Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity

Wrap multi-step DB operations in transactions to prevent partial writes #9

New Issue
Open
opened 2026-04-20 09:35:10 +00:00 by sharang · 0 comments
sharang commented 2026-04-20 09:35:10 +00:00
Owner
Copy Link
Copy Source

Problem

Multi-step database operations that must succeed or fail atomically are executed as separate, unguarded DB calls. If the second call fails, the first write is committed and leaves orphaned or inconsistent data.

Key examples:

  • compliance/services/change_request_engine.py:36-52 — creates a change request record, then updates the source document in separate transactions
  • VVT creation with linked Loeschfrist entries
  • Control creation with associated evidence records

Required Actions

  1. Identify all service methods that perform 2+ DB writes — audit compliance/services/
  2. Wrap each in a db.begin_nested() savepoint or ensure the SQLAlchemy session is committed atomically at the end of the request via a single db.commit()
  3. Verify rollback on exception: use try/except/rollback in every service that mutates multiple tables
  4. Add a utility context manager atomic(db) to enforce this pattern consistently

Acceptance Criteria

  • No service method contains two separate db.commit() calls without explicit rollback handling
  • Test: simulate failure between two writes, verify first write is rolled back
## Problem Multi-step database operations that must succeed or fail atomically are executed as separate, unguarded DB calls. If the second call fails, the first write is committed and leaves orphaned or inconsistent data. Key examples: - `compliance/services/change_request_engine.py:36-52` — creates a change request record, then updates the source document in separate transactions - VVT creation with linked Loeschfrist entries - Control creation with associated evidence records ## Required Actions 1. Identify all service methods that perform 2+ DB writes — audit `compliance/services/` 2. Wrap each in a `db.begin_nested()` savepoint or ensure the SQLAlchemy session is committed atomically at the end of the request via a single `db.commit()` 3. Verify rollback on exception: use `try/except/rollback` in every service that mutates multiple tables 4. Add a utility context manager `atomic(db)` to enforce this pattern consistently ## Acceptance Criteria - No service method contains two separate `db.commit()` calls without explicit rollback handling - Test: simulate failure between two writes, verify first write is rolled back
sharang added this to the M2: Data Integrity & Reliability milestone 2026-04-20 09:35:10 +00:00
sharang added the data-integrityseverity: high labels 2026-04-20 09:35:10 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
config
Env vars, secrets management, startup validation
 data-integrity
Transactions, indexes, pagination
 frontend
Next.js, client-side concerns
 observability
Logging, audit trails, health checks
 reliability
Error handling, retries, circuit breakers
 security
Auth, secrets, injection, tenant isolation
 severity: critical
System-level risk, data breach or full outage
 severity: high
Significant risk, must fix before go-live
 severity: medium
Important but not blocking go-live
 testing
Test coverage, integration tests
No Label data-integrity severity: high
Milestone
No items
No Milestone M2: Data Integrity & Reliability
Projects
Clear projects
No project
Assignees
Clear assignees
sharang (Sharang Parnerkar) Benjamin_Boenisch
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Benjamin_Boenisch/breakpilot-compliance#9
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?