fix: v1 contract conformance — validation, scopes, idempotency, media enum, RLS#25
Merged
Conversation
… enum, RLS Council + Codex round 2: finish remaining v1 findings (#4-#7, #9, #12). Backend is deno-check + pnpm build green. The migration is NOT applied — run `supabase start && supabase db reset` to verify, then `supabase db push`. - #5 metadata validation: new _shared/frame-metadata.ts validates both ingress endpoints against ui.plan.ai/frame-metadata.v1 before insert. Removes the silent date coercion and the flat agent_slug/channel_slug reads (schema is nested agent.slug/channel.slug). Adds the missing idempotency_conflict code. - #4 scopes: media:image gates frame-submissions, media:video gates media-uploads (hasApiScope). Migration grandfathers existing keys. - #6 idempotency: scoped per endpoint (idempotency_scope column + unique (api_key_id, idempotency_scope, idempotency_key)); PNG fingerprint now includes the image bytes (sha256BytesHex). - #7 media status: frame_media.status is the frame_media_status enum; functions write media_processing (not processing); spec/docs aligned. - #9 RLS: revoke client UPDATE on frame_submissions/frames (no client write path; transitions go through service-role Edge Functions). - #12 OpenAPI + schema + narrative docs: media-uploads creates the submission; frame-submissions is image-only; removed media_upload_id. - Fix a latent images.ts type error caught by deno check. - skills: supabase-setup (ingress invariants), workbench-app (no client UPDATE). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Council + Codex round 2. Finishes the remaining v1 findings. Backend is
deno check+pnpm buildgreen.Changed
_shared/frame-metadata.tsvalidates both ingress endpoints againstui.plan.ai/frame-metadata.v1before insert. Kills the silent date→today coercion and the flatagent_slug/channel_slugreads (schema is nested). Addsidempotency_conflicttoProblemCode.media:imagegates frame-submissions,media:videogates media-uploads. Migration grandfathers existing keys so enforcement can't lock them out.idempotency_scopecolumn + scoped unique index); PNG fingerprint now includes image bytes.frame_media.statusis now theframe_media_statusenum; functions writemedia_processing; spec/docs aligned.UPDATEonframe_submissions/framesrevoked (no client write path; transitions go via service-role Edge Functions).media_upload_idremoved.images.tstype error caught bydeno check.supabase-setup(ingress invariants),workbench-app(no client UPDATE).The migration
20260529000000_v1_contract_conformance.sqlis not applied. Run:Merging only deploys the frontend; the backend stays dormant until
db push.🤖 Generated with Claude Code