fix(custody): correct SQLSTATE log label + bootstrap-rescue regression test#257
Merged
Conversation
…ssion test Round-3 enhanced-review follow-ups that landed after #256 was merged, so they are re-applied here on top of master: - The sanitized bootstrap-consume log used postgres.code (the human atom, e.g. :unique_violation) mislabelled as "sqlstate". Reuse LoopctlWeb.DBError.sqlstate/1 (which reads the real 5-char postgres.pg_code) so the line correlates with the rest of the app's DB-error logs. Still leaks no query text. - Add a plug regression test: a DB error during the atomic consume (forced via a malformed api_key id) fails closed with 412 and a SQL-free log, pinning the fail-closed rescue + sanitized logging against future regressions.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Re-applies the two round-3 enhanced-review follow-ups that landed after #256 was merged (mid-gate), so they were stranded off master. Both are non-security quality fixes the gate itself prescribed:
postgres.code(human atom) mislabelled assqlstate; now reusesLoopctlWeb.DBError.sqlstate/1(real 5-charpg_code) so it correlates with the rest of the app's DB-error logs. Still no query-text leak.Full suite green (3122 tests, 0 failures); credo/dialyzer clean. These are the gate's own round-3 prescriptions, already reviewed when generated.