discadmin/disclosure-bureau
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
disclosure-bureau/infra/supabase/migrations/0006_investigator_serial_sequences.sql
Luiz Gustavo 54a26f8db8
Some checks failed
CI / Web — typecheck + lint + build (push) Failing after 46s
Details
CI / Scripts — Python smoke (push) Failing after 4s
Details
CI / Web — npm audit (push) Failing after 34s
Details
CI / Retrieval — golden set (Recall@5 + MRR) (push) Failing after 4s
Details
W3 followup: drop _FOR_WEB token, fix claude CLI args + writer guards, BIGSERIAL grants 
Token consolidation:
- docker-compose web service now reads ${CLAUDE_CODE_OAUTH_TOKEN} directly,
  drop the W1-F8 CLAUDE_CODE_OAUTH_TOKEN_FOR_WEB indirection (user feedback:
  one var name, no _FOR_WEB suffix).

investigator-runtime claude.ts:
- --system-prompt silently dropped by CLI v2.1.150 for multi-KB prompts;
  inline the system content into the user prompt with a separator
  (mirrors scripts/reextract/run.py pattern).
- Multi-line prompts via positional -- broke ("Input must be provided …");
  pipe via stdin instead.
- --allowedTools "" is rejected; when no tools wanted, omit it and explicitly
  --disallowedTools the writer/reader set so the model can't reach for any.

investigator-runtime locard.ts:
- Log the raw response (first 600 chars) to container stderr — saved hours
  of debugging when the writer rejected.
- Grade fallback: when Locard omits `grade` but provides custody_steps,
  infer the highest grade that fits (≥3 → A, ≥2 → B, ≥1 → C).

investigator-runtime write_evidence.ts:
- Filter related_hypotheses entries with empty/null hypothesis_id silently
  (Locard sometimes emits [{}] when it knows no link yet) instead of
  failing the whole write.

Migration 0006_investigator_serial_sequences.sql:
- BIGSERIAL on the 7 investigation tables created auto-sequences
  (evidence_evidence_pk_seq etc) that 0004 forgot to GRANT to the
  investigator role. Without those grants every INSERT failed with
  "permission denied for sequence …". Grant USAGE/SELECT/UPDATE on each
  auto-seq.

Verified live: Locard wrote E-0002 + E-0003 from real Sandia chunks
(green fireball Feb 1949; cobalt particle analysis). Grade B, confidence
high, custody chain of 3 steps with honest gaps. Cost $0.09 for both,
~70s wall.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-23 21:05:35 -03:00

32 lines
851 B
PL/PgSQL
Raw Blame History

-- 0006_investigator_serial_sequences.sql
--
-- BIGSERIAL on each investigation table created auto-sequences (e.g.
-- `evidence_evidence_pk_seq`) that 0004 forgot to GRANT to the investigator
-- role. Without those grants, every INSERT failed with:
-- permission denied for sequence evidence_evidence_pk_seq
--
-- Idempotent. Apply as supabase_admin.
BEGIN;
DO $$
DECLARE
s TEXT;
BEGIN
FOREACH s IN ARRAY ARRAY[
'evidence_evidence_pk_seq',
'hypotheses_hypothesis_pk_seq',
'contradictions_contradiction_pk_seq',
'witnesses_witness_pk_seq',
'gaps_gap_pk_seq',
'residual_uncertainties_ru_pk_seq'
]
LOOP
IF EXISTS (SELECT 1 FROM pg_class WHERE relname = s AND relkind = 'S') THEN
EXECUTE format('GRANT USAGE, SELECT, UPDATE ON SEQUENCE public.%I TO investigator', s);
END IF;
END LOOP;
END
$$;
COMMIT;
Reference in a new issue View git blame Copy permalink