fix(privacy): clear recents at the session boundary and bound thread TTL (PT-16)#597
Conversation
…TTL (PT-16) Follow-up to #582's owner-scoped recents: sign-out and session expiry now clear every owner-scoped recents key (plus legacy residue) so the next person on a shared workstation cannot inherit recent clinical question text, and persisted answer threads carry a savedAt stamp that expires after 12h so raw query/answer text cannot idle indefinitely in long-lived tabs. Legacy payloads without the stamp stay loadable once and are stamped on next save. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
|
This pull request has been ignored for the connected project Preview Branches by Supabase. |
|
Warning Review limit reached
Next review available in: 3 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (1)
📝 WalkthroughWalkthroughPersisted answer threads now expire after a TTL while remaining compatible with legacy payloads. Recent-query storage is cleared during sign-out and session expiration, including both legacy and owner-scoped entries. ChangesSession storage lifecycle
Estimated code review effort: 3 (Moderate) | ~20 minutes 🚥 Pre-merge checks | ✅ 5 | ❌ 6❌ Failed checks (6 inconclusive)
✅ Passed checks (5 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
✨ Simplify code
Comment |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 6758a6c2a3
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
@codex resolve actionable Codex review findings for this pull request and current head using the repository instructions. This is the pull request's single automatic repair pass: do not perform a fresh review, create new standalone findings, or request another review. Work only the existing unresolved Codex threads on the current head. Always fix P0 and P1 findings. For P2 and lower findings, fix only clear, scoped, low-risk issues; otherwise disposition them with a concise reason. After fixing or dispositioning a thread, reply in that thread with as the first line, followed by a concise summary; that marker authorizes the workflow to close that exact thread. If human input or new authorization is required, do not use the marker and leave the thread open with the blocker. Finish only after every actionable thread is fixed or dispositioned and closed, or explicitly left open for a human decision. Do not update the branch from main, address unrelated reviews, broaden scope, or create more than one scoped fix commit. Do not use external APIs, paid services, credentials, dependency changes, or broad refactors unless explicitly authorized. Add targeted tests where behavior changes and run the narrowest relevant validation. |
@codex please implement |
|
Summary
Commit / PR
Testing
|
Summary
Audit PT-16 follow-up to #582's owner-scoped recents:
clearRecentQueries()in the shared helper, so the next person on a shared workstation cannot inherit recent clinical question text.savedAtstamp and expire after 12h, bounding how long raw query/answer text stays restorable in long-lived clinical-workstation tabs.savedAtstays internal to the storage module (loads strip it after the TTL check), and legacy payloads without the stamp stay loadable once and are stamped on next save.Verification
Extended
tests/answer-thread-storage.test.ts(TTL expiry, fresh-stamp round-trip, legacy acceptance) andtests/recent-query-storage.test.ts(boundary clear removes legacy + all scoped keys, leaves unrelated keys). 11/11 focused tests, full typecheck, lint, prettier green.🤖 Generated with Claude Code