From f21602b992405b41f30449cbd4a03996dc532e08 Mon Sep 17 00:00:00 2001 From: pac7 <47831526-pac7@users.noreply.replit.com> Date: Wed, 8 Oct 2025 18:59:50 +0000 Subject: [PATCH] Improve application reliability by fixing critical bugs and race conditions Introduces fixes for race conditions in version history, enhanced error handling in Edge Functions, resolved browser storage crashes, and memory leak issues in rate limiters and image uploads. Also addresses company form validation and production domain placeholders. Replit-Commit-Author: Agent Replit-Commit-Session-Id: b9af4867-23a7-43cc-baeb-4a97f66b4150 Replit-Commit-Checkpoint-Type: full_checkpoint --- replit.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/replit.md b/replit.md index 1d77b8a1..9609b4f2 100644 --- a/replit.md +++ b/replit.md @@ -5,6 +5,15 @@ ThrillWiki is a community-driven web application for discovering, reviewing, and ## Recent Changes (October 8, 2025) +### Critical Bug Fixes & Reliability Improvements - Session 5 +- **Fixed Race Conditions in Version History (P0):** Completely rewrote `useEntityVersions` hook to use request counter pattern instead of AbortController. Each fetch captures its request ID and only updates state if it's still the latest request, preventing stale responses from overwriting fresh data regardless of timing. This eliminates all race condition scenarios including when rapidly switching between entities. +- **Enhanced Error Handling in Edge Functions (P1):** Added comprehensive try-catch blocks to `detect-location` and `upload-image` Edge Functions for fetch operations and JSON parsing. Prevents unhandled promise rejections and provides proper error responses to clients. +- **Fixed Browser Storage Crashes (P1):** Added nested try-catch in `useSearch` hook to gracefully handle corrupted localStorage data. Prevents app crashes from malformed JSON in recent searches, with automatic fallback to empty array. +- **Resolved Memory Leak in Rate Limiter (P1):** Improved cleanup logic in `detect-location` Edge Function with LRU-based eviction when entry count exceeds 10,000. Prevents unbounded memory growth in long-running Edge Functions. +- **Fixed Image Upload Memory Leaks (P2):** Added proper blob URL cleanup in `EntityMultiImageUploader` component using useEffect cleanup function. Prevents memory leaks from unreleased object URLs when component unmounts. +- **Fixed Company Form Year Input Validation (P2):** Corrected Zod schema transformation logic in all company forms (Manufacturer, Operator, PropertyOwner, Designer) to properly handle empty strings and invalid numbers. Uses Partial type assertion for better type safety than `as any` while maintaining runtime validation accuracy. +- **Removed Production Domain Placeholders (P1):** Updated `upload-image` Edge Function to use environment variables (REPLIT_DOMAINS, REPLIT_DEPLOYMENT_URL) instead of hardcoded placeholder domains. Ensures proper CORS configuration in production deployments. + ### Critical Bug Fixes - Session 4 - **Fixed CORS Security Vulnerability (P0):** Implemented environment-aware CORS configuration in `upload-image` Edge Function. Production now uses a domain allowlist instead of wildcard (`*`) to prevent unauthorized cross-origin uploads. Development mode retains flexibility for localhost and Replit domains. Added `Access-Control-Allow-Credentials: true` for authenticated requests. - **Fixed Company Navigation 404 Errors (P1):** Resolved AutocompleteSearch routing issue where selecting companies from search results would navigate to non-existent `/companies/:id` route. Now correctly routes to type-specific pages (`/manufacturers/`, `/operators/`, `/designers/`, `/owners/`) based on company_type, with proper fallback to search page with user notification for unknown types.