Follow-up from #829464: orderby() should verify direction [DONE] and escape fields → . I think we should consider triggering some kind of error when the database layer converts invalid input to defaults - this could for example warn about an automated SQL injection attempt.
There were good reasons for not throwing an exception there, but not sure that rules out any kind of error - we could just do trigger_error() for example.
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.