supabase / supabase / 26527228799

73%

push

github

feat(logs): brand SharedAPIReport SQL with SafeLogSqlFragment (#46405)

## I have read the
[CONTRIBUTING.md](https://github.com/supabase/supabase/blob/master/CONTRIBUTING.md)
file.

YES

## What kind of change does this PR introduce?

Security / refactor — migrates `SharedAPIReport.constants.ts` to the
proven-authorship model (`SafeLogSqlFragment`).

## What is the current behavior?

All seven SQL builders in `SHARED_API_REPORT_SQL` return plain `string`
and interpolate filter values via `generateRegexpWhere`, which performs
manual quoting without sanitization. The source table name (`edge_logs`
/ `function_edge_logs`) is also interpolated as a raw string. Queries
are executed via a local `fetchLogs` function that calls `get()`
directly, bypassing the `executeAnalyticsSql` wire boundary.

## What is the new behavior?

- Each SQL builder is rewritten with the `safeLogSql` template tag and
returns `SafeLogSqlFragment`.
- Filter keys route through `quotedIdent` (predicates with invalid
identifiers are dropped); values route through `analyticsLiteral`
(single quotes and backslashes are escaped).
- A `SOURCE_TABLE` branded map covers the two possible source tables;
`sourceTable()` looks up the branded fragment instead of interpolating a
raw string.
- `fetchLogs` is removed; `useQueries` calls `executeAnalyticsSql`
directly with `method: 'get'`, routing through the shared wire boundary.
- The `queryFn` wraps the call in a try/catch that also checks
`data?.error`, preserving the original Sentry capture behaviour
(`'Shared API Report Error'`) for both network and API-level errors.

## Additional context

972 of 1368 branches covered (71.05%)

Branch coverage included in aggregate %.

1501 of 2059 relevant lines covered (72.9%)

245.19 hits per line