fix(db): purge private title vocabulary and enforce public scope#868
Conversation
|
Updates to Preview Branch (codex/private-title-privacy-20260718) ↗︎
Tasks are run on every commit but only new migration files are pushed.
❌ Branch Error • Sat, 18 Jul 2026 14:39:41 UTC View logs for this Workflow Run ↗︎. |
📝 WalkthroughWalkthroughChangesThe database restricts Public title-word enforcement
Estimated code review effort: 4 (Complex) | ~45 minutes Sequence Diagram(s)sequenceDiagram
participant Migration
participant document_title_words
participant enforce_document_title_word_scope
participant documents
Migration->>document_title_words: purge stale rows
Migration->>document_title_words: restore missing valid rows
document_title_words->>enforce_document_title_word_scope: validate insert or update
enforce_document_title_word_scope->>documents: check indexed public title tokens
enforce_document_title_word_scope-->>document_title_words: allow valid word or raise 23514
Possibly related PRs
Suggested labels: 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Comment |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 92a9bf77fc
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
@codex resolve actionable Codex review findings for this pull request and current head using the repository instructions. This is the pull request's single automatic repair pass: do not perform a fresh review, create new standalone findings, or request another review. Work only the existing unresolved Codex threads on the current head. Always fix P0 and P1 findings. For P2 and lower findings, fix only clear, scoped, low-risk issues; otherwise disposition them with a concise reason. After fixing or dispositioning a thread, reply in that thread with as the first line, followed by a concise summary; that marker authorizes the workflow to close that exact thread. If human input or new authorization is required, do not use the marker and leave the thread open with the blocker. Finish only after every actionable thread is fixed or dispositioned and closed, or explicitly left open for a human decision. Do not update the branch from main, address unrelated reviews, broaden scope, or create more than one scoped fix commit. Do not use external APIs, paid services, credentials, dependency changes, or broad refactors unless explicitly authorized. Add targeted tests where behavior changes and run the narrowest relevant validation. |
|
Codex Review: Didn't find any major issues. Chef's kiss. Reviewed commit: ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
|
Codex please resolve this supabase branch error |
|
Codex @codex resolve the supabase branch error please |
|
Summary
Testing
|
Summary
document_title_wordsrows before the table-backed corrector is installed on fresh/pending rollouts, then repeat the purge in a forward migration for environments where that corrector migration was already applied; source documents are untouched and valid public vocabulary is rebuilt.FOR SHAREdocument-row lock to close concurrent owner/status/title races.SECURITY DEFINERprivileges, validate the historical lowercase/length constraints, and abort the migration if any out-of-scope row remains.Verification
npm run test -- tests/supabase-schema.test.ts— 66/66 focused tests passed before the final docs-only/main merge.npm run check:function-grants— 28SECURITY DEFINERfunctions protected.git diff --check.git diff --checkafter the rollout-order P1 fix.77482fc9e.npm run check:production-readiness, Supabase project checks, migration apply, and provider-backed retrieval/answer gates were not run because they remain separately confirmation-required.Risk and rollout
Clinical Governance Preflight
Clinical KB Database(sjrfecxgysukkwxsowpy)Rollout gate
Review disposition
20260717171000_public_title_corrector.sqlbefore itsCREATE OR REPLACE FUNCTION, while the new forward migration remains responsible for already-applied environments and long-term enforcement.Summary by CodeRabbit
document_title_wordsstays aligned with the indexed public document title corpus.