Skip to content

fix(custody): correct SQLSTATE log label + bootstrap-rescue regression test#257

Merged
mkreyman merged 1 commit into
masterfrom
fix/witness-sqlstate-log
Jul 2, 2026
Merged

fix(custody): correct SQLSTATE log label + bootstrap-rescue regression test#257
mkreyman merged 1 commit into
masterfrom
fix/witness-sqlstate-log

Conversation

@mkreyman

@mkreyman mkreyman commented Jul 2, 2026

Copy link
Copy Markdown
Owner

Re-applies the two round-3 enhanced-review follow-ups that landed after #256 was merged (mid-gate), so they were stranded off master. Both are non-security quality fixes the gate itself prescribed:

  • Sanitized bootstrap-consume log used postgres.code (human atom) mislabelled as sqlstate; now reuses LoopctlWeb.DBError.sqlstate/1 (real 5-char pg_code) so it correlates with the rest of the app's DB-error logs. Still no query-text leak.
  • Adds a plug regression test: a DB error during the atomic consume fails closed (412) with a SQL-free log — pins the fail-closed rescue + sanitized logging.

Full suite green (3122 tests, 0 failures); credo/dialyzer clean. These are the gate's own round-3 prescriptions, already reviewed when generated.

…ssion test

Round-3 enhanced-review follow-ups that landed after #256 was merged, so they
are re-applied here on top of master:

- The sanitized bootstrap-consume log used postgres.code (the human atom, e.g.
  :unique_violation) mislabelled as "sqlstate". Reuse LoopctlWeb.DBError.sqlstate/1
  (which reads the real 5-char postgres.pg_code) so the line correlates with the
  rest of the app's DB-error logs. Still leaks no query text.
- Add a plug regression test: a DB error during the atomic consume (forced via a
  malformed api_key id) fails closed with 412 and a SQL-free log, pinning the
  fail-closed rescue + sanitized logging against future regressions.
@mkreyman mkreyman merged commit f1bdac1 into master Jul 2, 2026
9 checks passed
@mkreyman mkreyman deleted the fix/witness-sqlstate-log branch July 2, 2026 02:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant