npm test -- --runTestsByPath __tests__/db-audit-critical-fks.test.ts __tests__/drizzle-notification-repo-bulk.test.ts __tests__/notification-service-repo.test.ts --runInBand`, `BASE_URL=http://127.0.0.1:5001 scripts/smoke/db-audit-service-regressions.sh` (16 suites / 54 tests), `npm run typecheck`, scoped `git diff --check`; frontend `git diff --check package.json`. Pushed to Forgejo; `origin` skipped; direct `dev` remotes removed and not used. +**Linked docs updated:** [[09 - Audits/DB Query & Schema Audit - 2026-06-06]] + +--- + ### 2026-06-07 — backend@fcee958, frontend@d600fca — DB audit M16 deleted-email release atomicity **Commits:** `fcee958` `d600fca` diff --git a/09 - Audits/DB Query & Schema Audit - 2026-06-06.md b/09 - Audits/DB Query & Schema Audit - 2026-06-06.md index 23fab1c..75d9c71 100644 --- a/09 - Audits/DB Query & Schema Audit - 2026-06-06.md +++ b/09 - Audits/DB Query & Schema Audit - 2026-06-06.md @@ -69,6 +69,7 @@ updated: 2026-06-06 | H13: `DrizzleChatRepo.create` insert-then-update welcome message → build initial system message, lastMessage, and unread counts in the INSERT payload | `2c5e80d` v2.9.24 | | H25: `updatePoints` + `createPointTransaction` could run outside one transaction → runtime guard requires a transaction-bound repo or explicit tx for both money writes | `2c5e80d` v2.9.24 | | M16: `releaseDeletedUserEmail` read-then-write release race → one conditional `UPDATE ... WHERE email/status ... RETURNING` atomically releases deleted-user emails | `fcee958` v2.9.25 | +| C6: `notifications.user_id` text recipient key → UUID FK to `users(id)` with legacy/UUID repo resolution and migration backfill | `38d0e76` v2.9.26 | ---