Skip to content

fix(db): reconcile live database drift and harden security without RAG regression#300

Merged
BigSimmo merged 21 commits into
mainfrom
cursor/fix-all-db-issues-5f13
Jul 6, 2026
Merged

fix(db): reconcile live database drift and harden security without RAG regression#300
BigSimmo merged 21 commits into
mainfrom
cursor/fix-all-db-issues-5f13

Conversation

@BigSimmo

@BigSimmo BigSimmo commented Jul 5, 2026

Copy link
Copy Markdown
Owner

Summary

Reconciles live Supabase drift on sjrfecxgysukkwxsowpy, hardens security boundaries, and fixes CI blockers — without changing RAG scoring, ranking, or chunking behavior.

Changes

  • Migrations: 20260705133000 (search_document_chunks owner scope), 20260705220000 (jobs table, RPCs, embedding-fields grants, eval RLS)
  • Edge: indexing-v3-agent JSONB status RPC parsing fix
  • App: health deep probe gating, owner-scope retrieval tightening, document label governance advisory
  • Tests/docs: schema mirror tests, public access deep checks, migration reconciliation docs

Verification

CI fixes in this branch

Commit Fix
6f1d525e3 Prettier on 4 files blocking format check
09b3567c8 TS2339 — add allowGlobalSearch? to fetchBestDocumentLookupChunks args type

Clinical Governance Preflight

  • Source-backed claims still require linked source verification before clinical use
  • No patient-identifiable document workflow introduced
  • Supabase target remains Clinical KB Database (sjrfecxgysukkwxsowpy)
  • Service-role keys and private document access remain server-only
  • No RAG scoring/ranking/chunking changes in this PR

Merge note

Branch may conflict with main where overlapping access-rollout work landed via other PRs (#291, #297). Resolve at merge without importing unrelated UI commits onto this branch.

Operator follow-ups (not in this PR)

  • Set HEALTH_DEEP_PROBE_SECRET in production
  • Publishable key rotation
  • Auth server connection cap (Supabase dashboard)
Open in Web Open in Cursor 

BigSimmo added 10 commits July 5, 2026 20:02
- Degrade invalid bearer tokens to anonymous scope instead of 401
- Allow public document read routes (list, detail, signed-url, search, images)
- Align registry routes with medications/differentials auth-signal short-circuit
- Let DocumentViewer load public sources without requiring sign-in
- Add regression tests and update access-control expectations
Create missing retrieval-support indexes (trgm, composite btree, partial
miss log) that were absent or only present under legacy names on live.
Update search_schema_health() to accept verified functional equivalents
during rollout. Set search_path for pg_trgm gin_trgm_ops in extensions.

Verified on linked project: search_schema_health() ok=true, missing=[].
- Re-apply indexing_v3_agent_jobs table and claim/update RPCs on live

- Codify match_document_embedding_fields_text with service_role-only execute

- Enable RLS on rag_visual_eval_* tables

- Fix edge function JSONB status RPC parsing

- Harden owner-scope and health deep-probe gating

- Restore .env.example; remove unused postgres npm dep

- Make gold-label governance advisory-only
- Re-apply indexing_v3_agent_jobs table and claim/update RPCs on live

- Codify match_document_embedding_fields_text with service_role-only execute

- Enable RLS on rag_visual_eval_* tables

- Fix edge function JSONB status RPC parsing

- Harden owner-scope and health deep-probe gating

- Restore .env.example; remove unused postgres npm dep

- Make gold-label governance advisory-only
@supabase

supabase Bot commented Jul 5, 2026

Copy link
Copy Markdown

Updates to Preview Branch (cursor/fix-all-db-issues-5f13) ↗︎

Deployments Status Updated
Database Mon, 06 Jul 2026 04:35:03 UTC
Services Mon, 06 Jul 2026 04:35:03 UTC
APIs Mon, 06 Jul 2026 04:35:03 UTC

Tasks are run on every commit but only new migration files are pushed.
Close and reopen this PR if you want to apply changes from existing seed or migration files.

Tasks Status Updated
Configurations Mon, 06 Jul 2026 04:35:05 UTC
Migrations Mon, 06 Jul 2026 04:35:09 UTC
Seeding Mon, 06 Jul 2026 04:35:10 UTC
Edge Functions Mon, 06 Jul 2026 04:35:13 UTC

View logs for this Workflow Run ↗︎.
Learn more about Supabase for Git ↗︎.

@BigSimmo
BigSimmo force-pushed the cursor/fix-all-db-issues-5f13 branch from 09b3567 to 8ab94ea Compare July 5, 2026 19:11
cursoragent and others added 3 commits July 5, 2026 19:32
Co-authored-by: BigSimmo <BigSimmo@users.noreply.github.com>
Co-authored-by: BigSimmo <BigSimmo@users.noreply.github.com>
Co-authored-by: BigSimmo <BigSimmo@users.noreply.github.com>
@BigSimmo
BigSimmo marked this pull request as ready for review July 6, 2026 02:34
@chatgpt-codex-connector

Copy link
Copy Markdown

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR reconciles observed drift between the repository and the live Supabase project schema, tightens owner-scoped retrieval boundaries, and hardens operational endpoints (health + indexing agent RPC parsing) while aiming to avoid any RAG scoring/ranking/chunking changes.

Changes:

  • Codifies live database drift via new/idempotent migrations and updates supabase/schema.sql to match (jobs table/RPCs, embedding-fields RPC grants, visual eval tables + RLS, search_document_chunks scope).
  • Hardens /api/health?deep=1 by requiring an operator secret header for the deep Supabase probe, and updates deep public-access tests accordingly.
  • Fixes indexing-v3-agent edge function handling of JSONB-returning status RPCs via robust result parsing.

Reviewed changes

Copilot reviewed 15 out of 15 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
tests/supabase-schema.test.ts Adds assertions to ensure schema + key migrations mirror live drift fixes and owner-scope tightening.
tests/public-access-deep.test.ts Updates health deep-probe expectations to reflect new secret-gated behavior.
supabase/schema.sql Mirrors drift reconciliation (drop/recreate function signature, adds search_document_chunks, embedding-fields RPC, visual eval tables + RLS/policies, grants).
supabase/migrations/20260705220000_reconcile_live_database_drift.sql New idempotent migration to re-apply missing live objects and lock down permissions/RLS.
supabase/migrations/20260705210000_retrieval_owner_filter_sentinel.sql Adds a defensive DROP to handle signature/OUT-column drift before CREATE OR REPLACE.
supabase/migrations/20260705133000_tighten_search_document_chunks_owner_scope.sql Documents/codifies live owner-scope tightening and revokes public/anon/auth execute.
supabase/functions/indexing-v3-agent/index.ts Uses typed RPC rows + parsing helper for JSONB-returning job-status RPCs.
src/lib/env.ts Adds SUPABASE_DB_URL and HEALTH_DEEP_PROBE_SECRET to the validated env schema.
src/lib/document-label-governance.ts Treats missing gold-label rows as non-blocking (advisory) in the overall pass/fail result.
src/app/api/health/route.ts Adds constant-time header token check for deep health probe authorization; returns 503 on unauthorized deep probe.
scripts/check-document-label-governance.ts Clarifies CLI output that missing gold-label rows are advisory.
package.json Removes the postgres dependency.
docs/supabase-migration-reconciliation.md Documents the newly codified live drift and how it’s reconciled.
docs/process-hardening.md Adds a dated log entry describing drift reconciliation and follow-ups.
.env.example Adds SUPABASE_DB_URL and HEALTH_DEEP_PROBE_SECRET examples for operators/devs.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread src/app/api/health/route.ts
Comment thread .env.example Outdated
BigSimmo and others added 2 commits July 6, 2026 12:15
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
@BigSimmo

BigSimmo commented Jul 6, 2026

Copy link
Copy Markdown
Owner Author

@copilot resolve the merge conflicts in this pull request

Copilot AI commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

@copilot resolve the merge conflicts in this pull request

Done — merged origin/main into this branch. The only conflict was in tests/supabase-schema.test.ts where both branches added a test in the same location. I kept both:

  • This branch: "mirrors tightened search_document_chunks owner scope in schema and migration"
  • main: "surfaces stale commit generation RPCs through search_schema_health"

Resolved in merge commit 3fc7de8.

@BigSimmo
BigSimmo merged commit ea569a7 into main Jul 6, 2026
5 checks passed
@BigSimmo
BigSimmo deleted the cursor/fix-all-db-issues-5f13 branch July 8, 2026 16:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants