Issue: persist_link_diff and retry_surreal_op silently swallow errors, risking desync.
Fix: Make both return Result and propagate failures to callers.
// Change retry_surreal_op signature to return Result
async fn retry_surreal_op<F, Fut>(
op: F,
uuid: &str,
op_name: &str,
) -> Result<(), anyhow::Error>
// Change persist_link_diff signature to return Result
pub(crate) async fn persist_link_diff(
&self,
diff: &DecoratedPerspectiveDiff,
) -> Result<(), AnyError>
// Update callsites:
// - Functions returning Result: change `.await;` to `.await?;`
// - diff_from_link_language: use `.await.expect("SurrealDB link persistence failed");`Issue: Incomplete sentence in heading. Fix: Change "Can optionally be cleaned up:" to "The following can optionally be cleaned up:"
Issue: Marks perspective as migrated even when some links failed, risking data loss.
Fix: Only mark as migrated when error_count == 0, otherwise return error.
Issue: Hardcodes LinkStatus::Local instead of preserving original status.
Fix: Read link.status and use it (fallback to LinkStatus::Local if None).
Issue: TOCTOU race in initialize_from_db - multiple tasks can create duplicate SurrealDB services.
Fix: Use atomic entry-or-init pattern with write lock to prevent duplicates.
Issue: SurrealDB lookup only uses (source, target, predicate) instead of full unique constraint. Fix: Include author and timestamp in lookups to honor all 5 fields of link_unique_idx.
Issue: Overly broad error handling treats any "index" error as benign. Fix: Only check for "unique", "duplicate", "already exists" - remove "index" check.
Note: Migration failures logged at error level but user won't see in UI. Consider adding visible notification mechanism for production.
Note: DRY the repeated SurrealLink deserialization pattern across getters. Consider extracting helper function.
- Fix critical issues 1-7 first
- Address nitpicks 8-9 if time permits
- Run cargo fmt
- Commit and push to
surreal-filesbranch - Wait for CodeRabbit re-analysis