feat: PostgreSQL-backed config persistence

[BillChirico]

Summary

Adds PostgreSQL-backed configuration persistence so bot settings can be changed remotely via Discord slash commands without redeployment.

Changes

• src/db.js — New PostgreSQL connection pool module with auto-schema creation
• src/modules/config.js — Refactored to load/save config from PostgreSQL with config.json as seed/fallback
• src/commands/config.js — Extended with /config set and /config reset subcommands + autocomplete
• src/index.js — Async startup sequence: DB init → config load → event registration → login
• package.json — Added pg dependency

How it works

1. On first boot with DATABASE_URL set, seeds the config table from config.json
2. All subsequent boots load config from PostgreSQL
3. /config set ai.model gpt-4o updates both DB and in-memory config (no restart needed)
4. /config reset [section] reverts to config.json defaults
5. Without DATABASE_URL, falls back gracefully to file-based config

Railway Setup

Set DATABASE_URL environment variable in Railway:

DATABASE_URL=postgresql://user:pass@host:5432/dbname

Slash Commands

• /config view [section] — View current config
• /config set <path> <value> — Set a value (e.g., ai.model, welcome.enabled)
• /config reset [section] — Reset to config.json defaults

[coderabbitai]

Warning

Rate limit exceeded

@BillChirico has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 14 minutes and 42 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 2058658 and 78a89a8.

📒 Files selected for processing (2)

• src/commands/config.js
• src/modules/config.js

📝 Walkthrough

Walkthrough

Adds PostgreSQL support and DB-backed configuration with file fallback; refactors the /config command into view/set/reset with autocomplete and truncation; converts startup to an asynchronous flow that initializes DB, loads config/state, enhances interaction handling (including autocomplete and permission checks), and exposes pending-request and DB lifecycle helpers.

Changes

Cohort / File(s)	Summary
Package & DB module package.json, src/db.js	Added runtime dependency pg (^8.18.0). New src/db.js provides initDb(), getPool(), and closeDb() to manage a PostgreSQL Pool, SSL handling, connection verification, pool error handling, and ensures a config table schema.
Configuration core (DB-backed) src/modules/config.js	Reworked config to prefer DB with config.json fallback. Added loadConfigFromFile(), async loadConfig(), in-memory configCache, and public APIs getConfig(), setConfigValue(path, value), and resetConfig(section). Includes path validation, value parsing/coercion, nested-path updates, DB persistence when available, and enhanced error/logging paths.
Config command src/commands/config.js	Refactored /config into view, set, and reset subcommands. Added export async function autocomplete(interaction) for dot-path suggestions, leaf-path generation, handlers handleView/handleSet/handleReset, top-level section validation, embed truncation/notice logic, and unified reply/error handling.
Startup & runtime src/index.js	Replaced sync startup with async startup() that conditionally calls initDb() (when DATABASE_URL set), awaits loadConfig() and state loading, registers event handlers after config is ready, loads commands, and logs in. Added registerPendingRequest() and removePendingRequest(), interaction autocomplete routing, permission checks, structured command error responses, and graceful shutdown that closes the DB pool.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the main feature: adding PostgreSQL-backed configuration persistence, which is the primary objective of the changeset.
Description check	✅ Passed	The description is comprehensive and directly related to the changeset, detailing the new PostgreSQL persistence feature, file modifications, implementation flow, and setup instructions.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/db-config

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 11

🤖 Fix all issues with AI agents

In `@src/commands/config.js`:
- Line 9: VALID_SECTIONS is duplicated across the file; derive the command
choices from it to avoid drift by creating a SECTION_CHOICES array (mapping
VALID_SECTIONS to objects with capitalized name and value) and then replace the
literal arrays passed to .addChoices(...) in both subcommands with
.addChoices(...SECTION_CHOICES); update any references to the old literal choice
arrays to use SECTION_CHOICES and keep the VALID_SECTIONS constant as the single
source of truth.
- Around line 82-88: The autocomplete currently only captures one nesting level
when building paths in the loop in src/commands/config.js (the
Object.entries/config loop) so deep keys like ai.providers.openai aren’t
suggested; add a recursive helper (e.g., flattenConfigKeys or collectPaths) that
walks nested objects and emits full dot-paths for each leaf, call it when
iterating over each section instead of only using Object.keys(value), and ensure
its output is pushed into the paths array so autocomplete matches
setConfigValue’s dot-notation support.
- Around line 148-161: The current loop that builds the embed (using
embed.setDescription, iterating over config and calling embed.addFields) can
produce an embed payload exceeding Discord's 6000-character limit; update the
logic to compute the cumulative embed content length while serializing each
config section and if the running total would exceed 6000 either (a) batch
fields into multiple Embed objects (create additional embeds and add them to the
reply, ensuring each embed's length <=6000 and not exceeding Discord's embed
count limit) or (b) switch to a condensed fallback that only lists section names
and prompts the user to call a new `/config view section:<name>` command; apply
this change around the loop that uses Object.entries(config) and embed.addFields
so long outputs are split or truncated at the embed level rather than only
per-field.
- Around line 197-200: The "New Value" field currently uses
path.split('.').slice(1)[0] which only grabs the first key after the section and
fails for deeper paths; change the logic where .addFields builds the New Value
(using the existing variables path, updatedSection, and value) to compute the
actual leaf value by splitting path on '.', removing the section segment, and
iteratively descending into updatedSection (e.g., with a reduce over the path
parts) to obtain the final value, falling back to the original value if the
descent yields undefined, and then use that computed leaf value in the New Value
field.

In `@src/db.js`:
- Around line 24-31: The current Pool creation sets ssl to rejectUnauthorized:
false for all non-Railway connections; change this to use a configurable flag
(e.g., process.env.PG_SSL_REJECT_UNAUTHORIZED) or a boolean derived from an env
var so the default is true and only explicitly disables certificate verification
when opted-in; update the ssl assignment in the new Pool(...) block (where pool
is constructed and ssl is set based on connectionString) to read the env var,
coerce it to a boolean, and use { rejectUnauthorized: <env-derived-boolean> }
for non-Railway connections.
- Around line 24-31: The Pool instantiation (variable pool created via new Pool)
lacks a listener for the pool 'error' event; add a pool.on('error', ...) handler
after the Pool is created (near the Pool constructor) that logs the error via
your logger (or console.error) and performs appropriate shutdown/recovery (e.g.,
graceful process exit or retry logic) to prevent unhandled 'error' events from
crashing the process; ensure the handler references the pool variable and
includes the error object in the log message for debugging.

In `@src/index.js`:
- Around line 250-252: The shutdown sequence must not be aborted if closeDb()
throws; wrap the await closeDb() call in a try/catch (inside the shutdown logic
where closeDb() is called) to catch and log any error from closeDb() and allow
execution to continue to client.destroy() and process.exit(0); ensure you
reference the existing process logger (or info/error functions used nearby) when
logging the caught error so the rest of the shutdown (client.destroy() and
process.exit(0)) always runs even if closeDb() fails.

In `@src/modules/config.js`:
- Around line 57-67: The seeding loop that inserts each key from fileConfig and
the reset-all loop perform multiple sequential writes without a transaction;
wrap both operations in a DB transaction so they are atomic: begin a transaction
before the for...of insert loop in the seeding logic (the block that iterates
over Object.entries(fileConfig) and then sets configCache = { ...fileConfig })
and commit after all inserts succeed, and do the same around the reset-all
sequence (the code that updates/deletes config entries in the reset-all path);
ensure you rollback on any error and only update configCache after a successful
commit.
- Around line 134-139: setConfigValue and resetConfig call getPool() unguarded
and will throw when DATABASE is not configured; wrap the pool acquisition and
query in a try/catch (or check for a valid pool) in both setConfigValue and
resetConfig so that if getPool() fails you still update the in-memory
configCache[section] (and updated_at) and skip the DB query, and surface a clear
user-facing/log message indicating the DB is unavailable and changes are
persisted only in memory (or alternatively, throw a controlled error noting the
command requires a DB). Ensure you reference and modify setConfigValue,
resetConfig, getPool, and configCache to implement the conditional DB write and
error handling.
- Around line 180-185: The code is spreading potentially primitive config values
which turns them into empty objects; update the logic that writes into
configCache (where you use configCache[key], value and where you used
fileConfig[section]) to first check whether the source (value or
fileConfig[section]) is a plain object (e.g., typeof === 'object' && value !==
null && !Array.isArray(value)) and only use Object.assign / object spread when
it is an object; otherwise assign the primitive directly (configCache[key] =
value) so primitives are preserved. Ensure the branch that clears existing
object entries (the for...delete and Object.assign block) still only runs when
configCache[key] is an object and the incoming value is an object.
- Around line 114-115: The variable sectionConfig is assigned but never used;
remove the dead assignment to clean up src/modules/config.js by deleting the
line that creates sectionConfig (const sectionConfig = {
...(configCache[section] || {}) };) and ensure any legitimate logic that
intended to use it instead references configCache[section] or the local variable
section where needed (check nearby uses of parts and configCache to confirm no
other changes are required).

📜 Review details

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 99fe5d5 and efb4a87.

📒 Files selected for processing (5)

• package.json
• src/commands/config.js
• src/db.js
• src/index.js
• src/modules/config.js

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2026-02-04T02:20:09.131Z

Learnt from: CR
Repo: VolvoxCommunity/Volvox.Website PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-02-04T02:20:09.131Z
Learning: Applies to {package.json,.npmrc,pnpm-lock.yaml} : Use pnpm package manager (pinned to v10.23.0) with `.npmrc` configured for strict peer dependencies and disabled shamefully-hoist

Applied to files:

• package.json

📚 Learning: 2025-10-10T15:05:26.145Z

Learnt from: CR
Repo: BillChirico/LUA-Obfuscator PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-10-10T15:05:26.145Z
Learning: Applies to package.json : Only add new packages when absolutely necessary or explicitly requested

Applied to files:

• package.json

🧬 Code graph analysis (4)

src/db.js (2)

src/modules/config.js (4)

• pool (44-44)
• pool (55-55)
• pool (135-135)
• pool (152-152)

src/logger.js (1)

• info (218-220)

src/index.js (6)

src/commands/config.js (2)

• config (79-79)
• config (124-124)

src/logger.js (3)

• config (27-27)
• error (232-234)
• info (218-220)

src/db.js (3)

• client (34-34)
• closeDb (70-76)
• initDb (18-53)

src/modules/config.js (1)

• loadConfig (40-82)

src/modules/events.js (1)

• registerEventHandlers (144-149)

src/commands/status.js (1)

• healthMonitor (58-58)

src/commands/config.js (1)

src/modules/config.js (5)

• getConfig (88-90)
• section (114-114)
• sectionData (165-165)
• setConfigValue (108-143)
• resetConfig (150-191)

src/modules/config.js (2)

src/db.js (2)

• pool (12-12)
• getPool (60-65)

src/logger.js (1)

• info (218-220)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Cursor Bugbot

🔇 Additional comments (3)

package.json (1)

16-16: LGTM! The pg dependency is necessary for the new PostgreSQL-backed configuration persistence feature.

src/modules/config.js (1)

198-222: parseValue — reasonable helper, but be aware of edge cases.

A few notes:

• The number regex (line 209) accepts strings like "" — actually no, the regex requires at least one digit. But it does accept leading-zero numbers like "007" which become 7. Also, very large numbers will lose precision (beyond Number.MAX_SAFE_INTEGER).
• A string "[not json" that starts with [ but isn't valid JSON correctly falls through to plain string — good.

Overall this is fine for a Discord bot config use case.

src/index.js (1)

291-327: Async startup sequence looks well-structured.

The ordering (DB init → config load → state load → event registration → commands → login) correctly ensures dependencies are available before consumers. The conditional DB initialization and the fallback in loadConfig provide a smooth degradation path for environments without DATABASE_URL.

_{✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.}

[coderabbitai]

Actionable comments posted: 8

🤖 Fix all issues with AI agents

In `@src/commands/config.js`:
- Around line 161-188: The local variable truncated is unused after being set in
the loop; remove the truncated declaration and the assignment truncated = true
(and keep the existing embed.addFields truncation notice), or alternatively use
truncated after the loop to modify the embed footer/message (e.g., call
embed.setFooter or append to embed.data.footer) to indicate truncation—update
references to truncated, the for-loop over Object.entries(config), and the
truncation branch that checks totalLength + fieldLength > EMBED_CHAR_LIMIT - 200
accordingly so there are no unused variables left.
- Around line 144-157: The single-section embed path in src/commands/config.js
currently passes the raw JSON for a section into embed.addFields (the block
using sectionData) which can exceed Discord's 1024 char field limit and cause
interaction.reply to throw; change this by serializing sectionData to a jsonStr
(JSON.stringify(sectionData, null, 2)), truncate jsonStr to ~1000 characters
(e.g., if jsonStr.length > 1000 use jsonStr.slice(0, 997) + '...'), then pass
the truncated string inside the fenced '```json\n' + truncatedJson + '\n```' as
the field value in the embed.addFields call so the single-section view matches
the length-guard used in the full-view path.

In `@src/db.js`:
- Around line 69-74: The initDb error path can leave the shared variable pool
non-null which makes getPool() return an unusable pool; update initDb to
defensively reset/release pool on any failure (e.g., in the catch block set pool
= null and close the client/pool if created) before rethrowing the error so
getPool() will throw as expected; reference the initDb function, the shared pool
variable, and getPool to locate where to null out/cleanup the pool.

In `@src/index.js`:
- Around line 39-40: Add a brief inline comment where the top-level variable
"config" is initialized (the let config = {} declaration) explaining that this
variable is later assigned to the object returned by loadConfig(), which is the
same shared object as configCache in src/modules/config.js, and that in-place
mutations via setConfigValue and resetConfig intentionally propagate through
this shared reference so the top-level config remains in sync across modules.

In `@src/modules/config.js`:
- Around line 131-141: The code calls parseValue(value) twice when updating
nested keys (once when setting current[finalKey] in the sectionClone and again
when updating the in-memory cache), causing redundant work; compute const parsed
= parseValue(value) once and use parsed for both assignments (the clone
assignment where current[finalKey] is set and the later cache update logic that
writes the same key), updating references to parseValue in the functions that
handle sectionClone, parts, finalKey and the cache update to use parsed instead.
- Around line 24-44: Replace brittle string comparison in loadConfigFromFile by
marking the "config not found" error with a stable flag/property and checking
that flag when deciding to re-throw; specifically, when you create the not-found
error inside loadConfigFromFile (current msg 'config.json not found!'), attach a
property such as err.code = 'CONFIG_NOT_FOUND' (or throw a custom
ConfigNotFoundError) and then in the catch block test that property (e.g.,
err.code === 'CONFIG_NOT_FOUND' or instanceof ConfigNotFoundError) instead of
matching err.message so the re-throw behavior remains correct even if the
message text changes.
- Around line 51-63: loadConfig currently calls loadConfigFromFile() with the
default exit-on-error behavior which causes the process to exit if config.json
is missing before checking the DB; change loadConfig to call
loadConfigFromFile({ exitOnError: false }) so a missing file becomes non-fatal,
then attempt getPool() and only treat missing configuration as fatal if both the
file (now optional) and the DB (getPool()/DB config read) are unavailable;
update logic around loadConfig, getPool, and configCache to prefer DB values
when present and fall back to fileConfig only when DB is not initialized.
- Around line 120-171: setConfigValue performs a read-modify-write of the entire
section (using structuredClone and INSERT ... ON CONFLICT) which allows
concurrent calls to clobber each other; modify setConfigValue to perform an
atomic partial update at the DB level (or acquire a DB advisory lock around the
section) instead of writing the whole section: use getPool() to run an UPDATE
that leverages jsonb_set (or jsonb ||) to set the nested key inside the stored
JSON value for the given section key, falling back to the in-memory mutation of
configCache only after the DB update succeeds, and preserve current parseValue,
configCache, and logging behavior (references: setConfigValue, configCache,
getPool, parseValue).

📜 Review details

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between efb4a87 and 651fcd0.

📒 Files selected for processing (4)

• src/commands/config.js
• src/db.js
• src/index.js
• src/modules/config.js

🧰 Additional context used

🧬 Code graph analysis (3)

src/db.js (2)

src/modules/config.js (6)

• pool (55-55)
• pool (66-66)
• pool (146-146)
• pool (181-181)
• client (71-71)
• client (214-214)

src/logger.js (1)

• info (218-220)

src/modules/config.js (2)

src/db.js (3)

• pool (12-12)
• getPool (69-74)
• client (43-43)

src/logger.js (1)

• info (218-220)

src/commands/config.js (1)

src/modules/config.js (4)

• getConfig (109-111)
• section (126-126)
• setConfigValue (120-171)
• resetConfig (178-245)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Cursor Bugbot

🔇 Additional comments (4)

src/index.js (2)

162-175: Autocomplete handler looks good.

Properly guards against missing autocomplete export with optional chaining, catches errors, and returns early to avoid falling through to the command handler.

---

304-326: Startup sequence is well-ordered.

DB init → config load → state load → event registration → command load → login is the correct dependency order. The conditional DB init (Line 306) and the loadConfig() fallback design ensure the bot works without DATABASE_URL.

One minor note: if loadConfig() throws (e.g., config.json missing and DB unavailable), startup().catch at Line 328 will log and exit — which is the right behavior.

src/modules/config.js (2)

252-254: isPlainObject helper is clean and correctly handles null/array edge cases.

---

261-285: parseValue is straightforward and covers common Discord command input types.

One edge case to be aware of: strings like "0123" will be coerced to the number 123. If octal-like prefixed strings are possible config values, you may want to add a leading-zero guard. Unlikely to matter for bot config in practice.

_{✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.}

[BillChirico]

✅ Round 2 Review Comments Addressed

All 8 CodeRabbit review comments have been fixed in commit 4c30455:

Changes

1. src/commands/config.js:157 — Single-section view now truncates field values to stay under Discord's 1024-char limit, matching the full-view path behavior.

2. src/commands/config.js:188 — The truncated flag is now used to swap the embed footer text to indicate sections were omitted.

3. src/db.js:74 — initDb() now wraps post-pool-creation logic in try/catch. On failure, pool.end() is called and pool is set to null so getPool() won't return an unusable instance.

4. src/index.js:40 — Added inline comment explaining that config shares a reference with configCache in modules/config.js, so in-place mutations via setConfigValue() propagate automatically.

5. src/modules/config.js:44 — Error matching now uses err.code === 'CONFIG_NOT_FOUND' instead of brittle string comparison on err.message.

6. src/modules/config.js:63 — loadConfig() now calls loadConfigFromFile({ exitOnError: false }). If config.json is missing, it tries the DB first and only throws when both sources are unavailable.

7. src/modules/config.js:171 — setConfigValue() now uses PostgreSQL jsonb_set() for atomic partial updates on the ON CONFLICT path, preventing concurrent calls from overwriting each other's changes.

8. src/modules/config.js:141 — parseValue(value) result is now stored in parsedVal and reused instead of being called twice.

All 10 unresolved review threads have been resolved.

[coderabbitai]

Actionable comments posted: 6

🤖 Fix all issues with AI agents

In `@src/commands/config.js`:
- Around line 138-142: The embed footer hardcodes "Stored in PostgreSQL…"
causing incorrect text when env DATABASE_URL is not set; update the footer
generation where EmbedBuilder is instantiated (the const embed = new
EmbedBuilder() block) to compute the footer text dynamically by checking
process.env.DATABASE_URL (or the config-check helper used in this module) and
set it to "Stored in PostgreSQL • Use /config set to modify" when present and
"Stored in file • Use /config set to modify" (or similar) when absent, then pass
that string into setFooter so the message reflects the actual storage backend.

In `@src/db.js`:
- Around line 18-70: initDb() can leak the previous Pool when called twice
because the global pool is overwritten; update initDb to check the existing pool
variable at the start and either return it immediately if already
initialized/healthy or gracefully close it (await pool.end()) before creating a
new Pool, ensuring you handle errors from pool.end() and set pool = null when
closed; reference the initDb function and the module-level pool variable so the
guard runs before new Pool construction and before any operations that assume a
fresh pool.

In `@src/index.js`:
- Around line 307-334: The startup function logs "Database initialized" after
calling initDb(), which is redundant because initDb() already logs "Database
connected" and "Database schema initialized"; remove or alter the extra log in
startup (the info('Database initialized') call inside async function startup) to
avoid noisy duplicate messages—either delete that info() call or replace it with
a more specific message that adds unique context.

In `@src/modules/config.js`:
- Around line 86-88: The catch block that currently does await
client.query('ROLLBACK') can itself throw and mask the original txErr; modify
the error handling around the rollback so the rollback is performed inside its
own try/catch (or use a safe helper) and any rollback error is logged/suppressed
while rethrowing the original txErr; specifically update the catch that
references txErr and client.query('ROLLBACK') to call rollback inside try {
await client.query('ROLLBACK') } catch (rbErr) { /* log rbErr */ } and then
throw txErr to preserve the original error.
- Around line 266-270: In resetConfig, guard the ROLLBACK call so a failed
rollback doesn't replace the original transaction error: when catching txErr,
call client.query('ROLLBACK') with a `.catch(() => {})` (same approach used in
setConfigValue) to swallow any rollback errors, then rethrow the original txErr;
reference the resetConfig function and the client.query('ROLLBACK') invocation
to locate where to apply this change.
- Around line 254-284: The reset-all path currently upserts keys from fileConfig
but never removes DB or in-memory keys that were added at runtime; update the
block that runs when pool exists to, inside the same transaction (BEGIN/COMMIT),
delete any rows in config whose key is NOT IN the set of Object.keys(fileConfig)
(use a parameterized DELETE ... WHERE key NOT IN (...)) before
inserting/updating the fileConfig entries, and likewise update the in-memory
mutation on configCache to remove any keys not present in fileConfig (e.g.,
iterate Object.keys(configCache) and delete keys absent from fileConfig before
doing the existing merge/assign logic). Ensure you use the same client
(client.query) for the DELETE and keep the rollback on error behavior intact.

📜 Review details

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 651fcd0 and 3b07d57.

📒 Files selected for processing (4)

• src/commands/config.js
• src/db.js
• src/index.js
• src/modules/config.js

🧰 Additional context used

🧬 Code graph analysis (3)

src/commands/config.js (1)

src/modules/config.js (5)

• getConfig (116-118)
• section (133-133)
• err (25-25)
• setConfigValue (127-214)
• resetConfig (221-288)

src/db.js (2)

src/modules/config.js (4)

• pool (52-52)
• pool (66-66)
• pool (154-154)
• pool (224-224)

src/logger.js (1)

• info (218-220)

src/modules/config.js (2)

src/logger.js (1)

• info (218-220)

src/db.js (2)

• pool (12-12)
• getPool (77-82)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Cursor Bugbot

🔇 Additional comments (15)

src/db.js (2)

24-40: Past review items addressed — SSL config and pool error handler look good.

SSL handling is now environment-driven via DB_SSL_REJECT_UNAUTHORIZED, and the pool 'error' event handler prevents unhandled crashes. The try/catch cleanup at Lines 62-67 properly nulls the pool on initialization failure.

---

77-93: getPool() and closeDb() are clean and correct.

src/commands/config.js (5)

9-15: SECTION_CHOICES derived from VALID_SECTIONS — clean single source of truth.

The camelCase-to-spaced regex on Line 13 is a nice touch for display names.

---

65-105: flattenConfigKeys and autocomplete look correct.

The recursive flattening correctly handles arbitrary nesting, includes intermediate paths (useful for setting sub-objects), and the autocomplete respects Discord's 25-result limit.

---

159-193: Full-view truncation and footer adjustment look correct.

The cumulative size tracking against EMBED_CHAR_LIMIT, per-field truncation to 1000 chars, truncation notice, and conditional footer update all address the prior review feedback properly.

---

208-248: handleSet — solid implementation with proper defer/error handling.

Section validation before deferReply, leaf value traversal for display, and the deferred-aware catch block are all correct.

---

250-281: handleReset looks good.

The section || undefined coercion correctly routes to the reset-all path when no section is provided.

src/index.js (3)

39-43: Shared-reference comment is clear and helpful.

Good documentation of the non-obvious coupling between the module-level config and configCache in modules/config.js.

---

165-178: Autocomplete routing is correct and well-guarded.

The early return on Line 177 ensures autocomplete interactions don't fall through to the command handler. Error handling wraps the call properly.

---

253-259: closeDb() properly guarded in shutdown — addresses prior review feedback.

src/modules/config.js (5)

23-34: loadConfigFromFile — clean implementation with err.code flag.

The CONFIG_NOT_FOUND error code replaces the brittle string matching from the prior review. Clean separation of "missing file" vs "parse error".

---

41-110: loadConfig — well-structured DB-first with file fallback.

The layered error handling (file optional → DB unavailable check → DB empty seed → DB failure fallback) is thorough and correctly addresses all prior review feedback. Transaction-wrapped seeding prevents partial writes.

---

127-214: setConfigValue — transaction + row lock is a solid approach.

The SELECT ... FOR UPDATE pattern correctly prevents concurrent write clobbering, and the in-memory cache update mirrors the DB write logic. The parsedVal is computed once and reused. The ROLLBACK on Line 190 is properly guarded with .catch(() => {}).

---

304-333: parseValue handles edge cases well.

Safe integer range preservation for large numbers (e.g., Discord snowflake IDs), JSON structure detection with fallback, and clean boolean/null parsing. Solid implementation.

---

290-297: isPlainObject is correct and addresses the prior review about spreading primitives.

_{✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.}

[BillChirico]

✅ Review Comments Addressed

All 6 review threads have been resolved:

1. Dynamic footer text (src/commands/config.js) — Footer now shows "Stored in PostgreSQL" when DATABASE_URL is set, or "Stored in memory (config.json)" otherwise. (80a1516)

2. Re-entrancy guard for initDb() (src/db.js) — Added guard to close existing pool before re-initialization, preventing connection leaks. (6ac410e)

3. Startup sequence (src/index.js) — Positive feedback acknowledged ✓

4. Guarded seed ROLLBACK (src/modules/config.js) — Wrapped seed transaction ROLLBACK in try/catch to prevent masking original errors. (70aa444)

5. Stale key cleanup on reset-all (src/modules/config.js) — Full reset now deletes DB rows and cache entries for keys not in config.json. (c551c82)

6. Guarded setConfigValue ROLLBACK (src/modules/config.js) — Replaced .catch(() => {}) with explicit try/catch for consistency. (9fafde2)

[BillChirico]

✅ Round 10 — All 4 review threads addressed

Commits pushed to feat/db-config:

1. 9daa7f1 refactor: derive VALID_SECTIONS dynamically from config.json

   • Replaced hardcoded VALID_SECTIONS array with Object.keys(loadConfigFromFile()) so static slash-command choices stay in sync with config.json automatically.
   • handleSet validation now uses live config keys (Object.keys(getConfig())) to also accept DB-added sections.
   • Resolves thread PRRT_kwDORICdSM5t9W3O

2. 36442f8 fix: downgrade expected DB-unavailable log to warn in setConfigValue

   • Changed logError → logWarn for the DB-unavailable fallback in setConfigValue. In file-only deployments (no DATABASE_URL), this is expected behavior, not an error.
   • Resolves thread PRRT_kwDORICdSM5t9W3V

3. 0bedbce fix: add Array.isArray guard on section root in setConfigValue

   • Added Array.isArray(configCache[section]) guard to mirror the existing fix in setNestedValue. Prevents silent data corruption if a section root is somehow an array.
   • Resolves thread PRRT_kwDORICdSM5t9W3b

4. 78a89a8 fix: downgrade expected DB-unavailable log to warn in resetConfig

   • Same rationale as fix Modular Architecture Refactor #2 — logError → logWarn for the expected no-DB fallback path in resetConfig.
   • Resolves thread PRRT_kwDORICdSM5t9W3d

All 4 review threads have been resolved.

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is ON. A Cloud Agent has been kicked off to fix the reported issue.}

[cursor]

Module-level loadConfigFromFile() breaks DB-only deployments

High Severity

VALID_SECTIONS is computed by calling loadConfigFromFile() at module-import time, which throws if config.json is absent. In DB-only deployments (after initial seeding), this prevents the entire /config command from loading — the very command needed to manage configuration remotely. Additionally, since loadCommands() runs after loadConfig() in the startup sequence, configCache is already populated from the DB at import time, so getConfig() would be the correct source and would also reflect any DB-only sections that config.json doesn't contain.

 

[cursor]

Bugbot Autofix prepared fixes for 1 of the 1 bugs found in the latest run.

• ✅ Fixed: Module-level loadConfigFromFile() breaks DB-only deployments
  • Replaced loadConfigFromFile() with getConfig() at module load time, which safely returns the already-populated configCache from the database without throwing when config.json is absent.

Or push these changes by commenting:

@cursor push 261b504b10