A single PR adding a NOT NULL constraint exposed 5 untested requirements. Application-layer validation existed, but the database had no guardrails. OrangePro found it from one pull request.
Every requirement extracted from the PR, mapped to existing tests and verified against the codebase. Click any row to see the search evidence.
Coverage Distribution
Requirement Coverage
| # | Requirement | Code Symbol | Existing Test | Status | |
|---|---|---|---|---|---|
R1 Database rejects NULL username on INSERT 000160_add_users_username_not_null.up.sql None GAP | |||||
R2 Database rejects empty string username on INSERT 000160_add_users_username_not_null.up.sql None GAP | |||||
R3 Migration backfills existing NULL/empty usernames 000160_add_users_username_not_null.up.sql None GAP | |||||
R4 Application-layer validation still rejects invalid usernames user.IsValid() Unit COVERED | |||||
R5 Plugin/webhook user creation respects constraint plugin_api.CreateUser() Partial PARTIAL | |||||
R6 Profile image generation handles constraint-valid usernames createProfileImage() None GAP | |||||
R7 Migration rollback (down) removes constraint cleanly 000160_add_users_username_not_null.down.sql None GAP | |||||
Database rejects NULL username on INSERT
Database rejects empty string username on INSERT
Migration backfills existing NULL/empty usernames
Application-layer validation still rejects invalid usernames
Plugin/webhook user creation respects constraint
Profile image generation handles constraint-valid usernames
Migration rollback (down) removes constraint cleanly
These gaps were verified by searching the repository's test directories. Each finding includes the exact search query and result so you can reproduce it yourself.
user_test.go validates usernames at the Go application layer, but no test in server/**/*_test.go validates the actual PostgreSQL NOT NULL + CHECK constraints. Any code path bypassing IsValid() (plugins, migrations, admin scripts) could create invalid records.
The migration includes an UPDATE to backfill NULL/empty usernames, but no test validates that existing data is correctly transformed or that the backfill handles edge cases (whitespace-only, special characters).
Sentry issue MATTERMOST-SERVER-W1 with 9,856 events shows createProfileImage panics on empty usernames. Despite being a known production issue, no test covers this specific code path.
| Requirement | Before | After |
|---|---|---|
| DB rejects NULL username | ✗ None | ✓ Integration |
| DB rejects empty string username | ✗ None | ✓ Integration |
| Migration backfills existing records | ✗ None | ✓ Integration |
| App-layer validation rejects invalid | ✓ Unit | ✓ Unit |
| Plugin/webhook respects constraint | ~ Partial | ✓ Integration + E2E |
| Profile image handles valid usernames | ✗ None | ✓ Unit + E2E |
| Migration rollback works cleanly | ✗ None | ✓ Integration |
Every finding in this analysis is based on a public GitHub repository. Clone the repo, run the searches we documented, and see the same results. No black boxes.