portal

liderra/portal

Fork 0

Commit Graph

Author	SHA1	Message	Date
Дмитрий	f97103b05f	fix(review): apply F2 review feedback — sql-runner semicolon guard + RouteSupplierLeadJob original_error log capture Important fix (sql-runner.yml): Reject multi-statement SQL — `SELECT 1; UPDATE supplier_leads ...` was passing READ_RE whitelist and executing the second statement on prod without confirm_mutating=true. Added explicit `";"` guard before regex checks. Minor fix (RouteSupplierLeadJob.php): Capture `$originalError = \$lead->error` BEFORE `\$lead->update(...)`. Laravel mutates the in-memory model, so reading `\$lead->error` after update returns the already-suffixed value, making Log::info `original_error` field useless for debugging. Both findings from F2 review subagent on commit c8c089cb. Test verification: 10/10 Pest GREEN (6 SupplierWebhookFastFail + 4 SingleLeadStorm).	2026-05-29 09:11:28 +03:00
Дмитрий	002b8c4c35	ops(sql-runner): add whitelisted SQL workflow + stuck-leads cleanup doc .github/workflows/sql-runner.yml — универсальный SQL-runner для прод-операций через GitHub Actions (workflow_dispatch). Whitelist: SELECT/WITH/EXPLAIN (read-only) + targeted UPDATE/DELETE на 5 таблицах при confirm_mutating=true. docs/ops/2026-05-29-stage5-stuck-leads-cleanup.md — шаблон rollback log + инструкции для cleanup 2 застрявших supplier_leads (id=1110, 1157, ~256k failed_webhook_jobs). Root cause: поставщик crm.bp-gr.ru шлёт B1+SMS combo, constraint chk_supplier_projects_b1_not_for_sms запрещает (Finding 2 Stage 5). Task 1 plan 2026-05-29-supplier-webhook-fast-fail-and-stuck-cleanup.md. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-29 09:11:26 +03:00

Author

SHA1

Message

Date

Дмитрий

f97103b05f

fix(review): apply F2 review feedback — sql-runner semicolon guard + RouteSupplierLeadJob original_error log capture

Important fix (sql-runner.yml): Reject multi-statement SQL — `SELECT 1; UPDATE supplier_leads ...` was passing READ_RE whitelist and executing the second statement on prod without confirm_mutating=true. Added explicit `*";"*` guard before regex checks.

Minor fix (RouteSupplierLeadJob.php): Capture `$originalError = \$lead->error` BEFORE `\$lead->update(...)`. Laravel mutates the in-memory model, so reading `\$lead->error` after update returns the already-suffixed value, making Log::info `original_error` field useless for debugging.

Both findings from F2 review subagent on commit c8c089cb.

Test verification: 10/10 Pest GREEN (6 SupplierWebhookFastFail + 4 SingleLeadStorm).

2026-05-29 09:11:28 +03:00

Дмитрий

002b8c4c35

ops(sql-runner): add whitelisted SQL workflow + stuck-leads cleanup doc

.github/workflows/sql-runner.yml — универсальный SQL-runner для прод-операций
через GitHub Actions (workflow_dispatch). Whitelist: SELECT/WITH/EXPLAIN (read-only)
+ targeted UPDATE/DELETE на 5 таблицах при confirm_mutating=true.

docs/ops/2026-05-29-stage5-stuck-leads-cleanup.md — шаблон rollback log + инструкции
для cleanup 2 застрявших supplier_leads (id=1110, 1157, ~256k failed_webhook_jobs).
Root cause: поставщик crm.bp-gr.ru шлёт B1+SMS combo,
constraint chk_supplier_projects_b1_not_for_sms запрещает (Finding 2 Stage 5).

Task 1 plan 2026-05-29-supplier-webhook-fast-fail-and-stuck-cleanup.md.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-29 09:11:26 +03:00

2 Commits