Skip to content

[codex] Clamp numeric query parameters#225

Open
pq198363-ops wants to merge 1 commit into
Agentpay-Org:mainfrom
pq198363-ops:bounty-91-query-param-clamp
Open

[codex] Clamp numeric query parameters#225
pq198363-ops wants to merge 1 commit into
Agentpay-Org:mainfrom
pq198363-ops:bounty-91-query-param-clamp

Conversation

@pq198363-ops

Copy link
Copy Markdown

Closes #91

Summary

  • Added a shared parseIntParam helper for defensive numeric query parsing.
  • Applied bounded fallback/clamp behavior to limit and since handling on the affected list endpoints:
    • GET /api/v1/events
    • GET /api/v1/agents
    • GET /api/v1/services
    • GET /api/v1/services/:serviceId/agents/top
  • Documented the query parameter defaults and supported ranges in the README.

Validation

RED evidence:

  • The focused query-parameter test initially failed at build time because src/queryParams.ts did not exist yet.

GREEN evidence:

  • npx prettier --check README.md src/queryParams.ts src/query-params.test.ts src/routes/events.ts src/routes/services.ts src/routes/usage.ts
  • npm run lint
  • git diff --check
  • Cleaned dist/, then ran npm run build
  • Windows test command: $env:NODE_ENV='test'; node --test dist/*.test.js dist/**/*.test.js

Result: full test run passed, 93 tests across 11 suites.

Notes

Malformed, empty, NaN, or infinite numeric query values now fall back to the endpoint default. Out-of-range finite values are clamped so bad input cannot propagate NaN into slices or timestamp filters.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Clamp NaN and out-of-range query parameters on limit/since across list endpoints

1 participant