chore(db): drop 17 duplicate/no-op migrations to unblock Supabase Preview gate

[adm01-debug]

Contexto

O gate Supabase Preview falha desde 14/mai/2026 com erro "Remote migration versions not found in local migrations directory".

Causa-raiz: o git contém migrations que não existem em prod por timestamp idêntico, criando "out-of-order detection" no Supabase CLI. Outras sessões de Claude criaram arquivos no git com timestamp X, aplicaram em prod via apply_migration (timestamp Y diferente), e nunca limparam o arquivo do git.

Validação executada (análise forense sem mexer em prod)

6 migrations com canon md5 IDÊNTICO entre git e prod (duplicatas exatas)

Git	Prod aplicada
20260514000000_fix_policy_idempotency_and_security	20260514200725_fix_policy_idempotency_and_security
20260514230000_onda16_drop_legacy_email_like_admin_policies	20260514233703_onda16_drop_legacy_email_like_admin_policies
20260515000000_onda17_fn_quotes_recalc_subtotal_completo	20260514235639_onda17_fn_quotes_recalc_subtotal_completo
20260515030000_onda19_numeric_precision	20260515020250_onda19_numeric_precision
20260515040000_onda19_followup_track_functions_fix_view_security	20260515103945_onda19_followup_track_functions_fix_view_security
20260515120000_fix_audit_ownership_orphans_uuid_only	20260515124035_fix_audit_ownership_orphans_only_uuid_columns

2 migrations funcionalmente equivalentes (mesmo efeito final)

• 20260515010000_onda18a_quote_isolation_rls — git tem 3 linhas extras de REVOKE/GRANT, MAS prod aplicou esses extras em 3 migrations separadas (20260515010528, 20260515010546, 20260515013126). Resultado final idêntico.
• 20260515020000_onda18b_backfill_user_organizations — git usa lookup dinâmico, prod usou UUID hardcoded. Mesmo backfill já executado em prod (20260515005356).

9 migrations cujos objetos JÁ EXISTEM em prod (no-op se aplicadas)

• 20260512210001_enable_pg_stat_statements — extensão habilitada
• 20260514000001_t38_deploy_hardening_final — ACLs is_admin_or_above/is_coord_or_above corretas
• 20260514000002_t39_create_missing_tables — 12/12 tabelas existem
• 20260515123000_t40b_harden_get_edge_function_secret_acl — ACL correta (postgres+service_role)
• 20260515130000_revoke_org_has_any_members_public — ACL correta
• 20260515150000_onda20_fix_t38_regression_and_bilateral_gate — função existe + ACLs corretas
• 20260515040001_fix_profiles_user_id_definitive — profiles funciona com id (8 rows, 2 policies); migration faria mudança de schema sem benefício
• 20250103180001_02_rls_organizations_idempotent — schema drift: só 5/17 tabelas têm organization_id; PromoGifts é sistema interno
• 20260515120000_t40_fix_error_advisor_violations — (17º arquivo achado durante operação) todas as 10 tabelas/views NÃO existem em prod (client_contacts, webhook_, v_); idempotente, no-op

Nota de processo

Durante a execução, commit df5884f deletou um arquivo direto no main por engano (parâmetro branch ausente no MCP github_delete_file). Restaurado imediatamente via e5916d3. Histórico do main preserva ambos (delete+revert se cancelam funcionalmente). Memória atualizada com guardrail.

Resultado esperado

• Supabase Preview gate volta a passar (sem migrations git out-of-order)
• Status quo de prod 100% mantido (zero mudanças no banco)
• Não há mudança funcional no sistema

Rollback

Se Supabase Preview continuar falhando após merge, basta reverter este PR — nenhuma mudança em prod foi feita.

---

Summary by cubic

Dropped 17 duplicate or no-op database migration files to unblock the Supabase Preview gate. Repo-only cleanup; production schema and data stay the same.

• Bug Fixes
  • Fixed "Remote migration versions not found in local migrations directory" by removing out-of-order migrations (6 exact duplicates, 2 functionally equivalent, 9 no-ops).
  • Kept previews consistent with prod by aligning local supabase/migrations with applied versions.
  • If the gate still fails, rollback is to revert this PR.

^{Written for commit 507b94e. Summary will update on new commits. Review in cubic}

Summary by CodeRabbit

Notas de Lançamento

• Revert
  • Revertidas múltiplas alterações de banco de dados em cascata.
  • Restauradas configurações anteriores de segurança e controle de acesso.
  • Removidas extensões, visualizações e funções auxiliares de monitoramento e auditoria.
  • Revertidas correções de precisão numérica e normalizações de dados.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
promo-gifts	Ready	Preview, Comment	May 15, 2026 6:28pm

[supabase]

Updates to Preview Branch (cleanup/delete-16-duplicate-migrations) ↗︎

Deployments	Status	Updated
Database	✅	Fri, 15 May 2026 18:31:08 UTC
Services	✅	Fri, 15 May 2026 18:31:08 UTC
APIs	✅	Fri, 15 May 2026 18:31:08 UTC

Tasks are run on every commit but only new migration files are pushed.
Close and reopen this PR if you want to apply changes from existing seed or migration files.

Tasks	Status	Updated
Configurations	✅	Fri, 15 May 2026 18:31:18 UTC
Migrations	❌	Fri, 15 May 2026 18:33:48 UTC
Seeding	⏸️	Fri, 15 May 2026 18:28:34 UTC
Edge Functions	⏸️	Fri, 15 May 2026 18:28:34 UTC

---

❌ Branch Error • Fri, 15 May 2026 18:33:49 UTC

ERROR: function public.apply_transform(text, character varying, jsonb) does not exist (SQLSTATE 42883)
At statement: 1
ALTER FUNCTION public.apply_transform(text, character varying, jsonb)                             SECURITY INVOKER

---

View logs for this Workflow Run ↗︎.
Learn more about Supabase for Git ↗︎.

[Copilot]

Pull request overview

Deletes 17 migration files from supabase/migrations/ that conflict with the Supabase Preview gate. The gate has been failing since 2026-05-14 with "Remote migration versions not found in local migrations directory" because these files have timestamps that diverge from what was actually applied to production (other sessions applied DDL via apply_migration with different timestamps and never cleaned the git copies). Per the repo convention, supabase/migrations is legacy history and Supabase DB is the source of truth, so dropping these files is the standard remediation.

Changes:

• Removes 6 migrations that are exact md5 duplicates of already-applied prod migrations (different timestamps).
• Removes 2 migrations whose effects were already applied to prod via different (split or hardcoded) migrations.
• Removes 9 migrations whose target objects already exist in prod (no-ops if replayed) or describe schema drift that is intentionally not being aligned (e.g., multi-tenant organization_id rollout, profiles user_id reshape).

Reviewed changes

Copilot reviewed 17 out of 17 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
20260514000000_fix_policy_idempotency_and_security.sql	Exact duplicate of applied 20260514200725_*.
20260514230000_onda16_drop_legacy_email_like_admin_policies.sql	Exact duplicate of applied 20260514233703_*.
20260515000000_onda17_fn_quotes_recalc_subtotal_completo.sql	Exact duplicate of applied 20260514235639_*.
20260515030000_onda19_numeric_precision.sql	Exact duplicate of applied 20260515020250_*.
20260515040000_onda19_followup_track_functions_fix_view_security.sql	Exact duplicate of applied 20260515103945_*.
20260515120000_fix_audit_ownership_orphans_uuid_only.sql	Exact duplicate of applied 20260515124035_*.
20260515010000_onda18a_quote_isolation_rls.sql	Functionally equivalent; prod applied via 3 split migrations.
20260515020000_onda18b_backfill_user_organizations.sql	Backfill already executed in prod via 20260515005356.
20260512210001_enable_pg_stat_statements.sql	Extension already enabled in prod.
20260514000001_t38_deploy_hardening_final.sql	Hardening already applied in prod (ACLs match).
20260514000002_t39_create_missing_tables.sql	All 12 tables already exist in prod.
20260515123000_t40b_harden_get_edge_function_secret_acl.sql	ACL already correct in prod.
20260515130000_revoke_org_has_any_members_public.sql	ACL already correct in prod.
20260515150000_onda20_fix_t38_regression_and_bilateral_gate.sql	Function and ACLs already correct in prod.
20260515040001_fix_profiles_user_id_definitive.sql	Schema drift not being reconciled (profiles uses id).
20250103180001_02_rls_organizations_idempotent.sql	Multi-tenant rollout intentionally not applied (PromoGifts is single-tenant).
20260515120000_t40_fix_error_advisor_violations.sql	All 10 referenced tables/views do not exist in prod (no-op).

A few caveats worth flagging for human review (rather than blocking comments — they apply to the PR as a whole rather than to a specific changed line):

• supabase db reset / fresh-environment behaviour. Several deleted files (notably t39_create_missing_tables, t38_deploy_hardening_final, onda20_fix_t38_regression_and_bilateral_gate, the onda17/18a/18b/19 set) created tables, hardening functions, RLS policies and triggers that other migrations may reference. After this PR a supabase db reset from migrations alone would no longer rebuild that state. The PR description acknowledges this is acceptable since prod is the source of truth, but it's worth confirming that no Preview/CI flow attempts a from-scratch replay.
• Replacement coverage in repo. A few of the "already applied in prod via different timestamp" cases (e.g., the onda18a REVOKE/GRANT split into 20260515010528/010546/013126, the onda16 storage policy work via 20260513040959_*) rely on those replacement files being present in supabase/migrations/. Worth a quick check that nothing was orphaned.
• 20260515040001_fix_profiles_user_id_definitive.sql is the one deletion that is not a duplicate or no-op — it would actively change schema. Deleting is fine given the description's rationale, but this is the file whose removal is most consequential if the analysis is wrong.

I haven't found objective issues in the diff itself (it's pure deletion of files whose forensic justification is documented), but the operational risk and reliance on out-of-band md5/ACL/object-existence verification put this above the bar for automated approval.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[cubic-dev-ai]

No issues found across 17 files

_{Re-trigger cubic}

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 1151669a-1f6f-4558-8864-fe1c092683e0

📥 Commits

Reviewing files that changed from the base of the PR and between e5916d3 and 507b94e.

📒 Files selected for processing (17)

• supabase/migrations/20250103180001_02_rls_organizations_idempotent.sql
• supabase/migrations/20260512210001_enable_pg_stat_statements.sql
• supabase/migrations/20260514000000_fix_policy_idempotency_and_security.sql
• supabase/migrations/20260514000001_t38_deploy_hardening_final.sql
• supabase/migrations/20260514000002_t39_create_missing_tables.sql
• supabase/migrations/20260514230000_onda16_drop_legacy_email_like_admin_policies.sql
• supabase/migrations/20260515000000_onda17_fn_quotes_recalc_subtotal_completo.sql
• supabase/migrations/20260515010000_onda18a_quote_isolation_rls.sql
• supabase/migrations/20260515020000_onda18b_backfill_user_organizations.sql
• supabase/migrations/20260515030000_onda19_numeric_precision.sql
• supabase/migrations/20260515040000_onda19_followup_track_functions_fix_view_security.sql
• supabase/migrations/20260515040001_fix_profiles_user_id_definitive.sql
• supabase/migrations/20260515120000_fix_audit_ownership_orphans_uuid_only.sql
• supabase/migrations/20260515120000_t40_fix_error_advisor_violations.sql
• supabase/migrations/20260515123000_t40b_harden_get_edge_function_secret_acl.sql
• supabase/migrations/20260515130000_revoke_org_has_any_members_public.sql
• supabase/migrations/20260515150000_onda20_fix_t38_regression_and_bilateral_gate.sql

💤 Files with no reviewable changes (17)

• supabase/migrations/20260515130000_revoke_org_has_any_members_public.sql
• supabase/migrations/20260515120000_fix_audit_ownership_orphans_uuid_only.sql
• supabase/migrations/20260514230000_onda16_drop_legacy_email_like_admin_policies.sql
• supabase/migrations/20250103180001_02_rls_organizations_idempotent.sql
• supabase/migrations/20260515040001_fix_profiles_user_id_definitive.sql
• supabase/migrations/20260515040000_onda19_followup_track_functions_fix_view_security.sql
• supabase/migrations/20260515010000_onda18a_quote_isolation_rls.sql
• supabase/migrations/20260512210001_enable_pg_stat_statements.sql
• supabase/migrations/20260515120000_t40_fix_error_advisor_violations.sql
• supabase/migrations/20260515123000_t40b_harden_get_edge_function_secret_acl.sql
• supabase/migrations/20260514000001_t38_deploy_hardening_final.sql
• supabase/migrations/20260514000000_fix_policy_idempotency_and_security.sql
• supabase/migrations/20260515020000_onda18b_backfill_user_organizations.sql
• supabase/migrations/20260515150000_onda20_fix_t38_regression_and_bilateral_gate.sql
• supabase/migrations/20260514000002_t39_create_missing_tables.sql
• supabase/migrations/20260515000000_onda17_fn_quotes_recalc_subtotal_completo.sql
• supabase/migrations/20260515030000_onda19_numeric_precision.sql

---

Walkthrough

Este PR remove integralmente 16 migrações SQL acumuladas entre janeiro e maio de 2026. As remoções impactam hardening de SECURITY DEFINER, políticas RLS, funções de auditoria, criação de tabelas críticas, triggers de recálculo de quotes, monitoramento de performance e ajustes de índices/autovacuum. É essencialmente um revert massivo de hardening e funcionalidade de banco de dados.

Changes

Cohort / File(s)	Summary
Hardening de segurança e RLS supabase/migrations/20260514000000_fix_policy_idempotency_and_security.sql, supabase/migrations/20260514230000_onda16_drop_legacy_email_like_admin_policies.sql, supabase/migrations/20260515010000_onda18a_quote_isolation_rls.sql, supabase/migrations/20250103180001_02_rls_organizations_idempotent.sql	Remove-se políticas RLS para organizações, membros, contatos CRM, isolamento de quotes por vendedor; remove-se remoção de policies legadas baseadas em email admin; remove-se funções org_has_any_members() e can_access_quote() para controle de acesso SECURITY DEFINER.
ACL/GRANT/REVOKE e audit de segurança supabase/migrations/20260515130000_revoke_org_has_any_members_public.sql, supabase/migrations/20260515150000_onda20_fix_t38_regression_and_bilateral_gate.sql, supabase/migrations/20260515123000_t40b_harden_get_edge_function_secret_acl.sql, supabase/migrations/20260514000001_t38_deploy_hardening_final.sql	Remove-se endurecimento de ACL em org_has_any_members, is_admin_or_above, is_coord_or_above; remove-se auditoria bilateral de SECURITY DEFINER (audit_security_definer_acl); remove-se hardening de get_edge_function_secret; remove-se consolidação de políticas audit_log.
Hardening de views e RLS bulk supabase/migrations/20260515120000_t40_fix_error_advisor_violations.sql, supabase/migrations/20260515040000_onda19_followup_track_functions_fix_view_security.sql, supabase/migrations/20260515040001_fix_profiles_user_id_definitive.sql	Remove-se security_invoker=true em v_product_novelties e v_color_hierarchy; remove-se hardening de v_audit_paradoxos_gravacao; remove-se ENABLE RLS em 10+ tabelas (webhook_configs, product_reviews, etc.); remove-se correção de user_id em profiles com FK e policies RLS.
Funções de auditoria e ownership supabase/migrations/20260515120000_fix_audit_ownership_orphans_uuid_only.sql	Remove-se função audit_ownership_orphans() que detectava orfandade de foreign keys UUID em auth.users e persistia relatórios de segurança.
Tabelas, triggers e funcionalidade de quotes supabase/migrations/20260514000002_t39_create_missing_tables.sql, supabase/migrations/20260515000000_onda17_fn_quotes_recalc_subtotal_completo.sql	Remove-se criação de 12 tabelas com RLS/índices/triggers (admin_settings, product_groups, component_locations, ai_cache_events, price_freshness_overrides, etc.); remove-se buckets storage; remove-se fn_quotes_recalc_subtotal_from_items() que recalcula quotes com markup/desconto/frete.
Limpeza de dados e backfill supabase/migrations/20260515020000_onda18b_backfill_user_organizations.sql	Remove-se backfill idempotente de user_organizations para organização Promobrind mapeando user_roles para org_role.
Performance e diagnóstico supabase/migrations/20260512210001_enable_pg_stat_statements.sql, supabase/migrations/20260515030000_onda19_numeric_precision.sql	Remove-se criação de extensão pg_stat_statements e view slow_queries_view (com acesso service_role-only) para diagnóstico de queries lentas; remove-se padronização de precisão numeric em colunas de quotes.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutos

Justificativa: 16 migrações SQL removidas com impacto cruzado (segurança, RLS, audit, tabelas, triggers, hardening ACL). Requer análise de cada cluster (hardening SECURITY DEFINER, isolamento de quotes, tabelas críticas, monitoramento) para entender se é revert intencional ou erro. Alto risco de regressão de segurança e funcionalidade em produção.

Possibly related PRs

• adm01-debug/Promo_Gifts#212: Altera a mesma função fn_quotes_recalc_subtotal_from_items() ajustando lógica de markup/desconto que está sendo removida neste PR.
• adm01-debug/Promo_Gifts#224: Remove as mesmas GRANT/REVOKE e audit_security_definer_acl() de hardening que o main PR está desfazendo.
• adm01-debug/Promo_Gifts#225: Adiciona endurecimento ACL de org_has_any_members() que este PR está removendo.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	O título descreve com precisão a ação principal: remover 17 migrações duplicadas/no-op para desbloquear o gate do Supabase Preview.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch cleanup/delete-16-duplicate-migrations

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 507b94ef19

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Preserve executable SQL for production-applied migrations

Deleting this migration leaves the repository with only the placeholder 20260515020250_applied_to_production.sql for the production-applied version, and that file contains no executable SQL. Any fresh Supabase Preview/local database that replays the local migrations will therefore skip these ALTER TABLE statements, so money/discount columns like quotes.real_subtotal and quotes.discount_percent keep their old unconstrained numeric definitions while production has the bounded (10,2)/(5,2) schema; tests can pass against a schema that accepts values production rounds/rejects, reintroducing the schema drift this migration was meant to close. Please keep the actual SQL under the production timestamp instead of replacing it with a stub/deleting the only executable copy.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Keep the quote isolation migration executable

Removing this migration leaves the older org_members_view_quotes policy from 20250103020000_rls_organizations.sql in place on fresh Preview/local databases; I searched the migrations and this deleted statement is the only later drop of that policy. Because Postgres combines permissive RLS policies with OR semantics, that old policy still lets any authenticated member of the organization select every quote in the org, bypassing the seller-only scope that this migration introduces for vendedor/agente users. Keep this SQL under the production-applied timestamp rather than replacing it with empty placeholder files.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Preserve the bilateral SECURITY DEFINER gate

Deleting this replacement leaves fresh Preview/local databases with the older audit_security_definer_acl() from 20260427114657_060d4634-693c-4d21-980e-e448d7166307.sql, which only checks PUBLIC/anon/trigger grants. The CI script scripts/check-security-definer-acl.mjs calls this RPC, so without this deleted policy_uses branch it will no longer catch SECURITY DEFINER helpers used by RLS policies but missing EXECUTE for authenticated—the exact regression documented here as causing 42501 failures. Keep this SQL under the production-applied timestamp instead of replacing it with an empty placeholder.

Useful? React with 👍 / 👎.