fix(db): #170 drop pre-#49 legacy schema leftovers#175
Merged
Conversation
…ogs, ...) Six live-only objects survived from the deleted pre-#49 00000000000000_rls_foundation.sql era — absent from the monolithic migration (so fresh installs never had them) but lingering on prod. The 2026-07-04 schema-drift audit found them; this converges prod with a clean install. Objects dropped: tables public.profiles + public.audit_logs (with their pkey/FK/CHECK/indexes + 3 policies), functions handle_new_user() + handle_updated_at(), trigger profiles_updated_at. Safety — audited on the live DB before dropping (the "careful data-migration" concern from the issue is resolved: nothing real to save): - audit_logs: 8263 rows, ALL legacy 'user.signup', 8247 null-user + 16 E2E, ZERO real users. profiles: 16 rows, all E2E throwaways, zero real users. - Only handle_new_user referenced the BARE legacy tables (confirmed via word-boundary regex on pg_proc.prosrc); every canonical fn uses user_profiles/auth_audit_logs. handle_new_user was orphaned (no trigger). - No views or inbound FKs; the 3 policies auto-drop with the tables. Applied to prod via the Management API (monolithic-only, per CLAUDE.md), then added an idempotent PART 11 block to the monolith + legacy drops to 999_drop_all_tables.sql so prod and fresh installs converge. Verified post-drop on prod: - inventory: 0 legacy tables/functions/trigger; canonical tables/functions + on_auth_user_created trigger all intact. - signup smoke: a fresh auth.users insert wrote 1 user_profiles + 1 auth_audit_logs row (canonical), legacy tables absent — the exact #49 failure mode, now provably correct. - security advisor: the function_search_path_mutable flags on handle_new_user + handle_updated_at cleared. Closes #170 Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Prod hygiene — converge prod with a clean install
Six live-only objects survived from the deleted pre-#49
00000000000000_rls_foundation.sqlera. They're absent from the monolithic migration (fresh installs never had them) but lingered on prod. Found by the 2026-07-04 schema-drift audit (#170).Dropped: tables
public.profiles+public.audit_logs(pkey/FK/CHECK/indexes + 3 policies), functionshandle_new_user()+handle_updated_at(), triggerprofiles_updated_at.Safety — audited live before dropping
The issue flagged this as "not a blind DROP" because
audit_logsmight hold real rows. It doesn't:audit_logsuser.signup, 8247 null-user + 16 E2E, 0 real usersprofileshandle_new_user(orphaned); every canonical fn usesuser_profiles/auth_audit_logsApplied + verified on prod
DDL applied via the Management API (monolithic-only per CLAUDE.md); this PR adds the idempotent PART 11 block to the monolith + legacy drops to
999_drop_all_tables.sqlso prod and fresh installs converge. Post-drop verification:on_auth_user_createdintact.auth.usersinsert wrote 1user_profiles+ 1auth_audit_logsrow, legacy tables absent — the exact [Gap-Audit] auth_audit_logs sign_up events not written for all signup paths #49 failure mode, provably correct.function_search_path_mutableflags onhandle_new_user+handle_updated_atcleared.Closes #170
🤖 Generated with Claude Code