Skip to content

fix(webapp): grace-stamp runOpsMintKind flips from the global admin flags page#4268

Draft
d-cs wants to merge 3 commits into
mainfrom
fix-global-mint-flag-grace
Draft

fix(webapp): grace-stamp runOpsMintKind flips from the global admin flags page#4268
d-cs wants to merge 3 commits into
mainfrom
fix-global-mint-flag-grace

Conversation

@d-cs

@d-cs d-cs commented Jul 15, 2026

Copy link
Copy Markdown
Collaborator

What

The global feature-flags admin page saved flags with a raw prisma.featureFlag.upsert, so changing runOpsMintKind from that page skipped the grace-window stamping that every other write path applies. The JSON API (applyGlobalMintKindFlip) and the per-org routes (stampMintKindFlip) both record runOpsMintKindPrev + runOpsMintKindFlippedAt under an advisory lock on a genuine flip; the global UI page did not. An ungraced flip lets concurrent processes cross the cutover at different moments — the exact divergence the grace window exists to close.

The two surfaces drifted because the global flag has two independent write paths (the page's inline action and the JSON API), and only the API path was updated when the grace machinery landed. The per-org surface never drifted because its dialog delegates to a shared endpoint.

The fix

Extract a shared replaceGlobalFeatureFlags helper and route the page's action through it:

  • Any runOpsMintKind change goes through applyGlobalMintKindFlip (advisory lock, control-plane-clock flippedAt, prev stamp) — identical grace behavior to the JSON API and per-org routes.
  • The three mint-kind rows are carved out of the raw upsert/delete sweep, so the server-computed stamp is never bare-written from the body nor swept away when a save omits the mint keys.
  • All other flags keep the page's existing replace semantics: submitted flags upsert, omitted flags delete unless protected (locked flags on managed cloud).

Derived stamp fields sent in the body are stripped and recomputed server-side, matching the JSON API.

Testing

New test/globalFeatureFlagsReplace.test.ts (real testcontainers Postgres, no mocks) covers:

  • a runOpsMintKind flip stamps prev + flippedAt (the bug)
  • body-supplied stamp fields are ignored and recomputed
  • the mint trio survives a replace that omits the mint keys
  • non-mint flags keep replace semantics (submitted upserts, omitted deletes)
  • protected omitted flags are not deleted

Written test-first (watched it fail with the function absent, then pass). The existing runOpsMintGlobalFlipLock test stays green. Webapp typecheck is clean for the changed files (an unrelated pre-existing platform.v3.server.ts promo-code type error exists on main).

No user-facing behavior change — this is admin-only tooling correctness — so no .server-changes note.

…lags page

The global feature-flags admin page saved flags with a raw upsert, so
changing runOpsMintKind there skipped the grace-window stamping that the
JSON API (applyGlobalMintKindFlip) and the per-org routes apply. An
ungraced flip lets concurrent processes diverge across the cutover, which
is exactly what the grace window exists to prevent.

Route the page's write through a new shared replaceGlobalFeatureFlags
helper: any runOpsMintKind change goes through applyGlobalMintKindFlip
(advisory lock, control-plane-clock flippedAt, prev stamp), and the three
mint-kind rows are kept out of the raw upsert/delete sweep so the derived
stamp is never bare-written or swept away. Other flags keep the page's
existing replace semantics (submitted upserts, omitted deletes unless
protected).
@changeset-bot

changeset-bot Bot commented Jul 15, 2026

Copy link
Copy Markdown

⚠️ No Changeset found

Latest commit: e5fa79d

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@coderabbitai

coderabbitai Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Walkthrough

The admin feature-flags action now delegates persistence to replaceGlobalFeatureFlags. The new server function handles mint-kind flips through grace-stamped updates, ignores client-provided stamp fields, upserts submitted non-mint flags, and deletes omitted unprotected flags transactionally. Integration tests cover mint flip behavior, idempotency, omission handling, non-mint replacement, and protected flags.

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Title check ✅ Passed It is concise and accurately summarizes the main change: grace-stamping runOpsMintKind flips on the global admin flags page.
Description check ✅ Passed It clearly explains the change and testing, but omits the issue link plus checklist, changelog, and screenshots sections from the template.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix-global-mint-flag-grace

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@d-cs d-cs self-assigned this Jul 15, 2026
@pkg-pr-new

pkg-pr-new Bot commented Jul 15, 2026

Copy link
Copy Markdown

Open in StackBlitz

@trigger.dev/build

npm i https://pkg.pr.new/@trigger.dev/build@c140249

trigger.dev

npm i https://pkg.pr.new/trigger.dev@c140249

@trigger.dev/core

npm i https://pkg.pr.new/@trigger.dev/core@c140249

@trigger.dev/python

npm i https://pkg.pr.new/@trigger.dev/python@c140249

@trigger.dev/react-hooks

npm i https://pkg.pr.new/@trigger.dev/react-hooks@c140249

@trigger.dev/redis-worker

npm i https://pkg.pr.new/@trigger.dev/redis-worker@c140249

@trigger.dev/rsc

npm i https://pkg.pr.new/@trigger.dev/rsc@c140249

@trigger.dev/schema-to-json

npm i https://pkg.pr.new/@trigger.dev/schema-to-json@c140249

@trigger.dev/sdk

npm i https://pkg.pr.new/@trigger.dev/sdk@c140249

commit: c140249

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
apps/webapp/app/routes/admin.feature-flags.tsx (1)

236-254: 🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

Hide the grace-stamp flags from the global admin controls. runOpsMintKindPrev and runOpsMintKindFlippedAt are still rendered as editable fields here, but replaceGlobalFeatureFlags strips them on save, so edits are discarded with no feedback. Add them to GLOBAL_LOCKED_FLAGS or omit them from this page.

🧹 Nitpick comments (1)
apps/webapp/app/v3/featureFlags.server.ts (1)

12-19: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Export GLOBAL_MINT_KEYS instead of duplicating the trio in the test. Both sites define the identical mint-trio key list; since the production constant isn't exported, the test keeps its own copy, which can silently drift out of sync if the trio ever changes.

  • apps/webapp/app/v3/featureFlags.server.ts#L12-L19: add export to GLOBAL_MINT_KEYS.
  • apps/webapp/test/globalFeatureFlagsReplace.test.ts#L14-L18: import GLOBAL_MINT_KEYS from ~/v3/featureFlags.server instead of redefining MINT_KEYS locally.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: dd000231-5555-4771-841d-dc1a289b8691

📥 Commits

Reviewing files that changed from the base of the PR and between 976171e and e5fa79d.

📒 Files selected for processing (3)
  • apps/webapp/app/routes/admin.feature-flags.tsx
  • apps/webapp/app/v3/featureFlags.server.ts
  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
📜 Review details
⏰ Context from checks skipped due to timeout. (16)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (9, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (2, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (3, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (7, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (10, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (8, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (11, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (12, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (5, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (6, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (4, 12)
  • GitHub Check: webapp / 🧪 Unit Tests: Webapp (1, 12)
  • GitHub Check: typecheck / typecheck
  • GitHub Check: e2e-webapp / 🧪 E2E Tests: Webapp
  • GitHub Check: code-quality / code-quality
  • GitHub Check: Analyze (javascript-typescript)
🧰 Additional context used
📓 Path-based instructions (12)
**/*.{ts,tsx}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

**/*.{ts,tsx}: Use types over interfaces for TypeScript
Avoid using enums; prefer string unions or const objects instead

**/*.{ts,tsx}: Prefer static imports over dynamic import(); use dynamic imports only for unresolvable circular dependencies, genuine performance code splitting, or conditional runtime loading.
Import Trigger.dev tasks from @trigger.dev/sdk; never use @trigger.dev/sdk/v3 or deprecated client.defineJob.
Add agentcrumbs while writing code using approved namespaces; mark lines with // @Crumbs or blocks with `// `#region` `@crumbs, and strip them before merging.

Files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
{packages/core,apps/webapp}/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Use zod for validation in packages/core and apps/webapp

Files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Use function declarations instead of default exports

Files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
apps/webapp/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/webapp.mdc)

apps/webapp/**/*.{ts,tsx}: Access environment variables through the env export of env.server.ts instead of directly accessing process.env
Use subpath exports from @trigger.dev/core package instead of importing from the root @trigger.dev/core path

Do not reintroduce the removed v1 execution path; RunEngineVersion.V1 branches may only reject or finalize gracefully so v3 clients receive a clean 4xx, never a 5xx.

Files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
apps/webapp/app/**/*.{ts,tsx}

📄 CodeRabbit inference engine (apps/webapp/CLAUDE.md)

apps/webapp/app/**/*.{ts,tsx}: For dashboard changes, visually verify the local webapp with Chrome DevTools MCP while the app is running via pnpm run dev --filter webapp; use snapshots, screenshots, interaction, and console checks as appropriate.
Use useCallback and useMemo only for context provider values, expensive derived data that is a dependency elsewhere, or stable references required by a dependency array; do not wrap ordinary event handlers or trivial computations.
Use named constants for sentinel or placeholder values instead of scattering raw string literals across comparisons.

Files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
  • apps/webapp/app/v3/featureFlags.server.ts
apps/**/*.{ts,tsx}

📄 CodeRabbit inference engine (AGENTS.md)

For apps, use typecheck for verification and never use build as the correctness check.

Files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
**/*.{test,spec}.{ts,tsx}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Use vitest for all tests in the Trigger.dev repository

**/*.{test,spec}.{ts,tsx}: Use Vitest exclusively and never mock dependencies; use Testcontainers for integration dependencies.
Place test files next to the source files they test.

Files:

  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
**/*.ts

📄 CodeRabbit inference engine (.cursor/rules/otel-metrics.mdc)

**/*.ts: When creating or editing OTEL metrics (counters, histograms, gauges), ensure metric attributes have low cardinality by using only enums, booleans, bounded error codes, or bounded shard IDs
Do not use high-cardinality attributes in OTEL metrics such as UUIDs/IDs (envId, userId, runId, projectId, organizationId), unbounded integers (itemCount, batchSize, retryCount), timestamps (createdAt, startTime), or free-form strings (errorMessage, taskName, queueName)
When exporting OTEL metrics via OTLP to Prometheus, be aware that the exporter automatically adds unit suffixes to metric names (e.g., 'my_duration_ms' becomes 'my_duration_ms_milliseconds', 'my_counter' becomes 'my_counter_total'). Account for these transformations when writing Grafana dashboards or Prometheus queries

Files:

  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
apps/webapp/**/*.test.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/webapp.mdc)

Do not import env.server.ts directly or indirectly into test files; instead pass environment-dependent values through options/parameters to make code testable

Files:

  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
apps/webapp/app/**/*.ts

📄 CodeRabbit inference engine (apps/webapp/CLAUDE.md)

apps/webapp/app/**/*.ts: Never use request.signal to detect client disconnects. Use getRequestAbortSignal() from app/services/httpAsyncStorage.server.ts, including in route handlers and SSE or other server-side code.
Access environment variables through the env export from app/env.server.ts; never use process.env directly.

Files:

  • apps/webapp/app/v3/featureFlags.server.ts
apps/webapp/app/v3/**/*.ts

📄 CodeRabbit inference engine (apps/webapp/CLAUDE.md)

New code must target Run Engine V2 through the singleton in app/v3/runEngine.server.ts; do not reintroduce V1 execution paths. V1 branches may only reject or finalize gracefully with a 4xx rather than a 5xx.

Files:

  • apps/webapp/app/v3/featureFlags.server.ts
apps/webapp/app/**/*.server.ts

📄 CodeRabbit inference engine (apps/webapp/CLAUDE.md)

Always use Prisma findFirst instead of findUnique.

Files:

  • apps/webapp/app/v3/featureFlags.server.ts
🧠 Learnings (25)
📚 Learning: 2026-02-03T18:27:40.429Z
Learnt from: 0ski
Repo: triggerdotdev/trigger.dev PR: 2994
File: apps/webapp/app/routes/_app.orgs.$organizationSlug.projects.$projectParam.env.$envParam.environment-variables/route.tsx:553-555
Timestamp: 2026-02-03T18:27:40.429Z
Learning: In apps/webapp/app/routes/_app.orgs.$organizationSlug.projects.$projectParam.env.$envParam.environment-variables/route.tsx, the menu buttons (e.g., Edit with PencilSquareIcon) in the TableCellMenu are intentionally icon-only with no text labels as a compact UI pattern. This is a deliberate design choice for this route; preserve the icon-only behavior for consistency in this file.

Applied to files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
📚 Learning: 2026-02-11T16:37:32.429Z
Learnt from: matt-aitken
Repo: triggerdotdev/trigger.dev PR: 3019
File: apps/webapp/app/components/primitives/charts/Card.tsx:26-30
Timestamp: 2026-02-11T16:37:32.429Z
Learning: In projects using react-grid-layout, avoid relying on drag-handle class to imply draggability. Ensure drag-handle elements only affect dragging when the parent grid item is configured draggable in the layout; conditionally apply cursor styles based on the draggable prop. This improves correctness and accessibility.

Applied to files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
📚 Learning: 2026-03-22T13:26:12.060Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3244
File: apps/webapp/app/components/code/TextEditor.tsx:81-86
Timestamp: 2026-03-22T13:26:12.060Z
Learning: In the triggerdotdev/trigger.dev codebase, do not flag `navigator.clipboard.writeText(...)` calls for `missing-await`/`unhandled-promise` issues. These clipboard writes are intentionally invoked without `await` and without `catch` handlers across the project; keep that behavior consistent when reviewing TypeScript/TSX files (e.g., usages like in `apps/webapp/app/components/code/TextEditor.tsx`).

Applied to files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
📚 Learning: 2026-03-22T19:24:14.403Z
Learnt from: matt-aitken
Repo: triggerdotdev/trigger.dev PR: 3187
File: apps/webapp/app/v3/services/alerts/deliverErrorGroupAlert.server.ts:200-204
Timestamp: 2026-03-22T19:24:14.403Z
Learning: In the triggerdotdev/trigger.dev codebase, webhook URLs are not expected to contain embedded credentials/secrets (e.g., fields like `ProjectAlertWebhookProperties` should only hold credential-free webhook endpoints). During code review, if you see logging or inclusion of raw webhook URLs in error messages, do not automatically treat it as a credential-leak/secrets-in-logs issue by default—first verify the URL does not contain embedded credentials (for example, no username/password in the URL, no obvious secret/token query params or fragments). If the URL is credential-free per this project’s conventions, allow the logging.

Applied to files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
📚 Learning: 2026-05-18T08:21:27.694Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3632
File: apps/webapp/sentry.server.ts:4-21
Timestamp: 2026-05-18T08:21:27.694Z
Learning: When handling Prisma error P1001 ("Can't reach database server") in TypeScript, don’t assume a single error shape. Prisma can surface P1001 via two different error classes/fields: `PrismaClientKnownRequestError` exposes it as `err.code === "P1001"` (common during mid-query connection drops), while `PrismaClientInitializationError` exposes it as `err.errorCode === "P1001"` (common on client startup failure). Therefore, predicates should use `err.code === "P1001" || err.errorCode === "P1001"`. Do not flag `err.code === "P1001"` as “unreachable/never matches,” as it is expected in production.

Applied to files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
📚 Learning: 2026-05-18T08:21:27.694Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3632
File: apps/webapp/sentry.server.ts:4-21
Timestamp: 2026-05-18T08:21:27.694Z
Learning: When handling Prisma errors for P1001 ("Can't reach database server"), do not assume it only appears under a single property name. Prisma may surface P1001 via either `PrismaClientKnownRequestError` (`err.code === "P1001"`, e.g., mid-query connection drops) or `PrismaClientInitializationError` (`err.errorCode === "P1001"`, e.g., client startup connection failure). To reliably detect the condition, check `err.code === "P1001" || err.errorCode === "P1001"`, and avoid review rules that would incorrectly flag `err.code === "P1001"` as unreachable/never-matching.

Applied to files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
📚 Learning: 2026-06-13T19:53:13.759Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3937
File: packages/trigger-sdk/skills/realtime-and-frontend/SKILL.md:258-260
Timestamp: 2026-06-13T19:53:13.759Z
Learning: When reviewing code that uses `trigger.dev/react-hooks`’s `useRealtimeRun`, preserve the call signature where the first argument is the full realtime handle object (not `handle.id`). This is intentional to maintain type-safety and is consistent with the official docs; do not suggest changing the first argument from the handle object to `handle.id`.

Applied to files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
📚 Learning: 2026-06-17T17:13:49.929Z
Learnt from: matt-aitken
Repo: triggerdotdev/trigger.dev PR: 3948
File: apps/webapp/app/routes/_app.orgs.$organizationSlug.projects.$projectParam.env.$envParam.bulk-actions.$bulkActionParam/route.tsx:48-62
Timestamp: 2026-06-17T17:13:49.929Z
Learning: In triggerdotdev/trigger.dev, within `dashboardLoader`/`dashboardAction` (or similar context resolver code) whenever you resolve an organization ID from an organization slug for RBAC/enterprise authorization scope, always read from the primary Prisma client (`prisma`), not `$replica`. Using `$replica` can hit replica-lag and cause the RBAC lookup/authorization to run without the correct org scope (bypassing intended role enforcement). Implement the slug→org lookup with `prisma.organization.findFirst(...)` (or equivalent primary-client query) and add an inline comment documenting why the primary client is required (replica lag could lead to unscoped RBAC checks).

Applied to files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
📚 Learning: 2026-06-23T13:04:21.413Z
Learnt from: carderne
Repo: triggerdotdev/trigger.dev PR: 4023
File: apps/webapp/app/services/upsertBranch.server.ts:14-18
Timestamp: 2026-06-23T13:04:21.413Z
Learning: In TypeScript, it’s valid to `import { type X }` and then use `typeof X` in a type-only position, e.g. `type Alias = z.infer<typeof X>`. The `type` modifier suppresses the runtime import, but the type checker still has the full exported type so `z.infer<typeof X>` can resolve correctly. In code reviews, don’t flag this as a TypeScript compile error as long as `typeof X` is used in a type context (e.g., with `z.infer`, `type` aliases, generics), not as a runtime value.

Applied to files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
📚 Learning: 2026-05-08T21:00:20.973Z
Learnt from: samejr
Repo: triggerdotdev/trigger.dev PR: 3538
File: apps/webapp/app/components/primitives/Resizable.tsx:60-78
Timestamp: 2026-05-08T21:00:20.973Z
Learning: In the triggerdotdev/trigger.dev codebase, treat Zod as a boundary validation tool (API handlers, request/response validation, and storage/DB read/write validation), not as inline render-time validation inside React components/primitive UI code. For render-time guards, prefer small manual type-narrowing checks (e.g., a short predicate like ~10–20 lines) over importing Zod into UI primitives, to avoid per-render schema-parse overhead and unnecessary abstraction. Use the manual guard approach unless you truly need schema validation at a boundary; only then introduce Zod.

Applied to files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
📚 Learning: 2026-06-25T18:21:55.847Z
Learnt from: carderne
Repo: triggerdotdev/trigger.dev PR: 4039
File: apps/webapp/app/routes/invite-resend.tsx:0-0
Timestamp: 2026-06-25T18:21:55.847Z
Learning: In the triggerdotdev/trigger.dev Zod 4 migration, avoid importing from the root package `conform-to/zod` in webapp code. It can resolve to the Zod 3 build and may crash at module load under Zod 4. When reviewing TypeScript/TSX files in `apps/webapp`, prefer importing from the Zod 4 subpath `conform-to/zod/v4` for Zod 4-compatible schemas/types.

Applied to files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
📚 Learning: 2026-05-12T21:04:05.815Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3542
File: apps/webapp/app/components/sessions/v1/SessionStatus.tsx:1-3
Timestamp: 2026-05-12T21:04:05.815Z
Learning: In this Remix + TypeScript codebase, do not flag a server/client boundary violation when a file imports only types from a module matching `*.server`.

Specifically, it’s safe to import types using `import type { Foo } from "*.server"` or `import { type Foo } from "*.server"` because TypeScript erases type-only imports at compile time and they emit no JavaScript, so they won’t cross the Remix server/client bundle boundary.

Only raise the boundary concern for value imports (e.g., `import { Foo }` without `type`, or `import Foo`), since those produce JavaScript output.

Applied to files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
📚 Learning: 2026-06-25T18:21:51.905Z
Learnt from: carderne
Repo: triggerdotdev/trigger.dev PR: 4039
File: apps/webapp/app/routes/invite-revoke.tsx:0-0
Timestamp: 2026-06-25T18:21:51.905Z
Learning: During the Zod v4 migration in the triggerdotdev/trigger.dev webapp, ensure any imports from `conform-to/zod` use the Zod-4 subpath: `conform-to/zod/v4` (e.g., `import { parseWithZod } from "conform-to/zod/v4"`). Do not import from the package root `conform-to/zod`, because it is the Zod 3 implementation and may load Zod-3-only symbols (e.g., `ZodBranded`, `ZodEffects`), which can throw at module load (notably with `zod4.4.3`). This should be enforced across `apps/webapp/**/*` where helpers like `parseWithZod` and `conformZodMessage` are used.

Applied to files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
📚 Learning: 2026-07-03T17:10:21.498Z
Learnt from: 0ski
Repo: triggerdotdev/trigger.dev PR: 4148
File: apps/webapp/app/models/orgMember.server.ts:149-168
Timestamp: 2026-07-03T17:10:21.498Z
Learning: In triggerdotdev/trigger.dev, `User.email` (Prisma schema: `internal-packages/database/prisma/schema.prisma`) currently does NOT use `citext` and does NOT have a `lower(email)` functional unique index. Therefore, do not introduce Prisma queries like `where: { email: { equals: <value>, mode: "insensitive" } }` (or any case-insensitive lookup) against `User.email`, because it can force sequential scans of the `users` table under load. During review, ensure email is normalized (e.g., lowercased/trimmed) before both writes and subsequent lookups, and if true case-insensitive behavior/uniqueness is required, implement it via a separate app-wide migration (e.g., switch to `citext` and/or add a functional unique index with backfill) rather than bolting it onto individual feature PRs.

Applied to files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
📚 Learning: 2026-06-25T18:21:54.729Z
Learnt from: carderne
Repo: triggerdotdev/trigger.dev PR: 4039
File: apps/webapp/app/routes/confirm-basic-details.tsx:0-0
Timestamp: 2026-06-25T18:21:54.729Z
Learning: For Remix + TypeScript files that use Conform v1 (conform-to/react) and its getInputProps helper, when you intend to suppress the helper-provided default value for non-checkbox/non-radio inputs (e.g., hidden inputs managed via an explicit value prop), use the Conform v1 option key `value: false`. Do not recommend `defaultValue: false` here, because `defaultValue` is not a valid option key for these input types in Conform v1 typings.

Applied to files:

  • apps/webapp/app/routes/admin.feature-flags.tsx
📚 Learning: 2026-05-07T12:25:18.271Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3531
File: apps/webapp/test/sentryTraceContext.server.test.ts:9-47
Timestamp: 2026-05-07T12:25:18.271Z
Learning: In the triggerdotdev/trigger.dev webapp test suite, it is acceptable to leave `createInMemoryTracing()` calls that register a global `NodeTracerProvider` without `afterEach`/`afterAll` teardown. Do not flag this as a test-ordering risk when the code follows the established pattern used across webapp tests (e.g., replication service/benchmark/backfiller tests). This is considered safe because `trace.getActiveSpan()` when called outside a `context.with(...)` block reads `AsyncLocalStorage.getStore()` (undefined when no `run()` scope exists), so it falls back to `ROOT_CONTEXT` with no attached span—regardless of which provider is registered.

Applied to files:

  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
📚 Learning: 2026-05-28T20:02:10.647Z
Learnt from: myftija
Repo: triggerdotdev/trigger.dev PR: 3772
File: apps/webapp/test/findOrCreateBackgroundWorker.test.ts:1-1
Timestamp: 2026-05-28T20:02:10.647Z
Learning: In the triggerdotdev/trigger.dev monorepo, for the `apps/webapp` package use the established convention of storing Vitest tests (unit, integration, and e2e) under `apps/webapp/test/` rather than colocating them next to source files. Do not flag files located in `apps/webapp/test/` as violating any rule that says to colocate tests with source.

Applied to files:

  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
📚 Learning: 2026-05-18T14:40:02.173Z
Learnt from: ericallam
Repo: triggerdotdev/trigger.dev PR: 3658
File: packages/core/src/v3/realtimeStreams/manager.test.ts:1-147
Timestamp: 2026-05-18T14:40:02.173Z
Learning: In the triggerdotdev/trigger.dev repo, the policy “Never mock anything — use testcontainers instead” should only be enforced for integration tests that interact with real external services (e.g., Redis, Postgres) via actual infrastructure. For unit tests that exercise pure in-memory logic (e.g., cache semantics) it is OK to stub collaborators such as `ApiClient` using Vitest (`vi.fn()`) to assert call counts or control behavior. Do not flag `vi.fn()`-based `ApiClient` stubs in unit tests as violations of the testcontainers policy.

Applied to files:

  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
📚 Learning: 2026-06-04T18:16:35.386Z
Learnt from: nicktrn
Repo: triggerdotdev/trigger.dev PR: 3836
File: apps/supervisor/src/backpressure/backpressureMonitor.ts:3-5
Timestamp: 2026-06-04T18:16:35.386Z
Learning: When reviewing TypeScript in this repo, apply the rule “prefer type aliases over interfaces” only to data/object shapes and union/intersection type modeling. If an interface is being used as a behavioral contract for collaborators to implement (e.g., method-shape interfaces that define required behavior, such as `BackpressureLogger` / `BackpressureSignalSource` in `apps/supervisor/src/backpressure/backpressureMonitor.ts`), keep it as an `interface` and do not flag it as a type-alias-vs-interface violation.

Applied to files:

  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
📚 Learning: 2026-06-09T17:58:04.699Z
Learnt from: 0ski
Repo: triggerdotdev/trigger.dev PR: 3879
File: apps/webapp/app/models/vercelIntegration.server.ts:619-630
Timestamp: 2026-06-09T17:58:04.699Z
Learning: In this codebase, outbound raw `fetch` calls should typically rely on Node/undici’s default request timeout (about ~300s) rather than adding a per-call `AbortController` + `setTimeout` wrapper inside individual functions (e.g. in files like `apps/webapp/app/models/vercelIntegration.server.ts`). During code review, do not flag the absence of a per-call timeout on a single `fetch` as an issue; if per-call timeouts are needed, they should be implemented via a codebase-wide convention (e.g., a shared fetch wrapper or documented pattern) rather than ad-hoc per-function changes.

Applied to files:

  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
  • apps/webapp/app/v3/featureFlags.server.ts
📚 Learning: 2026-06-16T09:19:47.637Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3960
File: apps/webapp/test/prismaInfrastructureErrorCapture.test.ts:0-0
Timestamp: 2026-06-16T09:19:47.637Z
Learning: In this repo’s Vitest setup, `vitest.config.ts` uses `globals: true`, so identifiers like `vi`, `describe`, `it`, and `expect` are available as globals in Vitest test files. During code review, do not flag missing `vi`/`describe`/`it`/`expect` imports as a runtime error or correctness issue when they’re used in `*.test.ts/tsx` or `*.spec.ts/tsx` files. Explicit imports are still preferred for consistency, but they’re not required for runtime behavior.

Applied to files:

  • apps/webapp/test/globalFeatureFlagsReplace.test.ts
📚 Learning: 2026-03-29T19:16:28.864Z
Learnt from: nicktrn
Repo: triggerdotdev/trigger.dev PR: 3291
File: apps/webapp/app/v3/featureFlags.ts:53-65
Timestamp: 2026-03-29T19:16:28.864Z
Learning: When reviewing TypeScript code that uses Zod v3, treat `z.coerce.*()` schemas as their direct Zod type (e.g., `z.coerce.boolean()` returns a `ZodBoolean` with `_def.typeName === "ZodBoolean"`) rather than a `ZodEffects`. Only `.preprocess()`, `.refine()`/`.superRefine()`, and `.transform()` are expected to wrap schemas in `ZodEffects`. Therefore, in reviewers’ logic like `getFlagControlType`, do not flag/unblock failures that require unwrapping `ZodEffects` when the input schema is a `z.coerce.*` schema.

Applied to files:

  • apps/webapp/app/v3/featureFlags.server.ts
📚 Learning: 2026-06-09T16:27:26.195Z
Learnt from: myftija
Repo: triggerdotdev/trigger.dev PR: 3878
File: apps/webapp/app/v3/services/computeTemplateCreation.server.ts:0-0
Timestamp: 2026-06-09T16:27:26.195Z
Learning: When working in triggerdotdev/trigger.dev code related to worker-group/region default resolution (e.g., defaultWorkerInstanceGroupId handling used by getGlobalDefaultWorkerGroup, getDefaultWorkerGroupForProject, and RegionsPresenter), do NOT add org-level featureFlags overrides in only one resolution site. That can cause template creation routing/decisions to diverge from actual run routing. If org-level override of the default region/worker group is required, it must be centralized in getGlobalDefaultWorkerGroup so every resolution path remains aligned.

Applied to files:

  • apps/webapp/app/v3/featureFlags.server.ts
📚 Learning: 2026-05-05T09:38:02.512Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3523
File: apps/webapp/app/routes/api.v3.batches.ts:178-181
Timestamp: 2026-05-05T09:38:02.512Z
Learning: When reviewing code that catches `ServiceValidationError` in `*.server.ts` files, do not blindly forward `error.status` to HTTP responses, because SVEs may be thrown with non-default statuses (e.g., 400/500) and forwarding them can cause client-visible behavioral regressions (e.g., surfacing 500s to clients). Prefer a safe default response status of `error.status ?? 422`, but only after confirming via the reachable call graph that the caught `ServiceValidationError` instances are expected to carry those non-default statuses; otherwise, normalize to `422` to avoid unexpected client-visible 5xx behavior.

Applied to files:

  • apps/webapp/app/v3/featureFlags.server.ts
📚 Learning: 2026-05-14T08:21:07.614Z
Learnt from: d-cs
Repo: triggerdotdev/trigger.dev PR: 3614
File: apps/webapp/app/v3/mollifier/mollifierGate.server.ts:48-52
Timestamp: 2026-05-14T08:21:07.614Z
Learning: When using Trigger.dev v3 feature flags in the webapp, prefer the existing per-org gating mechanism supported by `flag()` via the `overrides` argument. Pass `Organization.featureFlags` (from `environment.organization.featureFlags`) as the `overrides` value; overrides must take precedence over the global `featureFlag` row. Do not require schema changes or add an `orgId` field to `FlagsOptions` for per-org gating—use the overrides pattern consistently (e.g., in gate flows like `resolveOrgFlag` and any server code that threads `environment.organization.featureFlags` into the gate call).

Applied to files:

  • apps/webapp/app/v3/featureFlags.server.ts
🔇 Additional comments (1)
apps/webapp/app/routes/admin.feature-flags.tsx (1)

14-22: LGTM!

Also applies to: 123-131

Comment on lines +205 to +256
export async function replaceGlobalFeatureFlags(
client: PrismaClient,
params: {
requestedFlags: Partial<z.infer<typeof FeatureFlagCatalogSchema>>;
catalogKeys: FeatureFlagKey[];
isProtected: (key: FeatureFlagKey) => boolean;
graceMs: number;
}
): Promise<void> {
// Derived grace-stamp fields are computed server-side; never trust them from the body.
const {
runOpsMintKindPrev: _ignoredPrev,
runOpsMintKindFlippedAt: _ignoredFlippedAt,
...requestedFlags
} = params.requestedFlags;

if (requestedFlags.runOpsMintKind !== undefined) {
await applyGlobalMintKindFlip(
client,
{ [FEATURE_FLAG.runOpsMintKind]: requestedFlags.runOpsMintKind },
params.graceMs
);
}

const upsertOps: ReturnType<typeof client.featureFlag.upsert>[] = [];
const keysToDelete: string[] = [];

for (const key of params.catalogKeys) {
if (GLOBAL_MINT_KEYS.includes(key)) {
continue;
}
if (key in requestedFlags) {
const value = (requestedFlags as Record<string, unknown>)[key];
upsertOps.push(
client.featureFlag.upsert({
where: { key },
create: { key, value: value as any },
update: { value: value as any },
})
);
} else if (!params.isProtected(key)) {
keysToDelete.push(key);
}
}

await client.$transaction([
...upsertOps,
...(keysToDelete.length > 0
? [client.featureFlag.deleteMany({ where: { key: { in: keysToDelete } } })]
: []),
]);
}

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🗄️ Data Integrity & Integration | 🟠 Major | 🏗️ Heavy lift

🧩 Analysis chain

🌐 Web query:

Does Prisma support calling $transaction from inside an already-open interactive $transaction callback?

💡 Result:

Yes, Prisma supports calling $transaction from inside an already-open interactive $transaction callback as of version 7.5.0, released in March 2026 [1]. This functionality allows for nested interactive transactions in SQL databases (PostgreSQL, MySQL, SQLite, and SQL Server) by utilizing database savepoints [1][2]. When you invoke $transaction within an existing interactive transaction, Prisma manages the transaction depth and automatically uses savepoints to support nested rollback behavior [2]. This means that if an inner transaction fails, only its changes are rolled back, rather than the entire outer transaction [1][2]. Please note that this feature is specifically supported for SQL providers; MongoDB does not support nested transactions [2]. Prior to this update, attempting to nest $transaction calls was not supported and would typically result in errors or unintended behavior [3].

Citations:


Make the mint flip and flag sweep atomic
replaceGlobalFeatureFlags commits applyGlobalMintKindFlip and the remaining flag writes in separate transactions. If the second step fails, runOpsMintKind stays persisted while the rest of the submitted changes are dropped, leaving the admin action half-applied. Fold both writes into one transaction by letting the mint-flip helper accept a tx client (or an equivalent internal variant).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant