tina4ruby 3.13.43 → 3.13.44

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 209245b1743578b21530e31feb670940f068cc911725fff1b2a59ee6d8335e10
-  data.tar.gz: '059d0fde8d4fbc57db9e4aa408d0dd31f71b1c8065d5041258a8a502017ce7ab'
+  metadata.gz: 2a015bff2d92f110b5a0f8646ae2491dada678055a5f4f3fe8d842c41215e86f
+  data.tar.gz: 1ae42fcc29b11dd6f2ad94fb510d3b0946c5b3b396c0c1977786aa195f5e2e14
 SHA512:
-  metadata.gz: 30babc583e40444ec46069088e1af2a94f0485546b585530ccda22cca2a8ba29fafca3464bd08845fd1d9f88e92342533f2c58a82b89f38a517fce607096f905
-  data.tar.gz: 84960f5d44cb50d7ec4d8dd31a6645e10640526aaf6c9f777e81c7376a43290a6027d33d903f45a317f369834eee59518ec9d215d05e8933c820e5d3020ae49e
+  metadata.gz: 429e4eeef534f632cff87ef296396c1c86e839dfbe6b66c86bf90944332ee8168ab21fd86e0d07748546a3b8383f01e8a38d5f3a56d2cc14e33d34d8b2780f0e
+  data.tar.gz: 912729e68df830558d8df751236513443ba8d63eec8f4a28e95deaa86b137b2334476461bf551e5f7daa2d6c52d95b029881150eb2b5efb8b11aab3b4fe1e782

data/lib/tina4/database.rb

@@ -486,9 +486,20 @@ module Tina4
       cache_invalidate if @cache_enabled
       drv = current_driver
 
-      # List of hashes — batch insert
+      # List of hashes — batch insert.
+      #
+      # Cross-framework parity (mirrors the Python master's DatabaseAdapter.insert
+      # → execute_many): build ONE parameterised INSERT and run it once per row
+      # inside a SINGLE transaction on a SINGLE connection (see #execute_many),
+      # then report a DatabaseResult whose affected_rows == the number of rows
+      # (deterministic — the batch is all-or-raise) and a sensible last_id read
+      # from that same connection. The per-driver #insert overrides (e.g.
+      # PostgreSQL's INSERT ... RETURNING *) call data.keys, so they only ever
+      # see a single Hash — the Array is intercepted here and never reaches them,
+      # which is exactly the crash Python hit when a list fell through to a
+      # keys-only override.
       if data.is_a?(Array)
-        return { success: true, affected_rows: 0 } if data.empty?
+        return Tina4::DatabaseResult.new([], affected_rows: 0, last_id: nil) if data.empty?
         keys = data.first.keys.map(&:to_s)
         placeholders = drv.placeholders(keys.length)
         sql = "INSERT INTO #{table} (#{keys.join(', ')}) VALUES (#{placeholders})"
@@ -496,6 +507,18 @@ module Tina4
         return execute_many(sql, params_list)
       end
 
+      # Issue #256: a driver that can surface the ACTUAL generated primary key
+      # (PostgreSQL, via INSERT ... RETURNING *) owns its own insert so a UUID
+      # PK comes back as the real 36-char string and a SERIAL PK as the integer
+      # — instead of probing a session sequence (lastval()) that returns nil or
+      # a stale wrong id for a UUID table. Other engines (SQLite/MySQL/MSSQL/
+      # Firebird) keep the generic build-then-last_insert_id path below.
+      if drv.respond_to?(:insert)
+        result = drv.insert(table, data)
+        autocommit_standalone_write(drv)
+        return result
+      end
+
       columns = data.keys.map(&:to_s)
       placeholders = drv.placeholders(columns.length)
       sql = "INSERT INTO #{table} (#{columns.join(', ')}) VALUES (#{placeholders})"
@@ -615,20 +638,61 @@ module Tina4
       raise
     end
 
+    # Run one statement once per row in a SINGLE transaction on a SINGLE
+    # connection, returning a DatabaseResult.
+    #
+    # DB-contract / batch-insert parity (mirrors the Python master's
+    # execute_many): the WHOLE batch runs on ONE driver — pinned for the
+    # duration — so begin/execute*/commit can never scatter across pooled
+    # connections (which made affected_rows / last_id non-deterministic). It is
+    # all-or-raise (any row raising rolls the whole batch back), so:
+    #
+    #   * affected_rows is the ROW COUNT, computed deterministically from the
+    #     number of supplied rows — NOT read from a driver rowcount. PostgreSQL's
+    #     no-RETURNING INSERT reports cmd_tuples correctly, but other engines'
+    #     rowcounts after a batch are unreliable, and a follow-up probe (lastval/
+    #     SAVEPOINT) can clobber the rowcount, so the count is the supplied length.
+    #   * last_id is read from last_insert_id() on the SAME connection AFTER the
+    #     batch, so a SERIAL/AUTOINCREMENT table surfaces the last generated id
+    #     (nil for engines/tables with no sequence — Firebird, a no-PK table).
+    #
+    # The pin is set here only when no transaction is already open on the thread
+    # (an outer start_transaction already pinned the driver — leave it, and let
+    # the outer commit/rollback own the lifecycle). When we pin, we own the
+    # begin/commit/rollback; when an outer tx owns the pin, we just run the rows
+    # and let the outer transaction commit them.
     def execute_many(sql, params_list = [])
-      results = []
+      params_list ||= []
+      already_pinned = !Thread.current[@tx_pin_key].nil?
       drv = current_driver
-      drv.begin_transaction
+      Thread.current[@tx_pin_key] = drv unless already_pinned
+
       begin
-        params_list.each do |params|
-          results << drv.execute(sql, params)
+        drv.begin_transaction unless already_pinned
+        begin
+          params_list.each { |params| drv.execute(sql, params) }
+          drv.commit unless already_pinned
+        rescue => e
+          drv.rollback unless already_pinned
+          @last_error = e.message
+          raise e
         end
-        drv.commit
-      rescue => e
-        drv.rollback
-        raise e
+      ensure
+        Thread.current[@tx_pin_key] = nil unless already_pinned
       end
-      results
+
+      last_id = begin
+        drv.last_insert_id
+      rescue StandardError
+        nil
+      end
+
+      Tina4::DatabaseResult.new(
+        [],
+        affected_rows: params_list.length,
+        last_id: last_id,
+        db: self
+      )
     end
 
     def transaction

data/lib/tina4/dev_mailbox.rb

@@ -56,11 +56,11 @@ module Tina4
       path = message_path(msg_id)
       return nil unless File.exist?(path)
 
-      message = JSON.parse(File.read(path), symbolize_names: true)
+      message = JSON.parse(File.read(path, encoding: "UTF-8"), symbolize_names: true)
       unless message[:read]
         message[:read] = true
         message[:updated_at] = Time.now.iso8601
-        File.write(path, JSON.pretty_generate(message))
+        File.write(path, JSON.pretty_generate(message), encoding: "UTF-8")
       end
       message
     end
@@ -140,13 +140,17 @@ module Tina4
     end
 
     def write_message(msg_id, message)
-      File.write(message_path(msg_id), JSON.pretty_generate(message))
+      # JSON is UTF-8 by spec, and seed/captured bodies may carry non-ASCII
+      # (accented fake names, smart quotes). Pin the I/O encoding to UTF-8 so a
+      # locale-less environment (Encoding.default_external == US-ASCII) does not
+      # mangle the write or raise on the read-back.
+      File.write(message_path(msg_id), JSON.pretty_generate(message), encoding: "UTF-8")
     end
 
     def load_all_messages
       pattern = File.join(@mailbox_dir, "messages", "*.json")
       Dir.glob(pattern).filter_map do |path|
-        JSON.parse(File.read(path), symbolize_names: true)
+        JSON.parse(File.read(path, encoding: "UTF-8"), symbolize_names: true)
       rescue JSON::ParserError => e
         Tina4::Log.error("DevMailbox: corrupt message file #{path}: #{e.message}")
         nil

data/lib/tina4/drivers/mssql_driver.rb

@@ -41,15 +41,30 @@ module Tina4
 
       def execute(sql, params = [])
         effective_sql = interpolate_params(sql, params)
+
+        # Capture the generated IDENTITY AT WRITE TIME — mirror of the Python
+        # master (mssql.py execute(): SELECT SCOPE_IDENTITY() runs straight after
+        # the INSERT on the SAME cursor). tiny_tds runs each #execute as its OWN
+        # T-SQL batch, and SCOPE_IDENTITY() is batch-scoped: read in a separate
+        # later batch it is always NULL — which is why both insert(...).last_id
+        # and db.get_last_id came back nil (issue #262). So for an INSERT we run
+        # the INSERT and SELECT SCOPE_IDENTITY() in ONE batch (a single
+        # @connection.execute), read the id from the SAME batch, and cache it.
+        if sql.to_s.lstrip[0, 6].casecmp?("INSERT")
+          result = @connection.execute("#{effective_sql}; SELECT SCOPE_IDENTITY() AS id")
+          rows = result.each(symbolize_keys: true).to_a
+          result.cancel if result.respond_to?(:cancel)
+          row = rows.last
+          @last_insert_id = row && row[:id] ? row[:id].to_i : nil
+          return true
+        end
+
         result = @connection.execute(effective_sql)
         result.do
       end
 
       def last_insert_id
-        result = @connection.execute("SELECT SCOPE_IDENTITY() AS id")
-        row = result.first
-        result.cancel if result.respond_to?(:cancel)
-        row[:id]&.to_i
+        @last_insert_id
       end
 
       def placeholder
@@ -129,6 +144,16 @@ module Tina4
           escaped =
             if param.nil?
               "NULL"
+            elsif param == true
+              # SQL Server has no boolean literal — BIT stores 0/1. A raw `true`
+              # would interpolate as the bareword `true` ("Invalid column name
+              # 'true'"). Coerce at the bind boundary, parity with the SQLite
+              # driver's coerce_params and the Python/PHP/Node bind contract.
+              "1"
+            elsif param == false
+              "0"
+            elsif param.is_a?(Time) || param.is_a?(DateTime)
+              "'#{(param.respond_to?(:iso8601) ? param.iso8601 : param.to_s).gsub("'", "''")}'"
             elsif param.is_a?(String)
               "'#{param.gsub("'", "''")}'"
             else

data/lib/tina4/drivers/mysql_driver.rb

@@ -18,8 +18,18 @@ module Tina4
                 "    gem install mysql2    # bare driver"
         end
         uri = URI.parse(connection_string)
+        # libmysqlclient connects over a UNIX socket whenever host is "localhost"
+        # (its historical convention) and silently ignores the port. A URL that
+        # names a port clearly intends TCP, so rewrite "localhost" to "127.0.0.1"
+        # in that case to force the TCP path — without it a Docker/TCP-only MySQL
+        # fails with "Can't connect ... through socket '/tmp/mysql.sock'". A
+        # port-less "localhost" keeps the socket path so socket deployments still
+        # work. Parity with PHP's MySQLAdapter::rewriteHostForTcp (mysqli has the
+        # identical socket trap).
+        host = uri.host || "127.0.0.1"
+        host = "127.0.0.1" if host == "localhost" && uri.port
         @connection = Mysql2::Client.new(
-          host: uri.host || "localhost",
+          host: host,
           port: uri.port || 3306,
           username: username || uri.user,
           password: password || uri.password,
@@ -42,16 +52,27 @@ module Tina4
       end
 
       def execute(sql, params = [])
-        if params.empty?
-          @connection.query(sql)
-        else
-          stmt = @connection.prepare(sql)
-          stmt.execute(*params)
-        end
+        result =
+          if params.empty?
+            @connection.query(sql)
+          else
+            stmt = @connection.prepare(sql)
+            stmt.execute(*params)
+          end
+        # Capture the generated id AT WRITE TIME — mirrors the Python master
+        # (mysql.py execute(): `last_id = cursor.lastrowid` is read straight after
+        # the statement, never re-read later). mysql2's @connection.last_id reflects
+        # the LAST statement on this connection, so a follow-up autocommit COMMIT
+        # (a separate query) clobbers it to 0 — that is exactly why db.get_last_id
+        # returned 0 after an insert (issue #262). Snapshot it for every INSERT so
+        # last_insert_id keeps the id of the last insert regardless of any
+        # subsequent COMMIT / SELECT on the connection.
+        @last_insert_id = @connection.last_id if sql.to_s.lstrip[0, 6].casecmp?("INSERT")
+        result
       end
 
       def last_insert_id
-        @connection.last_id
+        @last_insert_id
       end
 
       def placeholder

data/lib/tina4/drivers/postgres_driver.rb

@@ -44,6 +44,13 @@ module Tina4
       end
 
       def execute(sql, params = [])
+        # Issue #256: a bare INSERT run through execute() (not #insert, so no
+        # RETURNING captured) must NOT let a previously-captured RETURNING id
+        # leak into a later last_insert_id() — that would surface a stale id
+        # (e.g. a UUID string from an earlier db.insert) for this new write.
+        # Clear the cache so last_insert_id falls back to the lastval() probe,
+        # which is the correct source for a sequence-backed bare INSERT.
+        @last_returning_id = nil if sql.lstrip[0, 6].upcase == "INSERT"
         converted_sql = convert_placeholders(sql)
         if params.empty?
           @connection.exec(converted_sql)
@@ -52,7 +59,51 @@ module Tina4
         end
       end
 
+      # Issue #256: surface the ACTUAL primary key value an INSERT wrote —
+      # including a server-generated UUID — instead of guessing it from a
+      # session sequence after the fact.
+      #
+      # Before this, Database#insert ran a bare INSERT and then probed
+      # ``last_insert_id`` (``SELECT lastval()``). For a UUID PK
+      # (``id uuid PRIMARY KEY DEFAULT gen_random_uuid()``) there is no
+      # session sequence, so the probe returned nil — or, worse, a STALE
+      # integer left over from an unrelated SERIAL table's nextval() earlier
+      # in the same session (a silently WRONG id). The SERIAL integer path was
+      # correct only by luck of lastval() pointing at the right sequence.
+      #
+      # Fix (mirrors the Python master's ``INSERT ... RETURNING *`` and the
+      # Node adapter): append ``RETURNING *`` and read the generated ``id``
+      # back from the returned row. The value is normalised so the SERIAL path
+      # keeps returning an Integer while a UUID PK surfaces its real 36-char
+      # string. No lastval() probe, so the issue-#38 transaction-abort can't
+      # happen on this path at all.
+      #
+      # Returns { success: true, last_id: <id-or-nil> }. last_id is nil only
+      # when the table truly has no ``id`` column.
+      def insert(table, data)
+        columns = data.keys.map(&:to_s)
+        placeholders = placeholders(columns.length)
+        sql = "INSERT INTO #{table} (#{columns.join(', ')}) VALUES (#{placeholders}) RETURNING *"
+        result = execute_query(sql, data.values)
+        row = result.is_a?(Array) ? result.first : nil
+        id = normalize_returned_id(row)
+        # Remember the real id so a follow-up #last_insert_id / db.get_last_id
+        # surfaces THIS value (incl. a UUID string) instead of re-probing
+        # lastval(), which has no sequence for a UUID PK and would return a
+        # stale wrong integer from an unrelated table.
+        @last_returning_id = id
+        { success: true, last_id: id }
+      end
+
       def last_insert_id
+        # Issue #256: if the most recent write surfaced its real primary key
+        # through ``RETURNING *`` (the #insert path), return that — it is the
+        # actual id written (a UUID string stays a string, a SERIAL stays an
+        # integer), not a guess. Only fall back to the lastval() probe below
+        # when nothing has been captured yet (e.g. a bare
+        # ``execute("INSERT ...")`` with no RETURNING).
+        return @last_returning_id unless @last_returning_id.nil?
+
         # Issue #38: ``SELECT lastval()`` raises on tables with no sequence
         # (UUID, ULID, hash PKs etc.). The exception itself isn't fatal,
         # but the pg gem marks the whole transaction as aborted, so every
@@ -153,6 +204,45 @@ module Tina4
 
       private
 
+      # Issue #256: normalise the ``id`` of an ``INSERT ... RETURNING *`` row.
+      #
+      # The result-type map already decodes a SERIAL/int8 ``id`` to an Integer
+      # and a ``uuid`` ``id`` to a String, so the value usually arrives in the
+      # right shape. We still coerce defensively (mirrors the Node adapter's
+      # ``normalizeId``): a numeric String becomes an Integer so the SERIAL path
+      # always returns the integer id, while a non-numeric String — the UUID PK
+      # case — is preserved verbatim. A row with no ``id`` column (or a
+      # blank/nil id) yields nil.
+      def normalize_returned_id(row)
+        return nil unless row
+
+        value = row_id_value(row)
+        case value
+        when Integer
+          value
+        when Numeric
+          value
+        when String
+          stripped = value.strip
+          return nil if stripped.empty?
+          # A purely numeric string is a SERIAL id surfaced as text — coerce
+          # to Integer. Anything else (a UUID, a ULID, a composite key) stays
+          # the string it is.
+          stripped.match?(/\A-?\d+\z/) ? stripped.to_i : value
+        else
+          value.nil? ? nil : value
+        end
+      end
+
+      # Read the ``id`` column from a RETURNING row regardless of key style
+      # (symbol/string, any case) — execute_query symbolizes keys, but stay
+      # tolerant.
+      def row_id_value(row)
+        return nil unless row.is_a?(Hash)
+
+        row[:id] || row["id"] || row[:ID] || row["ID"]
+      end
+
       # Decode result columns to native Ruby types (parity with SQLite, and
       # with Python psycopg2 / Node node-postgres which both return native
       # types). Without this the pg gem hands back EVERY column as a String —

data/lib/tina4/drivers/sqlite_driver.rb

@@ -71,12 +71,30 @@ module Tina4
       end
 
       def execute_query(sql, params = [])
-        results = @connection.execute(sql, params)
+        results = @connection.execute(sql, coerce_params(params))
         results.map { |row| symbolize_keys(row) }
       end
 
       def execute(sql, params = [])
-        @connection.execute(sql, params)
+        @connection.execute(sql, coerce_params(params))
+      end
+
+      # Coerce Ruby values to types the sqlite3 gem can bind. The gem RAISES
+      # ("can't prepare TrueClass") on a raw boolean, so map true/false to 1/0 —
+      # SQLite stores booleans as INTEGER 0/1. Time/DateTime serialise to ISO-8601
+      # so a datetime field round-trips. Parity with the Python/PHP/Node adapters,
+      # which coerce booleans at the same bind boundary.
+      def coerce_params(params)
+        return params unless params.is_a?(Array)
+
+        params.map do |value|
+          case value
+          when true then 1
+          when false then 0
+          when Time, DateTime then value.respond_to?(:iso8601) ? value.iso8601 : value.to_s
+          else value
+          end
+        end
       end
 
       def last_insert_id

data/lib/tina4/migration.rb

@@ -192,15 +192,35 @@ module Tina4
             )
           SQL
         else
+          # Engine-aware bookkeeping DDL. Each engine spells an auto-increment
+          # integer PK differently (SQLite AUTOINCREMENT, PostgreSQL SERIAL,
+          # MySQL AUTO_INCREMENT, MSSQL IDENTITY); MSSQL also reserves TIMESTAMP
+          # for rowversion, so a real timestamp column must be DATETIME. The
+          # migration_name UNIQUE column is VARCHAR (not TEXT) — a TEXT column
+          # cannot carry a UNIQUE index on MySQL, and SQLite gives VARCHAR TEXT
+          # affinity so SQLite behaviour stays identical. Mirrors the
+          # engine-aware DDL in ORM.create_table; without it `migrate()` died
+          # with "syntax error at AUTOINCREMENT" on PostgreSQL/MySQL/MSSQL.
+          #
           # migration_name is UNIQUE: a migration is "applied" iff a success row
           # exists, so a re-applied name must never duplicate a tracking row.
+          engine = (@db.respond_to?(:get_database_type) ? @db.get_database_type : "").to_s.downcase
+          id_column = case engine
+                      when "postgres", "postgresql" then "id SERIAL PRIMARY KEY"
+                      when "mysql" then "id INTEGER PRIMARY KEY AUTO_INCREMENT"
+                      when "mssql", "sqlserver" then "id INTEGER IDENTITY(1,1) PRIMARY KEY"
+                      else "id INTEGER PRIMARY KEY AUTOINCREMENT" # sqlite (default)
+                      end
+          executed_at_column = %w[mssql sqlserver].include?(engine) ?
+            "executed_at DATETIME DEFAULT CURRENT_TIMESTAMP" :
+            "executed_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP"
           @db.execute(<<~SQL)
             CREATE TABLE #{TRACKING_TABLE} (
-              id INTEGER PRIMARY KEY,
+              #{id_column},
               migration_name VARCHAR(255) NOT NULL UNIQUE,
               description VARCHAR(255) DEFAULT '',
               batch INTEGER NOT NULL DEFAULT 1,
-              executed_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+              #{executed_at_column},
               passed INTEGER NOT NULL DEFAULT 1
             )
           SQL

data/lib/tina4/queue_backends/kafka_backend.rb

@@ -71,12 +71,29 @@ module Tina4
       end
 
       def dequeue(topic)
-        unless @subscribed_topics.include?(topic)
+        first = !@subscribed_topics.include?(topic)
+        if first
           @consumer.subscribe(topic)
           @subscribed_topics << topic
         end
 
-        msg = @consumer.poll(1000)
+        # The first poll after subscribing must drive the consumer-group join +
+        # partition assignment, which takes several seconds on a cold broker.
+        # Until partitions are assigned, poll returns nil even when the topic
+        # already has messages -- so a single poll made dequeue return nil right
+        # after enqueue. Poll in a bounded loop on first subscribe (deadline
+        # TINA4_KAFKA_ASSIGN_TIMEOUT, default 15s); steady state stays one ~1s poll.
+        deadline = Process.clock_gettime(Process::CLOCK_MONOTONIC) +
+                   (first ? (ENV["TINA4_KAFKA_ASSIGN_TIMEOUT"] || "15").to_f : 1.0)
+        msg = nil
+        loop do
+          candidate = @consumer.poll(500)
+          if candidate
+            msg = candidate
+            break
+          end
+          break if Process.clock_gettime(Process::CLOCK_MONOTONIC) >= deadline
+        end
         return nil unless msg
 
         data = JSON.parse(msg.payload)

data/lib/tina4/queue_backends/mongo_backend.rb

@@ -30,7 +30,12 @@ module Tina4
         @visibility_timeout = resolve_visibility_timeout(options[:visibility_timeout])
 
         if uri
-          @client = Mongo::Client.new(uri)
+          # Honour the explicit db: / TINA4_MONGO_DB even when a uri is given.
+          # Mongo::Client.new(uri) with no database path defaults to "admin", so
+          # without passing :database the requested db_name was silently dropped
+          # and every job/dead-letter landed in admin (a data-isolation footgun).
+          # The explicit db_name always wins over the URI's (often absent) default.
+          @client = Mongo::Client.new(uri, database: db_name)
         else
           conn_options = { database: db_name }
           conn_options[:user] = username if username

data/lib/tina4/queue_backends/rabbitmq_backend.rb

@@ -27,7 +27,14 @@ module Tina4
 
       def dequeue(topic)
         queue = get_queue(topic)
-        delivery_info, _properties, payload = queue.pop
+        # Manual ack: do NOT let bunny's default auto-ack remove the message on
+        # pop. The message stays in-flight (unacked) until complete() acks it, so
+        # a consumer crash before complete() makes the broker redeliver it
+        # (at-least-once delivery) — parity with the Python/PHP masters, whose
+        # basic_get uses auto_ack=false / no-ack=false. With the old auto-ack pop
+        # the stored delivery_tag had already been acked, so a later
+        # channel.acknowledge raised PRECONDITION_FAILED and closed the channel.
+        delivery_info, _properties, payload = queue.pop(manual_ack: true)
         return nil unless payload
 
         data = JSON.parse(payload)
@@ -40,8 +47,17 @@ module Tina4
         msg
       end
 
-      def acknowledge(_message)
-        @channel.acknowledge(@last_delivery_tag) if @last_delivery_tag
+      # Acknowledge the in-flight message as done (terminal). Named complete() to
+      # match the lite/mongo backends AND the Job#complete lifecycle, which calls
+      # backend.complete (not acknowledge) — so `job.complete` now actually acks
+      # the broker message instead of being a silent no-op. multiple:false acks
+      # only this delivery. The stored tag is cleared so a double-complete is a
+      # safe no-op rather than a second ack on an unknown tag.
+      def complete(_message)
+        return unless @last_delivery_tag
+
+        @channel.acknowledge(@last_delivery_tag, false)
+        @last_delivery_tag = nil
       end
 
       def requeue(message)

data/lib/tina4/session_handlers/mongo_handler.rb

@@ -12,11 +12,7 @@ module Tina4
           database: options[:database] || "tina4_sessions"
         )
         @collection = client[options[:collection] || "sessions"]
-        # Ensure TTL index
-        @collection.indexes.create_one(
-          { updated_at: 1 },
-          expire_after_seconds: @ttl
-        )
+        ensure_ttl_index
       rescue LoadError
         raise "MongoDB session handler requires the 'mongo' gem. Install with: gem install mongo"
       rescue Mongo::Error => e
@@ -44,6 +40,21 @@ module Tina4
       def cleanup
         # MongoDB TTL index handles cleanup
       end
+
+      private
+
+      # Create the updated_at TTL index. An existing updated_at index with a
+      # DIFFERENT expireAfterSeconds raises IndexOptionsConflict (code 85) — a
+      # TTL index cannot be modified in place — so drop and recreate it with the
+      # requested TTL. This makes re-init idempotent (no per-run error log) and
+      # lets a changed session TTL take effect.
+      def ensure_ttl_index
+        @collection.indexes.create_one({ updated_at: 1 }, expire_after_seconds: @ttl)
+      rescue Mongo::Error::OperationFailure => e
+        raise unless e.code == 85 || e.message.include?("IndexOptionsConflict")
+        @collection.indexes.drop_one("updated_at_1")
+        @collection.indexes.create_one({ updated_at: 1 }, expire_after_seconds: @ttl)
+      end
     end
   end
 end

data/lib/tina4/session_handlers/redis_handler.rb

@@ -1,25 +1,28 @@
 # frozen_string_literal: true
 require "json"
+require_relative "resp_client"
 
 module Tina4
   module SessionHandlers
+    # Redis-backed session handler. Prefers the `redis` gem when it is installed
+    # (parity with the Python redis-py and Node redis-npm handlers); otherwise
+    # speaks raw RESP over a TCP socket via RespClient — zero dependencies, so a
+    # Tina4 app stores sessions in Redis with no extra gem.
     class RedisHandler
       def initialize(options = {})
-        require "redis"
         @prefix = options[:prefix] || "tina4:session:"
         @ttl = options[:ttl] || 86400
-        @redis = Redis.new(
-          host: options[:host] || "localhost",
-          port: options[:port] || 6379,
-          db: options[:db] || 0,
-          password: options[:password]
-        )
-      rescue LoadError
-        raise "Redis session handler requires the 'redis' gem. Install with: gem install redis"
+        @host = options[:host] || "localhost"
+        @port = options[:port] || 6379
+        @db = options[:db] || 0
+        @password = options[:password]
+        @redis = build_gem_client
+        @resp = @redis ? nil : RespClient.new(host: @host, port: @port, password: @password, db: @db)
       end
 
       def read(session_id)
-        data = @redis.get("#{@prefix}#{session_id}")
+        key = "#{@prefix}#{session_id}"
+        data = @redis ? @redis.get(key) : @resp.get(key)
         return nil unless data
         JSON.parse(data)
       rescue JSON::ParserError
@@ -28,16 +31,35 @@ module Tina4
 
       def write(session_id, data)
         key = "#{@prefix}#{session_id}"
-        @redis.setex(key, @ttl, JSON.generate(data))
+        payload = JSON.generate(data)
+        if @redis
+          @redis.setex(key, @ttl, payload)
+        else
+          @resp.setex(key, @ttl, payload)
+        end
       end
 
       def destroy(session_id)
-        @redis.del("#{@prefix}#{session_id}")
+        key = "#{@prefix}#{session_id}"
+        @redis ? @redis.del(key) : @resp.del(key)
       end
 
       def cleanup
         # Redis handles TTL automatically
       end
+
+      private
+
+      # Use the official `redis` gem only when the REAL gem is loadable (guard
+      # against an in-test fake `Redis` constant that has no VERSION). Returns nil
+      # when the gem is absent so the caller falls back to the raw RESP client.
+      def build_gem_client
+        require "redis"
+        return nil unless defined?(::Redis::VERSION)
+        Redis.new(host: @host, port: @port, db: @db, password: @password)
+      rescue LoadError
+        nil
+      end
     end
   end
 end

data/lib/tina4/session_handlers/resp_client.rb

@@ -0,0 +1,126 @@
+# frozen_string_literal: true
+
+require "socket"
+
+module Tina4
+  module SessionHandlers
+    # A RESP error reply (`-ERR ...`) surfaced as an exception so the handler can
+    # tell a protocol error apart from a genuine nil/miss.
+    class RespError < StandardError; end
+
+    # Zero-dependency synchronous RESP client over a TCP socket. Used by the Redis
+    # and Valkey session handlers as the fallback when the optional `redis` gem is
+    # not installed, so a Tina4 app talks to Redis/Valkey for sessions with NO
+    # third-party gem. Parity with the Python (redis-py + raw RESP) and Node
+    # (redis npm + raw respClient) session handlers, and with the framework's own
+    # cache backends, which already speak raw RESP this way.
+    #
+    # One short-lived connection per command (open -> AUTH? -> SELECT? -> command
+    # -> close), matching the cache backends. Ruby's blocking sockets make the
+    # reply reader straightforward: read the header line up to CRLF, then read the
+    # bulk body by its exact byte count (so a large session value spanning several
+    # TCP segments is read in full, not truncated to one recv()).
+    class RespClient
+      def initialize(host:, port:, password: nil, db: 0, timeout: 5)
+        @host = host
+        @port = port
+        @password = password
+        @db = (db || 0).to_i
+        @timeout = timeout
+      end
+
+      def get(key)
+        command("GET", key)
+      end
+
+      def set(key, value)
+        command("SET", key, value)
+      end
+
+      def setex(key, ttl, value)
+        command("SETEX", key, ttl.to_s, value)
+      end
+
+      def del(key)
+        command("DEL", key)
+      end
+
+      # Send one RESP command and return its reply: a String for a simple/bulk
+      # string or integer, an Array for a multi-bulk reply, or nil for a nil bulk
+      # ($-1) / miss. A transport failure (server unreachable, rejected AUTH or
+      # SELECT, timeout, connection closed mid-reply) RAISES so the Session
+      # boundary can log-loud + degrade (a real op never silently no-ops).
+      def command(*args)
+        sock = Socket.tcp(@host, @port, connect_timeout: @timeout)
+        sock.setsockopt(Socket::SOL_SOCKET, Socket::SO_RCVTIMEO, [@timeout, 0].pack("l_2"))
+        begin
+          if @password && !@password.empty?
+            write_command(sock, "AUTH", @password)
+            reply = read_reply(sock)
+            raise RespError, "AUTH rejected: #{reply.message}" if reply.is_a?(RespError)
+          end
+          if @db != 0
+            write_command(sock, "SELECT", @db.to_s)
+            reply = read_reply(sock)
+            raise RespError, "SELECT rejected: #{reply.message}" if reply.is_a?(RespError)
+          end
+          write_command(sock, *args)
+          reply = read_reply(sock)
+          raise reply if reply.is_a?(RespError)
+          reply
+        ensure
+          begin
+            sock.close
+          rescue StandardError
+            # already closed / never opened — nothing to do
+          end
+        end
+      end
+
+      private
+
+      def write_command(sock, *args)
+        cmd = +"*#{args.size}\r\n"
+        args.each do |arg|
+          s = arg.to_s
+          cmd << "$#{s.bytesize}\r\n#{s}\r\n"
+        end
+        sock.write(cmd)
+      end
+
+      def read_reply(sock)
+        line = sock.gets("\r\n")
+        raise RespError, "connection closed before reply" if line.nil?
+        line = line.chomp("\r\n")
+        type = line[0]
+        rest = line[1..] || ""
+        case type
+        when "+", ":" then rest                         # simple string / integer
+        when "-" then RespError.new(rest)               # error reply
+        when "$"                                         # bulk string
+          len = rest.to_i
+          return nil if len.negative?                   # $-1 = nil
+          data = read_exact(sock, len)
+          read_exact(sock, 2)                           # trailing CRLF
+          data
+        when "*"                                         # array (multi-bulk)
+          len = rest.to_i
+          return nil if len.negative?
+          Array.new(len) { read_reply(sock) }
+        else
+          line
+        end
+      end
+
+      def read_exact(sock, count)
+        buf = +""
+        while buf.bytesize < count
+          chunk = sock.read(count - buf.bytesize)
+          raise RespError, "connection closed mid-reply" if chunk.nil? || chunk.empty?
+          buf << chunk
+        end
+        buf
+      end
+    end
+  end
+end

data/lib/tina4/session_handlers/valkey_handler.rb

@@ -1,25 +1,28 @@
 # frozen_string_literal: true
 require "json"
+require_relative "resp_client"
 
 module Tina4
   module SessionHandlers
+    # Valkey-backed session handler. Valkey speaks the RESP protocol, so it works
+    # through the `redis` gem when installed (parity with Python/Node); otherwise
+    # it speaks raw RESP over a TCP socket via RespClient — zero dependencies.
+    # Same as RedisHandler but reads VALKEY-prefixed configuration variables.
     class ValkeyHandler
       def initialize(options = {})
-        require "redis"
         @prefix = options[:prefix] || ENV["TINA4_SESSION_VALKEY_PREFIX"] || "tina4:session:"
         @ttl = options[:ttl] || (ENV["TINA4_SESSION_VALKEY_TTL"] ? ENV["TINA4_SESSION_VALKEY_TTL"].to_i : 86400)
-        @redis = Redis.new(
-          host: options[:host] || ENV["TINA4_SESSION_VALKEY_HOST"] || "localhost",
-          port: options[:port] || (ENV["TINA4_SESSION_VALKEY_PORT"] ? ENV["TINA4_SESSION_VALKEY_PORT"].to_i : 6379),
-          db: options[:db] || (ENV["TINA4_SESSION_VALKEY_DB"] ? ENV["TINA4_SESSION_VALKEY_DB"].to_i : 0),
-          password: options[:password] || ENV["TINA4_SESSION_VALKEY_PASSWORD"]
-        )
-      rescue LoadError
-        raise "Valkey session handler requires the 'redis' gem (Valkey uses the RESP protocol). Install with: gem install redis"
+        @host = options[:host] || ENV["TINA4_SESSION_VALKEY_HOST"] || "localhost"
+        @port = options[:port] || (ENV["TINA4_SESSION_VALKEY_PORT"] ? ENV["TINA4_SESSION_VALKEY_PORT"].to_i : 6379)
+        @db = options[:db] || (ENV["TINA4_SESSION_VALKEY_DB"] ? ENV["TINA4_SESSION_VALKEY_DB"].to_i : 0)
+        @password = options[:password] || ENV["TINA4_SESSION_VALKEY_PASSWORD"]
+        @redis = build_gem_client
+        @resp = @redis ? nil : RespClient.new(host: @host, port: @port, password: @password, db: @db)
       end
 
       def read(session_id)
-        data = @redis.get("#{@prefix}#{session_id}")
+        key = "#{@prefix}#{session_id}"
+        data = @redis ? @redis.get(key) : @resp.get(key)
         return nil unless data
         JSON.parse(data)
       rescue JSON::ParserError
@@ -28,16 +31,34 @@ module Tina4
 
       def write(session_id, data)
         key = "#{@prefix}#{session_id}"
-        @redis.setex(key, @ttl, JSON.generate(data))
+        payload = JSON.generate(data)
+        if @redis
+          @redis.setex(key, @ttl, payload)
+        else
+          @resp.setex(key, @ttl, payload)
+        end
       end
 
       def destroy(session_id)
-        @redis.del("#{@prefix}#{session_id}")
+        key = "#{@prefix}#{session_id}"
+        @redis ? @redis.del(key) : @resp.del(key)
       end
 
       def cleanup
         # Valkey handles TTL automatically (same as Redis)
       end
+
+      private
+
+      # Use the official `redis` gem (RESP-compatible with Valkey) only when the
+      # REAL gem is loadable; otherwise nil so the caller falls back to raw RESP.
+      def build_gem_client
+        require "redis"
+        return nil unless defined?(::Redis::VERSION)
+        Redis.new(host: @host, port: @port, db: @db, password: @password)
+      rescue LoadError
+        nil
+      end
     end
   end
 end

data/lib/tina4/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Tina4
-  VERSION = "3.13.43"
+  VERSION = "3.13.44"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tina4ruby
 version: !ruby/object:Gem::Version
-  version: 3.13.43
+  version: 3.13.44
 platform: ruby
 authors:
 - Tina4 Team
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2026-06-22 00:00:00.000000000 Z
+date: 2026-06-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -192,6 +192,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: rdkafka
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.20'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.20'
+- !ruby/object:Gem::Dependency
+  name: bunny
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.22'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.22'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -373,6 +401,7 @@ files:
 - lib/tina4/session_handlers/file_handler.rb
 - lib/tina4/session_handlers/mongo_handler.rb
 - lib/tina4/session_handlers/redis_handler.rb
+- lib/tina4/session_handlers/resp_client.rb
 - lib/tina4/session_handlers/valkey_handler.rb
 - lib/tina4/shutdown.rb
 - lib/tina4/sql_translation.rb