[PR #392] fix: use transactions when operations involve multiple database queries #845

New Issue

Closed

opened 2025-10-08 00:18:17 +03:00 by OVERLORD · 0 comments

OVERLORD commented 2025-10-08 00:18:17 +03:00

Owner

Copy Link

Original Pull Request: https://github.com/pocket-id/pocket-id/pull/392

State: closed
Merged: Yes

---

Currently, the backend does not use database transactions, even when there are operations performed in sequence. For example: 4d049bbe24/backend/internal/service/user_service.go (L166-L194) where the user is loaded from the DB and then updates

This can cause a number of problems if multiple requests happen in parallel, and in some cases could also have security implications.

This PR updates the backend's to add transactions where they are needed.

**Original Pull Request:** https://github.com/pocket-id/pocket-id/pull/392 **State:** closed **Merged:** Yes --- Currently, the backend does not use database transactions, even when there are operations performed in sequence. For example: https://github.dev/pocket-id/pocket-id/blob/4d049bbe24aa0b714c6f97369f1562064076a3b4/backend/internal/service/user_service.go#L166-L194 where the user is loaded from the DB and then updates This can cause a number of problems if multiple requests happen in parallel, and in some cases _could_ also have security implications. This PR updates the backend's to add transactions where they are needed.

OVERLORD added the pull-request label 2025-10-08 00:18:17 +03:00

OVERLORD closed this issue 2025-10-08 00:18:18 +03:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

fix/restrict-email-one-time-access

oidc-scopes

breaking/v2

i18n_crowdin

v2/use-item-component

default-env-db-keys

slog-gorm

v1.16.0

v1.15.0

v1.14.2

v1.14.1

v1.14.0

v1.13.1

v1.13.0

v1.12.0

v1.11.2

v1.11.1

v1.11.0

v1.10.0

v1.9.1

v1.9.0

v1.8.1

v1.8.0

v1.7.0

v1.6.4

v1.6.3

v1.6.2

v1.6.1

v1.6.0

v1.5.0

v1.4.1

v1.4.0

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

v0.53.0

v0.52.0

v0.51.1

v0.51.0

v0.50.0

v0.49.0

v0.48.0

v0.47.0

v0.46.0

v0.45.0

v0.44.0

v0.43.1

v0.43.0

v0.42.1

v0.42.0

v0.41.0

v0.40.1

v0.40.0

v0.39.0

v0.38.0

v0.37.0

v0.36.0

v0.35.6

v0.35.5

v0.35.4

v0.35.3

v0.35.2

v0.35.1

v0.35.0

v0.34.0

v0.33.0

v0.32.0

v0.31.0

v0.30.0

v0.29.0

v0.28.1

v0.28.0

v0.27.2

v0.27.1

v0.27.0

v0.26.0

v0.25.1

v0.25.0

v0.24.1

v0.24.0

v0.23.0

v0.22.0

v0.21.0

v0.20.1

v0.20.0

v0.19.0

v0.18.0

v0.17.0

v0.16.0

v0.15.0

v0.14.0

v0.13.1

v0.13.0

v0.12.0

v0.11.0

v0.10.0

v0.9.0

v0.8.1

v0.8.0

v0.7.1

v0.7.0

v0.6.0

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.1

v0.4.0

v0.3.1

v0.3.0

v0.2.1

v0.2.0

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels

breaking

bug

documentation

feature

needs more upvotes

open to pull requests

pull-request

Mirrored from GitHub Pull Request

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/pocket-id-pocket-id-1#845