supabase / supabase / 26526656505

73%

push

github

feat(logs): brand Reports logs presets with SafeLogSqlFragment (#46403)

## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.

YES

## What kind of change does this PR introduce?

Refactor / security hardening (part of a stacked series applying
compile-time SQL provenance tracking to analytics call sites).

## What is the current behavior?

The `queryType: 'logs'` presets in `PRESET_CONFIG` (API ×8, Storage ×2)
build BigQuery SQL by splicing filter keys and values via plain string
interpolation through `generateRegexpWhere`, with no compile-time
guarantee that the output is injection-safe. `ReportQueryLogs.sql`
returns `string` and `getLogsSql` returns `string`.

## What is the new behavior?

- `generateRegexpWhereSafe` added to `Reports.constants.ts`: routes
filter keys through `quotedIdent` (dropping predicates whose identifier
fails the `[A-Za-z_][A-Za-z0-9_]*` regex) and values through
`analyticsLiteral`. Values must be raw/unquoted — the function handles
all quoting and escaping itself.
- All ten `queryType: 'logs'` presets migrated to use the `safeLogSql`
template tag and `generateRegexpWhereSafe`.
- `ReportQueryLogs.sql` return type tightened from `string` to
`SafeLogSqlFragment`; `getLogsSql` return type updated to match.
- Manual pre-quoting of the `identifier` filter removed in
`useApiReport` and `useStorageReport` (`value: \`'${identifier}'\`` →
`value: identifier`), since `analyticsLiteral` now handles quoting.

## Additional context

Smoke test: `/observability/api-overview`, `/observability/storage`. To
exercise the replica `identifier` filter, select a replica on
`/observability/database` first, then navigate to those pages.

972 of 1368 branches covered (71.05%)

Branch coverage included in aggregate %.

1501 of 2059 relevant lines covered (72.9%)

245.17 hits per line