fix: all 5 high-severity bugs from codex review

- use sqlx migrate!() instead of broken split(';') — triggers now work - seq via AUTOINCREMENT — no race conditions, monotonic ordering - replace ?since= with ?after_seq= — cursor-based, no timestamp format issues - replace all unwrap() with typed errors (404, 409, 400, 500) - reply_to same-channel enforced in route handler - add biome for frontend linting Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-29 19:07:12 +02:00
parent e940afde52
commit b48232ca03
17 changed files with 331 additions and 88 deletions
--- a/crates/colony/src/main.rs
+++ b/crates/colony/src/main.rs
@@ -22,22 +22,20 @@ async fn main() {
        .await
        .unwrap();

-    // Run migrations
-    let migration_sql = include_str!("../migrations/001_init.sql");
-    for statement in migration_sql.split(';') {
-        let stmt = statement.trim();
-        if !stmt.is_empty() {
-            if let Err(e) = sqlx::query(stmt).execute(&pool).await {
-                eprintln!("Migration warning (may be OK): {}", e);
-            }
-        }
-    }
+    // Run migrations using sqlx's proper migration system
+    sqlx::migrate!("./migrations")
+        .run(&pool)
+        .await
+        .expect("Failed to run migrations");

    println!("Colony running on port {}", port);

    let app = Router::new()
        .route("/api/health", get(routes::health))
-        .route("/api/channels", get(routes::list_channels).post(routes::create_channel))
+        .route(
+            "/api/channels",
+            get(routes::list_channels).post(routes::create_channel),
+        )
        .route("/api/channels/{id}", get(routes::get_channel))
        .route(
            "/api/channels/{channel_id}/messages",