Harden security, improve reliability, release beta 5 (#3)

 Transform layer overhaul:
  - Replace 500+ line if-else dispatch chains with table-driven lookup
  - Unify three parallel variable tracking systems into single API
  - Consolidate SQL generation from 3 paths down to 2
  - Remove ~400 lines of redundant variable tracking code
  - Remove ~310 lines of dead code and unused declarations

  Security and reliability:
  - Parameterized queries prevent SQL injection in MERGE operations
  - Dynamic buffers prevent overflow in JSON serialization
  - Proper deep-copy and cleanup for path element properties
  - Consistent string escaping for SQL literals
  - Dynamic pending_prop_joins eliminates silent query truncation

  New infrastructure:
  - sql_builder module for structured query construction
  - query_dispatch with priority-based pattern registry
  - json_builder for graph algorithm output
  - transform_variables with scope management and visibility tracking

  Bug fixes:
  - Fix varlen relationship use-after-free
  - Fix WITH+MATCH variable chaining
  - Fix path variable lookup in RETURN
  - Fix UNION queries returning only second branch
  - Fix NULL value handling (return JSON null, not string "NULL")

  Tests: 749 C + 160 Python passing
  Version: 0.1.0-beta.5

Author: dylanbstorey

.metis/archived/adrs/GQLITE-A-0001.md

@@ -0,0 +1,63 @@
+---
+id: 001-keep-append-sql-for-expression
+level: adr
+title: "Keep append_sql for expression transformation"
+number: 1
+short_code: "GQLITE-A-0001"
+created_at: 2025-12-27T17:12:02.977994+00:00
+updated_at: 2025-12-27T17:12:02.977994+00:00
+decision_date: 
+decision_maker: 
+parent: 
+archived: true
+
+tags:
+  - "#adr"
+  - "#phase/draft"
+
+
+exit_criteria_met: false
+strategy_id: NULL
+initiative_id: NULL
+---
+
+# ADR-1: Keep append_sql for expression transformation
+
+## Context
+
+During the Unified SQL Builder initiative (GQLITE-I-0025), we migrated READ query clauses (MATCH, WITH, UNWIND, RETURN) to use the structured `sql_builder` API. This raised the question of whether expression transformation should also be migrated.
+
+Expression transformation currently uses `append_sql()` with 399 calls across:
+- `transform_expr_ops.c` - 78 calls (binary ops, comparisons)
+- `transform_return.c` - 74 calls (return expressions)
+- `transform_expr_predicate.c` - 41 calls (IS NULL, LIKE, IN)
+- `transform_func_*.c` - ~170 calls (function implementations)
+
+## Decision
+
+**Keep `append_sql()` for expression transformation.** Do not migrate expressions to the unified builder API.
+
+## Rationale
+
+Expression transformation is fundamentally different from clause assembly:
+
+1. **Linear string building**: Expressions are built left-to-right as SQL fragments. There's no clause reordering needed (unlike SELECT/FROM/WHERE which must be assembled in specific order).
+
+2. **No deferred assembly**: Expression output is immediate - `1 + 2` becomes `1 + 2`. There's no need to buffer parts for later assembly.
+
+3. **Nested recursion**: Expressions recurse deeply (`transform_expression` → `transform_binary_op` → `transform_expression`). Each level appends to the same buffer, which `append_sql()` handles naturally.
+
+4. **Different abstraction level**: The unified builder operates at clause level (SELECT, FROM, JOIN). Expressions are sub-clause components that get passed TO the builder via `sql_select(builder, expr_string, alias)`.
+
+## Consequences
+
+### Positive
+- No unnecessary refactoring of working code
+- Expression transformation remains simple and direct
+- Clear separation: builder for clauses, append_sql for expressions
+
+### Negative
+- Two patterns coexist in codebase (acceptable given different purposes)
+
+### Neutral
+- 399 append_sql calls remain (appropriate usage)

.metis/archived/adrs/GQLITE-A-0002.md

@@ -0,0 +1,74 @@
+---
+id: 001-keep-finalize-sql-generation-as
+level: adr
+title: "Keep finalize_sql_generation as final assembly step"
+number: 1
+short_code: "GQLITE-A-0002"
+created_at: 2025-12-27T17:12:39.126579+00:00
+updated_at: 2025-12-27T17:12:39.126579+00:00
+decision_date: 
+decision_maker: 
+parent: 
+archived: true
+
+tags:
+  - "#adr"
+  - "#phase/draft"
+
+
+exit_criteria_met: false
+strategy_id: NULL
+initiative_id: NULL
+---
+
+# ADR-1: Keep finalize_sql_generation as final assembly step
+
+*This template includes sections for various types of architectural decisions. Delete sections that don't apply to your specific use case.*
+
+## Context **[REQUIRED]**
+
+{What is the issue that we're seeing that is motivating this decision or change?}
+
+## Decision **[REQUIRED]**
+
+{What is the change that we're proposing or have agreed to implement?}
+
+## Alternatives Analysis **[CONDITIONAL: Complex Decision]**
+
+{Delete if there's only one obvious solution}
+
+| Option | Pros | Cons | Risk Level | Implementation Cost |
+|--------|------|------|------------|-------------------|
+| {Option 1} | {Benefits} | {Drawbacks} | {Low/Medium/High} | {Estimate} |
+| {Option 2} | {Benefits} | {Drawbacks} | {Low/Medium/High} | {Estimate} |
+| {Option 3} | {Benefits} | {Drawbacks} | {Low/Medium/High} | {Estimate} |
+
+## Rationale **[REQUIRED]**
+
+{Why did we choose this option over alternatives?}
+
+## Consequences **[REQUIRED]**
+
+### Positive
+- {Benefit 1}
+- {Benefit 2}
+
+### Negative
+- {Cost or drawback 1}
+- {Cost or drawback 2}
+
+### Neutral
+- {Neutral consequence 1}
+
+## Review Schedule **[CONDITIONAL: Temporary Decision]**
+
+{Delete if decision is permanent}
+
+### Review Triggers
+- {Condition that would trigger review 1}
+- {Condition that would trigger review 2}
+
+### Scheduled Review
+- **Next Review Date**: {Date}
+- **Review Criteria**: {What to evaluate}
+- **Sunset Date**: {When this decision expires if not renewed}

.metis/backlog/bugs/GQLITE-T-0042.md …s/archived/backlog/bugs/GQLITE-T-0042.md.metis/backlog/bugs/GQLITE-T-0042.md renamed to .metis/archived/backlog/bugs/GQLITE-T-0042.md .metis/backlog/bugs/GQLITE-T-0042.md renamed to .metis/archived/backlog/bugs/GQLITE-T-0042.md

@@ -7,7 +7,7 @@ created_at: 2025-12-26T02:47:07.078313+00:00
 updated_at: 2025-12-26T02:55:00.051195+00:00
 parent: 
 blocked_by: []
-archived: false
+archived: true
 
 tags:
   - "#task"
@@ -86,6 +86,8 @@ MATCH (n:Test) WITH n.category AS cat, sum(n.value) AS total RETURN cat, total
 
 ## Acceptance Criteria
 
+## Acceptance Criteria
+
 - [ ] `WHERE age > 27` correctly filters when age is an integer property
 - [ ] `WITH n.category AS cat, sum(n.value) AS total` groups by category correctly
 - [ ] Python binding tests `test_with_where` and `test_with_aggregation` pass

.metis/backlog/bugs/GQLITE-T-0043.md …s/archived/backlog/bugs/GQLITE-T-0043.md.metis/backlog/bugs/GQLITE-T-0043.md renamed to .metis/archived/backlog/bugs/GQLITE-T-0043.md .metis/backlog/bugs/GQLITE-T-0043.md renamed to .metis/archived/backlog/bugs/GQLITE-T-0043.md

@@ -4,15 +4,15 @@ level: task
 title: "Fix OPTIONAL MATCH - returns cartesian product instead of left join"
 short_code: "GQLITE-T-0043"
 created_at: 2025-12-26T03:08:11.344863+00:00
-updated_at: 2025-12-26T03:08:11.344863+00:00
+updated_at: 2025-12-27T19:22:49.095227+00:00
 parent: 
 blocked_by: []
-archived: false
+archived: true
 
 tags:
   - "#task"
-  - "#phase/backlog"
   - "#bug"
+  - "#phase/completed"
 
 
 exit_criteria_met: false
@@ -64,6 +64,14 @@ RETURN a.name, friend.name
 - **Benefits of Fixing**: {What improves after refactoring}
 - **Risk Assessment**: {Risks of not addressing this}
 
+## Acceptance Criteria
+
+## Acceptance Criteria
+
+## Acceptance Criteria
+
+## Acceptance Criteria
+
 ## Acceptance Criteria **[REQUIRED]**
 
 - [ ] {Specific, testable requirement 1}

.metis/backlog/bugs/GQLITE-T-0044.md …s/archived/backlog/bugs/GQLITE-T-0044.md.metis/backlog/bugs/GQLITE-T-0044.md renamed to .metis/archived/backlog/bugs/GQLITE-T-0044.md .metis/backlog/bugs/GQLITE-T-0044.md renamed to .metis/archived/backlog/bugs/GQLITE-T-0044.md

@@ -4,15 +4,15 @@ level: task
 title: "Fix UNWIND+CREATE - only creates one node instead of iterating"
 short_code: "GQLITE-T-0044"
 created_at: 2025-12-26T03:16:29.344348+00:00
-updated_at: 2025-12-26T03:21:24.361246+00:00
+updated_at: 2025-12-27T19:21:45.298697+00:00
 parent: 
 blocked_by: []
-archived: false
+archived: true
 
 tags:
   - "#task"
   - "#bug"
-  - "#phase/todo"
+  - "#phase/completed"
 
 
 exit_criteria_met: false
@@ -53,6 +53,12 @@ The UNWIND transformation creates a CTE with the list values, but the subsequent
 
 ## Acceptance Criteria
 
+## Acceptance Criteria
+
+## Acceptance Criteria
+
+## Acceptance Criteria
+
 ## Acceptance Criteria
 - [ ] `UNWIND [1,2,3] AS x CREATE (:Node {val: x})` creates 3 nodes
 - [ ] Python test `test_unwind_with_create` passes

.metis/backlog/bugs/GQLITE-T-0045.md …s/archived/backlog/bugs/GQLITE-T-0045.md.metis/backlog/bugs/GQLITE-T-0045.md renamed to .metis/archived/backlog/bugs/GQLITE-T-0045.md .metis/backlog/bugs/GQLITE-T-0045.md renamed to .metis/archived/backlog/bugs/GQLITE-T-0045.md

@@ -7,7 +7,7 @@ created_at: 2025-12-26T03:16:29.456577+00:00
 updated_at: 2025-12-26T03:30:02.446840+00:00
 parent: 
 blocked_by: []
-archived: false
+archived: true
 
 tags:
   - "#task"
@@ -56,6 +56,8 @@ The parser doesn't recognize array index access syntax (`identifier[expr]`) when
 
 ## Acceptance Criteria
 
+## Acceptance Criteria
+
 ## Acceptance Criteria
 - [ ] `items[0]` syntax works after WITH projection
 - [ ] `items[idx]` works with variable index

.metis/backlog/features/GQLITE-T-0009.md …chived/backlog/features/GQLITE-T-0009.md.metis/backlog/features/GQLITE-T-0009.md renamed to .metis/archived/backlog/features/GQLITE-T-0009.md .metis/backlog/features/GQLITE-T-0009.md renamed to .metis/archived/backlog/features/GQLITE-T-0009.md

@@ -7,7 +7,7 @@ created_at: 2025-12-24T01:49:49.503861+00:00
 updated_at: 2025-12-24T01:49:49.503861+00:00
 parent: 
 blocked_by: []
-archived: false
+archived: true
 
 tags:
   - "#task"
@@ -36,6 +36,8 @@ Implement CALL clause for invoking stored procedures and built-in database funct
 
 ## Acceptance Criteria
 
+## Acceptance Criteria
+
 - [ ] `CALL db.labels()` returns all labels in the database
 - [ ] `CALL db.relationshipTypes()` returns all relationship types
 - [ ] `CALL db.propertyKeys()` returns all property keys
@@ -75,6 +77,31 @@ Consider allowing user-defined procedures via:
 - SQL functions registered in SQLite
 - Plugin system for custom procedures
 
-## Status Updates
+## Decision (Dec 2025)
+
+**Status**: Won't implement - using language bindings instead.
+
+### Rationale
+
+The CALL procedure syntax exists in Neo4j primarily for:
+- Schema introspection (`db.labels()`, `db.propertyKeys()`)
+- Admin operations (`dbms.killQuery()`)
+- APOC extensions (bulk operations, import/export)
+
+For GraphQLite, these use cases are better served by the language bindings:
+
+| Use Case | CALL Approach | Bindings Approach |
+|----------|---------------|-------------------|
+| List labels | `CALL db.labels()` | `graph.get_labels()` |
+| Schema info | `CALL db.schema.visualization()` | `graph.schema()` |
+| Admin ops | `CALL dbms.*` | Direct SQLite access |
+
+**Benefits of bindings approach**:
+- No grammar/parser changes needed
+- Type-safe in Python/Rust
+- Can return rich objects, not just tabular data
+- Simpler implementation
+
+**Tradeoff**: Neo4j tooling compatibility lost. Acceptable since GraphQLite is embedded, not a server with external GUI tools connecting to it.
 
-*To be added during implementation*
+Revisit if users specifically request Neo4j-compatible introspection queries.

.metis/backlog/features/GQLITE-T-0026.md …chived/backlog/features/GQLITE-T-0026.md.metis/backlog/features/GQLITE-T-0026.md renamed to .metis/archived/backlog/features/GQLITE-T-0026.md .metis/backlog/features/GQLITE-T-0026.md renamed to .metis/archived/backlog/features/GQLITE-T-0026.md

@@ -7,7 +7,7 @@ created_at: 2025-12-24T22:50:16.585069+00:00
 updated_at: 2025-12-25T16:35:31.911289+00:00
 parent: 
 blocked_by: []
-archived: false
+archived: true
 
 tags:
   - "#task"
@@ -85,6 +85,8 @@ RETURN louvain(resolution)  -- resolution parameter
 
 ## Acceptance Criteria
 
+## Acceptance Criteria
+
 ## Acceptance Criteria **[REQUIRED]**
 
 - [ ] {Specific, testable requirement 1}

.metis/backlog/features/GQLITE-T-0027.md …chived/backlog/features/GQLITE-T-0027.md.metis/backlog/features/GQLITE-T-0027.md renamed to .metis/archived/backlog/features/GQLITE-T-0027.md .metis/backlog/features/GQLITE-T-0027.md renamed to .metis/archived/backlog/features/GQLITE-T-0027.md

@@ -7,7 +7,7 @@ created_at: 2025-12-24T22:50:16.659637+00:00
 updated_at: 2025-12-25T16:53:35.321316+00:00
 parent: 
 blocked_by: []
-archived: false
+archived: true
 
 tags:
   - "#task"
@@ -80,6 +80,8 @@ RETURN triangleCount()
 
 ## Acceptance Criteria
 
+## Acceptance Criteria
+
 ## Acceptance Criteria **[REQUIRED]**
 
 - [ ] {Specific, testable requirement 1}

.metis/backlog/features/GQLITE-T-0028.md …chived/backlog/features/GQLITE-T-0028.md.metis/backlog/features/GQLITE-T-0028.md renamed to .metis/archived/backlog/features/GQLITE-T-0028.md .metis/backlog/features/GQLITE-T-0028.md renamed to .metis/archived/backlog/features/GQLITE-T-0028.md

@@ -7,7 +7,7 @@ created_at: 2025-12-24T22:50:16.735482+00:00
 updated_at: 2025-12-25T17:00:35.061052+00:00
 parent: 
 blocked_by: []
-archived: false
+archived: true
 
 tags:
   - "#task"
@@ -83,6 +83,8 @@ RETURN astar(source, target, heuristic_func)
 
 ## Acceptance Criteria
 
+## Acceptance Criteria
+
 ## Acceptance Criteria **[REQUIRED]**
 
 - [ ] {Specific, testable requirement 1}