Merged
Conversation
Added a detailed technical analysis (sql-plan-cache-pollution-analysis.md) reviewing all repository and service files for SQL Server plan cache pollution risks. The document identifies 28 anti-patterns across 7 categories, explains their impact, and provides recommended fixes. It includes severity categorization, code examples, architectural assessments, remediation strategies, and a complete file inventory. This serves as a guide for improving SQL query consistency, performance, and maintainability.
Parameterize queries to eliminate plan cache pollution identified in the analysis document. Adds WhereLike/WhereOptional helpers to RepositoryCoreBase, fixes SQL injection in AccountSearchRepository IN clause, parameterizes interpolated values in UPDATE statements, converts dynamic WHERE assembly to consistent query shapes using IS NULL guards, replaces hardcoded string literals with SqlParameter, and converts raw SQL to Sql.Builder pattern. Addresses 28 issues across CRITICAL (5), HIGH (8), and MEDIUM (4) priority tiers in 17 files. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Expanded allowed permissions in settings.local.json to include additional Bash commands and Visual Studio/MSBuild operations. Removed commandLineArgs ("/TEST") from Lab Billing WinForms UI profile in launchSettings.json, leaving only commandName.
PetaPoco internally renumbers positional placeholders when @0 appears twice in a WHERE clause (e.g., @0 IS NULL OR column = @0), but reuses the same SqlParameter object instance for both slots. ADO.NET throws SqlParameter is already contained by another SqlParameterCollection. Fix uses @0/@1 with two separate SqlParameter instances carrying the same value. Also updates WhereOptional helper to clone SqlParameter when the value is a SqlParameter instance. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Added "WebFetch(domain:github.com)" and "WebSearch" command patterns to settings.local.json to enable GitHub web fetching and general web search functionality. No existing commands were changed.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is a fix to resolve Sql Server parameterization issues causing performance degradation with database queries.