Files
Momento/memento-note/lib/ai
Antigravity 195e845f0a
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 5s
security: fix SQL injection in semantic search - use parameterized queries with bind params
- Replace string interpolation in $queryRawUnsafe with bind params ($1, $2...)
- Add assertSafeId() validation for userId, notebookId, noteId
- ftsSearch: bind query, userId, notebookId as parameters
- vectorSearch: bind vector string, userId, notebookId, threshold as parameters
- indexNote: already used bind params, added noteId validation
- Fixes CRITICAL security audit finding #1
2026-05-12 11:51:40 +00:00
..