fix(web): register vulnerability AI cache migration #796

Merged
simon merged 1 commit from fix/vuln-ask-ai-query into dev 2026-06-27 11:39:03 +00:00
Owner

Summary

  • Register the existing vulnerability AI remediation cache migration in Drizzle journal metadata.
  • Add the matching 0036 snapshot so future schema generation stays aligned.
  • Extend migration validation to fail when a SQL migration exists but is missing from the journal.

Validation

  • corepack pnpm --filter web run db:validate
  • corepack pnpm --filter web exec node --experimental-strip-types --test lib/vulnerabilities/ai-remediation-cache.test.mjs lib/ai/settings-core.test.mjs
  • corepack pnpm --filter web run lint
  • corepack pnpm --filter web run type-check
  • DATABASE_URL=postgresql://dummy:dummy@localhost:5432/dummy BETTER_AUTH_SECRET=dummy-secret-for-ci-build-only-at-least-32 BETTER_AUTH_URL=http://localhost:3000 NEXT_PUBLIC_APP_URL=http://localhost:3000 corepack pnpm --filter web run build

Notes

  • Full corepack pnpm --filter web run test:unit currently has one unrelated pre-existing dashboard source assertion failure tracked as #784.
## Summary - Register the existing vulnerability AI remediation cache migration in Drizzle journal metadata. - Add the matching 0036 snapshot so future schema generation stays aligned. - Extend migration validation to fail when a SQL migration exists but is missing from the journal. ## Validation - corepack pnpm --filter web run db:validate - corepack pnpm --filter web exec node --experimental-strip-types --test lib/vulnerabilities/ai-remediation-cache.test.mjs lib/ai/settings-core.test.mjs - corepack pnpm --filter web run lint - corepack pnpm --filter web run type-check - DATABASE_URL=postgresql://dummy:dummy@localhost:5432/dummy BETTER_AUTH_SECRET=dummy-secret-for-ci-build-only-at-least-32 BETTER_AUTH_URL=http://localhost:3000 NEXT_PUBLIC_APP_URL=http://localhost:3000 corepack pnpm --filter web run build ## Notes - Full `corepack pnpm --filter web run test:unit` currently has one unrelated pre-existing dashboard source assertion failure tracked as #784.
fix(web): register vulnerability AI cache migration
Some checks failed
Conventional PR title / Conventional PR title (pull_request) Successful in 0s
PR Checks (Docker images) / Ansible API contract (pull_request) Successful in 6s
PR Checks (Docker images) / Detect Docker image changes (pull_request) Successful in 8s
SAST / Detect security scan scope (pull_request) Successful in 8s
PR Checks (Docker images) / Ansible API Docker image (pull_request) Has been skipped
SAST / gosec (ingest) (pull_request) Has been skipped
SAST / gosec (agent) (pull_request) Has been skipped
PR Checks (Docker images) / Ingest Docker image (pull_request) Has been skipped
SAST / trivy (filesystem) (pull_request) Has been skipped
Secret Scan / gitleaks (pull_request) Successful in 27s
SAST / trivy (config / IaC) (pull_request) Has been skipped
SAST / semgrep (pull_request) Successful in 1m11s
SAST / crypto-lint (no weak hashes / ciphers) (pull_request) Successful in 1m6s
PR Checks (Web) / Web (lint / type-check / build) (pull_request) Successful in 2m27s
PR Checks (Docker images) / Web Docker image (pull_request) Has been cancelled
dbe425c70e
simon force-pushed fix/vuln-ask-ai-query from dbe425c70e
Some checks failed
Conventional PR title / Conventional PR title (pull_request) Successful in 0s
PR Checks (Docker images) / Ansible API contract (pull_request) Successful in 6s
PR Checks (Docker images) / Detect Docker image changes (pull_request) Successful in 8s
SAST / Detect security scan scope (pull_request) Successful in 8s
PR Checks (Docker images) / Ansible API Docker image (pull_request) Has been skipped
SAST / gosec (ingest) (pull_request) Has been skipped
SAST / gosec (agent) (pull_request) Has been skipped
PR Checks (Docker images) / Ingest Docker image (pull_request) Has been skipped
SAST / trivy (filesystem) (pull_request) Has been skipped
Secret Scan / gitleaks (pull_request) Successful in 27s
SAST / trivy (config / IaC) (pull_request) Has been skipped
SAST / semgrep (pull_request) Successful in 1m11s
SAST / crypto-lint (no weak hashes / ciphers) (pull_request) Successful in 1m6s
PR Checks (Web) / Web (lint / type-check / build) (pull_request) Successful in 2m27s
PR Checks (Docker images) / Web Docker image (pull_request) Has been cancelled
to de7ea09fc2
All checks were successful
Conventional PR title / Conventional PR title (pull_request) Successful in 0s
PR Checks (Docker images) / Ansible API contract (pull_request) Successful in 6s
SAST / Detect security scan scope (pull_request) Successful in 9s
PR Checks (Docker images) / Detect Docker image changes (pull_request) Successful in 9s
PR Checks (Docker images) / Ansible API Docker image (pull_request) Has been skipped
SAST / gosec (agent) (pull_request) Has been skipped
SAST / gosec (ingest) (pull_request) Has been skipped
PR Checks (Docker images) / Ingest Docker image (pull_request) Has been skipped
Secret Scan / gitleaks (pull_request) Successful in 27s
SAST / trivy (filesystem) (pull_request) Has been skipped
SAST / trivy (config / IaC) (pull_request) Has been skipped
SAST / semgrep (pull_request) Successful in 1m11s
SAST / crypto-lint (no weak hashes / ciphers) (pull_request) Successful in 1m6s
PR Checks (Web) / Web (lint / type-check / build) (pull_request) Successful in 2m41s
PR Checks (Docker images) / Web Docker image (pull_request) Successful in 12m39s
2026-06-27 11:23:20 +00:00
Compare
simon deleted branch fix/vuln-ask-ai-query 2026-06-27 11:39:03 +00:00
Sign in to join this conversation.
No reviewers
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
carrtech/ct-ops!796
No description provided.