refactor: replace raw SQL with TypeORM QueryBuilder in GistRepository

[snowrugar-beep]

Problem Statement

GistRepository uses all raw SQL via dataSource.query() for every operation (create, findNearby, findByGistId). This bypasses TypeORM's type safety, query caching, logging, and abstraction benefits.

Evidence

• Backend/src/gists/gist.repository.ts — 100% raw SQL queries
• Helper functions PaginationHelper.encodeCursor/decodeCursor used to bridge raw SQL with cursor logic

Impact

Bypasses ORM caching/type safety. Raw SQL is harder to maintain and test. Developers must know raw PostGIS SQL syntax.

Proposed Solution

1. Replace INSERT with TypeORM's insert or save method + ST_MakePoint via expression
2. Replace spatial SELECT with QueryBuilder using ST_DWithin, ST_X, ST_Y functions
3. Replace cursor pagination with QueryBuilder's where + orderBy + take
4. Keep raw SQL only for PostGIS-specific spatial functions where necessary
5. Add query logging for generated SQL

Technical Requirements

• Must preserve PostGIS spatial functionality
• Must maintain cursor-based pagination
• Must not introduce N+1 queries
• Generated SQL must be equivalent to current raw queries

Acceptance Criteria

1. All GistRepository operations use TypeORM QueryBuilder (not dataSource.query)
2. Spatial queries (ST_DWithin, ST_MakePoint, ST_X, ST_Y) work correctly
3. Cursor pagination works correctly
4. All existing tests pass without modification
5. Query logging shows TypeORM-generated SQL
6. Performance is not regressed

File Inventory

• Backend/src/gists/gist.repository.ts
• Backend/src/gists/entities/gist.entity.ts

Dependencies

None.

Testing Strategy

• Run all existing integration tests
• Compare generated SQL with current raw SQL for equivalence
• Performance benchmark before and after

Security Considerations

TypeORM QueryBuilder provides SQL injection protection compared to string concatenation in raw SQL.

Definition of Done

• Raw SQL replaced with QueryBuilder
• All tests passing
• Performance not regressed
• Spatial queries working

[coderolisa]

Hello Maintainer,

I would like to work on this issue. I have reviewed the requirements and am confident I can implement the requested changes while meeting the acceptance criteria.

Please consider assigning this issue to me. Thank you.

[Hassanmovic98]

I'll replace the raw SQL with TypeORM QueryBuilder while keeping PostGIS spatial functions intact. I'll handle cursor pagination through QueryBuilder's where and orderBy, verify no N+1 queries are introduced, and run your existing tests to confirm SQL equivalence. All operations move off dataSource.query() into type-safe QueryBuilder calls. I can complete this and deliver tested code in short time.

[grantfox-oss]

🦊 GrantFox — @Hassanmovic98 has been assigned to this issue as part of the Official Campaign campaign!

Next steps:

1. Open a Pull Request referencing this issue (e.g., Closes #46)
2. Your PR will be reviewed by the VertexChainLabs maintainers

Good luck! Track your progress on GrantFox.