fix(job-queue-plugin): Use SCAN instead of KEYS to clean indexed sets

[colinpieper]

Fixes #3742

Description

Commonly in production environments, especially when Redis is shared between multiple services or in the case of some managed solutions, there is restrictive ACL on Redis users that forbids commands deemed expensive or dangerous. One of these commands is the KEYS command, as it is a blocking command. This causes the clean-up of jobs to fail.

Using SCAN instead of KEYS resolves this issue. SCAN is rarely disabled in production, as it doesn't raise the concerns that KEYS raises (blocking of the Redis instance during execution).

Breaking changes

No breaking changes have been made.

Checklist

📌 Always:

• I have set a clear title
• My PR is small and contains a single feature
• I have checked my own PR

👍 Most of the time:

• I have added or updated test cases
• I have updated the README if needed

Summary by CodeRabbit

• Refactor
  • Improved the process for cleaning up indexed sets to enhance efficiency when retrieving matching keys.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Updated (UTC)
docs	✅ Ready (Inspect)	Visit Preview	Aug 6, 2025 0:02am

[coderabbitai]

Walkthrough

The cleanupIndexedSets method in the BullMQ job queue plugin was updated to use a cursor-based Redis SCAN loop instead of the KEYS command for retrieving matching keys. This change modifies only the internal logic for key collection, leaving the rest of the cleanup process unchanged.

Changes

Cohort / File(s)	Change Summary
Switch from KEYS to SCAN in Redis key retrieval packages/job-queue-plugin/src/bullmq/job-list-index.service.ts	Replaced use of redis.keys() with a cursor-based redis.scan() loop to collect matching keys before cleanup.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~7 minutes

Assessment against linked issues

Objective	Addressed	Explanation
Replace use of Redis KEYS command with SCAN in cleanupIndexedSets (#3742)	✅
Ensure cleanup works when KEYS is disabled and SCAN is allowed (#3742)	✅

Assessment against linked issues: Out-of-scope changes

No out-of-scope changes were found.

Note

⚡️ Unit Test Generation is now available in beta!

Learn more here, or try it out under "Finishing Touches" below.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 55f71ab and a1a18ba.

📒 Files selected for processing (1)

• packages/job-queue-plugin/src/bullmq/job-list-index.service.ts (1 hunks)

🔇 Additional comments (1)

packages/job-queue-plugin/src/bullmq/job-list-index.service.ts (1)

243-256: LGTM! Excellent fix for Redis ACL compatibility.

The replacement of KEYS with SCAN correctly addresses the production environment issue where Redis ACLs restrict the KEYS command. The cursor-based implementation is well-structured:

• Properly manages the cursor iteration until completion ('0')
• Uses appropriate MATCH pattern and COUNT parameters
• Maintains identical functionality while being non-blocking
• Preserves the same key collection behavior for the downstream cleanup logic

This change resolves the permission error without introducing breaking changes and improves compatibility with restrictive Redis configurations.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

All contributors have signed the CLA ✍️ ✅
_{Posted by the CLA Assistant Lite bot.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[colinpieper]

I have read the CLA Document and I hereby sign the CLA

[dlhck]

Great catch! Thank you!