perf(application): replace like_regex with == for tag filtering (#516)

* perf(application): replace like_regex with == for tag filtering in application_runs

Use JSONPath equality checks instead of like_regex for exact tag matching.
PostgreSQL GIN indexes (jsonb_path_ops) can accelerate == but not like_regex,
reducing database load for tag-filtered queries.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

* chore: update .python-version to 3.14.2

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

---------

Co-authored-by: Claude Opus 4.6 (1M context) <[email protected]>

Author: arne-aignx

.python-version

@@ -1 +1 @@
-3.14.1
+3.14.2

src/aignostics/application/_service.py

@@ -711,14 +711,18 @@ def application_runs(  # noqa: C901, PLR0912, PLR0913, PLR0914, PLR0915, PLR0917
 
             # Handle tags filter
             if tags:
-                # JSONPath filter to match all of the provided tags in the sdk.tags array
-                # PostgreSQL limitation: Cannot use && between separate path expressions as backend crashes with 500
-                # Workaround: Filter on backend for ANY tag match, then filter client-side for ALL
-                # Use regex alternation to match any of the tags
-                escaped_tags = [tag.replace('"', '\\"').replace("\\", "\\\\") for tag in tags]
-                # Create regex pattern: ^(tag1|tag2|tag3)$
-                regex_pattern = "^(" + "|".join(escaped_tags) + ")$"
-                custom_metadata = f'$.sdk.tags ? (@ like_regex "{regex_pattern}")'
+                # Use equality checks instead of like_regex for exact tag matching.
+                # PostgreSQL GIN indexes (jsonb_path_ops) can accelerate == but not like_regex.
+                # PostgreSQL JSONPath does not support combining separate path expressions
+                # (e.g. $.sdk.tags ? (...) && $.sdk.note ? (...) is invalid JSONPath syntax),
+                # so we can only filter on one path per API call.
+                # Strategy: filter on backend for ANY tag match, then filter client-side for ALL.
+                escaped_tags = [tag.replace("\\", "\\\\").replace('"', '\\"') for tag in tags]
+                if len(escaped_tags) == 1:
+                    custom_metadata = f'$.sdk.tags[*] ? (@ == "{escaped_tags[0]}")'
+                else:
+                    conditions = " || ".join(f'@ == "{t}"' for t in escaped_tags)
+                    custom_metadata = f"$.sdk.tags[*] ? ({conditions})"
 
             run_iterator = self._get_platform_client().runs.list_data(
                 application_id=application_id,

tests/aignostics/application/service_test.py

@@ -431,6 +431,68 @@ def test_application_runs_query_escapes_special_characters(mock_get_client: Magi
     assert 'test\\"value\\\\path' in tag_call_kwargs["custom_metadata"]
 
 
+@pytest.mark.unit
+@patch("aignostics.application._service.Service._get_platform_client")
+def test_application_runs_tags_single_generates_equality_jsonpath(mock_get_client: MagicMock) -> None:
+    """Test that a single tag generates a JSONPath equality expression instead of like_regex."""
+    mock_client = MagicMock()
+    mock_runs = MagicMock()
+    mock_runs.list_data.return_value = iter([])
+    mock_client.runs = mock_runs
+    mock_get_client.return_value = mock_client
+
+    service = ApplicationService()
+    service.application_runs(tags={"experiment-1"})
+
+    call_kwargs = mock_runs.list_data.call_args[1]
+    assert call_kwargs["custom_metadata"] == '$.sdk.tags[*] ? (@ == "experiment-1")'
+
+
+@pytest.mark.unit
+@patch("aignostics.application._service.Service._get_platform_client")
+def test_application_runs_tags_multiple_generates_or_equality_jsonpath(mock_get_client: MagicMock) -> None:
+    """Test that multiple tags generate a JSONPath OR equality expression."""
+    mock_client = MagicMock()
+    mock_runs = MagicMock()
+    mock_runs.list_data.return_value = iter([])
+    mock_client.runs = mock_runs
+    mock_get_client.return_value = mock_client
+
+    service = ApplicationService()
+    service.application_runs(tags={"alpha", "beta"})
+
+    call_kwargs = mock_runs.list_data.call_args[1]
+    custom_metadata = call_kwargs["custom_metadata"]
+
+    # Tags are from a set so order is not guaranteed
+    assert custom_metadata.startswith("$.sdk.tags[*] ? (")
+    assert custom_metadata.endswith(")")
+    assert '@ == "alpha"' in custom_metadata
+    assert '@ == "beta"' in custom_metadata
+    assert " || " in custom_metadata
+
+
+@pytest.mark.unit
+@patch("aignostics.application._service.Service._get_platform_client")
+def test_application_runs_tags_escapes_quotes_and_backslashes(mock_get_client: MagicMock) -> None:
+    """Test that tag values with quotes and backslashes are properly escaped in JSONPath."""
+    mock_client = MagicMock()
+    mock_runs = MagicMock()
+    mock_runs.list_data.return_value = iter([])
+    mock_client.runs = mock_runs
+    mock_get_client.return_value = mock_client
+
+    service = ApplicationService()
+    service.application_runs(tags={'tag"with"quotes', "path\\to\\dir"})
+
+    call_kwargs = mock_runs.list_data.call_args[1]
+    custom_metadata = call_kwargs["custom_metadata"]
+
+    # Backslashes escaped first, then quotes
+    assert '@ == "tag\\"with\\"quotes"' in custom_metadata
+    assert '@ == "path\\\\to\\\\dir"' in custom_metadata
+
+
 @pytest.mark.unit
 @patch("aignostics.application._service.Service._get_platform_client")
 def test_application_run_update_custom_metadata_success(mock_get_client: MagicMock) -> None: