fix: sanitize metadata search regex to prevent ReDoS

[RinZ27]

Description

Motivation and context

Fixes a potential ReDoS (Regular Expression Denial of Service) in the metadata search logic. The current implementation in parseLikeExpression directly uses raw user input to create new RegExp objects, which I noticed could lead to catastrophic backtracking. By escaping special regex characters, we ensure that the input is treated as a literal string, effectively neutralizing malicious patterns while maintaining expected functionality for LIKE queries.

Everything is green locally, and I verified the fix with a reproduction script that reduced execution time for a malicious payload from over 138 seconds to 0ms.

Related issues

N/A

Checklist

Add tests to cover the changes

Verified with a standalone reproduction script.

Code conforms with the style guide

Yes.

Sign your work

Signed-off.

Thank you again for contributing! We will try to test and integrate the change as soon as we can.

[bert-e]

Hello rinz27,

My role is to assist you with the merge of this
pull request. Please type @bert-e help to get information
on this process, or consult the user documentation.

Available options

name	description	privileged	authored
/after_pull_request	Wait for the given pull request id to be merged before continuing with the current one.
/bypass_author_approval	Bypass the pull request author's approval	⭐
/bypass_build_status	Bypass the build and test status	⭐
/bypass_commit_size	Bypass the check on the size of the changeset TBA	⭐
/bypass_incompatible_branch	Bypass the check on the source branch prefix	⭐
/bypass_jira_check	Bypass the Jira issue check	⭐
/bypass_peer_approval	Bypass the pull request peers' approval	⭐
/bypass_leader_approval	Bypass the pull request leaders' approval	⭐
/approve	Instruct Bert-E that the author has approved the pull request.		✍️
/create_pull_requests	Allow the creation of integration pull requests.
/create_integration_branches	Allow the creation of integration branches.
/no_octopus	Prevent Wall-E from doing any octopus merge and use multiple consecutive merge instead
/unanimity	Change review acceptance criteria from one reviewer at least to all reviewers
/wait	Instruct Bert-E not to run until further notice.

Available commands

name	description	privileged
/help	Print Bert-E's manual in the pull request.
/status	Print Bert-E's current status in the pull request TBA
/clear	Remove all comments from Bert-E from the history TBA
/retry	Re-start a fresh build TBA
/build	Re-start a fresh build TBA
/force_reset	Delete integration branches & pull requests, and restart merge process from the beginning.
/reset	Try to remove integration branches unless there are commits on them which do not appear on the source branch.

Status report is not available.

[RinZ27]

/approve