client/www/pages/docs/modeling-data.md (1)

395-400: Add a language tag to the fenced code block.

The code block is missing a language specifier, which triggers MD040 linting warnings.

Suggested fix

-```
+```typescript
 postAuthor: {
   forward: { on: "profiles", has: "many", label: "authoredPosts" },
   reverse: { on: "posts", has: "one", label: "author", onDelete: "restrict" },
 }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@client/www/pages/docs/modeling-data.md` around lines 395 - 400, The fenced
code block containing the postAuthor relation example is missing a language tag
which triggers MD040; update the block to include a language specifier (e.g.,
add "typescript" after the opening triple backticks) for the block that shows
postAuthor with forward and reverse definitions (forward, reverse, label,
onDelete) so the linter recognizes the language.

client/packages/platform/src/api.ts (1)

422-438: LGTM!

The conversion logic correctly handles both 'cascade' and 'restrict' values for forward and reverse onDelete fields.

💡 Optional: Extract a helper to reduce repetition

function mapOnDelete(value: string | null | undefined): 'cascade' | 'restrict' | undefined {
  if (value === 'cascade') return 'cascade';
  if (value === 'restrict') return 'restrict';
  return undefined;
}

// Then use:
onDelete: mapOnDelete(attr['on-delete']),
// ...
onDelete: mapOnDelete(attr['on-delete-reverse']),

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@client/packages/platform/src/api.ts` around lines 422 - 438, The onDelete
mapping logic is duplicated for forward and reverse fields; define a helper
function mapOnDelete(value: string | null | undefined): 'cascade' | 'restrict' |
undefined that returns 'cascade' for "cascade", 'restrict' for "restrict",
otherwise undefined, and replace the inline ternaries in the onDelete
assignments (the ones using attr['on-delete'] and attr['on-delete-reverse'])
with calls to mapOnDelete(attr['on-delete']) and
mapOnDelete(attr['on-delete-reverse']) respectively to remove repetition and
centralize the mapping logic.

server/src/instant/db/transaction.clj (1)

530-545: Redundant condition and inconsistent namespace alias.

Two minor issues:

1. Redundant check (line 532): The condition (= cascade-rule :restrict) is always true inside the :restrict case branch and can be removed.

2. Inconsistent alias (line 537): The file imports [clojure.string :as string] but uses the fully-qualified clojure.string/join here instead of string/join.

♻️ Proposed cleanup

                         (case cascade-rule
                           :restrict
-                          (when (and (= cascade-rule :restrict)
-                                     (not (contains? original-deleted-entities [entity_id etype])))
+                          (when-not (contains? original-deleted-entities [entity_id etype])
                             (ex/throw-validation-err!
                              :on-delete-restrict
                              (map vectorize-tx-step tx-step-maps)
-                             [{:message (format (clojure.string/join
+                             [{:message (format (string/join
                                                  " "
                                                  ["This transaction violates an on-delete constraint."
                                                   "The `%s` entity cannot be deleted unless its"
-                                                  "linked `%s` entity is deleted first."]                                                 )
+                                                  "linked `%s` entity is deleted first."])
                                                 parent_etype
                                                 etype)}]))
                           `#_else`
                           ent))))

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@server/src/instant/db/transaction.clj` around lines 530 - 545, Inside the
:restrict branch of the case for cascade-rule, remove the redundant check (=
cascade-rule :restrict) from the when condition (it’s always true in that
branch) and replace the fully-qualified clojure.string/join call with the
aliased string/join to match the file's import; the change affects the when that
calls ex/throw-validation-err! (referencing vectorize-tx-step, tx-step-maps,
parent_etype, etype) so ensure those symbols remain unchanged while simplifying
the condition and using string/join.

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

client/www/pages/docs/modeling-data.md (1)

395-400: Past review comment about missing language tag has been addressed.

Line 395 now correctly includes the ```typescript language specifier.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@client/www/pages/docs/modeling-data.md` around lines 395 - 400, The review
noted the missing language tag has already been fixed for the code block
defining postAuthor (the block containing the postAuthor object with
forward/reverse relations), so remove or mark the duplicate review comment as
resolved; search for the postAuthor snippet in docs/modeling-data.md and delete
the redundant "[duplicate_comment]" review note or update the PR review thread
to indicate the issue is addressed.

client/packages/cli/src/renderSchemaPlan.ts (1)

57-57: Intentional != — add a comment to prevent accidental tightening to !==.

null != undefined evaluates to false under loose equality, which correctly treats both as "no on-delete action." Changing to !== would make null → undefined transitions appear as spurious diffs. The same applies to line 75 for prevOnDeleteReverse != newOnDeleteReverse.

💬 Suggested inline comment

-    if (prevOnDelete != newOnDelete) {
+    // Use loose != so that null and undefined are treated as equivalent ("no action")
+    if (prevOnDelete != newOnDelete) {

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@client/packages/cli/src/renderSchemaPlan.ts` at line 57, The loose equality
checks using prevOnDelete != newOnDelete (and the analogous prevOnDeleteReverse
!= newOnDeleteReverse) are intentional to treat null and undefined as
equivalent; add a short inline comment next to each check explaining that the
loose != is deliberate to avoid treating null→undefined transitions as diffs and
to prevent future accidental tightening to !==, e.g., "/* intentional loose
equality: treat null and undefined as equivalent */" so reviewers understand the
rationale.

server/src/instant/util/test.clj (1)

85-98: Docstring does not cover the new :on-delete-restrict / :on-delete-reverse-restrict keywords.

The docstring at line 85 shows :on-delete-reverse (cascade) as the only on-delete example, but the case now also handles :on-delete-restrict and :on-delete-reverse-restrict. Consider adding entries for both new options so callers know what to pass.

📝 Proposed docstring update

   Or a ref:

-     [[:B/c :C/bs] :many :unique? :on-delete-reverse]
+     [[:B/c :C/bs] :many :unique? :on-delete-reverse]        ; reverse-side cascade
+     [[:B/c :C/bs] :many :unique? :on-delete-restrict]       ; forward-side restrict
+     [[:B/c :C/bs] :many :unique? :on-delete-reverse-restrict] ; reverse-side restrict

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@server/src/instant/util/test.clj` around lines 85 - 98, Update the docstring
that documents the on-delete options to include entries for the new keywords
:on-delete-restrict and :on-delete-reverse-restrict in addition to the existing
:on-delete-reverse example; specifically add short example blocks showing the
expected transformation (namespace, ident, reverse ns, reverse ident, type,
cardinality, unique?, index?, and on-delete-restrict or
on-delete-reverse-restrict values) so callers know to pass :on-delete-restrict
and :on-delete-reverse-restrict similarly to :on-delete-reverse.

client/packages/platform/src/api.ts (1)

422-438: Redundant type assertions and verbose ternary can be simplified.

attr['on-delete'] is already typed as InstantDBAttrOnDelete | null | undefined, so the explicit exhaustive ternary with as 'cascade' / as 'restrict' casts is unnecessary. Both forward and reverse onDelete mappings reduce to:

attr['on-delete'] ?? undefined

since null ?? undefined === undefined and the string literals pass through unchanged.

♻️ Proposed simplification

     forward: {
       on: fe,
       has: fhas,
       label: flabel,
       required: attr['required?'] || undefined,
-      onDelete:
-        attr['on-delete'] === 'cascade'
-          ? ('cascade' as 'cascade')
-          : attr['on-delete'] === 'restrict'
-            ? ('restrict' as 'restrict')
-            : undefined,
+      onDelete: attr['on-delete'] ?? undefined,
     },
     reverse: {
       on: re,
       has: rhas,
       label: rlabel,
-      onDelete:
-        attr['on-delete-reverse'] === 'cascade'
-          ? ('cascade' as 'cascade')
-          : attr['on-delete-reverse'] === 'restrict'
-            ? ('restrict' as 'restrict')
-            : undefined,
+      onDelete: attr['on-delete-reverse'] ?? undefined,
     },

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@client/packages/platform/src/api.ts` around lines 422 - 438, The onDelete
mapping uses redundant ternaries and type assertions; simplify both forward and
reverse mappings by returning the existing typed value directly. Replace the
nested ternaries that set onDelete in the forward mapping (currently using
attr['on-delete'] === 'cascade' ? ('cascade' as 'cascade') : ...) with a direct
pass-through like attr['on-delete'] ?? undefined, and do the same for the
reverse mapping using attr['on-delete-reverse'] ?? undefined; this removes
unnecessary casts and preserves the existing InstantDBAttrOnDelete | null |
undefined semantics in the objects where on, has, label, onDelete are defined
(refer to the reverse block and the variables re, rhas, rlabel).

server/src/instant/db/transaction.clj (1)

530-545: Redundant condition inside case branch.

On line 532, (= cascade-rule :restrict) is always true because the enclosing case already matched :restrict. The when only needs the (not (contains? ...)) check.

♻️ Simplified condition

                        (case cascade-rule
                          :restrict
-                         (when (and (= cascade-rule :restrict)
-                                    (not (contains? original-deleted-entities [entity_id etype])))
+                         (when-not (contains? original-deleted-entities [entity_id etype])
                            (ex/throw-validation-err!

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@server/src/instant/db/transaction.clj` around lines 530 - 545, The code
inside the case branch for :restrict redundantly checks (= cascade-rule
:restrict) even though the enclosing case already matched :restrict; remove that
redundant equality check and only guard the error throw with (not (contains?
original-deleted-entities [entity_id etype])) so the logic in the branch (which
calls ex/throw-validation-err! with vectorize-tx-step and tx-step-maps and
formats parent_etype and etype) remains the same but with the simplified
condition referencing cascade-rule, original-deleted-entities, entity_id, etype,
tx-step-maps, vectorize-tx-step and ex/throw-validation-err!.

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

client/packages/components/src/components/explorer/edit-namespace-dialog.tsx (1)

432-435: undefined vs null for disabled on-delete (unresolved)

AddAttrForm still passes undefined when on-delete is disallowed, while EditAttrForm (lines 1701–1704) passes null. JSON serialization drops undefined keys but preserves null.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@client/packages/components/src/components/explorer/edit-namespace-dialog.tsx`
around lines 432 - 435, The AddAttrForm currently sets 'on-delete' and
'on-delete-reverse' to undefined when disallowed, but EditAttrForm uses null;
change AddAttrForm to pass null instead of undefined for those props so the keys
are preserved during JSON serialization—update the object that sets 'on-delete'
and 'on-delete-reverse' in edit-namespace-dialog.tsx (the AddAttrForm prop
assignment) to use null when isOnDeleteAllowed/isOnDeleteReverseAllowed are
false, matching EditAttrForm.

server/src/instant/db/transaction.clj (1)

530-543: Redundant guard inside :restrict case branch.

On line 532, (= cascade-rule :restrict) is always true because we're already inside the :restrict branch of the case. This is dead code.

♻️ Suggested simplification

             (case cascade-rule
               :restrict
-              (when (and (= cascade-rule :restrict)
-                         (not (contains? original-deleted-entities [entity_id etype])))
+              (when-not (contains? original-deleted-entities [entity_id etype])
                 (ex/throw-validation-err!
                  :on-delete-restrict
                  (map vectorize-tx-step tx-step-maps)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@server/src/instant/db/transaction.clj` around lines 530 - 543, Inside the
:restrict branch remove the redundant (= cascade-rule :restrict) guard since
case already matched :restrict; change the when condition in the branch to only
check (not (contains? original-deleted-entities [entity_id etype])) so the
ex/throw-validation-err! call (using vectorize-tx-step, tx-step-maps,
parent_etype, etype) fires only when the linked entity hasn't already been
deleted.

client/packages/components/src/components/explorer/edit-namespace-dialog.tsx (2)

926-928: onDelete/onDeleteReverse state persists across relationship-type changes

In AddAttrForm, if a user selects cascade/restrict, then changes to a relationship type that disables on-delete (e.g., many-many), then switches back, the previously selected action reappears checked. Consider resetting onDelete/onDeleteReverse to null in the setRelationship handler when the new type makes them disallowed.

♻️ Example reset in RelationshipConfigurator's onChange

 onChange={(v) => {
   setRelationship(v.value);
+  // Clear on-delete state when the new relationship doesn't allow it
+  const newIsOnDeleteAllowed =
+    v.value === 'one-one' || v.value === 'one-many';
+  const newIsOnDeleteReverseAllowed =
+    v.value === 'one-one' || v.value === 'many-one';
+  if (!newIsOnDeleteAllowed) setOnDelete(null);
+  if (!newIsOnDeleteReverseAllowed) setOnDeleteReverse(null);
 }}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@client/packages/components/src/components/explorer/edit-namespace-dialog.tsx`
around lines 926 - 928, The selected onDelete/onDeleteReverse values persist
when switching relationship types; update the relationship change handler (where
setRelationship is called, e.g., the onChange in
RelationshipConfigurator/AddAttrForm) to clear disallowed cascade/restrict state
by setting onDelete and onDeleteReverse to null whenever the newly chosen
relationship type does not support them; specifically, inside the onChange that
calls setRelationship(v.value) detect the target relationship type and include a
reset (set onDelete=null and onDeleteReverse=null) when the new type disables
on-delete behavior so stale selections are not shown when switching back and
forth.

---

955-1046: Consider a three-option select/radio for the delete action instead of two independent checkboxes

onDelete can be null | 'cascade' | 'restrict' — three mutually exclusive states. Representing them as two checkboxes that implicitly clear each other is functionally correct but unconventional; a <Select> or radio group with options None / Cascade / Restrict would make the mutual exclusivity explicit and reduce the UI surface area by half (one control per direction instead of two).

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@client/packages/components/src/components/explorer/edit-namespace-dialog.tsx`
around lines 955 - 1046, The current UI uses two mutually-exclusive Checkbox
controls (checked by onDelete === 'cascade' / 'restrict' and onDeleteReverse ===
...) which is confusing; replace each checkbox pair with a single explicit
three-option control (radio group or Select) for the directional delete setting.
Update the controls wired to state variables onDelete and onDeleteReverse (and
their setters setOnDelete and setOnDeleteReverse) so the new control exposes
values null | 'cascade' | 'restrict', keeps the existing disabled/title/label
text, and preserves isOnDeleteAllowed/isOnDeleteReverseAllowed logic; remove the
paired Checkbox components and use one RadioGroup/Select per direction to
enforce mutual exclusivity and simplify the UI.

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

client/packages/components/src/components/explorer/edit-namespace-dialog.tsx (1)

432-435: undefined vs null inconsistency for disabled on-delete values (same as EditAttrForm).

This inconsistency is still present from the prior review.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@client/packages/components/src/components/explorer/edit-namespace-dialog.tsx`
around lines 432 - 435, The code passes undefined for disabled delete handlers
('on-delete' and 'on-delete-reverse') causing inconsistency with EditAttrForm
which uses null; make the behavior consistent by returning null instead of
undefined when handlers are not allowed—update the ternaries around
isOnDeleteAllowed/onDelete and isOnDeleteReverseAllowed/onDeleteReverse to yield
null (not undefined) so both EditNamespaceDialog and EditAttrForm use the same
disabled marker.

server/src/instant/db/transaction.clj (1)

557-563: ⚠️ Potential issue | 🟡 Minor

Error message misleadingly attributes the constraint to the root entity in multi-hop cascades.

parent_etype propagates the root deleted entity's etype through the CTE, not the immediate entity that holds the :restrict link. In a multi-hop scenario (A→B cascade, B→C restrict), the error reads "The A entity cannot be deleted unless its linked C entity is deleted first", when the actual constraining relationship is between B and C.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@server/src/instant/db/transaction.clj` around lines 557 - 563, The error
message uses parent_etype (which currently carries the root deleted entity type
through the CTE) so multi-hop cascades misattribute the constraint; modify the
CTE and downstream code to propagate and use the immediate parent entity type
(e.g., add/propagate an immediate_parent_etype or parent_of_current column in
the recursive CTE) and change the error construction to use that
immediate_parent_etype instead of the root parent_etype when formatting the
message for the restrict violation (references: parent_etype and etype in
transaction.clj).

client/packages/components/src/components/explorer/edit-namespace-dialog.tsx (2)

378-381: Stale onDelete state when switching to a relationship that disallows on-delete.

onDelete / onDeleteReverse are not cleared when relationship changes to many-many or many-one (where isOnDeleteAllowed becomes false). The payload guard is correct, but if the user sets cascade, switches to many-many, then back to one-one, the cascade checkbox silently reactivates. A useEffect that resets onDelete/onDeleteReverse to null when the respective isOnDelete*Allowed flag flips to false would make the state transitions explicit.

♻️ Suggested approach (AddAttrForm; same pattern applies to EditAttrForm)

+  useEffect(() => {
+    if (!isOnDeleteAllowed) setOnDelete(null);
+  }, [isOnDeleteAllowed]);
+
+  useEffect(() => {
+    if (!isOnDeleteReverseAllowed) setOnDeleteReverse(null);
+  }, [isOnDeleteReverseAllowed]);

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@client/packages/components/src/components/explorer/edit-namespace-dialog.tsx`
around lines 378 - 381, The onDelete/onDeleteReverse state isn't cleared when
relationship changes to types that disallow on-delete, causing stale values to
reappear; add a useEffect in EditNamespaceDialog (or the component containing
isOnDeleteAllowed/isOnDeleteReverseAllowed) that watches isOnDeleteAllowed and
isOnDeleteReverseAllowed and when either becomes false sets the corresponding
onDelete or onDeleteReverse state to null (or the initial empty value). Locate
the declarations for isOnDeleteAllowed and isOnDeleteReverseAllowed and the
state variables onDelete/onDeleteReverse, then implement the effect(s) to
explicitly reset the state whenever the allowed flag flips to false.

---

955-998: Consider radio buttons or a Select for mutually exclusive Cascade / Restrict choices.

onDelete is a single-valued field ('cascade', 'restrict', or null), but it's rendered as two independent Checkbox components. Visually, checkboxes imply independent toggling, which may confuse users. A radio-button group (None / Cascade / Restrict) or a Select would make the mutual-exclusivity explicit and is the standard pattern for this kind of choice.

The same applies to the reverse direction (lines 1023–1047).

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@client/packages/components/src/components/explorer/edit-namespace-dialog.tsx`
around lines 955 - 998, The UI uses two independent Checkbox components (checked
logic tied to onDelete and state setters setOnDelete, with props
isOnDeleteAllowed and constraints.attr) for a single-valued field onDelete,
which is confusing; replace the two Checkbox controls with a single radio-group
or Select (options: None / cascade / restrict) bound to onDelete, wire its
onChange to call setOnDelete with the selected value (or null for None),
preserve disabled behavior (use !isOnDeleteAllowed ||
constraints.attr.disabled), keep title={constraints.attr.message} and the
current label copy (using reverseNamespaceName and namespaceName), and apply the
same replacement for the reverse direction controls referenced in the file (the
block around lines 1023–1047).

server/src/instant/db/transaction.clj (1)

547-548: Redundant (= cascade-rule :restrict) guard inside the :restrict case branch.

The case dispatch on cascade-rule already guarantees cascade-rule is :restrict in this branch; the inner and condition is always true. The (= cascade-rule :restrict) term can simply be removed.

♻️ Proposed fix

         :restrict
-        (when (and (= cascade-rule :restrict)
-                   (not (or (contains? original-deleted-entities [entity_id etype])
+        (when (not (or (contains? original-deleted-entities [entity_id etype])
                              (contains? original-deleted-triples (case on-delete
                                                                    :on-delete
                                                                    [entity_id attr_id parent_id]
                                                                    :on-delete-reverse
-                                                                   [parent_id attr_id entity_id])))))
+                                                                   [parent_id attr_id entity_id]))))

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@server/src/instant/db/transaction.clj` around lines 547 - 548, Remove the
redundant equality check inside the :restrict branch: the surrounding case
already dispatches on cascade-rule being :restrict, so drop the unnecessary (=
cascade-rule :restrict) term from the and-condition in the code that checks
original-deleted-entities for [entity_id etype]; update the condition to
directly use (and (not (or (contains? original-deleted-entities [entity_id
etype]) ...))) so the logic references cascade-rule only via the case dispatch
and relies on original-deleted-entities, entity_id, and etype as before.

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

client/packages/components/src/components/explorer/edit-namespace-dialog.tsx (1)

955-998: Consider using radio buttons or a select for mutually exclusive options.

The cascade and restrict checkboxes share the same onDelete state, making them mutually exclusive. While functionally correct, checkboxes typically imply independent toggles. A radio button group or select dropdown would better communicate the exclusive nature of these options to users.

This is a minor UX consideration and the current implementation works correctly.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@client/packages/components/src/components/explorer/edit-namespace-dialog.tsx`
around lines 955 - 998, Replace the two mutually-exclusive Checkbox controls
(the ones using checked based on onDelete === 'cascade' and onDelete ===
'restrict' and toggled via setOnDelete) with a radio-group or select so the UI
communicates exclusivity; locate the Checkbox instances around the onDelete
state, isOnDeleteAllowed and setOnDelete usage in edit-namespace-dialog.tsx and
implement a Radio/Select control that uses onDelete as the value, setOnDelete as
the onChange handler, preserves the disabled logic (disabled when
!isOnDeleteAllowed || constraints.attr.disabled), and keeps the same
labels/title/tooltip text for cascade and restrict options.

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

server/src/instant/db/transaction.clj (1)

567-578: ⚠️ Potential issue | 🔴 Critical

Critical: restrict constraint validation is not being enforced — missing error throw.

The :restrict case has an empty when body. When the constraint is violated (linked entity is NOT being deleted), this code should throw a validation error, but instead it silently returns nil. The restrict constraint will not be enforced.

Compare with the expected behavior from the PR description: "attempting to delete an entity that is still linked from other entities will cause the server to fail the transaction".

🐛 Proposed fix to add the validation error

              (case cascade-rule
                :restrict
                (when (and (= cascade-rule :restrict)
                           (not (or (contains? original-deleted-entities [entity_id etype])
                                    (contains? original-deleted-triples (case on-delete
                                                                          :on-delete
                                                                          [entity_id attr_id parent_id]
                                                                          :on-delete-reverse
                                                                          [parent_id attr_id entity_id])))))
-
-
-)
+                  (ex/throw-validation-err!
+                   :on-delete-restrict
+                   (map vectorize-tx-step tx-step-maps)
+                   [{:message (format "This transaction violates an on-delete constraint. The `%s` entity cannot be deleted unless its linked `%s` entity is deleted first."
+                                      parent_etype
+                                      etype)}]))
                `#_else`
                ent))))

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@server/src/instant/db/transaction.clj` around lines 567 - 578, The :restrict
branch currently has an empty when body so constraint violations are never
enforced; update the (case cascade-rule :restrict ...) branch so that when (and
(= cascade-rule :restrict) (not (or (contains? original-deleted-entities
[entity_id etype]) (contains? original-deleted-triples (case on-delete
:on-delete [entity_id attr_id parent_id] :on-delete-reverse [parent_id attr_id
entity_id]))))) is true it throws a validation error (e.g. throw or
throw+ex-info) with a descriptive message and include identifying data
(entity_id, etype, attr_id, parent_id, rule :restrict) so the transaction fails
instead of returning nil.

server/src/instant/db/transaction.clj (1)

569-570: Redundant condition inside case clause.

The check (= cascade-rule :restrict) on line 569-570 is redundant since this code is already inside the :restrict case of the case expression — cascade-rule is guaranteed to be :restrict here.

♻️ Suggested simplification (after adding the missing error throw)

              (case cascade-rule
                :restrict
-               (when (and (= cascade-rule :restrict)
-                          (not (or (contains? original-deleted-entities [entity_id etype])
+               (when-not (or (contains? original-deleted-entities [entity_id etype])
                              (contains? original-deleted-triples (case on-delete
                                                                    :on-delete
                                                                    [entity_id attr_id parent_id]
                                                                    :on-delete-reverse
-                                                                   [parent_id attr_id entity_id])))))
+                                                                   [parent_id attr_id entity_id])))
                  (ex/throw-validation-err! ...))

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@server/src/instant/db/transaction.clj` around lines 569 - 570, Inside the
:restrict branch of the case on cascade-rule, remove the redundant (=
cascade-rule :restrict) check from the when condition and instead directly check
(not (or (contains? original-deleted-entities [entity_id etype]) ...)). Also add
the missing error throw where that when fires (e.g., throw an appropriate
exception or call the existing error helper) so deletion is blocked; reference
the symbols cascade-rule, :restrict case, original-deleted-entities, entity_id
and etype to locate and update the code in transaction.clj.

server/test/instant/db/transaction_test.clj (1)

4878-4929: Fix ambiguous test names in unlinking scenarios.

Line 4911 and Line 4923 use the same description, and the first one says “works” while asserting a failure. This makes failures hard to interpret.

♻️ Suggested rename-only cleanup

-        (testing "deleting user works if you unlink the book"
+        (testing "deleting user is blocked when one book is re-linked in the same tx"
           (is (thrown-with-msg? clojure.lang.ExceptionInfo
                                 #"violates an on-delete constraint"
                                 (tx/transact! (aurora/conn-pool :write) attr-model app-id
                                               [[:retract-triple (suid "b2") (:book/author attr->id) (suid "a")]
                                                [:add-triple (suid "b2") (:book/author attr->id) (suid "a")]
                                                [:retract-triple (suid "b3") (:book/author attr->id) (suid "a")]
                                                [:delete-entity (suid "a") "user"]])))

-        (testing "deleting user works if you unlink the book"
+        (testing "deleting user works after unlinking remaining books"
           (tx/transact! (aurora/conn-pool :write) attr-model app-id [[:add-triple (suid "b2") (:book/author attr->id) (suid "a")]
                                                                      [:retract-triple (suid "b2") (:book/author attr->id) (suid "a")]
                                                                      [:retract-triple (suid "b3") (:book/author attr->id) (suid "a")]
                                                                      [:delete-entity (suid "a") "user"]])

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@server/test/instant/db/transaction_test.clj` around lines 4878 - 4929, Two
testing blocks share the same description "deleting user works if you unlink the
book" but the first actually asserts a failure; rename the first testing
description to reflect that the delete is still blocked when unlinking is
transient (e.g. "deleting user is still blocked if unlinking is transient") and
leave the second as "deleting user works if you unlink the book"; update the
string in the testing form wrapping the transaction that calls tx/transact! with
the sequence [:retract-triple ...][:add-triple ...][:retract-triple
...][:delete-entity ...] so test failure messages are unambiguous.

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

server/test/instant/db/transaction_test.clj (1)

5005-5005: ⚠️ Potential issue | 🟡 Minor

Correct the relation direction comment (user -> book).

Line 5005 says user <- book, but the attr relation is [[:user/books :book/author] ...], i.e. user -> book.

📝 One-line fix

-      ;; user <- book
+      ;; user -> book

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@server/test/instant/db/transaction_test.clj` at line 5005, The inline
relation-direction comment is wrong: change the comment that reads "user <-
book" to "user -> book" to match the attribute relation `[[:user/books
:book/author] ...]` (i.e., user/books points to book/author); update the comment
near that attr vector so it correctly reflects the direction user -> book.

server/src/instant/db/transaction.clj (1)

569-569: Redundant condition inside case branch.

Line 569 checks (= cascade-rule :restrict) inside the :restrict case branch, which is always true. This is harmless but adds unnecessary noise.

♻️ Suggested simplification

                        (case cascade-rule
                          :restrict
-                         (when (and (= cascade-rule :restrict)
-                                    (not (or (contains? original-deleted-entities [entity_id etype])
+                         (when (not (or (contains? original-deleted-entities [entity_id etype])
                                              (contains? original-deleted-triples (case on-delete
                                                                                    :on-delete
                                                                                    [entity_id attr_id parent_id]
                                                                                    :on-delete-reverse
-                                                                                   [parent_id attr_id entity_id])))))
+                                                                                   [parent_id attr_id entity_id]))))

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@server/src/instant/db/transaction.clj` at line 569, Inside the case handling
for the :restrict branch in transaction.clj, remove the redundant equality check
of (= cascade-rule :restrict) — it's always true inside that branch; update the
when condition that currently uses (and (= cascade-rule :restrict) ...) to only
test the remaining predicate(s) so the :restrict case body uses just the
necessary condition(s) (locate the :restrict case handling that references
cascade-rule to apply this change).

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro