• fix(pegboard): align drain grace defaults with stop threshold #4958 : 2 dependent PRs (#4960 , #4966 )
• fix(rivetkit): preserve bridge error messages #4959
• fix(rivetkit): fire abort signal on shutdown finalize #4957
• fix(rivetkit): use startup kv preload #4956
• fix(client): flatten skipReadyWait option #4955
• ci(publish): add manual preview publish flow #4954
• fix(depot): add ltx decode diagnostics #4953
• fix(universaldb): preserve plain set values #4952 👈 (View in Graphite)
• fix(universaldb): align versionstamp operand encoding #4951
• fix(rivetkit): export database provider types #4950
• wip: kitchen sink agentic loop finish #4949
• chore(rivetkit): note duplicate admission logic #4948
• test(rivetkit): cover bypass fetch header forwarding #4947
• feat(kitchen-sink): add actor probe controls #4946
• fix(gateway): split actor response wait errors #4945
• fix(guard): handle bypass preflight before query parse #4944
• feat(kitchen-sink): add mock agent event log copy #4943
• fix(kitchen-sink): default mock agent to local endpoint #4942
• test(rivetkit): enable driver lifecycle regressions #4941
• test(rivetkit): verify cached websocket db refs exceed grace #4940
• fix(rivetkit-core): keep sleeping actors reachable during grace #4939
• test(rivetkit): cover async websocket close db access #4938
• fix(rivetkit): keep actors awake until keepAwake work finishes #4937
• fix(rivetkit): persist native onSleep state on errors #4936
• fix(rivetkit-core): allow dispatch during sleep grace #4935
• fix(rivetkit): make duplicate sleep requests idempotent #4934
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

PR Review: fix(universaldb): preserve plain set values

Overview

This PR fixes a data-corruption bug in universaldb where the plain Set operation would silently corrupt arbitrary binary values that happened to resemble FDB-style incomplete versionstamp markers. It removes the heuristic substitute_versionstamp_if_incomplete function from both the Postgres and RocksDB drivers, renames Operation::Set to Operation::SetValue for clarity, and adds a regression test.

What the bug was

The deleted substitute_versionstamp_if_incomplete function used a fragile heuristic:

1. Read the last 4 bytes of the value as a little-endian offset.
2. Look for the byte 0x33 (an FDB tuple-layer escape byte) near that offset.
3. If found, silently overwrite 10 bytes with a generated versionstamp.

Any arbitrary binary value matching this pattern would be silently corrupted. The comments in both drivers acknowledged this with TODO: versionstamps need to be calculated on the sql side.

The fix is correct: a plain set should always store verbatim bytes. Versionstamp substitution must only happen on an explicit set_versionstamped_value path.

Code quality

• Rename is correct and complete. All five match sites for Operation::Set across tx_ops.rs, postgres/transaction_task.rs, and rocksdb/transaction_task.rs were updated. No stale references remain. The compiler would catch any miss.
• Dead code fully removed. substitute_versionstamp_if_incomplete and its imports are gone from both drivers.
• No enum fall-through. Each driver match arm enumerates variants explicitly. No silent _ => catchall was introduced.

Issues / suggestions

Minor: test comment should clarify WHY this specific byte pattern matters

The test name test_plain_set_preserves_versionstamp_like_binary is good, but a one-line comment inside the function explaining that 0x33 is an FDB tuple escape byte and that the trailing zeroes mimic an incomplete-versionstamp offset would help future readers understand what failure this guards against. Per CLAUDE.md convention, comments should be lowercase complete sentences.

Minor: test comment capitalisation

The inline comment // Test that plain Set stores arbitrary binary values verbatim. should be lowercase per CLAUDE.md.

Observation: versionstamped set path is not covered by this diff

This PR correctly fixes the plain set path. The separate versionstamp set flow is not touched. Appropriate scope for this fix, but worth noting the removed TODO comments implied that path is still not implemented for Postgres/RocksDB.

Test coverage

The new integration test is well-targeted: it stores a value that would have been corrupted by the old heuristic, reads it back, and asserts byte-for-byte equality. It runs as part of run_all_tests for both driver backends and the namespace is cleared after, consistent with the rest of the test suite.

Summary

Straightforward and correct bug fix. The two minor comment style issues are the only non-blocking suggestions. No correctness, performance, or security concerns.

Preview packages published to npm

Install with:

npm install rivetkit@pr-4952

All packages published as 0.0.0-pr.4952.43f6721 with tag pr-4952.

Engine binary is shipped via @rivetkit/engine-cli on linux-x64-musl, linux-arm64-musl, darwin-x64, and darwin-arm64. Windows users should use the release installer or set RIVET_ENGINE_BINARY.

Docker images:

docker pull rivetdev/engine:slim-43f6721
docker pull rivetdev/engine:full-43f6721

npm install rivetkit@pr-4952
npm install @rivetkit/react@pr-4952
npm install @rivetkit/rivetkit-napi@pr-4952
npm install @rivetkit/workflow-engine@pr-4952