Skip to content

fix(db): handle SSL config types in pg connections#356

Merged
MontaGhanmy merged 3 commits intodevfrom
fix/ssl-pg-connection
Mar 31, 2026
Merged

fix(db): handle SSL config types in pg connections#356
MontaGhanmy merged 3 commits intodevfrom
fix/ssl-pg-connection

Conversation

@MontaGhanmy
Copy link
Copy Markdown
Collaborator

@MontaGhanmy MontaGhanmy commented Mar 31, 2026

What

  • Fix oldParser in @twake/config-parser to correctly parse JSON and boolean
    values from environment variables instead of storing raw strings
  • Add real connection verification (SELECT 1) to both MatrixDBPg and
    IdentityServerDb:Pg pool creation, replacing the misleading "connected" log
    that fired before any actual connection was made
  • Add pool.on('error') handlers to surface background pool failures
  • Fix exists() silently swallowing query errors (including SSL handshake
    failures) by resolving false. Now properly rejects

Why

Tom was crash-looping in production when connecting to OVH managed PostgreSQL
over SSL. The failure was invisible because:

  1. DATABASE_SSL=true was stored as the string "true" by the config parser,
    causing node-postgres to reject OVH's private CA cert
    (SELF_SIGNED_CERT_IN_CHAIN)
  2. DATABASE_SSL={"rejectUnauthorized":false} was overwritten from a parsed
    object back to a raw string, crashing pg with
    TypeError: Cannot use 'in' operator
  3. pg.Pool creation logged "connected" without connecting, exists() swallowed
    SSL errors as "table doesn't exist".

How

Config parser (packages/config-parser/src/utils.ts):

  • oldParser now runs JSON.parse() on env var values before storing, with
    fallback to raw string on parse failure

Connection pools (packages/matrix-identity-server/src/db/sql/pg.ts,
packages/matrix-identity-server/src/matrixDb/sql/pg.ts):

  • Log SSL config type at pool creation (disabled, enabled, object, or
    unexpected(...))
  • Run SELECT 1 after pool creation to verify the connection
  • Register pool.on('error') for background failure visibility
  • exists() now rejects on error instead of silently resolving false

Test Plan

  • npm run test in packages/config-parser: 34/34 tests pass
  • Docker Compose with DATABASE_SSL unset: boots normally, logs
    SSL: disabled, Connection verified, listening on port: 3000
  • Docker Compose with DATABASE_SSL={"rejectUnauthorized":false}: logs
    SSL: object, attempts real SSL connection (fails correctly on non-SSL
    postgres with clear error message)
  • No regression in non-SSL PostgreSQL path

Files Changed

File Change
packages/config-parser/src/utils.ts oldParser JSON.parse env vars
packages/matrix-identity-server/src/db/sql/pg.ts SSL type log, SELECT 1 verify, pool error handler, exists() fix
packages/matrix-identity-server/src/matrixDb/sql/pg.ts SSL type log, SELECT 1 verify, pool error handler

@MontaGhanmy MontaGhanmy self-assigned this Mar 31, 2026
@MontaGhanmy MontaGhanmy requested a review from pm-McFly March 31, 2026 10:50
@coderabbitai
Copy link
Copy Markdown

coderabbitai bot commented Mar 31, 2026
edited
Loading

📝 Walkthrough

Fundamental Flaw

Env vars containing JSON/boolean values were treated as raw strings by the config parser, producing wrong-typed SSL options for Postgres. That, combined with (1) pool creation logging that lied about connectivity, (2) no verification query after pool creation, and (3) no background pool error handlers, caused silent failures and production crash-loops when connecting to SSL-enabled Postgres (OVH).

Systemic Data Flow Changes

  1. packages/config-parser/src/utils.ts

    • oldParser: when an env var override exists, attempt JSON.parse on the string; on failure keep raw string. This ensures numbers/booleans/objects from env are stored with correct types instead of raw strings.

  2. packages/matrix-identity-server/src/db/sql/pg.ts and packages/matrix-identity-server/src/matrixDb/sql/pg.ts

    • Pool creation now normalizes and logs ssl type as one of: disabled, enabled, object, or unexpected(...).
    • createVerifiedPool: register pool.on('error') to surface background failures; run SELECT 1 immediately after creating the pool to verify real connectivity; on failure, end the pool and reject initialization.
    • createDatabases uses createVerifiedPool and only proceeds to create tables after verification succeeds.
    • exists(): on query error, reject the promise (and log err.message/err.code) instead of resolving false and hiding failures.

Core Algorithm / Logic Changes

  • Deterministic SSL-type derivation from opts.ssl for logging/observability.
  • Synchronous verification step (await SELECT 1) enforces at least one successful round-trip before the pool is considered usable.
  • Background pool errors are handled via registered listeners so they no longer get swallowed.

Deprecated / Removed Code

  • No public APIs removed or deprecated. Synchronous try/catch around direct new pg.Pool replaced by createVerifiedPool flow (refactor/replacement, not a public API change).

Explicitly Ignored Technical Debt

  • None declared in the PR. The change focuses on immediate stability and observability fixes; no broader refactors or tech-debt items were addressed.

Tests / Verification Notes (concise)

  • config-parser tests: 34/34 passing.
  • Docker Compose: boots with DATABASE_SSL unset (logs "SSL: disabled" and "Connection verified"); with DATABASE_SSL='{"rejectUnauthorized":false}' logs "SSL: object" and attempts SSL (fails correctly against non-SSL Postgres). Logs and behavior verified for both paths.

Walkthrough

Environment variable overrides now attempt JSON parsing before falling back to raw strings. Database pool creation was moved to a verified-creation helper that normalizes SSL, registers background error handlers, runs SELECT 1 to verify connectivity, and rejects initialization on failure.

Changes

Cohort / File(s) Summary
Configuration Parser
packages/config-parser/src/utils.ts		 oldParser now tries JSON.parse on env var values and stores the parsed value on success; on parse failure it keeps the raw string. Fallbacks and key validation unchanged.
Database Pool Initialization
packages/matrix-identity-server/src/db/sql/pg.ts, packages/matrix-identity-server/src/matrixDb/sql/pg.ts		 Introduced createVerifiedPool(...) to normalize opts.ssl, log SSL type, attach background error handlers, and verify connectivity with SELECT 1 before assigning this.db and proceeding to table creation; on verification failure the pool is ended and initialization is rejected. exists(...) now logs error with err.message/err.code and rejects on query failure instead of resolving false.

Possibly related PRs

Suggested labels

priority::high, package::identity-server, javascript

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed Title accurately captures the main fix: handling SSL config type parsing in PostgreSQL connections across multiple database modules.
Description check ✅ Passed Description is comprehensive and follows template structure with clear What/Why/How sections, detailed test plan, and files changed table, addressing all critical information.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@nx-cloud
Copy link
Copy Markdown

nx-cloud bot commented Mar 31, 2026
edited
Loading

🤖 Nx Cloud AI Fix Eligible

An automatically generated fix could have helped fix failing tasks for this run, but Self-healing CI is disabled for this workspace. Visit workspace settings to enable it and get automatic fixes in future runs.

To disable these notifications, a workspace admin can disable them in workspace settings.

View your CI Pipeline Execution ↗ for commit 25412a5

Command Status Duration Result
nx affected -t check -- --max-diagnostics none ❌ Failed 16s View ↗
nx affected -t test ✅ Succeeded 3m 9s View ↗
nx affected -t build ✅ Succeeded 20s View ↗

☁️ Nx Cloud last updated this comment at 2026-03-31 13:28:47 UTC

coderabbitai[bot]
coderabbitai bot reviewed Mar 31, 2026
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 5

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 028091b4-c46e-4502-a2b4-2ef9d1e07b44

📥 Commits

Reviewing files that changed from the base of the PR and between 9011b67 and 32ee393.

📒 Files selected for processing (3)
  • packages/config-parser/src/utils.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
📜 Review details
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
  • GitHub Check: Test / Test Affected Packages
  • GitHub Check: Docs / Update Documentation
🧰 Additional context used
📓 Path-based instructions (8)
packages/config-parser/**/*.{ts,tsx}

📄 CodeRabbit inference engine (packages/config-parser/AGENTS.md)

packages/config-parser/**/*.{ts,tsx}: Use twakeConfig(desc, defaultConfigFile?, useEnv?, useOldParser?) as the sole public API for configuration loading and validation in @twake/config-parser
Define each configuration key's type, default, and required status using the ConfigDescription type in @twake/config-parser
Supported configuration types in @twake/config-parser are: number, boolean, array, json, object, string

Files:

  • packages/config-parser/src/utils.ts
packages/config-parser/src/**/*.ts

📄 CodeRabbit inference engine (packages/config-parser/AGENTS.md)

packages/config-parser/src/**/*.ts: Unknown keys in the config file must throw UnacceptedKeyError in @twake/config-parser
Missing required configuration keys must throw MissingRequiredConfigError in @twake/config-parser

Files:

  • packages/config-parser/src/utils.ts
**/*.{ts,tsx,js,jsx,json,md}

📄 CodeRabbit inference engine (CLAUDE.md)

Use npm run format:check and npm run format:fix for code formatting checks

Files:

  • packages/config-parser/src/utils.ts
  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
**/*.{js,ts,jsx,tsx}

📄 CodeRabbit inference engine (CODING_STYLE.md)

**/*.{js,ts,jsx,tsx}: Use 2 spaces for indentation, not 4, tabs, or other amounts. Enforce with a formatter.
Opening braces must go on the same line. Never place opening braces on a new line.
Use trailing commas in multi-line structures (arrays, objects, function parameters) to minimize diff noise.
Semicolons are required on all statements. Do not rely on Automatic Semicolon Insertion (ASI).
Enforce a hard line length limit of 120 characters. Break overly complex expressions into named sub-expressions.
Use camelCase for variable and function names.
Use PascalCase for types, interfaces, classes, and enums.
Use SCREAMING_SNAKE_CASE only for module-level primitives that are truly constant and never change. Do not use for local bindings.
Boolean variables must read as a question using prefixes like is, has, can (e.g., isLoading, hasPermission, canRetry). Never use bare noun forms.
Do not abbreviate variable or function names except for: i, j in tight loops; e for event parameters; err for errors; ctx for context; req/res in HTTP handlers.
Each function must do exactly one job. Do not write functions that combine multiple concerns (e.g., avoid fetchAndTransformUser). Extract compound operations into separate functions.
Functions must have a maximum of 5 parameters. For more than 5 parameters, group related data into a typed options object.
Keep functions short, with a reasonable ceiling of 25–40 lines. Functions should fit on one screen without scrolling.
Every function must return a meaningful value. void return types are forbidden. Use ActionResult for functions with no natural data return.
Recursion must be tail-call or converted to an iterative loop. Non-tail-recursive functions are forbidden in production code because JavaScript engines do not reliably optimize tail calls.
Maximum nesting depth is 2 levels (level 0 is function body, level 1 is a block inside it, level 2 is a block inside that). Extract sub-problems into named functi...

Files:

  • packages/config-parser/src/utils.ts
  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
**/*.{ts,tsx}

📄 CodeRabbit inference engine (CODING_STYLE.md)

**/*.{ts,tsx}: Return types must be explicitly annotated on all non-trivial functions in TypeScript. Inference alone is not a contract.
The any type is forbidden without exception in TypeScript. Use a proper type, discriminated union, unknown with a guard, or a generic instead.
Double casts via as unknown as T are forbidden. If the type model is inconsistent, fix the model instead.
Use unknown over any for data from external sources (HTTP responses, JSON.parse, event payloads, database rows). Write a type guard to validate the data.
Prefer type for unions and intersections; prefer interface for object shapes. Keep intent readable through consistent use.
Avoid TypeScript enum. Use string union types for fully internal values. For values from external sources, provide a validation helper that narrows conversion from raw strings.
In TypeScript, caught values have type unknown, not Error. Use instanceof Error checks before accessing Error-specific properties.
Do not use @ts-ignore or @ts-expect-error without an explanatory comment stating the reason and removal condition.

**/*.{ts,tsx}: Code must follow the philosophy of boundaries over conventions - use module facades enforced by lint rules instead of comments, prefer #private fields over naming conventions, prefer TypeScript types over JSDoc comments
Do not introduce new any types in TypeScript - warnings are existing tech debt, new ones are blockers

Files:

  • packages/config-parser/src/utils.ts
  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
packages/matrix-identity-server/src/**/*.{ts,js}

📄 CodeRabbit inference engine (CLAUDE.md)

Routes are registered on this.api.get and this.api.post maps and mounted by the parent server

Files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
packages/matrix-identity-server/src/**/*.ts

📄 CodeRabbit inference engine (packages/matrix-identity-server/src/AGENTS.md)

All Matrix Identity Server endpoints must be mounted at /_matrix/identity/v2/ prefix

Files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
packages/matrix-identity-server/src/db/**/*.{ts,js}

📄 CodeRabbit inference engine (CLAUDE.md)

MatrixIdentityServer initializes two databases: IdentityServerDb (identity-server tables) and UserDB (user directory)

Files:

  • packages/matrix-identity-server/src/db/sql/pg.ts
🧠 Learnings (23)
📓 Common learnings 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/db/src/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:56.983Z
Learning: Applies to packages/db/src/db/src/sql/pg.ts : In `db/src/sql/pg.ts`, implement PostgreSQL adapter using `pg` driver with connection pooling and parameterized queries

Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/matrixDb/AGENTS.md:0-0
Timestamp: 2026-03-17T11:22:24.131Z
Learning: Applies to packages/matrix-identity-server/src/matrixDb/matrixDb/sql/**/*.ts : Support both PostgreSQL and SQLite Synapse configurations with driver-specific queries

Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/matrixDb/AGENTS.md:0-0
Timestamp: 2026-03-17T11:22:24.131Z
Learning: Applies to packages/matrix-identity-server/src/matrixDb/matrixDb/index.ts : Reference configuration keys: matrix_database_engine (pg/sqlite), matrix_database_host, matrix_database_name for database connections
📚 Learning: 2026-03-17T11:20:29.014Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/config-parser/src/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:29.014Z
Learning: Applies to packages/config-parser/src/src/index.ts : Default useOldParser flag to true for backwards compatibility; new code should use false

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:20:18.213Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/config-parser/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:18.213Z
Learning: Applies to packages/config-parser/**/*.{ts,tsx} : Use `twakeConfig(desc, defaultConfigFile?, useEnv?, useOldParser?)` as the sole public API for configuration loading and validation in twake/config-parser

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:20:18.213Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/config-parser/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:18.213Z
Learning: Applies to packages/config-parser/**/*.{ts,tsx} : Supported configuration types in twake/config-parser are: `number`, `boolean`, `array`, `json`, `object`, `string`

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:21:16.677Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/logger/AGENTS.md:0-0
Timestamp: 2026-03-17T11:21:16.677Z
Learning: Applies to packages/logger/**/*.{ts,tsx} : Load logger configuration from environment variables or config object via `getLogger()` using twake/config-parser

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:20:18.213Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/config-parser/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:18.213Z
Learning: Applies to packages/config-parser/**/*.{ts,tsx} : Define each configuration key's type, default, and required status using the `ConfigDescription` type in twake/config-parser

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:20:18.213Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/config-parser/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:18.213Z
Learning: Configuration loading priority in twake/config-parser (new parser): environment variables > config file > defaults

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:20:29.014Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/config-parser/src/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:29.014Z
Learning: Applies to packages/config-parser/src/src/index.ts : Keep all logic in a single file (index.ts) unless the file grows substantially

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:20:18.213Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/config-parser/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:18.213Z
Learning: Applies to packages/config-parser/src/**/*.ts : Missing required configuration keys must throw `MissingRequiredConfigError` in twake/config-parser

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:20:18.213Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/config-parser/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:18.213Z
Learning: Applies to packages/config-parser/src/**/*.ts : Unknown keys in the config file must throw `UnacceptedKeyError` in twake/config-parser

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:23:13.313Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/tom-server/AGENTS.md:0-0
Timestamp: 2026-03-17T11:23:13.313Z
Learning: Applies to packages/tom-server/src/config.ts : Document all configuration keys in `src/config.ts` using the `confDesc` object structure

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-31T07:26:27.898Z 
Learnt from: pm-McFly
Repo: linagora/ToM-server PR: 355
File: packages/matrix-identity-server/src/db/index.ts:413-413
Timestamp: 2026-03-31T07:26:27.898Z
Learning: When reviewing TypeScript code in this repo, follow Biome’s `noDoubleEquals` rule: do not use loose equality (`== null` / `!= null`) as a shorthand. For nullish checks, use explicit strict comparisons instead (e.g., `value === null || value === undefined` or `value !== null && value !== undefined`).

Applied to files:

  • packages/config-parser/src/utils.ts
  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:22:24.131Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/matrixDb/AGENTS.md:0-0
Timestamp: 2026-03-17T11:22:24.131Z
Learning: Applies to packages/matrix-identity-server/src/matrixDb/matrixDb/index.ts : Reference configuration keys: matrix_database_engine (pg/sqlite), matrix_database_host, matrix_database_name for database connections

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:20:56.983Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/db/src/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:56.983Z
Learning: Applies to packages/db/src/db/src/sql/pg.ts : In `db/src/sql/pg.ts`, implement PostgreSQL adapter using `pg` driver with connection pooling and parameterized queries

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:22:24.131Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/matrixDb/AGENTS.md:0-0
Timestamp: 2026-03-17T11:22:24.131Z
Learning: Applies to packages/matrix-identity-server/src/matrixDb/matrixDb/sql/**/*.ts : Support both PostgreSQL and SQLite Synapse configurations with driver-specific queries

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:22:06.022Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/db/AGENTS.md:0-0
Timestamp: 2026-03-17T11:22:06.022Z
Learning: Applies to packages/matrix-identity-server/src/db/db/sql/{pg,sqlite}.ts : When adding a new table, define schema in `db/index.ts`, and add SQL implementations in both `db/sql/pg.ts` (PostgreSQL) and `db/sql/sqlite.ts` (SQLite)

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-23T09:08:39.061Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T09:08:39.061Z
Learning: Applies to packages/matrix-identity-server/src/db/**/*.{ts,js} : `MatrixIdentityServer` initializes two databases: `IdentityServerDb` (identity-server tables) and `UserDB` (user directory)

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:22:24.131Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/matrixDb/AGENTS.md:0-0
Timestamp: 2026-03-17T11:22:24.131Z
Learning: Applies to packages/matrix-identity-server/src/matrixDb/matrixDb/sql/**/*.ts : Keep Synapse DB schema queries minimal and schema-version-aware to accommodate changes between Synapse versions

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:22:06.022Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/db/AGENTS.md:0-0
Timestamp: 2026-03-17T11:22:06.022Z
Learning: Applies to packages/matrix-identity-server/src/db/db/**/*.ts : All SQL queries must use parameterized statements — never string-interpolate user input into SQL

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-31T08:42:09.345Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/AGENTS.md:0-0
Timestamp: 2026-03-31T08:42:09.345Z
Learning: Applies to packages/matrix-identity-server/src/**/*.test.ts : Use SQLite in-memory for tests; mock SMTP and external services

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-31T08:42:09.345Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/AGENTS.md:0-0
Timestamp: 2026-03-31T08:42:09.345Z
Learning: Applies to packages/matrix-identity-server/src/src/userdb/index.ts : Select `userdb/` backend via `user_db` config key: `sqlite`, `pg`, `ldap`, or `''` (empty)

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:21:27.917Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/AGENTS.md:0-0
Timestamp: 2026-03-17T11:21:27.917Z
Learning: Applies to packages/matrix-identity-server/src/index.ts : The db property exposes the identity server's database for subclass use

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
📚 Learning: 2026-03-17T11:22:06.022Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/db/AGENTS.md:0-0
Timestamp: 2026-03-17T11:22:06.022Z
Learning: Applies to packages/matrix-identity-server/src/db/db/index.ts : Add new identity server tables to the `Collections` enum in `db/index.ts`

Applied to files:

  • packages/matrix-identity-server/src/db/sql/pg.ts
🪛 Biome (2.4.9)
packages/matrix-identity-server/src/matrixDb/sql/pg.ts

[error] 67-67: Using == may be unsafe if you are relying on type coercion.

(lint/suspicious/noDoubleEquals)

packages/matrix-identity-server/src/db/sql/pg.ts

[error] 64-64: Using == may be unsafe if you are relying on type coercion.

(lint/suspicious/noDoubleEquals)

🔇 Additional comments (1)
packages/matrix-identity-server/src/db/sql/pg.ts (1)

153-158: Good: exists() stops masking metadata failures.

Rejecting here is the right move. _createTables already catches the rejection, so a broken pg_tables lookup no longer masquerades as false and triggers bogus DDL.

@pm-McFly pm-McFly added bug Something does not behave as expected. severity::major Some important parts of the project cannot be used. package::configuration Anything related to config-parser labels Mar 31, 2026
coderabbitai[bot]
coderabbitai bot reviewed Mar 31, 2026
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

♻️ Duplicate comments (1)
packages/matrix-identity-server/src/db/sql/pg.ts (1)

21-35: ⚠️ Potential issue | 🟠 Major

Reject unsupported ssl values before they reach pg.

Line 28 already classifies bad input as unexpected(...), but Line 35 still feeds that raw value into pg.Pool. After the parser change, DATABASE_SSL=1 becomes number 1, so unsupported legacy values can still hit both this pool and the MatrixDB path in packages/matrix-identity-server/src/matrixDb/sql/pg.ts on Lines 66-73. Fail fast unless opts.ssl is false, true, or a non-array object.

🔧 Throw on unsupported SSL input instead of logging and continuing 
   protected createVerifiedPool(
     pg: typeof import('pg'),
     opts: ClientConfig,
     label: string
   ): Promise<PgPool> {
-    const sslType =
-      opts.ssl === null || opts.ssl === undefined || opts.ssl === false
-        ? 'disabled'
-        : opts.ssl === true
-        ? 'enabled'
-        : typeof opts.ssl === 'object'
-        ? 'object'
-        : `unexpected(${typeof opts.ssl}: ${String(opts.ssl)})`
+    const isSslDisabled =
+      opts.ssl === null || opts.ssl === undefined || opts.ssl === false
+    const isSslObject =
+      typeof opts.ssl === 'object' &&
+      opts.ssl !== null &&
+      !Array.isArray(opts.ssl)
+    if (!isSslDisabled && opts.ssl !== true && !isSslObject) {
+      throw new Error(
+        `[${label}] Unsupported ssl config: ${String(opts.ssl)}`
+      )
+    }
+    const sslType = isSslDisabled
+      ? 'disabled'
+      : opts.ssl === true
+      ? 'enabled'
+      : 'object'
In node-postgres (`pg`), what values are valid for `ClientConfig.ssl` / `Pool` `ssl` option? Are numeric or string values like `1`, `0`, `on`, `off`, or arrays supported, or must it be `boolean` or a TLS options object?

Based on learnings: only true/false (not 1/0) are supported as boolean env overrides in the old parser.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: e0e179dc-a746-4fba-b30e-2eee4db87ec1

📥 Commits

Reviewing files that changed from the base of the PR and between 32ee393 and 25412a5.

📒 Files selected for processing (3)
  • packages/config-parser/src/utils.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
📜 Review details
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: Test / Test Affected Packages
🧰 Additional context used
📓 Path-based instructions (8)
**/*.{ts,tsx,js,jsx,json,md}

📄 CodeRabbit inference engine (CLAUDE.md)

Use npm run format:check and npm run format:fix for code formatting checks

Files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/config-parser/src/utils.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
packages/matrix-identity-server/src/**/*.{ts,js}

📄 CodeRabbit inference engine (CLAUDE.md)

Routes are registered on this.api.get and this.api.post maps and mounted by the parent server

Files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
**/*.{js,ts,jsx,tsx}

📄 CodeRabbit inference engine (CODING_STYLE.md)

**/*.{js,ts,jsx,tsx}: Use 2 spaces for indentation, not 4, tabs, or other amounts. Enforce with a formatter.
Opening braces must go on the same line. Never place opening braces on a new line.
Use trailing commas in multi-line structures (arrays, objects, function parameters) to minimize diff noise.
Semicolons are required on all statements. Do not rely on Automatic Semicolon Insertion (ASI).
Enforce a hard line length limit of 120 characters. Break overly complex expressions into named sub-expressions.
Use camelCase for variable and function names.
Use PascalCase for types, interfaces, classes, and enums.
Use SCREAMING_SNAKE_CASE only for module-level primitives that are truly constant and never change. Do not use for local bindings.
Boolean variables must read as a question using prefixes like is, has, can (e.g., isLoading, hasPermission, canRetry). Never use bare noun forms.
Do not abbreviate variable or function names except for: i, j in tight loops; e for event parameters; err for errors; ctx for context; req/res in HTTP handlers.
Each function must do exactly one job. Do not write functions that combine multiple concerns (e.g., avoid fetchAndTransformUser). Extract compound operations into separate functions.
Functions must have a maximum of 5 parameters. For more than 5 parameters, group related data into a typed options object.
Keep functions short, with a reasonable ceiling of 25–40 lines. Functions should fit on one screen without scrolling.
Every function must return a meaningful value. void return types are forbidden. Use ActionResult for functions with no natural data return.
Recursion must be tail-call or converted to an iterative loop. Non-tail-recursive functions are forbidden in production code because JavaScript engines do not reliably optimize tail calls.
Maximum nesting depth is 2 levels (level 0 is function body, level 1 is a block inside it, level 2 is a block inside that). Extract sub-problems into named functi...

Files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/config-parser/src/utils.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
**/*.{ts,tsx}

📄 CodeRabbit inference engine (CODING_STYLE.md)

**/*.{ts,tsx}: Return types must be explicitly annotated on all non-trivial functions in TypeScript. Inference alone is not a contract.
The any type is forbidden without exception in TypeScript. Use a proper type, discriminated union, unknown with a guard, or a generic instead.
Double casts via as unknown as T are forbidden. If the type model is inconsistent, fix the model instead.
Use unknown over any for data from external sources (HTTP responses, JSON.parse, event payloads, database rows). Write a type guard to validate the data.
Prefer type for unions and intersections; prefer interface for object shapes. Keep intent readable through consistent use.
Avoid TypeScript enum. Use string union types for fully internal values. For values from external sources, provide a validation helper that narrows conversion from raw strings.
In TypeScript, caught values have type unknown, not Error. Use instanceof Error checks before accessing Error-specific properties.
Do not use @ts-ignore or @ts-expect-error without an explanatory comment stating the reason and removal condition.

**/*.{ts,tsx}: Code must follow the philosophy of boundaries over conventions - use module facades enforced by lint rules instead of comments, prefer #private fields over naming conventions, prefer TypeScript types over JSDoc comments
Do not introduce new any types in TypeScript - warnings are existing tech debt, new ones are blockers

Files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/config-parser/src/utils.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
packages/matrix-identity-server/src/**/*.ts

📄 CodeRabbit inference engine (packages/matrix-identity-server/src/AGENTS.md)

All Matrix Identity Server endpoints must be mounted at /_matrix/identity/v2/ prefix

Files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
packages/config-parser/**/*.{ts,tsx}

📄 CodeRabbit inference engine (packages/config-parser/AGENTS.md)

packages/config-parser/**/*.{ts,tsx}: Use twakeConfig(desc, defaultConfigFile?, useEnv?, useOldParser?) as the sole public API for configuration loading and validation in @twake/config-parser
Define each configuration key's type, default, and required status using the ConfigDescription type in @twake/config-parser
Supported configuration types in @twake/config-parser are: number, boolean, array, json, object, string

Files:

  • packages/config-parser/src/utils.ts
packages/config-parser/src/**/*.ts

📄 CodeRabbit inference engine (packages/config-parser/AGENTS.md)

packages/config-parser/src/**/*.ts: Unknown keys in the config file must throw UnacceptedKeyError in @twake/config-parser
Missing required configuration keys must throw MissingRequiredConfigError in @twake/config-parser

Files:

  • packages/config-parser/src/utils.ts
packages/matrix-identity-server/src/db/**/*.{ts,js}

📄 CodeRabbit inference engine (CLAUDE.md)

MatrixIdentityServer initializes two databases: IdentityServerDb (identity-server tables) and UserDB (user directory)

Files:

  • packages/matrix-identity-server/src/db/sql/pg.ts
🧠 Learnings (31)
📓 Common learnings 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/db/src/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:56.983Z
Learning: Applies to packages/db/src/db/src/sql/pg.ts : In `db/src/sql/pg.ts`, implement PostgreSQL adapter using `pg` driver with connection pooling and parameterized queries

Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/matrixDb/AGENTS.md:0-0
Timestamp: 2026-03-17T11:22:24.131Z
Learning: Applies to packages/matrix-identity-server/src/matrixDb/matrixDb/sql/**/*.ts : Support both PostgreSQL and SQLite Synapse configurations with driver-specific queries

Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/matrixDb/AGENTS.md:0-0
Timestamp: 2026-03-17T11:22:24.131Z
Learning: Applies to packages/matrix-identity-server/src/matrixDb/matrixDb/index.ts : Reference configuration keys: matrix_database_engine (pg/sqlite), matrix_database_host, matrix_database_name for database connections

Learnt from: pm-McFly
Repo: linagora/ToM-server PR: 356
File: packages/config-parser/src/utils.ts:13-18
Timestamp: 2026-03-31T12:22:12.593Z
Learning: In `packages/config-parser/src/utils.ts`, `oldParser` now uses `JSON.parse()` on env var values and falls back to raw string on failure (pragmatic legacy-path fix). Known gap: `JSON.parse('1')` yields number `1`, not string `'1'`, so `isTruthy('1')` no longer matches if the stored value was coerced. Documented policy: only `true`/`false` (not `1`/`0`) are supported as boolean env overrides in the old parser.
📚 Learning: 2026-03-17T11:20:56.983Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/db/src/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:56.983Z
Learning: Applies to packages/db/src/db/src/sql/pg.ts : In `db/src/sql/pg.ts`, implement PostgreSQL adapter using `pg` driver with connection pooling and parameterized queries

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:22:24.131Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/matrixDb/AGENTS.md:0-0
Timestamp: 2026-03-17T11:22:24.131Z
Learning: Applies to packages/matrix-identity-server/src/matrixDb/matrixDb/index.ts : Reference configuration keys: matrix_database_engine (pg/sqlite), matrix_database_host, matrix_database_name for database connections

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-23T09:08:39.061Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T09:08:39.061Z
Learning: Applies to packages/matrix-identity-server/src/db/**/*.{ts,js} : `MatrixIdentityServer` initializes two databases: `IdentityServerDb` (identity-server tables) and `UserDB` (user directory)

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:22:24.131Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/matrixDb/AGENTS.md:0-0
Timestamp: 2026-03-17T11:22:24.131Z
Learning: Applies to packages/matrix-identity-server/src/matrixDb/matrixDb/sql/**/*.ts : Support both PostgreSQL and SQLite Synapse configurations with driver-specific queries

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:22:06.022Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/db/AGENTS.md:0-0
Timestamp: 2026-03-17T11:22:06.022Z
Learning: Applies to packages/matrix-identity-server/src/db/db/sql/{pg,sqlite}.ts : When adding a new table, define schema in `db/index.ts`, and add SQL implementations in both `db/sql/pg.ts` (PostgreSQL) and `db/sql/sqlite.ts` (SQLite)

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:22:24.131Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/matrixDb/AGENTS.md:0-0
Timestamp: 2026-03-17T11:22:24.131Z
Learning: Applies to packages/matrix-identity-server/src/matrixDb/matrixDb/sql/**/*.ts : Keep Synapse DB schema queries minimal and schema-version-aware to accommodate changes between Synapse versions

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/config-parser/src/utils.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:21:27.917Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/AGENTS.md:0-0
Timestamp: 2026-03-17T11:21:27.917Z
Learning: Applies to packages/matrix-identity-server/src/index.ts : The db property exposes the identity server's database for subclass use

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:20:56.983Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/db/src/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:56.983Z
Learning: Applies to packages/db/src/db/src/index.ts : In `db/src/index.ts`, export the main `Database` class, `Pg`, `SQLite`, and `createTables` function

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:22:06.022Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/db/AGENTS.md:0-0
Timestamp: 2026-03-17T11:22:06.022Z
Learning: Applies to packages/matrix-identity-server/src/db/db/**/*.ts : All SQL queries must use parameterized statements — never string-interpolate user input into SQL

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-31T08:42:09.345Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/AGENTS.md:0-0
Timestamp: 2026-03-31T08:42:09.345Z
Learning: Applies to packages/matrix-identity-server/src/src/userdb/index.ts : Select `userdb/` backend via `user_db` config key: `sqlite`, `pg`, `ldap`, or `''` (empty)

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:21:27.917Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/AGENTS.md:0-0
Timestamp: 2026-03-17T11:21:27.917Z
Learning: Applies to packages/matrix-identity-server/src/index.ts : this.ready is a Promise that resolves when async initialization (key gen, DB setup) completes

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
📚 Learning: 2026-03-17T11:21:27.917Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/AGENTS.md:0-0
Timestamp: 2026-03-17T11:21:27.917Z
Learning: Applies to packages/matrix-identity-server/src/index.ts : MatrixIdentityServer constructor takes (conf, confDesc?, db?) — conf must include server_name

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
📚 Learning: 2026-03-31T07:26:27.898Z 
Learnt from: pm-McFly
Repo: linagora/ToM-server PR: 355
File: packages/matrix-identity-server/src/db/index.ts:413-413
Timestamp: 2026-03-31T07:26:27.898Z
Learning: When reviewing TypeScript code in this repo, follow Biome’s `noDoubleEquals` rule: do not use loose equality (`== null` / `!= null`) as a shorthand. For nullish checks, use explicit strict comparisons instead (e.g., `value === null || value === undefined` or `value !== null && value !== undefined`).

Applied to files:

  • packages/matrix-identity-server/src/matrixDb/sql/pg.ts
  • packages/config-parser/src/utils.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-31T12:22:12.593Z 
Learnt from: pm-McFly
Repo: linagora/ToM-server PR: 356
File: packages/config-parser/src/utils.ts:13-18
Timestamp: 2026-03-31T12:22:12.593Z
Learning: In `packages/config-parser/src/utils.ts`, `oldParser` now uses `JSON.parse()` on env var values and falls back to raw string on failure (pragmatic legacy-path fix). Known gap: `JSON.parse('1')` yields number `1`, not string `'1'`, so `isTruthy('1')` no longer matches if the stored value was coerced. Documented policy: only `true`/`false` (not `1`/`0`) are supported as boolean env overrides in the old parser.

Applied to files:

  • packages/config-parser/src/utils.ts
  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:20:29.014Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/config-parser/src/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:29.014Z
Learning: Applies to packages/config-parser/src/src/index.ts : Default useOldParser flag to true for backwards compatibility; new code should use false

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:20:18.213Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/config-parser/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:18.213Z
Learning: Applies to packages/config-parser/**/*.{ts,tsx} : Use `twakeConfig(desc, defaultConfigFile?, useEnv?, useOldParser?)` as the sole public API for configuration loading and validation in twake/config-parser

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:20:18.213Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/config-parser/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:18.213Z
Learning: Applies to packages/config-parser/**/*.{ts,tsx} : Define each configuration key's type, default, and required status using the `ConfigDescription` type in twake/config-parser

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:20:18.213Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/config-parser/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:18.213Z
Learning: Applies to packages/config-parser/**/*.{ts,tsx} : Supported configuration types in twake/config-parser are: `number`, `boolean`, `array`, `json`, `object`, `string`

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:21:16.677Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/logger/AGENTS.md:0-0
Timestamp: 2026-03-17T11:21:16.677Z
Learning: Applies to packages/logger/**/*.{ts,tsx} : Load logger configuration from environment variables or config object via `getLogger()` using twake/config-parser

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:20:18.213Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/config-parser/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:18.213Z
Learning: Applies to packages/config-parser/src/**/*.ts : Unknown keys in the config file must throw `UnacceptedKeyError` in twake/config-parser

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:20:18.213Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/config-parser/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:18.213Z
Learning: Configuration loading priority in twake/config-parser (new parser): environment variables > config file > defaults

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:20:18.213Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/config-parser/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:18.213Z
Learning: Applies to packages/config-parser/src/**/*.ts : Missing required configuration keys must throw `MissingRequiredConfigError` in twake/config-parser

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-23T09:08:39.061Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-23T09:08:39.061Z
Learning: Applies to packages/*/src/config.json : Defaults are specified in each package's `src/config.json` file

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-27T16:21:10.935Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: CODING_STYLE.md:0-0
Timestamp: 2026-03-27T16:21:10.935Z
Learning: Applies to **/*.{js,ts,jsx,tsx} : Use strict equality (`===`) instead of loose equality (`==`). Do not rely on JavaScript's implicit type coercion.

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:20:18.213Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/config-parser/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:18.213Z
Learning: Applies to packages/config-parser/**/package.json : twake/config-parser must have zero runtime dependencies

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:23:13.313Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/tom-server/AGENTS.md:0-0
Timestamp: 2026-03-17T11:23:13.313Z
Learning: Applies to packages/tom-server/src/config.ts : Document all configuration keys in `src/config.ts` using the `confDesc` object structure

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:24:48.682Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/tom-server/src/wellKnown/AGENTS.md:0-0
Timestamp: 2026-03-17T11:24:48.682Z
Learning: Applies to packages/tom-server/src/wellKnown/wellKnown/**/*.ts : When adding new config fields to well-known responses, update `src/config.json` (in tom-server) first, then include the value in the response object in the wellKnown directory

Applied to files:

  • packages/config-parser/src/utils.ts
📚 Learning: 2026-03-17T11:22:06.022Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/matrix-identity-server/src/db/AGENTS.md:0-0
Timestamp: 2026-03-17T11:22:06.022Z
Learning: Applies to packages/matrix-identity-server/src/db/db/index.ts : Add new identity server tables to the `Collections` enum in `db/index.ts`

Applied to files:

  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:20:56.983Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/db/src/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:56.983Z
Learning: Applies to packages/db/src/db/src/database.ts : In `db/src/database.ts`, implement the `Database` base class for connection management and query interface

Applied to files:

  • packages/matrix-identity-server/src/db/sql/pg.ts
📚 Learning: 2026-03-17T11:20:56.983Z 
Learnt from: CR
Repo: linagora/ToM-server PR: 0
File: packages/db/src/AGENTS.md:0-0
Timestamp: 2026-03-17T11:20:56.983Z
Learning: Applies to packages/db/src/db/src/sql/sql.ts : In `db/src/sql/sql.ts`, implement base SQL utilities and shared query logic

Applied to files:

  • packages/matrix-identity-server/src/db/sql/pg.ts
🔇 Additional comments (4)
packages/config-parser/src/utils.ts (1)

12-19: Good fix — this is the right blunt tool for the legacy parser.

JSON.parse with raw-string fallback solves typed env overrides (booleans/objects) without breaking non-JSON values.

Based on learnings: in this legacy path, JSON.parse() fallback is intentional, and boolean env overrides are documented as true/false (not 1/0).

packages/matrix-identity-server/src/db/sql/pg.ts (2)

106-121: Good: the pool is no longer published before it is proven alive.

this.db only gets assigned after the verified-pool path resolves, so failed startup no longer leaves a stale pool behind.

156-161: Good: exists() now tells the truth on failure.

Rejecting here surfaces real schema or connectivity errors instead of quietly pretending the table is missing.

packages/matrix-identity-server/src/matrixDb/sql/pg.ts (1)

66-73: Good: MatrixDB now reuses the verified-pool path.

Same initialization rule, same live probe, no half-initialized this.db.

pm-McFly
pm-McFly approved these changes Mar 31, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@pm-McFly pm-McFly left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thx @MontaGhanmy!
You can rebase and merge when you want 👌

@MontaGhanmy MontaGhanmy merged commit 9f76429 into dev Mar 31, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@pm-McFly pm-McFly pm-McFly approved these changes

Assignees

@MontaGhanmy MontaGhanmy

Labels

bug Something does not behave as expected. package::configuration Anything related to config-parser severity::major Some important parts of the project cannot be used.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MontaGhanmy @pm-McFly