abed4dc96f
Convert ClickHouseUsageTracker and ClickHouseMetricsQueryStore to use JDBC parameterized queries (? binds) — these query raw tables without AggregateFunction columns. Fix lit(String) in RouteMetricsController and ClickHouseStatsStore to escape backslashes before single quotes. Without this, an input like \' breaks out of the string literal in ClickHouse (where \ is an escaped backslash). These must remain as literal SQL because the ClickHouse JDBC 0.9.x driver wraps PreparedStatement in sub-queries that strip AggregateFunction types, breaking -Merge combinators. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>