From 14931d63622bf9add73d9539810832f133bdce73 Mon Sep 17 00:00:00 2001 From: Zac Gaetano Date: Wed, 27 May 2026 13:48:08 -0400 Subject: [PATCH] =?UTF-8?q?fix(mam-api):=20migration=20023=20=E2=80=94=20b?= =?UTF-8?q?roaden=20ON=20CONFLICT=20+=20document=20password=5Fupdated=5Fat?= =?UTF-8?q?=20backfill?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Code-review feedback: ON CONFLICT (id) only catches id collisions; a pre-existing 'dev' username would trigger a unique_violation on the username index and roll back the migration, hard-failing the mam-api boot. Switch to bare ON CONFLICT DO NOTHING so any unique conflict is no-op-safe. --- .../src/db/migrations/023-auth-session-timestamps.sql | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/services/mam-api/src/db/migrations/023-auth-session-timestamps.sql b/services/mam-api/src/db/migrations/023-auth-session-timestamps.sql index 9273c4b..e67c106 100644 --- a/services/mam-api/src/db/migrations/023-auth-session-timestamps.sql +++ b/services/mam-api/src/db/migrations/023-auth-session-timestamps.sql @@ -7,6 +7,9 @@ -- future audit fields) keep working when AUTH_ENABLED=false. The seeded -- password_hash is a placeholder that no bcrypt.compare will accept, so the -- dev row cannot be used to log in even if AUTH_ENABLED is later flipped on. +-- +-- password_updated_at is backfilled with NOW() for existing rows at migration time; +-- treat values from before this deploy as approximate. ALTER TABLE users ADD COLUMN IF NOT EXISTS password_updated_at TIMESTAMPTZ DEFAULT NOW(); ALTER TABLE users ADD COLUMN IF NOT EXISTS last_login_at TIMESTAMPTZ; @@ -19,4 +22,4 @@ VALUES ( 'Dev (AUTH_ENABLED=false)', 'admin' ) -ON CONFLICT (id) DO NOTHING; +ON CONFLICT DO NOTHING;