chore: remove outdated updatedAt field updates and refine FREE plan…

[nextify2025]

… refresh logic in quota management

• Remove unnecessary updatedAt updates; rely on Drizzle's $onUpdate mechanism.
• Refine FREE plan quota refresh logic to preserve projectNums value and streamline period calculations.

---

Summary by cubic

Simplified quota updates by removing manual updatedAt writes and made FREE plan refresh safer and more accurate. FREE plan now keeps projectNums on refresh, resets only quotas, and auto-refreshes on usage reads when expired.

• Bug Fixes

  • Preserve projectNums on FREE plan refresh; on new project, increment existing count instead of resetting.
  • Auto-refresh expired FREE plan in getSubscriptionUsage, with UTC-aligned monthly periods.
  • Keep refresh-and-deduct flow atomic for FREE actions (AI, enhance, upload, project).

• Refactors

  • Removed all manual updatedAt updates; rely on Drizzle $onUpdate.
  • Standardized FREE plan quota reset fields; stop resetting projectNums.
  • Dropped updatedAt writes when deactivating paid plans and during quota deductions.

[chatgpt-codex-connector]

Codex Review: Here are some suggestions.

Reply with @codex fix comments to fix any unresolved comments.

About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you open a pull request for review, mark a draft as ready, or comment "@codex review". If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex fix this CI failure" or "@codex address that feedback".

[chatgpt-codex-connector]

[P1] Reset FREE project quota from plan limits instead of prior remaining

When a FREE plan period has expired, the refresh path increments projectNums using the previous value (projectNums: freeLimit.projectNums + 1). projectNums represents remaining project quota and is decremented elsewhere; after a period refresh the expected remaining quota should be freePlanLimits.projectNums - 1 so that users regain the full allowance before deducting the current request. With the current update, a user who consumed all quota last month (e.g. limit=3, remaining=0) will start the new period with only 1 remaining instead of 2, effectively losing quota every cycle. This also causes stale values when unused quota exists, because the count never resets to the plan limit. The refresh logic should reset to the plan defaults before deducting rather than carrying the old remainder forward.

Useful? React with 👍 / 👎.

[cubic-dev-ai]

3 issues found across 2 files

_{React with 👍 or 👎 to teach cubic. You can also tag @cubic-dev-ai to give feedback, ask questions, or re-run the review.}

[cubic-dev-ai]

Rule violated: Flag Security Vulnerabilities

Non-atomic projectNums increment enables race-condition quota bypass. Use an atomic SQL increment to avoid lost updates and ensure accurate quota enforcement.

(Based on your team's feedback about preserving projectNums during FREE plan quota refresh, ensure the increment is atomic to maintain security while meeting that requirement.)

Prompt for AI agents

Address the following comment on packages/auth/utils/subscription-limits/core.ts at line 1134:

<comment>Non-atomic projectNums increment enables race-condition quota bypass. Use an atomic SQL increment to avoid lost updates and ensure accurate quota enforcement.

(Based on your team&#39;s feedback about preserving projectNums during FREE plan quota refresh, ensure the increment is atomic to maintain security while meeting that requirement.)</comment>

<file context>
@@ -1044,10 +1131,9 @@ async function handleFreePlanProjectDeduction(
             deployLimit: freePlanLimits.aiNums * 2,
             seats: freePlanLimits.seats,
-            projectNums: freePlanLimits.projectNums - 1, // Refresh and deduction in one operation
+            projectNums: freeLimit.projectNums + 1, // Increment existing count by 1 (new project)
             periodStart: newPeriodStart.toISOString(),
             periodEnd: nextPeriodEnd.toISOString(),
</file context>

Suggested change

	projectNums: freeLimit.projectNums + 1, // Increment existing count by 1 (new project)
	projectNums: sql<number>`(${subscriptionLimit.projectNums}) + 1`, // Increment existing count by 1 (new project)

[cubic-dev-ai]

Incrementing projectNums during FREE plan refresh contradicts how projectNums is decremented elsewhere (treated as remaining quota), causing incorrect quota after period rollover.

(Based on your team's feedback about preserving projectNums during FREE plan refresh, I specifically checked consistency with other deduction paths and found this conflict.)

Prompt for AI agents

Address the following comment on packages/auth/utils/subscription-limits/core.ts at line 1134:

<comment>Incrementing projectNums during FREE plan refresh contradicts how projectNums is decremented elsewhere (treated as remaining quota), causing incorrect quota after period rollover.

(Based on your team&#39;s feedback about preserving projectNums during FREE plan refresh, I specifically checked consistency with other deduction paths and found this conflict.)</comment>

<file context>
@@ -1044,10 +1131,9 @@ async function handleFreePlanProjectDeduction(
             deployLimit: freePlanLimits.aiNums * 2,
             seats: freePlanLimits.seats,
-            projectNums: freePlanLimits.projectNums - 1, // Refresh and deduction in one operation
+            projectNums: freeLimit.projectNums + 1, // Increment existing count by 1 (new project)
             periodStart: newPeriodStart.toISOString(),
             periodEnd: nextPeriodEnd.toISOString(),
</file context>

Suggested change

	projectNums: freeLimit.projectNums + 1, // Increment existing count by 1 (new project)
	projectNums: freePlanLimits.projectNums - 1, // Refresh and deduction in one operation