Parameterize SQL queries, add pagination guards, and refine presence/memory handling

[Josh-wt]

Motivation

• Prevent SQL injection and improve query safety by replacing string-interpolated SQL with parameterized queries.
• Ensure pagination and offsets are sane by clamping limit/offset values.
• Make presence operations target specific participants instead of operating on entire thread maps.
• Improve memory full-text search robustness and safely update access counts using parameterized IN queries.

Description

• Rewrote audit query construction to use parameter placeholders and a params array, and added limit/offset sanitization (Math.max) and parameterized COUNT/SELECT queries.
• Converted cost summary queries to parameterized SQL with params for time range and optional filters.
• Updated memory search to build a conditional kind clause, pass queryParams to the FTS query, and update access_count via a parameterized IN clause using placeholders.
• Changed presence service leave and updateCursor to operate on a specific participantId and adjusted Pub/Sub events accordingly.
• Extended presence contracts to include participantId in PresenceLeaveInput and PresenceUpdateCursorInput.

Testing

• Ran yarn test and the TypeScript compiler (tsc) against the modified packages, and all tests and type checks passed.
• Executed server integration smoke checks for presence, memory search, cost summary, and audit query flows which completed successfully.

---

Codex Task

---

Summary by cubic

Secured SQL across audit, cost, and memory services by switching to parameterized queries and adding safe pagination. Presence updates now target a single participant, and the presence contracts include participantId to prevent noisy broadcasts.

• Bug Fixes

  • Audit: parameterized filters, clamped limit/offset, and used placeholders for COUNT/SELECT with correct hasMore.
  • Cost: parameterized time range and optional projectId/threadId; reused params for totals, by-provider, and top threads.
  • Memory: parameterized FTS query and optional kind filter; updated access_count via a parameterized IN list.
  • Presence: leave and updateCursor act on participantId only; clean up empty thread maps and publish precise events.

• Migration

  • Clients must pass participantId to PresenceLeaveInput and PresenceUpdateCursorInput.

^{Written for commit 44afa0a. Summary will update on new commits.}

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 39df0e7c-f75c-461b-a661-61070849c03c

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/review-branch-and-create-fix-plan

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}