ruby-text2sql 1.0.0 → 1.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dfaa44f0339d328ce49d43002837c15aecaa6f26ef61ed19a0815f2ee88a5fb4
-  data.tar.gz: 6fed3d7a77b38851fa4790ff881103ef82938e7a37440ab9c303fac0f5af0d10
+  metadata.gz: e649f583364a150b51556fdd7013c99ff0d850971488be8791a95ca13a4898a2
+  data.tar.gz: d0d877636f08d33774c124b33ccbebc0fa43b028ec80fc352f394ccefcfa3260
 SHA512:
-  metadata.gz: b3409fa5ad821c60e177533bdbdd19ee7d77e605ebc42810bee2d912b600e3fb568a9210aa9bac845bb91f04564822f7510ee6fc99024defdf8bd8a90b2d04c9
-  data.tar.gz: f0f4eaeef6f1c88e78f8b8c9b175f2fb6b29d41ea9e50fa65b54add829d7f2647d2aca723d3975f284537652274c05f807a7d11eeb50ca6ce2bb4a200ef76dfe
+  metadata.gz: ae4aba96a152e536eff54299024b256218ff963b5cfa1d68472f88012117ceea2dd8771726f5b87aa6c30de4c9444e4ba25e4a6c04016f66bdb77371338e6a37
+  data.tar.gz: 3c8fd4908543e7dd8d3317f4e38d55d1cedfa2a302db31dd8a4e038a0e77ea0c3cd5e52b687b596168692ddb432f526f5fc995ed0e7058bbc322446c209f51ff

data/.rubocop.yml

@@ -1,6 +1,7 @@
 AllCops:
-  TargetRubyVersion: 2.6
+  TargetRubyVersion: 2.7.1
   NewCops: enable
+  SuggestExtensions: false
 
 Style/StringLiterals:
   Enabled: true
@@ -31,5 +32,9 @@ RSpec/ExampleLength:
 RSpec/MultipleMemoizedHelpers:
   Enabled: false
 
+# Disable problematic cops that are causing errors
+Capybara/RSpec/PredicateMatcher:
+  Enabled: false
+
 require:
   - rubocop-rspec

data/CHANGELOG.md

@@ -1,5 +1,48 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
 ## [Unreleased]
 
+### Added
+- New features that will be in the next release
+
+### Changed
+- Changes in existing functionality
+
+### Deprecated
+- Soon-to-be removed features
+
+### Removed
+- Now removed features
+
+### Fixed
+- Any bug fixes
+
+### Security
+- Vulnerability fixes
+
+## [1.0.1] - 2024-12-19
+
+### Added
+- SQL execution with safety controls
+
+### Fixed
+- Fixed RuboCop configuration warnings
+- Resolved RSpec verified double reference issues
+
+## [1.0.0] - 2024-12-19
+
+### Added
+- Initial stable release
+- Core Text2SQL functionality
+- Schema parsing capabilities
+
 ## [0.1.0] - 2024-09-14
 
+### Added
 - Initial release
+- Basic Text2SQL conversion functionality

data/README.md

@@ -15,26 +15,49 @@ Using these, Text2SQL generates SQL queries, executes them, and returns results
 
 Install the gem and add to the application's Gemfile by executing:
 
-    $ bundle add ruby-text2sq
+    $ bundle add ruby-text2sql
 
 If bundler is not being used to manage dependencies, install the gem by executing:
 
-    $ gem install ruby-text2sq
+    $ gem install ruby-text2sql
 
 ## Usage
 
 - Set your `OPENAI_API_KEY` as an environment variable in `.env`.
 
-- Use `Text2sql.call` method with a plain-text query. Here’s an example:
+- Use `Ruby::Text2sql.call` method with a plain-text query. Here's an example:
 ```
-require 'text2sql'
-
 response = Ruby::Text2sql.call("List all users who registered in the last 30 days")
 puts "SQL Query: #{response[:sql_query]}"                    # Outputs the generated SQL query
 puts "Query Result: #{response[:query_result]}"              # Outputs the result of the SQL query
 puts "Response: #{response[:natural_language_response]}"     # Outputs a human-readable response
 ```
 
+## Configuration: Allowed SQL Actions
+
+After installing the gem, you can generate an initializer to control which SQL actions are permitted by running:
+
+```sh
+rails generate ruby_text2sql:install
+```
+
+This will create `config/initializers/ruby_text2sql.rb` with content like:
+
+```ruby
+Ruby::Text2sql.configure do |config|
+  # Allow only SELECT queries by default (safest)
+  config.allowed_actions = [:select]
+
+  # Example: Allow SELECT, INSERT, and UPDATE queries
+  # config.allowed_actions = [:select, :insert, :update]
+
+  # Example: To allow DELETE queries (use with caution)
+  # config.allowed_actions = [:select, :insert, :update, :delete]
+end
+```
+
+**Note:** Only the actions listed in `allowed_actions` (as symbols) will be permitted for execution. This helps protect your database from dangerous or unwanted queries.
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.

data/lib/generators/ruby_text2sql/install/install_generator.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require "rails/generators"
+
+module RubyText2sql
+  module Generators
+    class InstallGenerator < Rails::Generators::Base
+      source_root File.expand_path("templates", __dir__)
+
+      desc "Creates a Ruby::Text2sql initializer in your application."
+
+      def copy_initializer
+        template "initializer.rb", "config/initializers/ruby_text2sql.rb"
+      end
+    end
+  end
+end

data/lib/generators/ruby_text2sql/install/templates/initializer.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+# config/initializers/ruby_text2sql.rb
+# This initializer configures which SQL actions are allowed by the ruby-text2sql gem.
+# Only the actions listed here (as symbols) will be permitted for execution.
+
+Ruby::Text2sql.configure do |config|
+  # Allow only SELECT queries by default (safest)
+  config.allowed_actions = [:select]
+
+  # Example: Allow SELECT, INSERT, and UPDATE queries
+  # config.allowed_actions = [:select, :insert, :update]
+
+  # Example: To allow DELETE queries (use with caution)
+  # config.allowed_actions = [:select, :insert, :update, :delete]
+end

data/lib/ruby/text2sql/sql_executor.rb

@@ -3,10 +3,40 @@
 module Ruby
   module Text2sql
     class SQLExecutor
-      def execute(sql_query)
-        result = ActiveRecord::Base.connection.execute(sql_query)
+      def initialize(allowed_actions: [:select], sql_query: nil)
+        @allowed_actions = allowed_actions.map(&:to_sym)
+        @sql_query = sql_query
+      end
+
+      def execute
+        return { status: :failed, error: "Action ':#{query_type}' is not allowed." } unless query_allowed?(query_type)
+
+        if query_type == :select
+          result = ActiveRecord::Base.connection.execute(@sql_query)
+          result.to_a
+        else
+          begin
+            ActiveRecord::Base.transaction do
+              ActiveRecord::Base.connection.execute(@sql_query)
+            end
+            { status: :success }
+          rescue StandardError => e
+            { status: :failed, error: e.message }
+          end
+        end
+      end
+
+      private
+
+      def query_allowed?(action)
+        @allowed_actions.include?(action)
+      end
+
+      def query_type
+        first_word = @sql_query.strip.split.first
+        return nil if first_word.nil?
 
-        result.to_a
+        first_word.upcase.downcase.to_sym
       end
     end
   end

data/lib/ruby/text2sql/version.rb

@@ -2,6 +2,6 @@
 
 module Ruby
   module Text2sql
-    VERSION = "1.0.0"
+    VERSION = "1.0.1"
   end
 end

data/lib/ruby/text2sql.rb

@@ -9,6 +9,22 @@ module Ruby
   module Text2sql
     class Error < StandardError; end
 
+    class Configuration
+      attr_accessor :allowed_actions
+
+      def initialize
+        @allowed_actions = [:select]
+      end
+    end
+
+    def self.configuration
+      @configuration ||= Configuration.new
+    end
+
+    def self.configure
+      yield(configuration)
+    end
+
     class << self
       def call(user_request)
         # Step 1: Parse the schema automatically
@@ -17,8 +33,9 @@ module Ruby
         # Step 2: Generate SQL query using OpenAI
         sql_query = generate_sql_query(user_request, schema)
 
-        # Step 3: Execute the generated SQL query using SQLExecutor
-        query_result = SQLExecutor.new.execute(sql_query)
+        # Step 3: Execute the generated SQL query using SQLExecutor, using configured allowed_actions
+        query_result = SQLExecutor.new(allowed_actions: Ruby::Text2sql.configuration.allowed_actions,
+                                       sql_query: sql_query).execute
 
         # Step 4: Generate a natural language response from the query result
         natural_language_response = generate_response(user_request, query_result)

data/ruby-text2sql.gemspec

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+require_relative "lib/ruby/text2sql/version"
+
+Gem::Specification.new do |spec|
+  spec.name = "ruby-text2sql"
+  spec.version = "1.0.1"
+  spec.authors = ["Nicolas Fabre"]
+  spec.email = ["nicofh93@gmail.com"]
+
+  spec.summary = "A Ruby gem to convert natural language to SQL queries using LLMs."
+  spec.description = "Text2SQL is a gem designed to generate SQL queries from natural language inputs.
+                      It leverages machine learning models to interpret schema files and user inputs,
+                      generating SQL queries that can be executed and returning results in a human-readable format."
+  spec.homepage = "https://github.com/nicofh/ruby-text2sql"
+  spec.license = "MIT"
+  spec.required_ruby_version = ">= 2.7.1"
+
+  spec.metadata["allowed_push_host"] = "https://rubygems.org"
+
+  spec.metadata["homepage_uri"] = "https://github.com/nicofh/ruby-text2sql"
+  spec.metadata["source_code_uri"] = "https://github.com/nicofh/ruby-text2sql"
+  spec.metadata["changelog_uri"] = "https://github.com/nicofh/ruby-text2sql/blob/main/CHANGELOG.md"
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files = Dir.chdir(__dir__) do
+    `git ls-files -z`.split("\x0").reject do |f|
+      (File.expand_path(f) == __FILE__) ||
+        f.start_with?(*%w[bin/ test/ spec/ features/ .git .github appveyor Gemfile])
+    end
+  end
+  spec.bindir = "exe"
+  spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  # Uncomment to register a new dependency of your gem
+  spec.add_dependency "ruby-openai", "~> 7.1"
+
+  # For more information and examples about making a new gem, check out our
+  # guide at: https://bundler.io/guides/creating_gem.html
+  spec.metadata["rubygems_mfa_required"] = "true"
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ruby-text2sql
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.0.1
 platform: ruby
 authors:
 - Nicolas Fabre
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-11-03 00:00:00.000000000 Z
+date: 2025-06-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ruby-openai
@@ -41,10 +41,13 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
+- lib/generators/ruby_text2sql/install/install_generator.rb
+- lib/generators/ruby_text2sql/install/templates/initializer.rb
 - lib/ruby/text2sql.rb
 - lib/ruby/text2sql/schema_parser.rb
 - lib/ruby/text2sql/sql_executor.rb
 - lib/ruby/text2sql/version.rb
+- ruby-text2sql.gemspec
 - sig/ruby/text2sql.rbs
 homepage: https://github.com/nicofh/ruby-text2sql
 licenses:
@@ -63,14 +66,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.6.0
+      version: 2.7.1
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.3
+rubygems_version: 3.1.2
 signing_key:
 specification_version: 4
 summary: A Ruby gem to convert natural language to SQL queries using LLMs.