Skip to content

fixes escaping underscores in sqlite #646

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kans merged 2 commits into from
Jan 23, 2026
Merged

fixes escaping underscores in sqlite #646

kans merged 2 commits into from
Jan 23, 2026
+123 −2

Conversation

@kans
Copy link
Contributor

@kans kans commented Jan 23, 2026
edited
Loading

This code path is almost certainly not reached by any connector in prod: GetAll, specifying a dynamic prefix, with an underscore in it, in a baton connector.

SQLite: LIKE does not treat \ as an escape by default, so _ / % won’t behave as intended unless you add ESCAPE '\'

Summary by CodeRabbit

Bug Fixes

  • Session store operations now correctly handle special characters (underscore, percent, backslash) in prefix filters, ensuring proper data isolation and retrieval during clear and retrieve operations.

✏️ Tip: You can customize this high-level summary in your review settings.

@coderabbitai
Copy link

coderabbitai bot commented Jan 23, 2026
edited
Loading

Walkthrough

Replaced non-escaped SQL LIKE prefix filtering with an ESCAPE-aware pattern (using escaped prefix + "%") in session store Clear and getAllChunk, and added tests covering prefixes containing %, _, and \ to verify literal matching and isolation.

Changes

Cohort / File(s) Summary
SQL ESCAPE-aware Pattern Matching
pkg/dotc1z/session_store.go		 Replaced raw LIKE prefix checks with prepared patterns using escapeLike(prefix) + "%", adding an ESCAPE clause so %, _, and \ in prefixes are matched literally in Clear and getAllChunk.
Special Character Test Coverage
pkg/dotc1z/session_store_test.go		 Added multiple tests exercising Clear and GetAll with prefixes containing underscore (_), percent (%), and backslash (\), ensuring selective removal and literal prefix matching across paginated retrievals.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~22 minutes

Poem

🐇 I nibble keys with careful art,

I escape percent, underscore, backslash part.
No wildcard mischief left unfurled,
Literal prefixes saved the world.
Hooray — clean queries, hop and start!

🚥 Pre-merge checks | ✅ 2 | ❌ 1
❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The title 'fixes escaping underscores in sqlite' directly relates to the main changes in the PR, which implement ESCAPE-aware pattern matching in SQL queries to properly handle special characters (underscores, percent signs, backslashes) in session prefix operations.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
  • 📝 Generate docstrings

Comment @coderabbitai help to get the list of available commands and usage tips.

@kans kans enabled auto-merge (squash) January 23, 2026 02:05
@kans kans merged commit 2419294 into main Jan 23, 2026
6 checks passed
@kans kans deleted the kans/escape branch January 23, 2026 02:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@laurenleach laurenleach laurenleach approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@kans @laurenleach