(sync-service) queryable_columns to only restrict columns changeable by the client

[robacourt]

PR #4531 made queryable_columns apply to normal shape where clauses, but as #4531 (comment) pointed out, sensitive columns could still be accessed via subqueries. Making arbitrary where clauses with subqueries secure would require more than a root-table column allow-list: we would also need a table allow-list plus per-table queryable_columns for every table referenced by a subquery.

However, normal where clauses are supposed to be restricted and only set server-side. There's no need to restrict them at all. The are to restrict is the subset snapshots, where clients can change subset where and order_by.

This PR makes the behavior consistent by allowing any server-defined main where clause while keeping queryable_columns enforcement for subset where and subset order_by. It also updates the docs to make this distinction clear too.

Summary

• allow main shape where clauses to reference any table column even when queryable_columns is set
• keep queryable_columns enforcement for synced projections, subset where, and subset order_by
• update docs, OpenAPI, and the existing changeset to describe the narrower boundary

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 56.44%. Comparing base (fcf9749) to head (c5680e7).

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #4534      +/-   ##
==========================================
- Coverage   56.46%   56.44%   -0.02%     
==========================================
  Files         358      358              
  Lines       39081    39081              
  Branches    10978    10975       -3     
==========================================
- Hits        22066    22061       -5     
- Misses      16944    16948       +4     
- Partials       71       72       +1     

Flag	Coverage Δ
packages/agents	70.75% <ø> (ø)
packages/agents-mcp	77.54% <ø> (ø)
packages/agents-mobile	66.92% <ø> (ø)
packages/agents-runtime	79.98% <ø> (-0.02%)	⬇️
packages/agents-server	73.95% <ø> (-0.03%)	⬇️
packages/agents-server-ui	6.21% <ø> (ø)
packages/electric-ax	46.42% <ø> (ø)
packages/experimental	87.73% <ø> (ø)
packages/react-hooks	86.48% <ø> (ø)
packages/start	82.83% <ø> (ø)
packages/typescript-client	91.71% <ø> (-0.12%)	⬇️
packages/y-electric	56.05% <ø> (ø)
typescript	56.44% <ø> (-0.02%)	⬇️
unit-tests	56.44% <ø> (-0.02%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[netlify]

✅ Deploy Preview for electric-next ready!

Name	Link
🔨 Latest commit	c5680e7
🔍 Latest deploy log	https://app.netlify.com/projects/electric-next/deploys/6a27c6e9f634730008659da3
😎 Deploy Preview	https://deploy-preview-4534--electric-next.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[alco]

👍