add query and argumeng log in membase

[iceljc]

No description provided.

[qodo-code-review]

Review Summary by Qodo

Add query and argument logging to Membase graph execution

✨ Enhancement

Walkthroughs

Description

• Add detailed query and argument logging in error messages
• Import required utilities for logging argument conversion
• Extract arguments to variable for reusability and clarity
• Include query and arguments in error log output

Diagram

flowchart LR
  A["ExecuteQueryAsync method"] -- "Extract arguments to variable" --> B["args variable"]
  B -- "Convert to loggable format" --> C["KeyValue conversion"]
  C -- "Include in error log" --> D["Enhanced error message"]
  A -- "Add imports" --> E["KeyValue and ConvertToString utilities"]

Loading

File Changes

1. src/Plugins/BotSharp.Plugin.Membase/GraphDb/MembaseGraphDb.cs ✨ Enhancement +7/-2

Enhanced error logging with query and arguments

• Added imports for BotSharp.Abstraction.Models and BotSharp.Abstraction.Utilities
• Extracted query arguments to a variable for better code organization
• Enhanced error logging to include query and arguments with proper formatting
• Converted arguments to string representation using KeyValue and ConvertToString() utility

src/Plugins/BotSharp.Plugin.Membase/GraphDb/MembaseGraphDb.cs

---

[qodo-code-review]

Code Review by Qodo

🐞 Bugs (0) 📘 Rule violations (2) 📎 Requirement gaps (0)

1. Query/args logged in error 📘 Rule violation ⛨ Security

Description

• The error log message includes the full query text and serialized argument values, which can
  contain sensitive data (PII, secrets, tokens, etc.).
• This violates secure logging requirements because logs must not include sensitive data at any log
  level and should remain safe for auditing/debugging.
• It also increases exposure of external inputs (query + parameters) without sanitization/redaction,
  which can leak data during incidents.

Code

src/Plugins/BotSharp.Plugin.Membase/GraphDb/MembaseGraphDb.cs[R55-56]

+            var argLogs = args.Select(x => (new KeyValue(x.Key, x.Value.ConvertToString())).ToString());
+            _logger.LogError(ex, $"Error when executing query in {Provider} graph db. (Query: {query}, Argments: {string.Join("\r\n", argLogs)})");

Evidence

Compliance requires that logs contain no sensitive data and that external inputs are handled
securely. The new code logs raw query and serialized args values directly into an error log
message.

Rule 5: Generic: Secure Logging Practices
Rule 6: Generic: Security-First Input Validation and Data Handling
src/Plugins/BotSharp.Plugin.Membase/GraphDb/MembaseGraphDb.cs[55-56]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
The error log currently includes the full graph query text and serialized argument values. This can leak sensitive data into application logs.

## Issue Context
`query` and `options.Arguments` are external inputs and may contain secrets/PII. Compliance requires logs to avoid sensitive data at any log level.

## Fix Focus Areas
- src/Plugins/BotSharp.Plugin.Membase/GraphDb/MembaseGraphDb.cs[55-56]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

✅ 2. Catch block can throw 📘 Rule violation ⛯ Reliability

---

Suggestion Impact:

The commit adjusted the catch-block argument serialization to use BotSharpOptions.defaultJsonOptions when calling ConvertToString, likely to make serialization more robust (e.g., handle cycles/unsupported cases better) and reduce the chance of throwing during error logging.

code diff:

@@ -2,6 +2,7 @@
 using BotSharp.Abstraction.Graph.Models;
 using BotSharp.Abstraction.Graph.Options;
 using BotSharp.Abstraction.Models;
+using BotSharp.Abstraction.Options;
 using BotSharp.Abstraction.Utilities;
 using Microsoft.Extensions.Logging;
 using System.Text.Json;
@@ -52,8 +53,8 @@
         }
         catch (Exception ex)
         {
-            var argLogs = args.Select(x => (new KeyValue(x.Key, x.Value.ConvertToString())).ToString());
-            _logger.LogError(ex, $"Error when executing query in {Provider} graph db. (Query: {query}, Argments: {string.Join("\r\n", argLogs)})");
+            var argLogs = args.Select(x => (new KeyValue(x.Key, x.Value.ConvertToString(BotSharpOptions.defaultJsonOptions))).ToString());
+            _logger.LogError(ex, $"Error when executing query in {Provider} graph db. (Query: {query}), (Argments: \r\n{string.Join("\r\n", argLogs)})");
             return new();

Description

• The catch block performs serialization (ConvertToString uses JsonSerializer.Serialize) and
  string building, which can throw (e.g., non-serializable/cyclic argument values).
• If this throws, it can mask the original exception and prevent the intended error logging +
  graceful return path, weakening reliability of error handling.

Code

src/Plugins/BotSharp.Plugin.Membase/GraphDb/MembaseGraphDb.cs[R55-56]

+            var argLogs = args.Select(x => (new KeyValue(x.Key, x.Value.ConvertToString())).ToString());
+            _logger.LogError(ex, $"Error when executing query in {Provider} graph db. (Query: {query}, Argments: {string.Join("\r\n", argLogs)})");

Evidence

Robust error handling requires that failure points are handled gracefully and do not introduce new
exceptions during error paths. The new code calls ConvertToString, which serializes arbitrary
objects via JsonSerializer.Serialize, a known throw point, inside the catch block.

Rule 3: Generic: Robust Error Handling and Edge Case Management
src/Plugins/BotSharp.Plugin.Membase/GraphDb/MembaseGraphDb.cs[55-56]
src/Infrastructure/BotSharp.Abstraction/Utilities/StringExtensions.cs[125-149]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
The error-handling path can throw while trying to serialize/format arguments for logging, which may mask the original exception and break the graceful return.

## Issue Context
`options.Arguments` is a `Dictionary<string, object>` and may contain arbitrary objects. Serializing arbitrary objects via `JsonSerializer.Serialize` can throw (e.g., cycles/unsupported types).

## Fix Focus Areas
- src/Plugins/BotSharp.Plugin.Membase/GraphDb/MembaseGraphDb.cs[55-56]
- src/Infrastructure/BotSharp.Abstraction/Utilities/StringExtensions.cs[125-149]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

ⓘ The new review experience is currently in Beta. Learn more

[qodo-code-review]

1. Query/args logged in error 📘 Rule violation ⛨ Security

• The error log message includes the full query text and serialized argument values, which can
  contain sensitive data (PII, secrets, tokens, etc.).
• This violates secure logging requirements because logs must not include sensitive data at any log
  level and should remain safe for auditing/debugging.
• It also increases exposure of external inputs (query + parameters) without sanitization/redaction,
  which can leak data during incidents.

Agent Prompt

## Issue description
The error log currently includes the full graph query text and serialized argument values. This can leak sensitive data into application logs.

## Issue Context
`query` and `options.Arguments` are external inputs and may contain secrets/PII. Compliance requires logs to avoid sensitive data at any log level.

## Fix Focus Areas
- src/Plugins/BotSharp.Plugin.Membase/GraphDb/MembaseGraphDb.cs[55-56]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

[qodo-code-review]

2. Catch block can throw 📘 Rule violation ⛯ Reliability

• The catch block performs serialization (ConvertToString uses JsonSerializer.Serialize) and
  string building, which can throw (e.g., non-serializable/cyclic argument values).
• If this throws, it can mask the original exception and prevent the intended error logging +
  graceful return path, weakening reliability of error handling.

Agent Prompt

## Issue description
The error-handling path can throw while trying to serialize/format arguments for logging, which may mask the original exception and break the graceful return.

## Issue Context
`options.Arguments` is a `Dictionary<string, object>` and may contain arbitrary objects. Serializing arbitrary objects via `JsonSerializer.Serialize` can throw (e.g., cycles/unsupported types).

## Fix Focus Areas
- src/Plugins/BotSharp.Plugin.Membase/GraphDb/MembaseGraphDb.cs[55-56]
- src/Infrastructure/BotSharp.Abstraction/Utilities/StringExtensions.cs[125-149]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools