- Replace SELECT * with explicit column names in permission validation tests
- Update CTE test to use explicit columns in final SELECT
- Maintain test intent while aligning with new wildcard security validation
- Ensure all tests pass with new wildcard blocking behavior
Co-Authored-By: Dallin Bentley <dallinbentley98@gmail.com>
- Updated references across multiple files to reflect the new tool name.
- Adjusted unit tests and schemas to ensure compatibility with the renamed tool.
- Removed the old respondWithoutAnalysis tool implementation and its associated tests.
- Ensured backward compatibility for existing functionality using the old tool name.
- Import Select from node-sql-parser for type safety
- Replace function parameter types with Record<string, unknown> for dynamic AST objects
- Use proper type conversions through 'unknown' for incompatible types
- Maintain existing wildcard validation functionality
- Resolve all 8 noExplicitAny linting violations
Co-Authored-By: Dallin Bentley <dallinbentley98@gmail.com>
- Update query() method to use streamResult: true and stmt.streamRows()
- Add network-level row limiting with default 5000 row cap
- Process stream events (data, error, end) to build result set
- Maintain backward compatibility with existing adapter interface
- Update unit tests to mock streaming behavior
- Fix integration test imports and property names
- Preserve query caching by using original SQL unchanged
Co-Authored-By: Dallin Bentley <dallinbentley98@gmail.com>
- Add validateWildcardUsage function to sql-parser-helpers.ts
- Block SELECT * and qualified wildcards on physical database tables
- Allow wildcards on CTEs and derived tables
- Integrate wildcard validation into permission-validator.ts
- Add comprehensive tests for all wildcard validation scenarios
- Revert Rust SQL analyzer changes to focus on TypeScript implementation
- Fix CTE alias handling for qualified wildcards (e.g., SELECT cte_alias.*)
This prevents bypassing column-level permissions through wildcard queries
while maintaining backward compatibility with legitimate query patterns.
Co-Authored-By: Dallin Bentley <dallinbentley98@gmail.com>
- Add validateWildcardUsage() function to block SELECT * on physical tables
- Allow wildcards on CTEs but block on physical database tables
- Add comprehensive tests for wildcard validation scenarios
- Integrate wildcard validation into permission validator
- Supports all SQL dialects via node-sql-parser
- Prevents permission bypass through wildcard queries
Co-Authored-By: Dallin Bentley <dallinbentley98@gmail.com>
- Added support for Google Vertex AI model version 2.2.27 in pnpm-lock.yaml and package.json.
- Introduced new model wrappers for Sonnet4 and Haiku35 with fallback logic.
- Updated various agents to utilize the new Sonnet4 model instead of the previous anthropicCachedModel.
- Enhanced error handling and retry logic in the fallback model implementation.
- Increased processing row limit in Snowflake query to 5000 for better performance.
- Added tests for new AI fallback models and their streaming capabilities.
- Simplify test assertion in test_wildcard_allowed_on_cte for better clarity
- Clean up validate_wildcard_on_tables logic to remove redundant checks
- Improve code readability and maintainability
Co-Authored-By: Dallin Bentley <dallinbentley98@gmail.com>
- Add BlockedWildcardUsage error variant to SqlAnalyzerError enum
- Enhance process_select_item to validate wildcards against physical tables
- Block SELECT * and qualified wildcards on physical database tables
- Allow wildcards on CTEs and derived tables
- Add comprehensive tests for all wildcard validation scenarios
- Maintain backward compatibility with legitimate query patterns
This security enhancement prevents bypassing column-level permissions
through wildcard queries on physical database tables while preserving
functionality for CTEs and other legitimate use cases.
Co-Authored-By: Dallin Bentley <dallinbentley98@gmail.com>
- Renamed `respondWithoutAnalysis` to `respondWithoutAssetCreation` across multiple files to better reflect its purpose.
- Updated the `think-and-prep-instructions.ts` to clarify the agent's focus on asset creation instead of analysis.
- Added a new file `think-and-prep-updates.ts` to implement the analyst workflow with improved error handling and response management.
- Commented out legacy code in `example_scorers.ts` and `metric.eval.ts` for clarity and future reference.
- Adjusted the `sequential-thinking-tool` to remove unnecessary fields and streamline the thought processing logic.
This refactor enhances the clarity and functionality of the think-and-prep agent, aligning it with the current project goals.
dal
Devin AI
Nate Kelley
Nate Kelley
Blake Rouse