Skip to content

feat(dead-letter): add transient auto-requeue#104

Merged
pureliture merged 2 commits into
mainfrom
codex/dead-letter-auto-requeue
Jun 27, 2026
Merged

feat(dead-letter): add transient auto-requeue#104
pureliture merged 2 commits into
mainfrom
codex/dead-letter-auto-requeue

Conversation

@pureliture

@pureliture pureliture commented Jun 27, 2026

Copy link
Copy Markdown
Contributor

What

  • Add bounded dead-letter auto-requeue recovery for transient verifier dead-letter jobs.
  • Split dead-letter classification into terminal reason and root error class.
  • Persist autoRequeueCount and enforce one automatic requeue per job.
  • Add guarded NoSQL conditional recovery behavior.
  • Add conservative personal systemd service/timer units without enabling them by default.

Why

Operators need a safe recovery path for verifier timeout, transport, and lease-expiry backlog after overload without introducing SQS, LocalStack, Kafka-style offsets, outbox storage, new tables, or new GSIs.

Safety

  • Dry-run by default; mutation requires explicit apply mode.
  • Defaults to verify jobs.
  • Only transient root error classes are eligible.
  • Cooldown-gated, limit-gated, page-capped, compare-and-set guarded, and one-shot.
  • Non-transient, malformed, unknown, scanner-runtime, and retry-budget-only failures remain excluded from automatic requeue.

Verification

  • ruff check on changed files passed.
  • Whitespace diff check passed.
  • Related regression tests passed.
  • Operational proof covered a synthetic dead-letter verify job, dry-run candidate detection, apply recovery to pending, one-shot skip on a repeated dead-letter, and a one-shot user systemd service run without enabling the timer.

Closes #103

@pureliture
feat: dead-letter auto-requeue 추가
5f8b55f 
* transient dead-letter root 분류와 1회 자동 재투입 정책 추가

* NoSQL 조건부 requeue와 personal systemd timer-ready unit 추가

* CLI/runtime/storage 회귀 테스트와 리뷰 보강 케이스 추가
gemini-code-assist[bot]
gemini-code-assist Bot reviewed Jun 27, 2026
View reviewed changes

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces a conservative, timer-ready dead-letter auto-requeue feature to automatically recover transient verifier failures. It includes new systemd user service and timer units, design and requirements documentation, a new CLI command, and NoSQL database updates to track auto-requeue counts and perform conditional updates. Feedback highlights a potential issue in the DynamoDB conditional write expression when last_error is None (which can cause valid jobs to be skipped), as well as a missing keyword-only argument separator in the storage protocol signature that causes type-checking mismatches.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread src/security_scanner/storage/adapters/nosql_db/store.py Outdated
Comment thread src/security_scanner/storage/base.py
@pureliture pureliture merged commit a4fba4c into main Jun 27, 2026
9 checks passed
@pureliture pureliture deleted the codex/dead-letter-auto-requeue branch June 27, 2026 09:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer
@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments
Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

type:task

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

task: Add dead-letter auto-requeue

1 participant

@pureliture