Improve Search Filter Parsing

[brandon-pereira]

Adds better support for nested Requested Throughput deeplinking, and adds better support for passing string filters which contain JSON

Before	After

Fixes HDX-2932, HDX-2933

[changeset-bot]

🦋 Changeset detected

Latest commit: 1655cb8

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 2 packages

Name	Type
@hyperdx/app	Patch
@hyperdx/api	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
hyperdx-v2-oss-app	Ready	Preview	Comment	Dec 3, 2025 4:35pm

[github-actions]

E2E Test Results

✅ All tests passed • 46 passed • 3 skipped • 273s

Status	Count
✅ Passed	46
❌ Failed	0
⚠️ Flaky	0
⏭️ Skipped	3

View full report →

[claude]

PR Review

🔒 Critical Security Issue:

• SQL Injection vulnerability in ServiceDashboardEndpointSidePanel.tsx:52,58 → The endpoint and service variables from query params are directly interpolated into SQL conditions without escaping. Single quotes in user input would break the query syntax or allow injection.
  • Fix: Escape single quotes in values (replace ' with '') or use a proper SQL parameterization approach

⚠️ Code Quality Issues:

• searchFilters.tsx:187 → Using case-sensitive includes('NOT IN') check after case-insensitive .toUpperCase() check is inconsistent
  • Fix: Use .toUpperCase().includes(' NOT IN ') for consistency
• searchFilters.tsx:190-191 → The split logic will fail if " NOT IN " appears before " IN " in the same string
  • Fix: Check for NOT IN first, or use regex-based splitting

📝 Minor Notes:

• Test coverage looks comprehensive with good edge case handling
• The string parsing logic is complex but well-tested
• Consider adding a comment explaining why OR conditions are skipped (searchFilters.tsx:178)