Fix/test enforcement transfer#258
Conversation
…ary (B-052) Add logFinancialEvent instrumentation to the three previously uninstrumented money-movement paths: - mintFromUsdcInternal: emits mint.initiated / mint.completed / mint.failed with amount in cents (USDC), correlationId, and providerRef (blockchain hash) - burnAcbu: emits burn.initiated / burn.processing / burn.failed with amount in stroops (ACBU), correlationId sourced from x-request-id header - salaryService: emits salary.batch.initiated on creation and salary.batch.completed on finish, idempotencyKey propagated from batch All events carry the full FinancialLogPayload schema: transactionId, userId, accountId, amount, currency, idempotencyKey, correlationId, status, timestamp, environment. Closes Pi-Defi-world#167.
…aryItem/SalarySchedule/UserDevice models, add organizationId to Transaction
Feature/gdpr compliance
…age guardrails B-056: Add startup assertions in database.ts that detect when DATABASE_URL is mistakenly set to a Prisma Accelerate URL (prisma://), and emit clear boot logs indicating which connection type is active at runtime vs migration. Document the DATABASE_URL vs PRISMA_ACCELERATE_URL matrix in README.md. B-058: Introduce AES-256-GCM field-level encryption utility (src/utils/piiEncryption.ts) with encrypt/decrypt helpers for string and JSON PII fields, plus a deterministic HMAC search-token function for fields that need indexed lookups (phone, email). Add PII_ENCRYPTION_KEY env var (64-char hex, 256-bit) to config and .env.example. B-063: Add OpenAI usage guardrails service (src/services/ai/openaiGuard.ts) that enforces auth context (orgId required), per-org monthly spend budget backed by MongoDB, and a prompt injection allowlist before every OpenAI API call. Spend is tracked per-org per-month so budget caps survive restarts. Add OPENAI_API_KEY, OPENAI_ORG_MONTHLY_BUDGET_USD, and OPENAI_MAX_TOKENS_PER_REQUEST to env config. Closes Pi-Defi-world#171 Closes Pi-Defi-world#173 Closes Pi-Defi-world#178
…bu116 Mint basket deposit limits use wrong USD proxy
…multi-provider-per-country feat(fintech): multi-provider routing per country with health/failove…
feat(observability): structured financial logging for mint, burn, sal…(B-052)
…liance-and-config-guardrails fix: Prisma URL guardrails, PII field encryption, and OpenAI usage guardrails
jest --passWithNoTests let CI pass silently with zero tests. Switching to jest --coverage means: - CI fails if no tests exist - coverageThreshold for src/services/transfer/ is enforced on every run
|
Warning Rate limit exceeded
To keep reviews running without waiting, you can enable usage-based add-on for your organization. This allows additional reviews beyond the hourly cap. Account admins can enable it under billing. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (2)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
6 participants
closes #152