Fix blockchain integrity and add safety score feature

[RohanExploit]

This PR addresses issues with the blockchain integrity chain implementation by explicitly storing the previous hash, making verification robust against deletions. It also adds a new feature: a safety score calculator based on nearby issues, providing value without performance overhead. Additionally, it fixes a dependency issue with python-magic.

---

PR created automatically by Jules for task 10009027963621524798 started by @RohanExploit

---

Summary by cubic

Strengthens blockchain integrity with stored previous hashes and robust verification, and adds a fast location safety score endpoint. Also stabilizes Render deployments.

• New Features

  • Add previous_integrity_hash and parent_issue_id to Issue; create_issue sets them and verification checks chain continuity.
  • Add GET /api/location/safety-score returning a 0–100 score using bbox-filtered nearby issues and simple category weights.

• Bug Fixes

  • Image MIME validation now handles missing python-magic safely.
  • Render deployment: remove python-magic; split python-jose and cryptography; startup logs warnings instead of exiting for non-critical env vars; remove PYTHONPATH from render.yaml to avoid import conflicts.

^{Written for commit 5d1111b. Summary will update on new commits.}

Summary by CodeRabbit

Release Notes

• New Features

  • Added location safety scoring endpoint to compute area safety levels (0-100 score) based on nearby reported issues.
  • Enhanced issue creation with parent-issue linking capabilities for better issue tracking.

• Improvements

  • Strengthened blockchain integrity verification with chain continuity validation.
  • Improved file validation robustness with optional dependency handling.

[google-labs-jules]

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

---

For security, I will only act on instructions from the user who triggered this task.

[netlify]

✅ Deploy Preview for fixmybharat canceled.

Name	Link
🔨 Latest commit	5d1111b
🔍 Latest deploy log	https://app.netlify.com/projects/fixmybharat/deploys/6991ab1416e561000868666f

[github-actions]

🙏 Thank you for your contribution, @RohanExploit!

PR Details:

• Title: Fix blockchain integrity and add safety score feature
• Number: Fix blockchain integrity and add safety score feature #392

Quality Checklist:
Please ensure your PR meets the following criteria:

• Code follows the project's style guidelines
• Self-review of code completed
• Code is commented where necessary
• Documentation updated (if applicable)
• No new warnings generated
• Tests added/updated (if applicable)
• All tests passing locally
• No breaking changes to existing functionality

Review Process:

1. Automated checks will run on your code
2. A maintainer will review your changes
3. Address any requested changes promptly
4. Once approved, your PR will be merged! 🎉

Note: The maintainers will monitor code quality and ensure the overall project flow isn't broken.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR extends the issue tracking system with blockchain integrity verification enhancements and location-based safety scoring. New database columns support hash chaining (previous_integrity_hash) and issue hierarchies (parent_issue_id). The blockchain verification logic validates chain continuity and handles legacy data, while a new safety score endpoint computes location risk using nearby issues and severity weighting. Comprehensive test coverage and optional magic dependency support are included.

Changes

Cohort / File(s)	Summary
Database Schema Updates backend/init_db.py, backend/models.py	Added two new columns to Issue table: previous_integrity_hash (VARCHAR, nullable) for hash chaining and parent_issue_id (INTEGER, ForeignKey, nullable) for issue linkage. Migration wrapped in try/except blocks with silent fallback.
Blockchain Verification & Safety Scoring backend/routers/issues.py	Enhanced verify_blockchain_integrity to validate chain continuity using stored previous_integrity_hash; added legacy data fallback support. Expanded create_issue to populate parent_issue_id and previous_integrity_hash when linking issues. Introduced GET /api/location/safety-score endpoint computing 0-100 risk scores using severity-weighted penalty system with bounding-box pre-filtering.
Test Suite backend/tests/test_blockchain_and_safety.py	New test module with in-memory SQLite and FastAPI TestClient validating blockchain verification chain integrity and safety score calculations across multiple issue scenarios and locations.
Utility Enhancement backend/utils.py	Added optional python-magic dependency support via guarded import with HAS_MAGIC flag; MIME-type validation gracefully bypasses when dependency unavailable.

Sequence Diagram(s)

sequenceDiagram
    participant Client
    participant API as Issues Router
    participant DB as Database
    participant Blockchain as Verification Logic

    Client->>API: GET /api/issues/{id}/verify-blockchain
    API->>DB: Fetch Issue with previous_integrity_hash
    DB-->>API: Issue data (current_hash, previous_integrity_hash)
    API->>Blockchain: Verify chain continuity
    
    Blockchain->>Blockchain: Compute hash(description, category, prev_hash)
    Blockchain->>Blockchain: Compare computed_hash with current_hash
    
    alt Data Intact & Chain Valid
        Blockchain-->>API: data_intact=true, chain_intact=true
    else Data Intact, Chain Broken
        Blockchain-->>API: data_intact=true, chain_intact=false
    else Legacy Data (No Prev Hash)
        Blockchain->>Blockchain: Fallback to actual_prev_hash lookup
        Blockchain-->>API: Adjusted hashes & validity
    end
    
    API-->>Client: {is_valid, current_hash, computed_hash, message}

Loading

sequenceDiagram
    participant Client
    participant API as Issues Router
    participant DB as Database
    participant Safety as Scoring Logic

    Client->>API: GET /api/location/safety-score?lat=X&lon=Y&radius=500
    API->>DB: Query issues within bounding box
    DB-->>API: Nearby issues with severity levels
    
    API->>Safety: Calculate risk score
    Safety->>Safety: Apply severity-weighted penalties
    Safety->>Safety: Normalize to 0-100 scale
    
    API->>Safety: Determine risk label & color
    Safety-->>API: "Safe" / "Caution" / "Danger", color code
    
    API-->>Client: {score, label, color, issue_count, radius}

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• #348: Introduces initial integrity_hash implementation and related DB schema changes that this PR builds upon with hash chaining logic.
• #357: Implements blockchain verification endpoint modifications that overlap with this PR's enhanced verification and chain continuity logic.

Suggested labels

size/xl

Poem

🐰 A rabbit hops through hashes bold,
Linking chains of data old,
Safety scores now light the way,
Guarding truth both night and day! ✨

🚥 Pre-merge checks | ✅ 3 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 45.45% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main changes: fixing blockchain integrity and adding a safety score feature, which are the primary objectives of the PR.
Merge Conflict Detection	✅ Passed	✅ No merge conflicts detected when merging into main
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix-blockchain-integrity-safety-score-10009027963621524798

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Fix all issues with AI agents

In `@backend/routers/issues.py`:
- Around line 625-657: The legacy-fallback logic is unreachable because
stored_prev_hash is derived from current_issue.previous_integrity_hash, so the
inner check "if not current_issue.previous_integrity_hash and actual_prev_hash"
inside the "if stored_prev_hash and stored_prev_hash != actual_prev_hash" branch
never runs; move the legacy verification to run before evaluating chain_intact
(or change the condition to check legacy when stored_prev_hash is empty), i.e.,
if current_issue.previous_integrity_hash is falsy and actual_prev_hash is
present then compute legacy_hash_content =
f"{current_issue.description}|{current_issue.category}|{actual_prev_hash}" and
if that matches current_issue.integrity_hash, set stored_prev_hash =
actual_prev_hash, computed_hash = current_issue.integrity_hash, data_intact =
True and chain_intact = True; ensure these checks occur prior to or instead of
the existing "stored_prev_hash and stored_prev_hash != actual_prev_hash" block
so legacy records validate correctly.
- Around line 192-194: The creation branch currently runs only when
deduplication_info is None or not deduplication_info.has_nearby_issues, which
guarantees linked_issue_id is None; flip the boolean so the new issue creation
runs when nearby issues exist (i.e., change the condition to check
deduplication_info is None OR deduplication_info.has_nearby_issues) so that
parent_issue_id gets assigned the previously computed linked_issue_id; ensure
you update the condition that guards the block which constructs the issue (the
references: deduplication_info, deduplication_info.has_nearby_issues,
linked_issue_id, parent_issue_id) so the parent_issue_id assignment is
effective.

In `@backend/tests/test_blockchain_and_safety.py`:
- Around line 34-43: The test mutates app.dependency_overrides at import time
(app.dependency_overrides[get_db] = override_get_db) causing the in-memory DB
override to leak across modules; move that mutation into the client fixture
(inside the with TestClient(app) block or just before it), save the original
override (orig = app.dependency_overrides.get(get_db)), set
app.dependency_overrides[get_db] = override_get_db for the duration of the
fixture, and restore app.dependency_overrides[get_db] = orig (or delete the key)
in the fixture teardown after Base.metadata.drop_all(bind=engine) so other tests
are unaffected.

🧹 Nitpick comments (4)

backend/utils.py (1)

11-15: Consider logging when python-magic is unavailable.

When magic isn't installed, MIME-type validation is silently skipped, falling back to PIL-only validation. A startup warning would help operators notice the reduced security posture.

🔧 Proposed change

 try:
     import magic
     HAS_MAGIC = True
 except ImportError:
     HAS_MAGIC = False
+
+import logging as _logging
+_logger = _logging.getLogger(__name__)
+if not HAS_MAGIC:
+    _logger.warning("python-magic not installed; MIME-type validation will be skipped.")

(Or reuse the existing logger defined below on line 24 by moving this check after that declaration.)

backend/init_db.py (1)

127-139: Migrations follow the established pattern — minor logging inconsistency.

The new migration blocks use print() (lines 130, 137) while several other blocks in this file use logger.info(). This is a pre-existing inconsistency, but if you're touching these lines, it's a good opportunity to unify.

🔧 Optional: switch to logger

-                print("Migrated database: Added previous_integrity_hash column.")
+                logger.info("Migrated database: Added previous_integrity_hash column.")

-                print("Migrated database: Added parent_issue_id column.")
+                logger.info("Migrated database: Added parent_issue_id column.")

backend/tests/test_blockchain_and_safety.py (1)

45-101: Tests are order-dependent due to shared module-scoped DB state.

Both test_safety_score and test_blockchain_verification share the same in-memory database (module-scoped fixture). Issues created in test_safety_score persist into test_blockchain_verification, so "Genesis Issue" is not actually the first record. This works today because the verification logic only checks the immediately preceding issue, but it's fragile. Consider using function-scoped fixtures or explicitly cleaning data between tests.

Also, two minor static-analysis items:

• Line 116: issue1_id is assigned but never used — either remove the assignment or add an assertion on it.
• Line 142: Prefer assert data["is_valid"] is True over == True.

Quick fixes for static analysis

-    issue1_id = response1.json()["id"]
+    response1.json()["id"]  # ensure id is returned

-    assert data["is_valid"] == True
+    assert data["is_valid"] is True

Also applies to: 102-143

backend/routers/issues.py (1)

726-805: Align severity weights with actual IssueCategory enum values.

The severity_weights dictionary uses category names that don't match the IssueCategory enum in backend/schemas.py. The enum defines: ROAD, WATER, STREETLIGHT, GARBAGE, COLLEGE_INFRA, and WOMEN_SAFETY, but severity_weights only explicitly handles "garbage" and "streetlight". Missing categories default to weight 5, underrepresenting critical issues:

• "water" should align with the 20-point weight given to "flood"
• "road" lacks explicit weighting despite being infrastructure
• "college infra" should align with the 15-point weight given to "infrastructure"
• "women safety" is missing entirely despite being a distinct category

Update severity_weights to use the actual enum values (case-normalized) or document why the discrepancy exists.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Module-level dependency override leaks into other test modules.

app.dependency_overrides is mutated at import time (line 34), which means any other test module sharing the same app instance will inadvertently use the in-memory DB. Move the override into the fixture and restore it on teardown.

🛠️ Proposed fix

-app.dependency_overrides[get_db] = override_get_db
-
 `@pytest.fixture`(scope="module")
 def client():
     # Create tables
     Base.metadata.create_all(bind=engine)
+    app.dependency_overrides[get_db] = override_get_db
     with TestClient(app) as c:
         yield c
     # Drop tables
     Base.metadata.drop_all(bind=engine)
+    app.dependency_overrides.clear()

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	app.dependency_overrides[get_db] = override_get_db
	@pytest.fixture(scope="module")
	def client():
	# Create tables
	Base.metadata.create_all(bind=engine)
	with TestClient(app) as c:
	yield c
	# Drop tables
	Base.metadata.drop_all(bind=engine)
	`@pytest.fixture`(scope="module")
	def client():
	# Create tables
	Base.metadata.create_all(bind=engine)
	app.dependency_overrides[get_db] = override_get_db
	with TestClient(app) as c:
	yield c
	# Drop tables
	Base.metadata.drop_all(bind=engine)
	app.dependency_overrides.clear()

🤖 Prompt for AI Agents

In `@backend/tests/test_blockchain_and_safety.py` around lines 34 - 43, The test
mutates app.dependency_overrides at import time
(app.dependency_overrides[get_db] = override_get_db) causing the in-memory DB
override to leak across modules; move that mutation into the client fixture
(inside the with TestClient(app) block or just before it), save the original
override (orig = app.dependency_overrides.get(get_db)), set
app.dependency_overrides[get_db] = override_get_db for the duration of the
fixture, and restore app.dependency_overrides[get_db] = orig (or delete the key)
in the fixture teardown after Base.metadata.drop_all(bind=engine) so other tests
are unaffected.

[Copilot]

Pull request overview

This PR addresses blockchain integrity robustness and adds a location-based safety scoring feature to the civic reporting platform. The changes aim to make the blockchain verification resilient to record deletions by explicitly storing previous hashes, and provide users with safety insights based on nearby reported issues.

Changes:

• Adds optional python-magic import with try/except fallback to handle missing dependency
• Stores previous_integrity_hash in Issue records for blockchain verification robust to deletions
• Adds parent_issue_id column for duplicate issue tracking (though implementation has logic issues)
• Implements safety score calculation endpoint based on nearby issues with severity weights
• Includes comprehensive tests for both blockchain verification and safety score features

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 12 comments.

Show a summary per file

File	Description
backend/utils.py	Wraps python-magic import in try/except to handle missing dependency gracefully
backend/models.py	Adds previous_integrity_hash and parent_issue_id columns to Issue model
backend/init_db.py	Adds database migrations for new blockchain and duplicate tracking columns
backend/routers/issues.py	Updates issue creation to store previous hash, implements blockchain verification with legacy fallback, adds new safety-score endpoint
backend/tests/test_blockchain_and_safety.py	Adds comprehensive tests for safety score calculation and blockchain verification

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The parent_issue_id field will always be None for created issues. The code only creates a new issue when deduplication_info is None or not deduplication_info.has_nearby_issues (line 169), which means there are no nearby issues. However, linked_issue_id is only set when nearby issues ARE found (line 148). This creates a logical impossibility where parent_issue_id can never be set to a non-None value for created issues.

Based on the PR description mentioning "duplicate tracking", it seems the intention might be to:

1. Allow duplicate issues to be created with status='duplicate' and parent_issue_id set, OR
2. Remove the parent_issue_id parameter from Issue creation since it will always be None

Please clarify the intended behavior for duplicate tracking.

Suggested change

parent_issue_id=linked_issue_id

[Copilot]

The parent_issue_id column is defined with a ForeignKey constraint to issues.id, but no relationship is defined on the Issue model. While the foreign key constraint will work at the database level, SQLAlchemy best practices recommend defining a relationship for proper ORM usage. Consider adding a relationship definition such as:

parent_issue = relationship("Issue", remote_side=[id], backref="child_issues")

This would enable easier querying of parent-child relationships and follows the pattern used elsewhere in the codebase (e.g., Grievance.audit_logs at line 138).

Suggested change

	# Relationships
	parent_issue = relationship("Issue", remote_side=[id], backref="child_issues")

[Copilot]

The 'road' category is not included in the severity_weights dictionary, so it will use the default weight of 5. The test at line 97 expects this behavior (Road with weight 5). However, there are specific road-related categories like 'pothole' (weight 10) and 'blocked' (weight 15) that ARE defined. Consider explicitly adding 'road': 5 to the dictionary for clarity and to make the default behavior explicit, or document why 'road' uses the default weight while specific road issues have their own weights.

[Copilot]

The safety score endpoint performs a synchronous blocking database query without using run_in_threadpool. While this is consistent with the get_nearby_issues endpoint pattern, other read-heavy endpoints in this file (like verify_blockchain_integrity at line 616) use async with run_in_threadpool for better concurrency. Consider making this endpoint async and wrapping the DB query in run_in_threadpool to prevent blocking the event loop, especially since this endpoint could be called frequently from frontend applications.

[Copilot]

Security-critical MIME type validation is silently skipped when python-magic is not installed. According to stored memories, python-magic should be imported with try/except fallback, but security-critical MIME validation must not be silently skipped. When HAS_MAGIC is False, the code proceeds directly to PIL validation without any MIME type checking, which could allow malicious files disguised as images to bypass the first line of defense.

Consider either:

1. Raise an HTTPException during startup if python-magic is not available
2. Implement a fallback MIME check using the file extension and PIL format validation
3. Document that python-magic is a required dependency and fail explicitly if not present during security checks

[Copilot]

Security-critical MIME type validation is silently skipped when python-magic is not installed. This is the same issue as in _validate_uploaded_file_sync. When HAS_MAGIC is False, files proceed directly to PIL validation without MIME type checking from the actual file content, which weakens security defenses against malicious file uploads.

Suggested change

	)
	)
	else:
	# Fallback MIME/type validation using Pillow when python-magic is unavailable
	try:
	img_probe = Image.open(file.file)
	# Verify that the file is a valid image
	img_probe.verify()
	# Map the detected image format to a MIME type (e.g., "JPEG" -> "image/jpeg")
	detected_mime = Image.MIME.get(img_probe.format)
	# Reset the file pointer so the image can be reopened below
	file.file.seek(0)
	if not detected_mime or detected_mime not in ALLOWED_MIME_TYPES:
	raise HTTPException(
	status_code=400,
	detail=f"Invalid file type. Only image files are allowed. Detected: {detected_mime}"
	)
	except HTTPException:
	# Reraise HTTPExceptions unchanged
	raise
	except Exception as probe_error:
	logger.error(f"Pillow-based MIME detection failed: {probe_error}")
	file.file.seek(0)
	raise HTTPException(
	status_code=400,
	detail="Invalid or unsupported image file."
	)

[cubic-dev-ai]

5 issues found across 5 files

Prompt for AI agents (all issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="backend/utils.py">

<violation number="1" location="backend/utils.py:15">
P1: Security: MIME type validation is silently skipped when `python-magic` is unavailable. There is no log warning at import time or at the point of use, so operators won't know a security check is disabled. At minimum, log a warning when `HAS_MAGIC` is False so deployments without `python-magic` are visible. Consider also logging at the call sites.</violation>
</file>

<file name="backend/models.py">

<violation number="1" location="backend/models.py:166">
P2: Self-referential foreign key missing `ondelete` behavior. Deleting a parent issue will raise an `IntegrityError` if any child issue references it via `parent_issue_id`. Since the column is nullable, `ondelete="SET NULL"` is likely the intended behavior—child issues would simply lose their parent link rather than blocking deletion.</violation>
</file>

<file name="backend/routers/issues.py">

<violation number="1" location="backend/routers/issues.py:194">
P2: `parent_issue_id` will always be `None` here. A new issue is only created when no nearby issues are found (or deduplication failed), but `linked_issue_id` is only set to a non-None value when nearby issues *are* found (which skips issue creation). This field is effectively dead — if the intent was to store a parent link, the logic needs reworking.</violation>

<violation number="2" location="backend/routers/issues.py:650">
P2: Unreachable dead code: the legacy fallback block can never execute. The outer `if stored_prev_hash` requires `current_issue.previous_integrity_hash` to be truthy (since `stored_prev_hash = current_issue.previous_integrity_hash or ""`), but the inner condition `if not current_issue.previous_integrity_hash` requires it to be falsy — a contradiction. If legacy backward compatibility is needed, this logic must be restructured (e.g., move the legacy check to an `else` branch when `stored_prev_hash` is empty).</violation>
</file>

<file name="backend/tests/test_blockchain_and_safety.py">

<violation number="1" location="backend/tests/test_blockchain_and_safety.py:34">
P2: Module-level dependency override will leak into other test modules that share the same `app` instance. Move `app.dependency_overrides[get_db] = override_get_db` into the `client` fixture and add `app.dependency_overrides.clear()` in the teardown to prevent test isolation issues.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[cubic-dev-ai]

P2: Self-referential foreign key missing ondelete behavior. Deleting a parent issue will raise an IntegrityError if any child issue references it via parent_issue_id. Since the column is nullable, ondelete="SET NULL" is likely the intended behavior—child issues would simply lose their parent link rather than blocking deletion.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At backend/models.py, line 166:

<comment>Self-referential foreign key missing `ondelete` behavior. Deleting a parent issue will raise an `IntegrityError` if any child issue references it via `parent_issue_id`. Since the column is nullable, `ondelete="SET NULL"` is likely the intended behavior—child issues would simply lose their parent link rather than blocking deletion.</comment>

<file context>
@@ -162,6 +162,8 @@ class Issue(Base):
     action_plan = Column(JSONEncodedDict, nullable=True)
     integrity_hash = Column(String, nullable=True)  # Blockchain integrity seal
+    previous_integrity_hash = Column(String, nullable=True)
+    parent_issue_id = Column(Integer, ForeignKey("issues.id"), nullable=True)
 
 class PushSubscription(Base):
</file context>

Suggested change

	parent_issue_id = Column(Integer, ForeignKey("issues.id"), nullable=True)
	parent_issue_id = Column(Integer, ForeignKey("issues.id", ondelete="SET NULL"), nullable=True)

[cubic-dev-ai]

P2: parent_issue_id will always be None here. A new issue is only created when no nearby issues are found (or deduplication failed), but linked_issue_id is only set to a non-None value when nearby issues are found (which skips issue creation). This field is effectively dead — if the intent was to store a parent link, the logic needs reworking.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At backend/routers/issues.py, line 194:

<comment>`parent_issue_id` will always be `None` here. A new issue is only created when no nearby issues are found (or deduplication failed), but `linked_issue_id` is only set to a non-None value when nearby issues *are* found (which skips issue creation). This field is effectively dead — if the intent was to store a parent link, the logic needs reworking.</comment>

<file context>
@@ -189,7 +189,9 @@ async def create_issue(
-                integrity_hash=integrity_hash
+                integrity_hash=integrity_hash,
+                previous_integrity_hash=prev_hash,
+                parent_issue_id=linked_issue_id
             )
 
</file context>

[cubic-dev-ai]

1 issue found across 2 files (changes from recent commits).

Prompt for AI agents (all issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="start-backend.py">

<violation number="1" location="start-backend.py:34">
P1: Commenting out `return False` causes the function to fall through and print `"✅ Environment validation passed"` even when required variables are missing, producing contradictory log output. The `main()` guard (`if not validate_environment(): sys.exit(1)`) also becomes dead code since the function now always returns `True`.

If the intent is to allow startup with missing vars, the function should at minimum skip the "validation passed" message and clearly indicate degraded mode. Consider returning a status or adjusting the log output accordingly.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[github-actions]

🔍 Quality Reminder

Thanks for the updates! Please ensure:
- Your changes don't break existing functionality
- All tests still pass
- Code quality standards are maintained

*The maintainers will verify that the overall project flow remains intact.*