AntFleet

Disagreement · 9e289239-openai-1

Cross-repo receipts loader can silently underfill the requested limit due to post-query filtering

solo GPT-5
repo e24ef98c·PR #10·reviewed 1 week ago

GPT-5 finding

Cross-repo receipts loader can silently underfill the requested limit due to post-query filtering

mediumdata-losshigh
  • apps/web/lib/receipts.ts
  • apps/web/lib/receipts.ts
The DB query filters only by status='merged' and limits by mergedAt order. Rows with status='merged' but missing mergeSha (or, less likely, mergedAt=null) are returned and then dropped by mapMergedRowsToReceipts. If such invalid rows fall within the top N by mergedAt, the mapped list can contain fewer than the requested limit even when more valid rows exist beyond the limit, leading to an unexpectedly short set and inconsistent pagination semantics.

Recommendation

Tighten the WHERE clause to also require non-null mergedAt and mergeSha (e.g., add isNotNull(outgoingPrs.mergedAt) AND isNotNull(outgoingPrs.mergeSha)). Optionally add a CHECK constraint or trigger to enforce that rows in status='merged' must have non-null mergedAt and mergeSha.

Other reviewer

The other reviewer flagged nothing in this file/line range.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →
← back to all disagreementsview public receiptssee unanimous findings + anatomies →
Tweet ↗