aql: preserve inner \$ in string literals; fix notes tag regex for $ (fixes #5680 )

2026-03-09 11:42:54 -05:00 · 2025-09-26 21:06:04 +00:00
2 changed files with 15 additions and 1 deletions
--- a/packages/loot-core/src/server/aql/compiler.test.ts
+++ b/packages/loot-core/src/server/aql/compiler.test.ts
@@ -161,6 +161,17 @@ describe('sheet language', () => {
    );
  });

+  it('does not strip inner regex dollar escapes in string literals', () => {
+    const result = generateSQLWithState(
+      q('transactions')
+        .filter({ 'payee.name': { $regexp: '\\$end' } })
+        .select(['id'])
+        .serialize(),
+      schemaWithRefs,
+    );
+    expect(result.sql).toMatch("REGEXP('\\\\$end', payees1.name)");
+  });
+
  it('`select` allows selecting all fields with *', () => {
    let result = generateSQLWithState(
      q('accounts').select(['*']).serialize(),
--- a/packages/loot-core/src/server/aql/compiler.ts
+++ b/packages/loot-core/src/server/aql/compiler.ts
@@ -462,7 +462,10 @@ function compileLiteral(value) {
  } else if (typeof value === 'string') {
    // Allow user to escape $, and quote the string to make it a
    // string literal in the output
-    value = value.replace(/\\\$/g, '$');
+    // Only unescape a leading "\$" so users can write literals starting
+    // with "$" without triggering field reference parsing. Do not
+    // unescape inner "\$" occurrences to preserve regex escaping.
+    value = value.replace(/^\\\$/, '$');
    return typed(value, 'string', { literal: true });
  } else if (typeof value === 'boolean') {
    return typed(value ? 1 : 0, 'boolean', { literal: true });