Skip to content

Commit a49feb5

Browse files
Copilotdiberry
andcommitted
Fix code review feedback: update comment and quickstart example
Co-authored-by: diberry <41597107+diberry@users.noreply.github.com>
1 parent 4c269c8 commit a49feb5

2 files changed

Lines changed: 7 additions & 3 deletions

File tree

nosql-vector-search-typescript/quickstart-vector-search.md

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -184,11 +184,15 @@ const queryEmbedding = await aiClient.embeddings.create({
184184
});
185185
186186
// Perform vector similarity search
187+
// Note: In production, use validateFieldName() from utils.ts to prevent NoSQL injection
188+
import { validateFieldName } from './utils.js';
189+
const embeddedField = validateFieldName(process.env.EMBEDDED_FIELD!);
190+
187191
const { resources } = await container.items.query({
188192
query: `SELECT TOP 5 c.HotelName, c.Description, c.Rating,
189-
VectorDistance(c.text_embedding_ada_002, @embedding) AS SimilarityScore
193+
VectorDistance(c.${embeddedField}, @embedding) AS SimilarityScore
190194
FROM c
191-
ORDER BY VectorDistance(c.text_embedding_ada_002, @embedding)`,
195+
ORDER BY VectorDistance(c.${embeddedField}, @embedding)`,
192196
parameters: [
193197
{ name: "@embedding", value: queryEmbedding.data[0].embedding }
194198
]

nosql-vector-search-typescript/src/utils.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -276,7 +276,7 @@ export function estimateMonthlyRUCost(options: {
276276

277277
/**
278278
* Validates a field name to ensure it's a safe identifier for use in queries.
279-
* This prevents SQL injection when using string interpolation in query construction.
279+
* This prevents NoSQL injection when using string interpolation in query construction.
280280
*
281281
* @param fieldName - The field name to validate
282282
* @returns The validated field name

0 commit comments

Comments
 (0)