Skip to content

Optimize email query with composite index and fix Starlette CVE#574

Closed
seonghobae wants to merge 21 commits into
developfrom
master
Closed

Optimize email query with composite index and fix Starlette CVE#574
seonghobae wants to merge 21 commits into
developfrom
master

Conversation

@seonghobae

Copy link
Copy Markdown
Contributor

This pull request introduces several important improvements across the codebase, focusing on security hardening, database performance optimizations, dependency updates for Python 3.14 compatibility, and improved test coverage. The most notable changes are the introduction of a composite database index for faster email queries, stricter validation for authentication secrets, and upgrades to Python and key dependencies.

Database performance and schema:

  • Added a composite index on emails (user_id, organization_id, date) to optimize common inbox and missing replies queries, with corresponding migration and test coverage. This significantly reduces query time and eliminates unnecessary sorting in Python. (backend/db/models.py [1] backend/scripts/bootstrap_db.py [2] backend/tests/test_bootstrap_db.py [3] [4] .jules/bolt.md [5]

Security improvements:

  • Strengthened validation for AUTH_SESSION_HMAC_SECRET by adding an entropy check to block low-entropy secrets (e.g., repeated or simple patterns), ensuring secrets are both long and random. Includes new tests for this logic. (backend/core/runtime_secrets.py [1] [2] [3] backend/tests/test_config.py [4]

Python and dependency upgrades:

  • Upgraded project to Python 3.14, updating Docker and CI configuration accordingly, and ensuring build dependencies (including Rust toolchain for some packages) are installed. (Dockerfile [1] .github/workflows/app-ci.yml [2]
  • Updated several Python dependencies for compatibility with Python 3.14 and to incorporate upstream improvements, including fastapi, sqlalchemy, asyncpg, pytest-asyncio, tiktoken, and others. (backend/requirements.txt backend/requirements.txtL1-R23)

Testing and code quality:

  • Improved test isolation and resource cleanup in database tests by disposing of SQLAlchemy engines after use. (backend/tests/test_tenant_config_model.py backend/tests/test_tenant_config_model.pyR38)
  • Refactored tests for route dependency assertions to more robustly check FastAPI route structure, improving maintainability and correctness. (backend/tests/test_dav_api.py [1] backend/tests/test_runner_ws_api.py [2]

seonghobae and others added 20 commits June 16, 2026 23:30
* Add rust compiler and build-essential to Github Actions app-ci.yml to build tiktoken/asyncpg wheels for Python 3.14.
* Add rust compiler (via curl rustup) to Dockerfile.
Copilot AI review requested due to automatic review settings June 16, 2026 14:34
@coderabbitai

coderabbitai Bot commented Jun 16, 2026

Copy link
Copy Markdown
Contributor

Warning

Review limit reached

@seonghobae, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 16 minutes and 27 seconds. Learn how PR review limits work.

Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file).

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits.

🚦 How do rate limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan refill rate.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, the refill rate gradually slows as usage increases. The highest same-day bursts are limited more strictly.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: cbfdee4c-f69b-4e69-9769-317490978b32

📥 Commits

Reviewing files that changed from the base of the PR and between dc028c0 and 2f04480.

📒 Files selected for processing (12)
  • .github/workflows/app-ci.yml
  • .jules/bolt.md
  • Dockerfile
  • backend/core/runtime_secrets.py
  • backend/db/models.py
  • backend/requirements.txt
  • backend/scripts/bootstrap_db.py
  • backend/tests/test_bootstrap_db.py
  • backend/tests/test_config.py
  • backend/tests/test_dav_api.py
  • backend/tests/test_runner_ws_api.py
  • backend/tests/test_tenant_config_model.py
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch master

Warning

Billing warning: we have not been able to collect payment for this subscription for more than 72 hours. Please update the payment method or pay any pending invoices in Billing to avoid service interruption.


Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions

github-actions Bot commented Jun 16, 2026

Copy link
Copy Markdown
Contributor

PR governance metadata gate is not ready for c4a7c8762386d4d38e7a75703d8f94047f5b3f0e:

  • Merge state is DIRTY; resolve conflicts or refresh mergeability.
  • 4 unresolved current review thread(s) remain.
  • Required check metadata could not be read: no required checks reported on the 'master' branch.
  • Current-head CodeRabbit issue comment has blocking warning/failure evidence on c4a7c87.

@seonghobae

Copy link
Copy Markdown
Contributor Author

@copilot resolve the merge conflicts in this pull request

Copilot AI commented Jun 16, 2026

Copy link
Copy Markdown
Contributor

@seonghobae I'm unable to start working on this because of repository rules that prevent me from pushing to the branch:

  • Changes must be made through a pull request due to branch protection rules

See the documentation for more details.

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR hardens runtime secret validation, improves email-query performance via a new composite index, and updates the project’s Python/tooling baseline (Docker + CI) for Python 3.14 alongside dependency upgrades.

Changes:

  • Added a composite (user_id, organization_id, date) index for emails and validated it via bootstrap/modeled-index tests.
  • Strengthened AUTH_SESSION_HMAC_SECRET validation with a low-entropy pattern check and corresponding tests.
  • Upgraded runtime/CI to Python 3.14 and updated backend dependencies; added Rust build tooling for packages requiring compilation.

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
Dockerfile Bumps base image to Python 3.14 and installs Rust + build deps for compiling Python packages.
.github/workflows/app-ci.yml Updates CI to Python 3.14 and installs build tooling (incl. Rust) before pip install.
backend/requirements.txt Updates key dependencies for Python 3.14; introduces httpx2.
backend/core/runtime_secrets.py Adds entropy-based validation to reject low-entropy HMAC secrets.
backend/tests/test_config.py Adds parametrized tests asserting low-entropy secrets are rejected in production settings.
backend/db/models.py Declares the new ix_emails_owner_date composite index on the Email model.
backend/scripts/bootstrap_db.py Ensures schema backfill creates the composite emails index in existing DBs.
backend/tests/test_bootstrap_db.py Adds assertions verifying bootstrap SQL includes the new index and the model declares it.
backend/tests/test_tenant_config_model.py Disposes SQLAlchemy engine after fixture use to improve resource cleanup.
backend/tests/test_dav_api.py Refactors route dependency assertion logic for DAV routes (currently incorrect).
backend/tests/test_runner_ws_api.py Refactors route dependency assertion logic for runner WS routes (currently incorrect).
.jules/bolt.md Documents the email index optimization rationale and intended impact.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread backend/tests/test_dav_api.py
Comment thread backend/tests/test_runner_ws_api.py Outdated
Comment thread Dockerfile
Comment thread backend/requirements.txt
@seonghobae seonghobae temporarily deployed to master - naruon PR #574 June 19, 2026 02:27 — with Render Destroyed
@seonghobae

Copy link
Copy Markdown
Contributor Author

Closed as superseded by #591. This PR used the repository master branch as its head and carried a broad stale stack: Python 3.14/runtime/dependency/security-test changes are already present or newer on develop, and live Dependabot alerts only show the undici issues handled by #590. The still-useful email owner/date index has been replayed into the focused develop-based #591.

@seonghobae seonghobae closed this Jun 19, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants