Upload-time duplicate detection, FTS5 query sanitization, release guard

steve/kb

- Reject duplicate uploads at the API boundary (HTTP 409) instead of
  silently skipping in the background worker. Checks both ingested
  documents and in-flight jobs via content_hash on the jobs table.
- Go client handles 409 with distinct messages for already-imported
  documents vs already-queued jobs.
- Sanitize FTS5 search queries by quoting each token to prevent syntax
  errors from special characters like ?, *, ", (), AND, OR, NOT.
- Add try/except safety net around FTS5 execute for edge cases.
- Add main branch guard to release.sh to prevent releasing from
  feature branches.
- Update specs and README to reflect new behaviour.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

This commit is contained in:

Steve Cliff

2026-03-26 23:05:07 +00:00

parent 63654a59b8

commit 6fec627503

20 changed files with 536 additions and 30 deletions

									
										openspec/changes/archive/2026-03-26-sanitize-fts5-query/.openspec.yaml
									
		+2
		
												View File
												
				@@ -0,0 +1,2 @@

				schema: spec-driven

				created: 2026-03-26