feat: schema-change actionability (migration SQL) + annotations, connection test, coverage#440
Open
seonghobae wants to merge 10 commits into
Open
feat: schema-change actionability (migration SQL) + annotations, connection test, coverage#440seonghobae wants to merge 10 commits into
seonghobae wants to merge 10 commits into
Conversation
0003_revoked_token pointed at nonexistent down_revision "0002" and the tree had two heads. Repoint to 0002_auth_share and add 0004_merge_heads merging 0003 + 0003_validate_project_space_fk. Verified: alembic upgrade head runs the full chain against Postgres. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01AxU2xaupAjp912oDNFuWyd
Cover render, dialog a11y (role=dialog/aria-modal), source-backed labels, handler wiring and input changes for the three dialogs lacking direct component tests. +13 tests. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01AxU2xaupAjp912oDNFuWyd
Schema Diff: pure diff_snapshots() matching tables by (schema,name) not volatile relation_oid; GET /api/snapshots/{uuid}/diff (IDOR-safe, uniform not_found); DiffModal + demo. Saved Views: DiagramView model + 0005 migration + IDOR-guarded CRUD; captureLayout/applyLayout + ViewsModal. Verified: frontend 130 tests, backend 235 tests, tsc --noEmit clean.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01AxU2xaupAjp912oDNFuWyd
Close untested branches in the DSN SSRF guard: non-integer query port, host resolving to no usable address (empty sockaddr), and host dedup. dsn_guard.py coverage 96% -> 100%. Full backend suite 238 passed. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01AxU2xaupAjp912oDNFuWyd
sanitize_for_storage: memoryview/bytes/bytearray -> text, invalid-utf8 base64 fallback, tuple recursion (75% -> 100%). schema_diff: orphan/nameless column/pk/fk rows are skipped and table-comment changes detected (94% -> 100%). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01AxU2xaupAjp912oDNFuWyd
TableAnnotation model + 0006 migration + IDOR-guarded CRUD (list/upsert/delete). Notes are keyed by (project, schema_name, relation_name) -- never the volatile relation_oid -- with a unique constraint (one note per table). Editor role for writes, uniform 404 for missing/unauthorized. Migration verified against Postgres; full backend suite 245 passing. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01AxU2xaupAjp912oDNFuWyd
POST /api/connections/{uuid}/test probes a stored connection and reports ok/server_version/error. IDOR-safe (project membership required, uniform 404). Reuses the introspectors' SSRF guard: probe_postgres pins to validate_postgres_dsn_target's IPs, probe_snowflake goes through _parse_snowflake_dsn; errors are DSN-redacted and an unreachable DB is ok=false (not an error status). Backend suite green.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01AxU2xaupAjp912oDNFuWyd
AnnotationsModal (list/add/edit/delete table notes) wired to a toolbar button; api client listAnnotations/upsertAnnotation/deleteAnnotation + demo store. Connection test button + status pill next to the connection picker; api testConnection + demo. types ConnectionTestResult/TableAnnotation. typecheck clean, frontend suite 23 files / 136 tests green. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01AxU2xaupAjp912oDNFuWyd
snapshot_diff_to_migration_sql(base, target, dialect) bridges the (previously test-only-connected) diff and ddl modules: CREATE/DROP TABLE, ADD/DROP/ALTER COLUMN, SET/DROP NOT NULL, ADD/DROP FOREIGN KEY -- name-matched (oid-independent), reusing schema_diff indexing + ddl/export type mapping. Endpoint GET /api/snapshots/{uuid}/migration.sql (IDOR-safe, dialect param). Destructive/PK changes emitted with review comments. +7 tests; backend suite 258. Adds docs/valuation-gap-analysis.md (codegraph-grounded roadmap).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01AxU2xaupAjp912oDNFuWyd
|
You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool. What Enabling Code Scanning Means:
For more information about GitHub Code Scanning, check out the documentation. |
Contributor
OpenCode Review Overview
Changed-File Evidence Mapflowchart LR
PR["PR changed files"] --> Evidence["OpenCode bounded evidence"]
Evidence --> S1["Backend (25 files)"]
S1 --> I1["API and service runtime"]
I1 --> R1["Review risk: Backend (25 files)"]
R1 --> V1["backend tests"]
Evidence --> S2["Docs: valuation-gap-analysis.md"]
S2 --> I2["operator or user guidance"]
I2 --> R2["Review risk: Docs: valuation-gap-analysis.md"]
R2 --> V2["docs review"]
Evidence --> S3["Frontend (15 files)"]
S3 --> I3["browser runtime and bundle"]
I3 --> R3["Review risk: Frontend (15 files)"]
R3 --> V3["frontend tests"]
|
This was referenced Jul 5, 2026
session.get returns DbConnection | None; the connection-test endpoint dereferenced it without a None check, failing CI mypy (union-attr) at connections.py:99. Add a 404 guard (mirrors create_snapshot). Fixes backend CI on #440. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01AxU2xaupAjp912oDNFuWyd
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Goal
Move the product up the value ladder visualize → diff → act → govern, grounded in a full code-knowledge-graph pass. See
docs/valuation-gap-analysis.mdfor the codegraph-informed roadmap.Highlights (P0 delivered: actionability)
ddl/migration.py) —GET /api/snapshots/{uuid}/migration.sql?against=…&dialect=…turns a read-only diff into theCREATE/ALTER/DROP+ FK statements to apply. Bridges the previously test-only-connecteddiffandddlmodules. Name-matched (oid-independent); destructive/PK changes emitted with review comments; PG-precise + SnowflakeSET DATA TYPE.Also in this branch (features shipped this cycle, backend + frontend)
fix(alembic): repaired the broken multi-head revision graph (verified against Postgres)sanitize,schema_diffVerification
pytest258 passed; frontendvitest136 passed;tsc --noEmitclean0004→0006applied against real Postgres🤖 Generated with Claude Code