Skip to content

Fix critical auth, billing, and data safety regressions#110

Draft
cursor[bot] wants to merge 2 commits into
mainfrom
cursor/critical-bug-investigation-415a
Draft

Fix critical auth, billing, and data safety regressions#110
cursor[bot] wants to merge 2 commits into
mainfrom
cursor/critical-bug-investigation-415a

Conversation

@cursor

@cursor cursor Bot commented Jun 28, 2026

Copy link
Copy Markdown
Contributor

Bug and impact

  • Project milestone PATCH/DELETE authenticated users but mutated milestones by ID alone, allowing cross-project milestone modification/deletion.
  • Code completion fallback snippets queried all analyzed repository summaries without auth or tenant scope, leaking cross-user code summaries.
  • Scaffold, legacy analysis, Build This App, App Idea Chat, and Pattern Analyzer could mischarge, skip charges, fail to refund failed paid work, or report success after incomplete generated output.
  • Analysis reruns deleted saved blueprints before replacement output was safely persisted, risking data loss on AI truncation or insert failure.
  • Credit helpers used read-modify-write balance updates, allowing concurrent deductions/grants to corrupt balances; Stripe webhook retries could duplicate grants.
  • Fresh schema bootstrap defined subscriptions.plan twice, breaking initialization.

Root cause

Recent feature work added high-blast-radius project, AI, billing, and streaming paths without consistently carrying authenticated user scope through SQL mutations, without atomic credit accounting, and without fail-closed handling for partial AI/provider failures.

Fix

  • Scope milestone updates/deletes through projects.user_id and route project ID.
  • Require auth and user-scoped snippet fallback for code completion.
  • Charge authenticated users before paid AI work, refund failed charged work, and reject false-success build/analysis output.
  • Make GitHub build repos private, dedupe generated paths, and throw on push/generation failures.
  • Replace blueprints atomically in one SQL statement only after complete non-truncated AI output.
  • Make credit mutations conditional/atomic and add metadata idempotency for Stripe grants.
  • Remove duplicate subscriptions.plan schema definition.

Validation

  • pnpm exec tsc --noEmit passed.
  • Targeted ESLint passed for changed runtime files; only the pre-existing lib/queries.ts unused allowed warning remains.
  • Local dev-server unauthenticated checks returned 401 for code completion, legacy analysis, pattern analyzer, milestone PATCH, and an SSE error for Build This App.
  • Focused Node invariant harness passed for milestone owner SQL, code-completion tenant scope, authenticated billing/refunds, Build This App private/error behavior, atomic blueprint replacement, atomic credit deduction, Stripe idempotency keys, and schema plan definition.
Open in Web View Automation 

cursoragent and others added 2 commits June 28, 2026 11:08
Co-authored-by: Cole Collins <DealPatrol@users.noreply.github.com>
Co-authored-by: Cole Collins <DealPatrol@users.noreply.github.com>
@vercel

vercel Bot commented Jun 28, 2026

Copy link
Copy Markdown
Contributor

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
repo-app-architect Ready Ready Preview, Comment Jun 28, 2026 11:11am
repofuse Ready Ready Preview, Comment, Open in v0 Jun 28, 2026 11:11am
v0-repo-app-architect Ready Ready Preview, Comment, Open in v0 Jun 28, 2026 11:11am

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant