[pull] main from CodebuffAI:main#62
Merged
pull[bot] merged 3 commits intoaxistore80-coder:mainfrom Apr 17, 2026
Merged
Conversation
…nting Root-cause fix in consumeFromOrderedGrants (packages/billing/src/balance-calculator.ts): - Removed buggy "repay debt" first pass that treated consumption as credit addition (grant.balance + repayAmount), shrinking debt during spending. This caused every other post-exhaustion message to get free compute. - Mutate grant.balance in-memory in the consume loop so the overflow check sees post-consumption state (previously stale, dropped overflow credits silently). - Unconditionally create/extend debt on the last grant when remainingToConsume > 0 (previously guarded by lastGrant.balance <= 0 using stale in-memory value). Hard gate (defense-in-depth): added shouldBlockFreeUserOverdraw() and wired it into consumeCreditsAndAddAgentStep. Free-tier users (no purchase/subscription grant) with netBalance < credits are refused before consume/message-insert. Throws typed InsufficientCreditsError (netBalance, chargeAmount fields) inside the advisory-lock tx so it rolls back cleanly and the outer catch returns failure(error). These two layers are complementary, not redundant: - Root-cause fix = correct accounting (debt deepens monotonically) - Hard gate = policy enforcement (free tier can't go negative; only paying users can accumulate debt via the fixed consume path) Debt-settlement model is split: consume path only deepens debt; grant path (executeGrantCreditOperation in grant-credits.ts:134-154) is the ONLY place debt is cleared, via the existing negativeGrants-zeroing logic that runs on every credit addition (Stripe purchases, monthly resets, referrals, admin grants). Added cross-reference comments in both files documenting this invariant. Tests: - 9 unit tests for shouldBlockFreeUserOverdraw (exhausted, insufficient, sufficient, subscription/purchase bypass, zero-charge, referral-only, debt, multi-grant) - 6 regression tests for consumeFromOrderedGrants using write-capture mock tx: debt deepening, drain-and-overflow, no debt forgiveness, happy path, multi-grant priority, consumed tracks overflow - 2 tests for InsufficientCreditsError class (instance + barrel export) - Fixed createMockGrant type (added org_id, stripe_subscription_id, extended union) - Updated local copy of consumeFromOrderedGrants in the real-DB integration test and renamed/rewrote the 'should repay debt...' test to 'should not forgive debt...' — the old test was codifying the bug as correct behavior. Validation: typecheck clean on packages/billing; 28/28 balance-calculator unit tests pass; 14/14 integration tests pass against real Postgres; 128/128 full billing test suite green. Impact: Apr-16 credit-farming cohort of 10 freshly-created accounts consumed ~\$18.4k of API compute (74% of daily burn) off 500-credit free grants. With this fix, those accounts would have been refused after message ~6.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )