Use `pnpm db:deploy` in Compose and tighten export sanitizer by Spbd1 · Pull Request #16 · Spbd1/Parcel-Society

Spbd1 · 2026-05-10T09:37:17Z

Docker Compose runs are non-interactive so migrations should use prisma migrate deploy via pnpm db:deploy while keeping pnpm db:migrate for local interactive development.
The export sanitizer was too broad (matched substrings like ip inside description) and risked removing safe config keys; it needs exact/boundary-aware detection instead of a single regex.

Changed the Compose migrate service command from pnpm db:migrate to pnpm db:deploy in docker-compose.yml and clarified the Docker section in README.md to explain when to use pnpm db:deploy vs pnpm db:migrate.
Replaced the broad SENSITIVE_CONFIG_KEY_PATTERN regex in apps/web/lib/services/researchExport.ts with a boundary-aware approach using isSensitiveConfigKey, helper configKeyTerms, a set of sensitive terms, and aliases so only exact/bounded sensitive keys are removed.
Updated sanitizeForExport to use isSensitiveConfigKey(key) for filtering object keys.
Expanded apps/web/lib/services/researchExport.test.ts with cases verifying that sensitive keys (password, token, secret, auth, ip, ipAddress, etc.) are removed and that safe keys containing those substrings (e.g., description, publicGoodMultiplier, multiplier, participationLabel) are preserved.

Ran git diff --check, which produced no whitespace errors and succeeded.
Added unit tests in apps/web/lib/services/researchExport.test.ts covering both removal of sensitive values and preservation of safe keys, but running the test suite was blocked because development dependencies are not installed in the environment (vitest: not found), so tests were not executed here.

Fix compose migration and export sanitizer

485cd5c

Spbd1 added the codex label May 10, 2026 — with ChatGPT Codex Connector

Provide feedback