refactor: convert wrangler config from TOML to JSONC

[chitcommit]

Summary

• Convert both root wrangler.toml and deploy/system-wrangler.toml to JSONC format
• Sync root config with deploy config — adds hyperdrive, send_email, crons that were previously missing from the root (Workers Builds) config
• Update CI workflow path trigger, detect-mode script, and rotate-db-secret script references
• Validated via wrangler deploy --dry-run — all bindings resolve correctly

Test plan

• wrangler deploy --dry-run --config wrangler.jsonc parses all bindings
• Workers Builds triggers and deploys successfully from JSONC

🤖 Generated with Claude Code

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
❌ Deployment failed View logs	chittyfinance	4d715d5	Apr 24 2026, 08:17 AM

[coderabbitai]

Warning

Rate limit exceeded

@chitcommit has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 55 minutes and 54 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 55 minutes and 54 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 95d93b91-6296-482c-8efe-f823a753faf8

📥 Commits

Reviewing files that changed from the base of the PR and between a497b0b and 4d715d5.

📒 Files selected for processing (9)

• .github/workflows/register.yml
• deploy/system-wrangler.jsonc
• deploy/system-wrangler.toml
• package.json
• scripts/detect-mode.js
• scripts/rotate-db-secret.py
• server/lib/central-workflows.ts
• wrangler.jsonc
• wrangler.toml

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch refactor/wrangler-toml-to-jsonc

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

@coderabbitai review

Please evaluate:

• Security implications
• Credential exposure risk
• Dependency supply chain concerns
• Breaking API changes

[claude]

Code Review — PR #104: refactor: convert wrangler config from TOML to JSONC

Overview

This PR converts both wrangler.toml and deploy/system-wrangler.toml to JSONC format, syncs the root config with the deploy config (adding hyperdrive, send_email, crons that were missing), updates CI/script references, and refactors central-workflows.ts to delegate to a shared @chittyos/schema/scope-projector package.

The motivation is sound — JSONC allows inline comments which makes config maintenance much easier. The execution has a few issues that need addressing before merge.

---

🚨 Blockers

1. Local file: dependency will break Workers Builds and CI

"@chittyos/schema": "file:../../CHITTYFOUNDATION/chittyschema"

This path assumes a specific monorepo sibling layout on the developer's machine. It will not resolve on Cloudflare Workers Builds, GitHub Actions, or any other environment that doesn't share that exact directory tree. This is the most critical issue — the worker build will fail in CI/CD.

Options: publish @chittyos/schema to npm (even as a scoped private package), use a git dependency ("@chittyos/schema": "git+https://github.com/chittyapps/chittyschema.git#main"), or inline the scope projector into a local server/lib/ module until the package is publishable.

2. hyperdrive and send_email bindings missing from all named env blocks

The file header correctly documents the rule:

Bindings (KV, R2, DO, tail_consumers) do NOT inherit from top-level into env blocks — each env must carry its own explicit bindings.

Yet hyperdrive (CHITTYOS_CORE_DB) is declared only at top-level and is absent from env.dev, env.staging, and env.production in both config files. Same for observability. This means wrangler deploy --env production will deploy a worker without the CHITTYOS_CORE_DB Hyperdrive binding. The scope projector will silently no-op since CHITTYOS_CORE_DATABASE_URL / the binding won't be present.

send_email is also missing from env.staging in both files.

---

⚠️ Significant Concerns

3. Staging KV and R2 share production IDs

Both env.staging.kv_namespaces.id and env.staging.r2_buckets.bucket_name point at the production resources (517b..., chittyfinance-storage). This was true in the old TOML too, but now that this config is being actively revised it's worth fixing — staging test data will contaminate production KV/R2. The preview_id/preview_bucket_name fields exist for exactly this purpose.

4. cpu_ms: 50 is dangerously low for this workload

"limits": { "cpu_ms": 50 }

50ms of CPU time is the floor, not a safe default. A single Neon query + Drizzle deserialization + Zod validation easily consumes more than 50ms of CPU. Hono route dispatch, AI advice generation, and Hyperdrive-proxied DB calls will hit this routinely. The Workers default is 30,000ms; there's no reason to cap so aggressively on a financial app. Consider removing limits entirely or setting a value ≥ 5,000ms.

5. Verify ScopeEnv from @chittyos/schema matches what Workers env provides

The old code used CHITTYOS_CORE_DATABASE_URL (a raw Neon connection string). The new config adds a CHITTYOS_CORE_DB Hyperdrive binding. These are different things — Hyperdrive exposes a connection pool binding, not a URL string. If the shared createScopeProjector still expects a CHITTYOS_CORE_DATABASE_URL env var, it will silently no-op even though the Hyperdrive binding is present. Confirm the shared library's ScopeEnv type and database access pattern before merging.

---

📝 Minor / Nits

6. CLAUDE.md still references .toml paths

The project structure section in CLAUDE.md still shows deploy/system-wrangler.toml. Low priority but will create confusion.

7. detect-mode.js fallback is dead code post-merge

fs.existsSync(path.join(__dirname, '../deploy/system-wrangler.jsonc')) ||
fs.existsSync(path.join(__dirname, '../deploy/system-wrangler.toml'))

The .toml fallback is fine for a transition period, but the old file is deleted in this same PR — the fallback can never match after merge. The || ...toml arm is immediately dead code. Simplify to just the .jsonc check.

8. Inline comment placement in triggers

"crons": ["0 9 * * *"]  // Daily at 9:00 AM UTC — lease expiration check

JSONC parsers handle this fine, but it's more idiomatic to put the comment on the line above the property rather than inline after a value.

---

✅ What's Good

• The JSONC conversion itself is clean and the translation from TOML is faithful.
• The central-workflows.ts refactor is a meaningful simplification — reducing 175 lines to 59 by extracting the scope projector into a shared library is the right call once the package distribution issue is resolved.
• The detect-mode.js update preserving backward compatibility with both file extensions is thoughtful (even if the fallback is immediately dead code in this PR).
• CI workflow path trigger update is correct.
• rotate-db-secret.py reference update is correct.

---

Summary

The config format migration is the right direction. Two blockers need to be resolved before merge: the local file: dependency that will break Workers Builds, and the missing binding declarations in named env blocks. The cpu_ms: 50 limit should also be raised before this hits production traffic.

🤖 Generated with Claude Code

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 4d715d52ef

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Replace local schema path with installable dependency

The new dependency specifier points to a filesystem path outside this repository (file:../../CHITTYFOUNDATION/chittyschema), so a normal checkout cannot install dependencies unless that exact sibling directory exists; in CI this breaks pnpm install (and with the current unchanged lockfile it also fails --frozen-lockfile immediately). Because server/lib/central-workflows.ts now imports from @chittyos/schema/scope-projector, this makes build/test pipelines fail before compilation in environments that only have this repo.

Useful? React with 👍 / 👎.

[Copilot]

Pull request overview

Converts Cloudflare Wrangler configuration from TOML to JSONC and updates related tooling to reference the new config files.

Changes:

• Replace wrangler.toml / deploy/system-wrangler.toml with wrangler.jsonc / deploy/system-wrangler.jsonc and sync bindings across configs.
• Refactor scope projection to delegate to @chittyos/schema/scope-projector.
• Update scripts and workflow triggers that reference the deploy wrangler config.

Reviewed changes

Copilot reviewed 9 out of 9 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
wrangler.toml	Removes legacy root TOML wrangler config.
wrangler.jsonc	Adds root JSONC wrangler config with synced bindings (hyperdrive/email/crons).
deploy/system-wrangler.toml	Removes legacy deploy TOML wrangler config.
deploy/system-wrangler.jsonc	Adds deploy JSONC wrangler config equivalent to prior TOML.
server/lib/central-workflows.ts	Replaces in-file scope projection logic with shared projector adapter.
scripts/rotate-db-secret.py	Updates rotated secret deployment to use JSONC config path.
scripts/detect-mode.js	Detects system mode via presence of JSONC (and TOML fallback) config.
package.json	Adds @chittyos/schema dependency for shared scope projector usage.
.github/workflows/register.yml	Updates workflow path trigger to watch the JSONC config file.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

package.json was updated to add a new dependency, but pnpm-lock.yaml wasn’t updated in this PR. CI runs pnpm install --frozen-lockfile (see .github/workflows/security-gates.yml:91), so this will fail until the lockfile is regenerated and committed.

Suggested change

"@hookform/resolvers": "^3.9.1",

[Copilot]

Using a local file:../../CHITTYFOUNDATION/chittyschema dependency makes installs non-reproducible and will break in any environment where that external path doesn’t exist (including most CI/checkouts). Consider switching to a published/versioned dependency (registry or git URL), or vendor/workspace the package within this repo so dependency resolution works from a clean checkout.

Suggested change

	"@chittyos/schema": "file:../../CHITTYFOUNDATION/chittyschema",
	"@chittyos/schema": "2.0.0",

[Copilot]

scopeLog previously guaranteed “fire-and-forget / fail-open” behavior in non-Workers runtimes by wrapping waitUntil in a try/catch. The new implementation calls the shared projector directly without any guard; if the shared projector uses c.executionCtx.waitUntil (as other clients do), this can throw in node/test contexts and break request handlers. To match existing conventions (e.g., server/lib/ledger-client.ts:113-120 and server/lib/discovery-client.ts:100-108), wrap the projector invocation in a try/catch (or otherwise ensure it no-ops safely when executionCtx is unavailable).

Suggested change

	financeProjector(c, env, {
	externalId: projection.externalId,
	scopeType: projection.scopeType,
	characterization: projection.characterization,
	title: projection.title,
	summary: projection.summary,
	localStatus: projection.localStatus,
	statusReason: projection.statusReason,
	metadata: {
	tenantId: projection.tenantId,
	...(projection.metadata ?? {}),
	},
	});
	try {
	financeProjector(c, env, {
	externalId: projection.externalId,
	scopeType: projection.scopeType,
	characterization: projection.characterization,
	title: projection.title,
	summary: projection.summary,
	localStatus: projection.localStatus,
	statusReason: projection.statusReason,
	metadata: {
	tenantId: projection.tenantId,
	...(projection.metadata ?? {}),
	},
	});
	} catch {
	// Best-effort / fail-open in non-Workers runtimes where waitUntil may be unavailable.
	}