jarvis/dd0c
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix drift SET LOCAL: use string interpolation with UUID validation (SET doesn't support params)
All checks were successful
CI — P2 Drift (Go + Node) / agent (push) Successful in 15s
Details
CI — P2 Drift (Go + Node) / saas (push) Successful in 29s
Details

Browse Source
This commit is contained in:
Max Mayfield
2026-03-02 03:59:26 +00:00
parent d55162a047
commit e0b84f5481
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
products/02-iac-drift-detection/saas/src/data/db.ts
View File

@@ -15,7 +15,9 @@ export function createPool(connectionString: string): pg.Pool {
* MUST be cleared when returning the connection to the pool.
*/
export async function setTenantContext(client: pg.PoolClient, tenantId: string): Promise<void> {
await client.query('SET LOCAL app.tenant_id = $1', [tenantId]);
// SET doesn't support parameterized queries — validate UUID format then interpolate
if (!/^[0-9a-f-]{36}$/i.test(tenantId)) throw new Error('Invalid tenant ID');
await client.query(`SET LOCAL app.tenant_id = '${tenantId}'`);
}
/**