@berthojoris/mcp-mysql-server 1.16.4 → 1.17.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/CHANGELOG.md +16 -0
  2. package/DOCUMENTATIONS.md +296 -24
  3. package/README.md +36 -458
  4. package/dist/config/featureConfig.js +12 -0
  5. package/dist/index.d.ts +54 -0
  6. package/dist/index.js +41 -0
  7. package/dist/mcp-server.js +154 -1
  8. package/dist/tools/forecastingTools.d.ts +36 -0
  9. package/dist/tools/forecastingTools.js +256 -0
  10. package/dist/tools/queryVisualizationTools.d.ts +22 -0
  11. package/dist/tools/queryVisualizationTools.js +155 -0
  12. package/dist/tools/schemaPatternTools.d.ts +19 -0
  13. package/dist/tools/schemaPatternTools.js +253 -0
  14. package/dist/tools/testDataTools.d.ts +26 -0
  15. package/dist/tools/testDataTools.js +325 -0
  16. package/manifest.json +109 -1
  17. package/package.json +1 -1
package/dist/tools/queryVisualizationTools.js ADDED
@@ -0,0 +1,155 @@
1
+ "use strict";
2
+ var __importDefault = (this && this.__importDefault) || function (mod) {
3
+ return (mod && mod.__esModule) ? mod : { "default": mod };
4
+ };
5
+ Object.defineProperty(exports, "__esModule", { value: true });
6
+ exports.QueryVisualizationTools = void 0;
7
+ const connection_1 = __importDefault(require("../db/connection"));
8
+ class QueryVisualizationTools {
9
+ constructor(security) {
10
+ this.db = connection_1.default.getInstance();
11
+ this.security = security;
12
+ }
13
+ extractExplainNodes(explainJson) {
14
+ const nodes = [];
15
+ const visit = (obj) => {
16
+ if (!obj || typeof obj !== "object")
17
+ return;
18
+ if (obj.table && typeof obj.table === "object") {
19
+ const t = obj.table;
20
+ nodes.push({
21
+ table_name: t.table_name,
22
+ access_type: t.access_type,
23
+ possible_keys: t.possible_keys,
24
+ key: t.key,
25
+ rows_examined_per_scan: t.rows_examined_per_scan,
26
+ rows_produced_per_join: t.rows_produced_per_join,
27
+ filtered: t.filtered,
28
+ attached_condition: t.attached_condition,
29
+ });
30
+ }
31
+ for (const v of Object.values(obj)) {
32
+ if (Array.isArray(v))
33
+ v.forEach(visit);
34
+ else if (v && typeof v === "object")
35
+ visit(v);
36
+ }
37
+ };
38
+ visit(explainJson);
39
+ return nodes;
40
+ }
41
+ sqlJoinEdges(query) {
42
+ const edges = [];
43
+ const q = query.replace(/\s+/g, " ");
44
+ // Very lightweight parser: FROM <t> ... JOIN <t2> ON <cond>
45
+ const fromMatch = q.match(/\bFROM\s+([`"']?\w+[`"']?)(?:\s+AS\s+\w+|\s+\w+)?/i);
46
+ const base = fromMatch ? fromMatch[1].replace(/[`"']/g, "") : undefined;
47
+ if (!base)
48
+ return edges;
49
+ const joinRegex = /\bJOIN\s+([`"']?\w+[`"']?)(?:\s+AS\s+\w+|\s+\w+)?\s+ON\s+(.+?)(?=\bJOIN\b|\bWHERE\b|\bGROUP\b|\bORDER\b|\bLIMIT\b|$)/gi;
50
+ let m;
51
+ let prev = base;
52
+ while ((m = joinRegex.exec(q))) {
53
+ const table = m[1].replace(/[`"']/g, "");
54
+ const on = m[2].trim();
55
+ edges.push({ from: prev, to: table, on });
56
+ prev = table;
57
+ }
58
+ return edges;
59
+ }
60
+ buildMermaid(nodes, edges) {
61
+ const lines = [];
62
+ lines.push("graph TD");
63
+ const uniqTables = Array.from(new Set(nodes.map((n) => n.table_name).filter(Boolean)));
64
+ const nodeId = (t) => `t_${t.replace(/[^a-zA-Z0-9_]/g, "_")}`;
65
+ for (const t of uniqTables) {
66
+ const n = nodes.find((x) => x.table_name === t);
67
+ const labelParts = [t];
68
+ if (n?.access_type)
69
+ labelParts.push(`access=${n.access_type}`);
70
+ if (n?.key)
71
+ labelParts.push(`key=${n.key}`);
72
+ if (typeof n?.rows_examined_per_scan === "number") {
73
+ labelParts.push(`rows≈${n.rows_examined_per_scan}`);
74
+ }
75
+ lines.push(`${nodeId(t)}["${labelParts.join("\\n")}"]`);
76
+ }
77
+ if (edges.length) {
78
+ for (const e of edges) {
79
+ lines.push(`${nodeId(e.from)} -->|"${(e.on || "").replace(/"/g, "'").slice(0, 60)}"| ${nodeId(e.to)}`);
80
+ }
81
+ return lines.join("\n");
82
+ }
83
+ // Fallback: join order from EXPLAIN
84
+ for (let i = 0; i < uniqTables.length - 1; i++) {
85
+ lines.push(`${nodeId(uniqTables[i])} --> ${nodeId(uniqTables[i + 1])}`);
86
+ }
87
+ return lines.join("\n");
88
+ }
89
+ /**
90
+ * Create a lightweight visual representation of a SQL query.
91
+ * Returns Mermaid flowchart + EXPLAIN FORMAT=JSON summary.
92
+ */
93
+ async visualizeQuery(params) {
94
+ try {
95
+ const query = params.query;
96
+ if (!query || typeof query !== "string") {
97
+ return { status: "error", error: "query is required" };
98
+ }
99
+ if (!this.security.isReadOnlyQuery(query)) {
100
+ return {
101
+ status: "error",
102
+ error: "Only read-only queries (SELECT/SHOW/DESCRIBE/EXPLAIN) are supported for visualization.",
103
+ };
104
+ }
105
+ const includeExplain = params.include_explain_json ?? true;
106
+ const format = params.format ?? "both";
107
+ const explainQuery = `EXPLAIN FORMAT=JSON ${query}`;
108
+ const explainRows = await this.db.query(explainQuery);
109
+ let explainJson = null;
110
+ let queryCost = null;
111
+ if (explainRows[0] && explainRows[0].EXPLAIN) {
112
+ try {
113
+ explainJson = JSON.parse(explainRows[0].EXPLAIN);
114
+ queryCost =
115
+ explainJson?.query_block?.cost_info?.query_cost?.toString?.() ?? null;
116
+ }
117
+ catch {
118
+ explainJson = explainRows;
119
+ }
120
+ }
121
+ const nodes = explainJson ? this.extractExplainNodes(explainJson) : [];
122
+ const edges = this.sqlJoinEdges(query);
123
+ const mermaid = this.buildMermaid(nodes, edges);
124
+ const data = {
125
+ mermaid,
126
+ explain_summary: {
127
+ query_cost: queryCost,
128
+ tables: nodes.map((n) => ({
129
+ table_name: n.table_name,
130
+ access_type: n.access_type,
131
+ key: n.key,
132
+ rows_examined_per_scan: n.rows_examined_per_scan,
133
+ filtered: n.filtered,
134
+ })),
135
+ },
136
+ };
137
+ if (includeExplain)
138
+ data.explain_json = explainJson;
139
+ if (format === "mermaid") {
140
+ return { status: "success", data: { mermaid } };
141
+ }
142
+ if (format === "json") {
143
+ return {
144
+ status: "success",
145
+ data: { explain_summary: data.explain_summary, explain_json: explainJson },
146
+ };
147
+ }
148
+ return { status: "success", data };
149
+ }
150
+ catch (error) {
151
+ return { status: "error", error: error.message };
152
+ }
153
+ }
154
+ }
155
+ exports.QueryVisualizationTools = QueryVisualizationTools;
package/dist/tools/schemaPatternTools.d.ts ADDED
@@ -0,0 +1,19 @@
1
+ import { SecurityLayer } from "../security/securityLayer";
2
+ export declare class SchemaPatternTools {
3
+ private db;
4
+ private security;
5
+ constructor(security: SecurityLayer);
6
+ private validateDatabaseAccess;
7
+ /**
8
+ * Recognize common schema patterns and anti-patterns based on INFORMATION_SCHEMA.
9
+ */
10
+ analyzeSchemaPatterns(params?: {
11
+ scope?: "database" | "table";
12
+ table_name?: string;
13
+ database?: string;
14
+ }): Promise<{
15
+ status: string;
16
+ data?: any;
17
+ error?: string;
18
+ }>;
19
+ }
package/dist/tools/schemaPatternTools.js ADDED
@@ -0,0 +1,253 @@
1
+ "use strict";
2
+ var __importDefault = (this && this.__importDefault) || function (mod) {
3
+ return (mod && mod.__esModule) ? mod : { "default": mod };
4
+ };
5
+ Object.defineProperty(exports, "__esModule", { value: true });
6
+ exports.SchemaPatternTools = void 0;
7
+ const connection_1 = __importDefault(require("../db/connection"));
8
+ const config_1 = require("../config/config");
9
+ class SchemaPatternTools {
10
+ constructor(security) {
11
+ this.db = connection_1.default.getInstance();
12
+ this.security = security;
13
+ }
14
+ validateDatabaseAccess(requestedDatabase) {
15
+ const connectedDatabase = config_1.dbConfig.database;
16
+ if (!connectedDatabase) {
17
+ return {
18
+ valid: false,
19
+ database: "",
20
+ error: "No database configured. Please specify a database in your connection settings.",
21
+ };
22
+ }
23
+ if (requestedDatabase && requestedDatabase !== connectedDatabase) {
24
+ return {
25
+ valid: false,
26
+ database: "",
27
+ error: `Access denied: You are connected to '${connectedDatabase}' but requested '${requestedDatabase}'. Cross-database access is not permitted.`,
28
+ };
29
+ }
30
+ return { valid: true, database: connectedDatabase };
31
+ }
32
+ /**
33
+ * Recognize common schema patterns and anti-patterns based on INFORMATION_SCHEMA.
34
+ */
35
+ async analyzeSchemaPatterns(params = {}) {
36
+ try {
37
+ const dbValidation = this.validateDatabaseAccess(params?.database);
38
+ if (!dbValidation.valid) {
39
+ return { status: "error", error: dbValidation.error };
40
+ }
41
+ const database = dbValidation.database;
42
+ const scope = params.scope || (params.table_name ? "table" : "database");
43
+ if (scope === "table") {
44
+ if (!params.table_name) {
45
+ return { status: "error", error: "table_name is required for table scope" };
46
+ }
47
+ if (!this.security.validateIdentifier(params.table_name).valid) {
48
+ return { status: "error", error: "Invalid table name" };
49
+ }
50
+ }
51
+ const tables = await this.db.query(`
52
+ SELECT TABLE_NAME, TABLE_ROWS
53
+ FROM INFORMATION_SCHEMA.TABLES
54
+ WHERE TABLE_SCHEMA = ? AND TABLE_TYPE = 'BASE TABLE'
55
+ ${scope === "table" ? "AND TABLE_NAME = ?" : ""}
56
+ ORDER BY TABLE_NAME
57
+ `, scope === "table" ? [database, params.table_name] : [database]);
58
+ if (!tables.length) {
59
+ return {
60
+ status: "success",
61
+ data: {
62
+ database,
63
+ scope,
64
+ tables_analyzed: 0,
65
+ findings: [],
66
+ summary: { high: 0, medium: 0, low: 0 },
67
+ message: "No tables found.",
68
+ },
69
+ };
70
+ }
71
+ const tableNames = tables.map((t) => t.TABLE_NAME);
72
+ const placeholders = tableNames.map(() => "?").join(",");
73
+ const columns = await this.db.query(`
74
+ SELECT TABLE_NAME, COLUMN_NAME, DATA_TYPE, COLUMN_TYPE, IS_NULLABLE, COLUMN_KEY
75
+ FROM INFORMATION_SCHEMA.COLUMNS
76
+ WHERE TABLE_SCHEMA = ?
77
+ AND TABLE_NAME IN (${placeholders})
78
+ ORDER BY TABLE_NAME, ORDINAL_POSITION
79
+ `, [database, ...tableNames]);
80
+ const stats = await this.db.query(`
81
+ SELECT TABLE_NAME, INDEX_NAME, COLUMN_NAME, SEQ_IN_INDEX
82
+ FROM INFORMATION_SCHEMA.STATISTICS
83
+ WHERE TABLE_SCHEMA = ?
84
+ AND TABLE_NAME IN (${placeholders})
85
+ ORDER BY TABLE_NAME, INDEX_NAME, SEQ_IN_INDEX
86
+ `, [database, ...tableNames]);
87
+ const fks = await this.db.query(`
88
+ SELECT TABLE_NAME, COLUMN_NAME, REFERENCED_TABLE_NAME, REFERENCED_COLUMN_NAME
89
+ FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE
90
+ WHERE TABLE_SCHEMA = ?
91
+ AND TABLE_NAME IN (${placeholders})
92
+ AND REFERENCED_TABLE_NAME IS NOT NULL
93
+ `, [database, ...tableNames]);
94
+ const columnsByTable = new Map();
95
+ for (const c of columns) {
96
+ if (!columnsByTable.has(c.TABLE_NAME))
97
+ columnsByTable.set(c.TABLE_NAME, []);
98
+ columnsByTable.get(c.TABLE_NAME).push(c);
99
+ }
100
+ const indexesByTable = new Map();
101
+ for (const s of stats) {
102
+ if (!indexesByTable.has(s.TABLE_NAME))
103
+ indexesByTable.set(s.TABLE_NAME, []);
104
+ indexesByTable.get(s.TABLE_NAME).push(s);
105
+ }
106
+ const fksByTable = new Map();
107
+ for (const fk of fks) {
108
+ if (!fksByTable.has(fk.TABLE_NAME))
109
+ fksByTable.set(fk.TABLE_NAME, []);
110
+ fksByTable.get(fk.TABLE_NAME).push(fk);
111
+ }
112
+ const findings = [];
113
+ const isColumnIndexed = (table, column) => {
114
+ const idx = indexesByTable.get(table) || [];
115
+ return idx.some((s) => s.COLUMN_NAME === column);
116
+ };
117
+ for (const t of tables) {
118
+ const tCols = columnsByTable.get(t.TABLE_NAME) || [];
119
+ const tFks = fksByTable.get(t.TABLE_NAME) || [];
120
+ const pkCols = tCols.filter((c) => c.COLUMN_KEY === "PRI");
121
+ if (!pkCols.length) {
122
+ findings.push({
123
+ severity: "high",
124
+ table_name: t.TABLE_NAME,
125
+ pattern: "MISSING_PRIMARY_KEY",
126
+ description: "Table has no PRIMARY KEY.",
127
+ recommendations: [
128
+ "Add a surrogate primary key (e.g., BIGINT AUTO_INCREMENT) or a natural composite key.",
129
+ "Primary keys improve replication, indexing, and ORM compatibility.",
130
+ ],
131
+ });
132
+ }
133
+ if (tCols.length > 40) {
134
+ findings.push({
135
+ severity: "medium",
136
+ table_name: t.TABLE_NAME,
137
+ pattern: "WIDE_TABLE",
138
+ description: `Table has ${tCols.length} columns, which can indicate overloading multiple concerns.`,
139
+ evidence: { column_count: tCols.length },
140
+ recommendations: [
141
+ "Consider vertical partitioning or splitting into related tables.",
142
+ "Move sparse/optional fields into a separate table.",
143
+ ],
144
+ });
145
+ }
146
+ const nullableCount = tCols.filter((c) => c.IS_NULLABLE === "YES").length;
147
+ if (tCols.length > 0 && nullableCount / tCols.length > 0.6) {
148
+ findings.push({
149
+ severity: "medium",
150
+ table_name: t.TABLE_NAME,
151
+ pattern: "HIGH_NULLABILITY",
152
+ description: `More than 60% of columns are NULLable (${nullableCount}/${tCols.length}).`,
153
+ evidence: { nullable_columns: nullableCount, total_columns: tCols.length },
154
+ recommendations: [
155
+ "Review whether columns should be NOT NULL with defaults.",
156
+ "Consider splitting rarely-used columns into another table.",
157
+ ],
158
+ });
159
+ }
160
+ // Foreign key columns without any index
161
+ for (const fk of tFks) {
162
+ if (!isColumnIndexed(t.TABLE_NAME, fk.COLUMN_NAME)) {
163
+ findings.push({
164
+ severity: "medium",
165
+ table_name: t.TABLE_NAME,
166
+ pattern: "FK_NOT_INDEXED",
167
+ description: `Foreign key column '${fk.COLUMN_NAME}' is not indexed.`,
168
+ evidence: {
169
+ column: fk.COLUMN_NAME,
170
+ references: `${fk.REFERENCED_TABLE_NAME}.${fk.REFERENCED_COLUMN_NAME}`,
171
+ },
172
+ recommendations: [
173
+ `Add an index on '${fk.COLUMN_NAME}' to improve join and delete/update performance.`,
174
+ ],
175
+ });
176
+ }
177
+ }
178
+ // Heuristic EAV detection: entity_id + attribute_id + value-like
179
+ const colNames = new Set(tCols.map((c) => c.COLUMN_NAME.toLowerCase()));
180
+ const hasEntityId = colNames.has("entity_id") || colNames.has("object_id");
181
+ const hasAttrId = colNames.has("attribute_id") || colNames.has("field_id");
182
+ const hasValue = colNames.has("value") ||
183
+ colNames.has("value_string") ||
184
+ colNames.has("value_int") ||
185
+ colNames.has("value_decimal");
186
+ if (hasEntityId && hasAttrId && hasValue) {
187
+ findings.push({
188
+ severity: "high",
189
+ table_name: t.TABLE_NAME,
190
+ pattern: "EAV_PATTERN",
191
+ description: "Table resembles an Entity-Attribute-Value (EAV) design, which often causes performance and integrity issues.",
192
+ recommendations: [
193
+ "Consider modeling attributes as real columns or separate typed tables.",
194
+ "If EAV is required, ensure strong indexing and constraints on (entity_id, attribute_id).",
195
+ ],
196
+ });
197
+ }
198
+ // Soft delete without index
199
+ const softDeleteCol = tCols.find((c) => ["deleted_at", "is_deleted", "deleted"].includes(c.COLUMN_NAME.toLowerCase()));
200
+ if (softDeleteCol && !isColumnIndexed(t.TABLE_NAME, softDeleteCol.COLUMN_NAME)) {
201
+ findings.push({
202
+ severity: "low",
203
+ table_name: t.TABLE_NAME,
204
+ pattern: "SOFT_DELETE_NOT_INDEXED",
205
+ description: `Soft-delete column '${softDeleteCol.COLUMN_NAME}' exists but is not indexed.`,
206
+ recommendations: [
207
+ `If queries frequently filter on '${softDeleteCol.COLUMN_NAME}', add an index (possibly composite with tenant/account keys).`,
208
+ ],
209
+ });
210
+ }
211
+ // Potential implicit relationships: *_id columns without FK constraints
212
+ const idCols = tCols
213
+ .filter((c) => c.COLUMN_NAME.toLowerCase().endsWith("_id"))
214
+ .map((c) => c.COLUMN_NAME);
215
+ if (idCols.length > 0 && tFks.length === 0) {
216
+ findings.push({
217
+ severity: "low",
218
+ table_name: t.TABLE_NAME,
219
+ pattern: "IMPLICIT_RELATIONSHIPS",
220
+ description: "Table has *_id columns but no declared foreign keys; this may be intentional, but can reduce integrity and join discoverability.",
221
+ evidence: { id_columns: idCols.slice(0, 10), total_id_columns: idCols.length },
222
+ recommendations: [
223
+ "If appropriate, add foreign keys for critical relationships.",
224
+ "At minimum, ensure *_id columns are indexed.",
225
+ ],
226
+ });
227
+ }
228
+ }
229
+ const summary = {
230
+ high: findings.filter((f) => f.severity === "high").length,
231
+ medium: findings.filter((f) => f.severity === "medium").length,
232
+ low: findings.filter((f) => f.severity === "low").length,
233
+ };
234
+ return {
235
+ status: "success",
236
+ data: {
237
+ database,
238
+ scope,
239
+ tables_analyzed: tables.length,
240
+ findings,
241
+ summary,
242
+ notes: [
243
+ "Heuristic-based analysis; review recommendations before changing production schema.",
244
+ ],
245
+ },
246
+ };
247
+ }
248
+ catch (error) {
249
+ return { status: "error", error: error.message };
250
+ }
251
+ }
252
+ }
253
+ exports.SchemaPatternTools = SchemaPatternTools;
package/dist/tools/testDataTools.d.ts ADDED
@@ -0,0 +1,26 @@
1
+ import { SecurityLayer } from "../security/securityLayer";
2
+ export declare class TestDataTools {
3
+ private db;
4
+ private security;
5
+ constructor(security: SecurityLayer);
6
+ private validateDatabaseAccess;
7
+ private escapeValue;
8
+ private parseEnumValues;
9
+ private clampString;
10
+ private generateValueForColumn;
11
+ /**
12
+ * Generate SQL INSERT statements (does not execute) for synthetic test data.
13
+ * Attempts to maintain referential integrity by sampling referenced keys when foreign keys exist.
14
+ */
15
+ generateTestData(params: {
16
+ table_name: string;
17
+ row_count: number;
18
+ batch_size?: number;
19
+ include_nulls?: boolean;
20
+ database?: string;
21
+ }): Promise<{
22
+ status: string;
23
+ data?: any;
24
+ error?: string;
25
+ }>;
26
+ }