2 Commits

Author SHA1 Message Date
dimgigov 1e38e29f25 fix(security): SQL injection in Python/JS clients + bare except + session leak
CI / test (push) Has been cancelled
CI / verify (push) Has been cancelled
Clients CI / build-server (push) Has been cancelled
Clients CI / test-python (push) Has been cancelled
Clients CI / test-javascript (push) Has been cancelled
Clients CI / test-nim (push) Has been cancelled
Clients CI / test-rust (push) Has been cancelled
- Fix SQL injection vulnerabilities in chat_history.py, langchain_store.py,
  rag_pipeline.py, baradb_langchain.js by switching to parameterized queries
- Replace dangerous bare except: with except CatchableError:/ValueError:
  in llm.nim, embed.nim, cypher.nim, mcp/server.nim, executor.nim
- Fix session variable leak in MCP handleVectorSearch/handleSchemaInspect
- Build: 0 errors, all tests pass
2026-05-17 16:58:05 +03:00
dimgigov 55bc3e862a feat(langchain): Session 10.2 — LangChain Vector Store (Python + JS)
- BaraDBStore for Python: add_texts, similarity_search, max_marginal_relevance_search, delete
- BaraDBStore for JS: addDocuments, addTexts, similaritySearch, maxMarginalRelevanceSearch, delete
- Both use hybrid_search() / hybrid_search_filtered() for vector+FTS+RRF
- Multi-tenant support via tenant_id session variable + metadata filter
- Embedding function is injected by user (OpenAI, sentence-transformers, etc.)
- MMR reranking for result diversity
2026-05-17 13:46:42 +03:00