Activity Log: backend v2.8.91 — complete SEC-007 non-vital pool routing
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -11,6 +11,15 @@ entries on top. Maintained by agents per the rule in `../AGENTS.md`.
|
||||
|
||||
---
|
||||
|
||||
### 2026-06-05 — backend@v2.8.91 — Complete SEC-007: route non-vital tables to the non-vital pool (fix 500s)
|
||||
|
||||
**Commits:** backend v2.8.91
|
||||
**Touched:** `services/marketplace/categoryStore.ts`, `db/repositories/drizzle/DrizzleMarketplaceRepo.ts` (request_templates/categories/shop_settings/reviews queries), `DrizzleNotificationRepo.ts`, `DrizzleChatRepo.ts`, `DrizzleBlogRepo.ts`, `DrizzlePointsRepo.ts`
|
||||
**Why:** SEC-007 (migration 0018) split the DB into `escrow_vital_user` (purchase_requests, payments, users, …) and `escrow_nonvital_user` (categories, request_templates, notifications, reviews, point_transactions, chats, blog_posts, shop_settings, level_configs). The migration was applied to the dev DB but the **code was never switched to the non-vital pool** for those tables — so the vital role hit `permission denied for table categories` (confirmed in logs) and **categories, request-templates, shop sellers, and notifications all 500'd for every user**. Routed each non-vital store/repo to `getNonvitalPostgresPool()` / `nonvitalDb` / `nonvitalPool`. In the mixed `DrizzleMarketplaceRepo`, only the `request_templates`/`categories`/`shop_settings`/`reviews` queries (incl. the legacy-id resolvers and the seller-ratings raw query) moved to the non-vital handle; `purchase_requests`/`seller_offers`/`payments`/`delivery_*` stay on the vital handle. `level_configs`/`shop_settings` stores were already on the non-vital pool.
|
||||
**Verification:** backend `npx tsc --noEmit` clean. After deploy: `GET /marketplace/categories`, `/request-templates`, `/request-templates/sellers`, and `/notifications` return 200 instead of 500; template create/update works. Reviewed every remaining vital-`db` importer (disputes/payments/trezor/derived-destinations/user) — all are vital tables, correctly left on the vital pool. NOTE: the SEC-007 SQL (0018/0019) is NOT in the drizzle journal (stops at 0017) — it was applied out-of-band, so this code-side completion is the reliable fix (no new migration depends on an unknown runner).
|
||||
|
||||
---
|
||||
|
||||
### 2026-06-05 — backend@v2.8.90 — Login failed-attempt lockout now OFF by default (env-gated)
|
||||
|
||||
**Commits:** backend v2.8.90
|
||||
|
||||
Reference in New Issue
Block a user