feat: update insightsProject slug (CM-1043)

[ulemons]

Summary

• When a sub-project (leaf segment) slug is updated in CDP, the corresponding insightsProjects.slug is now automatically synced.
• The three securityInsights* tables (securityInsightsEvaluationAssessments, securityInsightsEvaluationSuites,
  securityInsightsEvaluations) get their insightsProjectSlug updated automatically via the ON UPDATE CASCADE foreign key
  constraint already in place (migration V1753457861).

Changes

backend/src/services/segmentService.ts
In the update() method, when a leaf segment's slug changes, the linked insightsProject is looked up by segmentId and its
slug is updated (stripping the nonlf_ prefix, consistent with the creation flow).

services/libs/data-access-layer/src/collections/index.ts
Fixed a bug in createCollection where optional fields (logoUrl, imageUrl, color) were not defaulted to null, causing a
pg-promise error when callers omitted them.

---

Note

Medium Risk
Touches slug propagation across segments, insightsProjects, and downstream securityInsights* tables; mistakes could desync identifiers or trigger unexpected updates for analytics consumers.

Overview
Keeps insightsProjects.slug in sync when a leaf segment (subproject) slug is updated by updating the linked insights project (with nonlf_ prefix normalization) during SegmentService.update().

Makes CollectionService.updateInsightsProject() only resync repository groups when repositoryGroups is explicitly provided (avoiding unintended deletions), and updates updatedAt on securityInsightsEvaluationSuites, securityInsightsEvaluations, and securityInsightsEvaluationAssessments when an insights project slug changes so downstream consumers (e.g. Tinybird) detect the cascade update.

^{Written by Cursor Bugbot for commit b62af5f. This will update automatically on new commits. Configure here.}

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[Copilot]

Pull request overview

This PR ensures that when a leaf segment (sub-project) slug is updated, the corresponding insightsProjects.slug stays in sync, relying on existing FK ON UPDATE CASCADE behavior for related securityInsights* tables. It also aims to address a DAL bug when creating collections with omitted optional fields.

Changes:

• Sync insightsProjects.slug when a sub-project segment’s slug changes (normalizing by stripping nonlf_).
• Rely on existing ON UPDATE CASCADE to propagate insightsProjectSlug changes to securityInsights* tables.
• Fix createCollection to default optional fields (logoUrl, imageUrl, color) to null when omitted.

Reviewed changes

Copilot reviewed 1 out of 1 changed files in this pull request and generated 2 comments.

File	Description
backend/src/services/segmentService.ts	Updates linked insights project slug when a sub-project segment slug changes.
services/libs/data-access-layer/src/collections/index.ts	Adjusts collection creation to avoid errors when optional fields are omitted.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.}