|
|
56f37892c0
|
fix: Schema compatibility - 8 column/table fixes found during testing
Fixed issues discovered during comprehensive testing of 164 tools:
- groups.ts: Remove non-existent description column
- analytics.ts: Use group_permissions instead of collection_group_memberships
- notifications.ts: Remove non-existent data column
- imports-tools.ts: Remove non-existent type/documentCount/fileCount columns
- emojis.ts: Graceful handling when emojis table doesn't exist
- teams.ts: Remove passkeysEnabled/description/preferences columns
- collections.ts: Use lastModifiedById instead of updatedById
- revisions.ts: Use lastModifiedById instead of updatedById
Tested 45+ tools against production (hub.descomplicar.pt)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
2026-01-31 17:23:00 +00:00 |
|
|
|
7d2a014b74
|
fix: Schema compatibility - emoji → icon column rename
Production Outline DB uses 'icon' column instead of 'emoji' for documents
and revisions. Fixed all affected queries:
- documents.ts: SELECT queries
- advanced-search.ts: Search queries
- analytics.ts: Analytics + GROUP BY
- export-import.ts: Export/import metadata
- templates.ts: Template queries + INSERT
- collections.ts: Collection document listing
- revisions.ts: Revision comparison
reactions.emoji kept unchanged (correct schema)
Tested: 448 documents successfully queried from hub.descomplicar.pt
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
2026-01-31 17:14:27 +00:00 |
|
|
|
7c83a9e168
|
fix(security): Resolve 21 SQL injection vulnerabilities and add transactions
Security fixes (v1.2.2):
- Fix SQL injection in analytics.ts (16 occurrences)
- Fix SQL injection in advanced-search.ts (1 occurrence)
- Fix SQL injection in search-queries.ts (1 occurrence)
- Add validateDaysInterval(), isValidISODate(), validatePeriod() to security.ts
- Use make_interval(days => N) for safe PostgreSQL intervals
- Validate UUIDs BEFORE string construction
Transaction support:
- bulk-operations.ts: 6 atomic operations with withTransaction()
- desk-sync.ts: 2 operations with transactions
- export-import.ts: 1 operation with transaction
Rate limiting:
- Add automatic cleanup of expired entries (every 5 minutes)
Audit:
- Archive previous audit docs to docs/audits/2026-01-31-v1.2.1/
- Create new AUDIT-REQUEST.md for v1.2.2 verification
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
2026-01-31 14:47:41 +00:00 |
|
|
|
83b70f557e
|
feat: Add 52 new tools bringing total to 160
New modules (11):
- teams.ts (5 tools): Team/workspace management
- integrations.ts (6 tools): External integrations (Slack, embeds)
- notifications.ts (4 tools): User notification management
- subscriptions.ts (4 tools): Document subscription management
- templates.ts (5 tools): Document template management
- imports-tools.ts (4 tools): Import job management
- emojis.ts (3 tools): Custom emoji management
- user-permissions.ts (3 tools): Permission management
- bulk-operations.ts (6 tools): Batch operations
- advanced-search.ts (6 tools): Faceted search, recent, orphaned, duplicates
- analytics.ts (6 tools): Usage statistics and insights
Updated:
- src/index.ts: Import and register all new tools
- src/tools/index.ts: Export all new modules
- CHANGELOG.md: Version 1.2.0 entry
- CLAUDE.md: Updated tool count to 160
- CONTINUE.md: Updated state documentation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
2026-01-31 13:53:27 +00:00 |
|
