# BMC Hub v2.2.2 - Sync Safety Release

**Release Date:** 22. februar 2026

## 🛡️ Critical Fixes

### e-conomic Customer Sync Mapping
- **Fixed ambiguous matching**: e-conomic sync now matches customers only by `economic_customer_number`
- **Removed unsafe fallback in this flow**: CVR/name fallback is no longer used in `/api/v1/system/sync/economic`
- **Added conflict-safe behavior**: if multiple local rows share the same `economic_customer_number`, the record is skipped and logged as conflict (no overwrite)
- **Improved traceability**: sync logs now include the actual local customer id that was updated/created

### Settings Sync UX
- **Aligned frontend with backend response fields** for vTiger/e-conomic sync summaries
- **Improved 2FA error feedback** in Settings sync UI when API returns `403: 2FA required`
- **Fixed sync stats request limit** to avoid API validation issues
- **Temporarily disabled CVR→e-conomic action** in Settings UI to prevent misleading behavior
- **Clarified runtime config source**: sync uses environment variables (`.env`) at runtime

## 🗄️ Database Safety

### New Migration
- Added migration: `migrations/138_customers_economic_unique_constraint.sql`
- Normalizes empty/whitespace `economic_customer_number` values
- Adds a partial unique index on non-null `economic_customer_number`
- Migration aborts with clear error if duplicates already exist (manual dedupe required before rerun)

## ⚠️ Deployment Notes

- Run migration `138_customers_economic_unique_constraint.sql` before enabling broad sync operations in production
- If migration fails due to duplicates, deduplicate `customers.economic_customer_number` first, then rerun migration
- Existing 2FA API protection remains enabled

## ✅ Expected Outcome

- Sync payload and DB target row are now consistent in the e-conomic flow
- Incorrect overwrites caused by weak matching strategy are prevented
- Future duplicate `economic_customer_number` values are blocked at database level