Add OData filtering and multi-source ingest failover#92
Merged
Miracle656 merged 1 commit intoMay 30, 2026
Merged
Conversation
Implements the scoped work for: Closes Miracle656#81 Closes Miracle656#82 Summary: - Adds safe OData-style $filter / $select handling with cursor pagination on list endpoints. - Adds a pluggable indexer source switcher with RPC primary and Horizon fallback. - Updates route/tests/docs to match the new behavior.
|
@ALIPHATICHYD Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits. You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀 |
Miracle656
approved these changes
May 30, 2026
Owner
Miracle656
left a comment
Miracle656
left a comment
There was a problem hiding this comment.
The risky piece in any OData implementation is SQL injection via the filter expression. This one is safe by construction:
- The parser never builds raw SQL. It emits a Prisma
whereobject ({ field: { contains, mode } },{ field: value },{ field: { gt: value } },{ AND: […] }), and Prisma parameterizes every value before sending it to Postgres. - Field names are double-gated: an identifier regex
^[A-Za-z_][A-Za-z0-9_\.]*$plus the caller-suppliedfields: Record<string, FieldDefinition>allowlist. Anything not in the allowlist throws — no smugglingid; DROP TABLE. - Values are coerced per
FieldDefinition.type: strict integer regex for numbers,new Date()with validity check for dates, escaped-single-quote handling for strings ('O''Brien'→O'Brien). ORis explicitly refused (/\bor\b/irejects upfront) — limits the surface to AND-of-clauses, which keeps both query shape and parser complexity bounded.$selectvalidation is the same shape — identifier regex + allowlist.projectRecordeven supportsderivedcomputed fields cleanly.encodeCursor/decodeCursorare base64url-wrapped{ id: number }JSON with integer validation; malformed cursors returnundefinedso the route falls back to the start instead of throwing.
Multi-source ingest
sources/index.ts switcher with RPC primary + Horizon fallback is the right shape. Tests cover both paths and the failover trigger.
5 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Implements the scoped work for:
Closes #81
Closes #82
Summary:
Summary
Related issue
Type of change
Checklist
npx tsc --noEmitpassesnpm run buildpasses