fix: Escape Special Characters in String Literals - BED-7883

[LawsonWillard]

Description

• Adds string literal escaping for special characters
• Adds tests for changeset

Motivation:

Resolves: BED-7883

Special characters in cypher query string literals were not escaped causing query breakage.

Type of Change

• Bug fix (a change that fixes an issue)

Testing

• Added new unit tests to ensure escaping works as expected.

• Tested locally with a BHCE instance to ensure it works as expected.

• Unit tests added / updated

• Integration tests added / updated

• Manual integration tests run (go test -tags manual_integration ./integration/...)

Driver Impact

• PostgreSQL driver (drivers/pg)
• Neo4j driver (drivers/neo4j)

Checklist

• Code is formatted
• All existing tests pass
• go.mod / go.sum are up to date if dependencies changed

Summary by CodeRabbit

• Bug Fixes

  • String literals in Cypher queries now properly escape backslashes and single quotes, preventing syntax errors when using special characters in string values.

• Tests

  • Added comprehensive unit tests validating correct escaping of special characters in Cypher string literals, including integration-style tests verifying final query output.

[coderabbitai]

Walkthrough

The changes update the NewStringLiteral function to properly escape backslashes and single quotes in Cypher string literals, and introduce comprehensive unit and integration tests that validate the escaping behavior across various input cases.

Changes

Cohort / File(s)	Summary
String Literal Escaping cypher/models/cypher/model.go	Updated NewStringLiteral to sanitize input by escaping backslashes and single quotes before constructing the quoted literal.
String Literal Tests cypher/models/cypher/format/format_test.go	Added 123 lines of unit and integration tests validating NewStringLiteral behavior for special character escaping and verifying correct Cypher query output when literals are embedded in queries.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 Escapes and quotes, oh what a delight,
Backslashes doubled, single quotes wrapped tight,
The Cypher strings now sparkle so clean,
With tests that ensure they mean what they mean! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description check	✅ Passed	The description covers all required sections with sufficient detail: clear motivation (BED-7883), proper type classification (bug fix), testing confirmation (unit and integration tests), and completed checklist items.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Title check	✅ Passed	The title directly and clearly summarizes the main change: escaping special characters in string literals, with the ticket reference providing additional context.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch BED-7883

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

cypher/models/cypher/format/format_test.go (1)

94-106: Consider adding a combined escape case in the emitter-path test.

You already test combined escaping at the unit level; adding the same pattern here would harden end-to-end coverage.

➕ Optional test-case addition

 	{
 		name:          "single quote in name",
 		propertyKey:   "name",
 		value:         `O'Brien`,
 		expectedQuery: `match (n {name: 'O\'Brien'}) return n`,
 	},
+	{
+		name:          "backslash and single quote together",
+		propertyKey:   "path",
+		value:         `path\to\file's location`,
+		expectedQuery: `match (n {path: 'path\\to\\file\'s location'}) return n`,
+	},

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@cypher/models/cypher/format/format_test.go` around lines 94 - 106, Add a new
table-driven test case to the existing test cases in format_test.go (the test
that asserts emitted Cypher strings using the table entries with fields
propertyKey, value, expectedQuery) that combines both backslash and single-quote
characters in the value (e.g., value containing both \ and '), and set
expectedQuery to the correctly escaped Cypher literal (double-escape backslashes
and escape single quotes inside the single-quoted string) so the emitter-path
end-to-end behavior is validated for combined escaping.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@cypher/models/cypher/format/format_test.go`:
- Around line 94-106: Add a new table-driven test case to the existing test
cases in format_test.go (the test that asserts emitted Cypher strings using the
table entries with fields propertyKey, value, expectedQuery) that combines both
backslash and single-quote characters in the value (e.g., value containing both
\ and '), and set expectedQuery to the correctly escaped Cypher literal
(double-escape backslashes and escape single quotes inside the single-quoted
string) so the emitter-path end-to-end behavior is validated for combined
escaping.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 9e015794-3e71-4031-9033-81d5c32537f9

📥 Commits

Reviewing files that changed from the base of the PR and between b836c4b and 653c2fc.

📒 Files selected for processing (2)

• cypher/models/cypher/format/format_test.go
• cypher/models/cypher/model.go