Skip to content

fix(migrator): code:ensure_loaded dialect before function_exported check#117

Merged
Taure merged 1 commit into
mainfrom
fix/dialect-ensure-loaded
May 10, 2026
Merged

fix(migrator): code:ensure_loaded dialect before function_exported check#117
Taure merged 1 commit into
mainfrom
fix/dialect-ensure-loaded

Conversation

@Taure
Copy link
Copy Markdown
Owner

@Taure Taure commented May 10, 2026

Summary

erlang:function_exported/3 only sees modules currently loaded in the runtime. Without code:ensure_loaded/1, kura_migrator never picked up a dialect's column_type/1 / format_default/1 callbacks unless that dialect happened to have been called before, and silently fell back to the Postgres-shaped defaults.

Symptom

CREATE TABLE on a SQLite repo emitted BIGSERIAL (Postgres-only) and crashed with SQLITE_ERROR. Caught by kura_sqlite's new end-to-end migrator test.

Test plan

  • kura_migrator_pool_SUITE 8/8 (Postgres regression)
  • kura_sqlite migrator e2e suite (will land in kura_sqlite once this is tagged + repinned)

@Taure
fix(migrator): code:ensure_loaded dialect before function_exported check
0e60e38 
erlang:function_exported/3 returns false for any module not yet
loaded in the runtime. Without this, kura_migrator never sees a
dialect's column_type/1 / format_default/1 callbacks unless the
dialect happens to have been called before, and silently falls back
to the Postgres-shaped defaults.

This was the root cause of CREATE TABLE emitting BIGSERIAL on a
SQLite repo — the dialect was configured correctly but the override
machinery never ran.

Caught by kura_sqlite's new end-to-end migrator test.
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 10, 2026

🟢 Code Coverage — 91.6%

2172 of 2370 lines covered.

✅ ELP Lint

No diagnostics.

ℹ️ 11 OTP CVEs auto-ignored (already fixed in running version)

These CVEs are patched in the installed OTP version but NVD data
has not been updated to reflect this. They are excluded from the
scan via an auto-generated .trivyignore.

CVE Details
CVE-2026-23943 Fixed in 28.4.1, running 28.4.1 — Pre-auth SSH DoS via unbounded zlib inflate
CVE-2026-23942 Fixed in 28.4.1, running 28.4.1 — SFTP root escape via component-agnostic prefix check in ssh_sftpd
CVE-2026-23941 Fixed in 28.4.1, running 28.4.1 — Request smuggling via first-wins Content-Length parsing in inets httpd
CVE-2026-21620 Fixed in 28.3.2, running 28.4.1 — TFTP Path Traversal
CVE-2016-1000107 Fixed in 28.0.4, running 28.4.1 — Httpd CGI Scripts Environment Variable Pollution AKA "httpoxy"
CVE-2025-58050 Fixed in 28.0.3, running 28.4.1 — Buffer Read Overflow on Regular Expressions with (*scs:) and (*ACCEPT)
CVE-2025-48038 Fixed in 28.0.3, running 28.4.1 — SSH Unverified File Handles can Cause Excessive Use of System Resources
CVE-2025-48039 Fixed in 28.0.3, running 28.4.1 — SSH Unverified Paths can Cause Excessive Use of System Resources
CVE-2025-48040 Fixed in 28.0.3, running 28.4.1 — SSH Malicious Key Exchange Messages may Lead to Excessive Resource Consumption
CVE-2025-48041 Fixed in 28.0.3, running 28.4.1 — SSH_FXP_OPENDIR may Lead to Exhaustion of File Handles
CVE-2025-4748 Fixed in 28.0.1, running 28.4.1 — Absolute Path in Zip Module

@Taure Taure merged commit 659ebc8 into main May 10, 2026
16 checks passed
@Taure Taure deleted the fix/dialect-ensure-loaded branch May 10, 2026 19:07
@Taure Taure mentioned this pull request May 10, 2026
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Taure