@bytebase/dbhub 0.11.9 → 0.12.0

package/dist/index.js

@@ -149,38 +149,82 @@ var SafeURL = class {
 };
 
 // src/utils/dsn-obfuscate.ts
+function parseConnectionInfoFromDSN(dsn) {
+  if (!dsn) {
+    return null;
+  }
+  try {
+    const type = getDatabaseTypeFromDSN(dsn);
+    if (typeof type === "undefined") {
+      return null;
+    }
+    if (type === "sqlite") {
+      const prefix = "sqlite:///";
+      if (dsn.length > prefix.length) {
+        const rawPath = dsn.substring(prefix.length);
+        const firstChar = rawPath[0];
+        const isWindowsDrive = rawPath.length > 1 && rawPath[1] === ":";
+        const isSpecialPath = firstChar === ":" || firstChar === "." || firstChar === "~" || isWindowsDrive;
+        return {
+          type,
+          database: isSpecialPath ? rawPath : "/" + rawPath
+        };
+      }
+      return { type };
+    }
+    const url = new SafeURL(dsn);
+    const info = { type };
+    if (url.hostname) {
+      info.host = url.hostname;
+    }
+    if (url.port) {
+      info.port = parseInt(url.port, 10);
+    }
+    if (url.pathname && url.pathname.length > 1) {
+      info.database = url.pathname.substring(1);
+    }
+    if (url.username) {
+      info.user = url.username;
+    }
+    return info;
+  } catch {
+    return null;
+  }
+}
 function obfuscateDSNPassword(dsn) {
   if (!dsn) {
     return dsn;
   }
   try {
-    const protocolMatch = dsn.match(/^([^:]+):/);
-    if (!protocolMatch) {
+    const type = getDatabaseTypeFromDSN(dsn);
+    if (type === "sqlite") {
       return dsn;
     }
-    const protocol = protocolMatch[1];
-    if (protocol === "sqlite") {
+    const url = new SafeURL(dsn);
+    if (!url.password) {
       return dsn;
     }
-    const protocolPart = dsn.split("://")[1];
-    if (!protocolPart) {
-      return dsn;
+    const obfuscatedPassword = "*".repeat(Math.min(url.password.length, 8));
+    const protocol = dsn.split(":")[0];
+    let result;
+    if (url.username) {
+      result = `${protocol}://${url.username}:${obfuscatedPassword}@${url.hostname}`;
+    } else {
+      result = `${protocol}://${obfuscatedPassword}@${url.hostname}`;
     }
-    const lastAtIndex = protocolPart.lastIndexOf("@");
-    if (lastAtIndex === -1) {
-      return dsn;
+    if (url.port) {
+      result += `:${url.port}`;
     }
-    const credentialsPart = protocolPart.substring(0, lastAtIndex);
-    const hostPart = protocolPart.substring(lastAtIndex + 1);
-    const colonIndex = credentialsPart.indexOf(":");
-    if (colonIndex === -1) {
-      return dsn;
+    result += url.pathname;
+    if (url.searchParams.size > 0) {
+      const params = [];
+      url.forEachSearchParam((value, key) => {
+        params.push(`${encodeURIComponent(key)}=${encodeURIComponent(value)}`);
+      });
+      result += `?${params.join("&")}`;
     }
-    const username = credentialsPart.substring(0, colonIndex);
-    const password = credentialsPart.substring(colonIndex + 1);
-    const obfuscatedPassword = "*".repeat(Math.min(password.length, 8));
-    return `${protocol}://${username}:${obfuscatedPassword}@${hostPart}`;
-  } catch (error) {
+    return result;
+  } catch {
     return dsn;
   }
 }
@@ -189,7 +233,10 @@ function getDatabaseTypeFromDSN(dsn) {
     return void 0;
   }
   const protocol = dsn.split(":")[0];
-  const protocolToType = {
+  return protocolToConnectorType(protocol);
+}
+function protocolToConnectorType(protocol) {
+  const mapping = {
     "postgres": "postgres",
     "postgresql": "postgres",
     "mysql": "mysql",
@@ -197,7 +244,17 @@ function getDatabaseTypeFromDSN(dsn) {
     "sqlserver": "sqlserver",
     "sqlite": "sqlite"
   };
-  return protocolToType[protocol];
+  return mapping[protocol];
+}
+function getDefaultPortForType(type) {
+  const ports = {
+    "postgres": 5432,
+    "mysql": 3306,
+    "mariadb": 3306,
+    "sqlserver": 1433,
+    "sqlite": void 0
+  };
+  return ports[type];
 }
 
 // src/utils/sql-row-limiter.ts
@@ -360,6 +417,9 @@ var PostgresConnector = class _PostgresConnector {
   async connect(dsn, initScript, config) {
     try {
       const poolConfig = await this.dsnParser.parse(dsn, config);
+      if (config?.readonly) {
+        poolConfig.options = (poolConfig.options || "") + " -c default_transaction_read_only=on";
+      }
       this.pool = new Pool(poolConfig);
       const client = await this.pool.connect();
       console.error("Successfully connected to PostgreSQL database");
@@ -1009,6 +1069,38 @@ ConnectorRegistry.register(sqlServerConnector);
 
 // src/connectors/sqlite/index.ts
 import Database from "better-sqlite3";
+
+// src/utils/identifier-quoter.ts
+function quoteIdentifier(identifier, dbType) {
+  if (/[\0\x08\x09\x1a\n\r]/.test(identifier)) {
+    throw new Error(`Invalid identifier: contains control characters: ${identifier}`);
+  }
+  if (!identifier) {
+    throw new Error("Identifier cannot be empty");
+  }
+  switch (dbType) {
+    case "postgres":
+    case "sqlite":
+      return `"${identifier.replace(/"/g, '""')}"`;
+    case "mysql":
+    case "mariadb":
+      return `\`${identifier.replace(/`/g, "``")}\``;
+    case "sqlserver":
+      return `[${identifier.replace(/]/g, "]]")}]`;
+    default:
+      return `"${identifier.replace(/"/g, '""')}"`;
+  }
+}
+function quoteQualifiedIdentifier(tableName, schemaName, dbType) {
+  const quotedTable = quoteIdentifier(tableName, dbType);
+  if (schemaName) {
+    const quotedSchema = quoteIdentifier(schemaName, dbType);
+    return `${quotedSchema}.${quotedTable}`;
+  }
+  return quotedTable;
+}
+
+// src/connectors/sqlite/index.ts
 var SQLiteDSNParser = class {
   async parse(dsn, config) {
     if (!this.isValidDSN(dsn)) {
@@ -1073,7 +1165,11 @@ var SQLiteConnector = class _SQLiteConnector {
     const parsedConfig = await this.dsnParser.parse(dsn, config);
     this.dbPath = parsedConfig.dbPath;
     try {
-      this.db = new Database(this.dbPath);
+      const dbOptions = {};
+      if (config?.readonly && this.dbPath !== ":memory:") {
+        dbOptions.readonly = true;
+      }
+      this.db = new Database(this.dbPath, dbOptions);
       console.error("Successfully connected to SQLite database");
       if (initScript) {
         this.db.exec(initScript);
@@ -1158,16 +1254,18 @@ var SQLiteConnector = class _SQLiteConnector {
         AND tbl_name = ?
       `
       ).all(tableName);
-      const indexListRows = this.db.prepare(`PRAGMA index_list(${tableName})`).all();
+      const quotedTableName = quoteIdentifier(tableName, "sqlite");
+      const indexListRows = this.db.prepare(`PRAGMA index_list(${quotedTableName})`).all();
       const indexUniqueMap = /* @__PURE__ */ new Map();
       for (const indexListRow of indexListRows) {
         indexUniqueMap.set(indexListRow.name, indexListRow.unique === 1);
       }
-      const tableInfo = this.db.prepare(`PRAGMA table_info(${tableName})`).all();
+      const tableInfo = this.db.prepare(`PRAGMA table_info(${quotedTableName})`).all();
       const pkColumns = tableInfo.filter((col) => col.pk > 0).map((col) => col.name);
       const results = [];
       for (const indexInfo of indexInfoRows) {
-        const indexDetailRows = this.db.prepare(`PRAGMA index_info(${indexInfo.index_name})`).all();
+        const quotedIndexName = quoteIdentifier(indexInfo.index_name, "sqlite");
+        const indexDetailRows = this.db.prepare(`PRAGMA index_info(${quotedIndexName})`).all();
         const columnNames = indexDetailRows.map((row) => row.name);
         results.push({
           index_name: indexInfo.index_name,
@@ -1194,7 +1292,8 @@ var SQLiteConnector = class _SQLiteConnector {
       throw new Error("Not connected to SQLite database");
     }
     try {
-      const rows = this.db.prepare(`PRAGMA table_info(${tableName})`).all();
+      const quotedTableName = quoteIdentifier(tableName, "sqlite");
+      const rows = this.db.prepare(`PRAGMA table_info(${quotedTableName})`).all();
       const columns = rows.map((row) => ({
         column_name: row.name,
         data_type: row.type,
@@ -2629,6 +2728,17 @@ async function resolveSourceConfigs() {
   if (!isDemoMode()) {
     const tomlConfig = loadTomlConfig();
     if (tomlConfig) {
+      const idData = resolveId();
+      if (idData) {
+        throw new Error(
+          "The --id flag cannot be used with TOML configuration. TOML config defines source IDs directly. Either remove the --id flag or use command-line DSN configuration instead."
+        );
+      }
+      if (isReadOnlyMode()) {
+        throw new Error(
+          "The --readonly flag cannot be used with TOML configuration. TOML config defines readonly mode per-source using 'readonly = true'. Either remove the --readonly flag or use command-line DSN configuration instead."
+        );
+      }
       return tomlConfig;
     }
   }
@@ -2657,11 +2767,28 @@ async function resolveSourceConfigs() {
     } else {
       throw new Error(`Unsupported database type in DSN: ${protocol}`);
     }
+    const idData = resolveId();
+    const sourceId = idData?.id || "default";
     const source = {
-      id: "default",
+      id: sourceId,
       type: dbType,
       dsn: dsnResult.dsn
     };
+    const connectionInfo = parseConnectionInfoFromDSN(dsnResult.dsn);
+    if (connectionInfo) {
+      if (connectionInfo.host) {
+        source.host = connectionInfo.host;
+      }
+      if (connectionInfo.port !== void 0) {
+        source.port = connectionInfo.port;
+      }
+      if (connectionInfo.database) {
+        source.database = connectionInfo.database;
+      }
+      if (connectionInfo.user) {
+        source.user = connectionInfo.user;
+      }
+    }
     const sshResult = resolveSSHConfig();
     if (sshResult) {
       source.ssh_host = sshResult.config.host;
@@ -2832,6 +2959,26 @@ function processSourceConfigs(sources, configPath) {
     if (processed.dsn && processed.dsn.startsWith("sqlite:///~")) {
       processed.dsn = `sqlite:///${expandHomeDir(processed.dsn.substring(11))}`;
     }
+    if (processed.dsn) {
+      const connectionInfo = parseConnectionInfoFromDSN(processed.dsn);
+      if (connectionInfo) {
+        if (!processed.type && connectionInfo.type) {
+          processed.type = connectionInfo.type;
+        }
+        if (!processed.host && connectionInfo.host) {
+          processed.host = connectionInfo.host;
+        }
+        if (processed.port === void 0 && connectionInfo.port !== void 0) {
+          processed.port = connectionInfo.port;
+        }
+        if (!processed.database && connectionInfo.database) {
+          processed.database = connectionInfo.database;
+        }
+        if (!processed.user && connectionInfo.user) {
+          processed.user = connectionInfo.user;
+        }
+      }
+    }
     return processed;
   });
 }
@@ -2863,7 +3010,7 @@ function buildDSNFromSource(source) {
       `Source '${source.id}': missing required connection parameters. Required: type, host, user, password, database`
     );
   }
-  const port = source.port || (source.type === "postgres" ? 5432 : source.type === "mysql" || source.type === "mariadb" ? 3306 : source.type === "sqlserver" ? 1433 : void 0);
+  const port = source.port || getDefaultPortForType(source.type);
   if (!port) {
     throw new Error(`Source '${source.id}': unable to determine port`);
   }
@@ -2963,6 +3110,9 @@ var ConnectorManager = class {
     if (connector.id === "sqlserver" && source.request_timeout !== void 0) {
       config.requestTimeoutSeconds = source.request_timeout;
     }
+    if (source.readonly !== void 0) {
+      config.readonly = source.readonly;
+    }
     await connector.connect(actualDSN, source.init_script, config);
     this.connectors.set(sourceId, connector);
     this.sourceIds.push(sourceId);
@@ -3114,16 +3264,11 @@ var ConnectorManager = class {
    * Get default port for a database based on DSN protocol
    */
   getDefaultPort(dsn) {
-    if (dsn.startsWith("postgres://") || dsn.startsWith("postgresql://")) {
-      return 5432;
-    } else if (dsn.startsWith("mysql://")) {
-      return 3306;
-    } else if (dsn.startsWith("mariadb://")) {
-      return 3306;
-    } else if (dsn.startsWith("sqlserver://")) {
-      return 1433;
+    const type = getDatabaseTypeFromDSN(dsn);
+    if (!type) {
+      return 0;
     }
-    return 0;
+    return getDefaultPortForType(type) ?? 0;
   }
 };
 
@@ -3511,10 +3656,66 @@ var allowedKeywords = {
   sqlserver: ["select", "with", "explain", "showplan"]
 };
 
+// src/requests/store.ts
+var RequestStore = class {
+  constructor() {
+    this.store = /* @__PURE__ */ new Map();
+    this.maxPerSource = 100;
+  }
+  /**
+   * Add a request to the store
+   * Evicts oldest entry if at capacity
+   */
+  add(request) {
+    const requests = this.store.get(request.sourceId) ?? [];
+    requests.push(request);
+    if (requests.length > this.maxPerSource) {
+      requests.shift();
+    }
+    this.store.set(request.sourceId, requests);
+  }
+  /**
+   * Get requests, optionally filtered by source
+   * Returns newest first
+   */
+  getAll(sourceId) {
+    let requests;
+    if (sourceId) {
+      requests = [...this.store.get(sourceId) ?? []];
+    } else {
+      requests = Array.from(this.store.values()).flat();
+    }
+    return requests.sort(
+      (a, b) => new Date(b.timestamp).getTime() - new Date(a.timestamp).getTime()
+    );
+  }
+  /**
+   * Get total count of requests across all sources
+   */
+  getTotal() {
+    return Array.from(this.store.values()).reduce((sum, arr) => sum + arr.length, 0);
+  }
+  /**
+   * Clear all requests (useful for testing)
+   */
+  clear() {
+    this.store.clear();
+  }
+};
+
+// src/requests/index.ts
+var requestStore = new RequestStore();
+
 // src/tools/execute-sql.ts
+function getClientIdentifier(extra) {
+  const userAgent = extra?.requestInfo?.headers?.["user-agent"];
+  if (userAgent) {
+    return userAgent;
+  }
+  return "stdio";
+}
 var executeSqlSchema = {
-  sql: z.string().describe("SQL query or multiple SQL statements to execute (separated by semicolons)"),
-  source_id: z.string().optional().describe("Database source ID to execute the query against (optional, defaults to first configured source)")
+  sql: z.string().describe("SQL query or multiple SQL statements to execute (separated by semicolons)")
 };
 function splitSQLStatements(sql2) {
   return sql2.split(";").map((statement) => statement.trim()).filter((statement) => statement.length > 0);
@@ -3540,45 +3741,506 @@ function areAllStatementsReadOnly(sql2, connectorType) {
   const statements = splitSQLStatements(sql2);
   return statements.every((statement) => isReadOnlySQL(statement, connectorType));
 }
-async function executeSqlToolHandler({ sql: sql2, source_id }, _extra) {
+function createExecuteSqlToolHandler(sourceId) {
+  return async (args, extra) => {
+    const { sql: sql2 } = args;
+    const startTime = Date.now();
+    const effectiveSourceId = sourceId || "default";
+    let success = true;
+    let errorMessage;
+    let result;
+    try {
+      const connector = ConnectorManager.getCurrentConnector(sourceId);
+      const executeOptions = ConnectorManager.getCurrentExecuteOptions(sourceId);
+      const isReadonly = executeOptions.readonly === true;
+      if (isReadonly && !areAllStatementsReadOnly(sql2, connector.id)) {
+        errorMessage = `Read-only mode is enabled for source '${effectiveSourceId}'. Only the following SQL operations are allowed: ${allowedKeywords[connector.id]?.join(", ") || "none"}`;
+        success = false;
+        return createToolErrorResponse(errorMessage, "READONLY_VIOLATION");
+      }
+      result = await connector.executeSQL(sql2, executeOptions);
+      const responseData = {
+        rows: result.rows,
+        count: result.rows.length,
+        source_id: effectiveSourceId
+      };
+      return createToolSuccessResponse(responseData);
+    } catch (error) {
+      success = false;
+      errorMessage = error.message;
+      return createToolErrorResponse(errorMessage, "EXECUTION_ERROR");
+    } finally {
+      requestStore.add({
+        id: crypto.randomUUID(),
+        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+        sourceId: effectiveSourceId,
+        toolName: effectiveSourceId === "default" ? "execute_sql" : `execute_sql_${effectiveSourceId}`,
+        sql: sql2,
+        durationMs: Date.now() - startTime,
+        client: getClientIdentifier(extra),
+        success,
+        error: errorMessage
+      });
+    }
+  };
+}
+
+// src/tools/search-objects.ts
+import { z as z2 } from "zod";
+var searchDatabaseObjectsSchema = {
+  object_type: z2.enum(["schema", "table", "column", "procedure", "index"]).describe("Type of database object to search for"),
+  pattern: z2.string().optional().default("%").describe("Search pattern (SQL LIKE syntax: % for wildcard, _ for single char). Case-insensitive. Defaults to '%' (match all)."),
+  schema: z2.string().optional().describe("Filter results to a specific schema/database"),
+  detail_level: z2.enum(["names", "summary", "full"]).default("names").describe("Level of detail to return: names (minimal), summary (with metadata), full (complete structure)"),
+  limit: z2.number().int().positive().max(1e3).default(100).describe("Maximum number of results to return (default: 100, max: 1000)")
+};
+function likePatternToRegex(pattern) {
+  const escaped = pattern.replace(/[.*+?^${}()|[\]\\]/g, "\\$&").replace(/%/g, ".*").replace(/_/g, ".");
+  return new RegExp(`^${escaped}$`, "i");
+}
+async function getTableRowCount(connector, tableName, schemaName) {
   try {
-    const connector = ConnectorManager.getCurrentConnector(source_id);
-    const executeOptions = ConnectorManager.getCurrentExecuteOptions(source_id);
-    if (isReadOnlyMode() && !areAllStatementsReadOnly(sql2, connector.id)) {
+    const qualifiedTable = quoteQualifiedIdentifier(tableName, schemaName, connector.id);
+    const countQuery = `SELECT COUNT(*) as count FROM ${qualifiedTable}`;
+    const result = await connector.executeSQL(countQuery, { maxRows: 1 });
+    if (result.rows && result.rows.length > 0) {
+      return Number(result.rows[0].count || result.rows[0].COUNT || 0);
+    }
+  } catch (error) {
+    return null;
+  }
+  return null;
+}
+async function searchSchemas(connector, pattern, detailLevel, limit) {
+  const schemas = await connector.getSchemas();
+  const regex = likePatternToRegex(pattern);
+  const matched = schemas.filter((schema) => regex.test(schema)).slice(0, limit);
+  if (detailLevel === "names") {
+    return matched.map((name) => ({ name }));
+  }
+  const results = await Promise.all(
+    matched.map(async (schemaName) => {
+      try {
+        const tables = await connector.getTables(schemaName);
+        return {
+          name: schemaName,
+          table_count: tables.length
+        };
+      } catch (error) {
+        return {
+          name: schemaName,
+          table_count: 0
+        };
+      }
+    })
+  );
+  return results;
+}
+async function searchTables(connector, pattern, schemaFilter, detailLevel, limit) {
+  const regex = likePatternToRegex(pattern);
+  const results = [];
+  let schemasToSearch;
+  if (schemaFilter) {
+    schemasToSearch = [schemaFilter];
+  } else {
+    schemasToSearch = await connector.getSchemas();
+  }
+  for (const schemaName of schemasToSearch) {
+    if (results.length >= limit) break;
+    try {
+      const tables = await connector.getTables(schemaName);
+      const matched = tables.filter((table) => regex.test(table));
+      for (const tableName of matched) {
+        if (results.length >= limit) break;
+        if (detailLevel === "names") {
+          results.push({
+            name: tableName,
+            schema: schemaName
+          });
+        } else if (detailLevel === "summary") {
+          try {
+            const columns = await connector.getTableSchema(tableName, schemaName);
+            const rowCount = await getTableRowCount(connector, tableName, schemaName);
+            results.push({
+              name: tableName,
+              schema: schemaName,
+              column_count: columns.length,
+              row_count: rowCount
+            });
+          } catch (error) {
+            results.push({
+              name: tableName,
+              schema: schemaName,
+              column_count: null,
+              row_count: null
+            });
+          }
+        } else {
+          try {
+            const columns = await connector.getTableSchema(tableName, schemaName);
+            const indexes = await connector.getTableIndexes(tableName, schemaName);
+            const rowCount = await getTableRowCount(connector, tableName, schemaName);
+            results.push({
+              name: tableName,
+              schema: schemaName,
+              column_count: columns.length,
+              row_count: rowCount,
+              columns: columns.map((col) => ({
+                name: col.column_name,
+                type: col.data_type,
+                nullable: col.is_nullable === "YES",
+                default: col.column_default
+              })),
+              indexes: indexes.map((idx) => ({
+                name: idx.index_name,
+                columns: idx.column_names,
+                unique: idx.is_unique,
+                primary: idx.is_primary
+              }))
+            });
+          } catch (error) {
+            results.push({
+              name: tableName,
+              schema: schemaName,
+              error: `Unable to fetch full details: ${error.message}`
+            });
+          }
+        }
+      }
+    } catch (error) {
+      continue;
+    }
+  }
+  return results;
+}
+async function searchColumns(connector, pattern, schemaFilter, detailLevel, limit) {
+  const regex = likePatternToRegex(pattern);
+  const results = [];
+  let schemasToSearch;
+  if (schemaFilter) {
+    schemasToSearch = [schemaFilter];
+  } else {
+    schemasToSearch = await connector.getSchemas();
+  }
+  for (const schemaName of schemasToSearch) {
+    if (results.length >= limit) break;
+    try {
+      const tables = await connector.getTables(schemaName);
+      for (const tableName of tables) {
+        if (results.length >= limit) break;
+        try {
+          const columns = await connector.getTableSchema(tableName, schemaName);
+          const matchedColumns = columns.filter((col) => regex.test(col.column_name));
+          for (const column of matchedColumns) {
+            if (results.length >= limit) break;
+            if (detailLevel === "names") {
+              results.push({
+                name: column.column_name,
+                table: tableName,
+                schema: schemaName
+              });
+            } else {
+              results.push({
+                name: column.column_name,
+                table: tableName,
+                schema: schemaName,
+                type: column.data_type,
+                nullable: column.is_nullable === "YES",
+                default: column.column_default
+              });
+            }
+          }
+        } catch (error) {
+          continue;
+        }
+      }
+    } catch (error) {
+      continue;
+    }
+  }
+  return results;
+}
+async function searchProcedures(connector, pattern, schemaFilter, detailLevel, limit) {
+  const regex = likePatternToRegex(pattern);
+  const results = [];
+  let schemasToSearch;
+  if (schemaFilter) {
+    schemasToSearch = [schemaFilter];
+  } else {
+    schemasToSearch = await connector.getSchemas();
+  }
+  for (const schemaName of schemasToSearch) {
+    if (results.length >= limit) break;
+    try {
+      const procedures = await connector.getStoredProcedures(schemaName);
+      const matched = procedures.filter((proc) => regex.test(proc));
+      for (const procName of matched) {
+        if (results.length >= limit) break;
+        if (detailLevel === "names") {
+          results.push({
+            name: procName,
+            schema: schemaName
+          });
+        } else {
+          try {
+            const details = await connector.getStoredProcedureDetail(procName, schemaName);
+            results.push({
+              name: procName,
+              schema: schemaName,
+              type: details.procedure_type,
+              language: details.language,
+              parameters: detailLevel === "full" ? details.parameter_list : void 0,
+              return_type: details.return_type,
+              definition: detailLevel === "full" ? details.definition : void 0
+            });
+          } catch (error) {
+            results.push({
+              name: procName,
+              schema: schemaName,
+              error: `Unable to fetch details: ${error.message}`
+            });
+          }
+        }
+      }
+    } catch (error) {
+      continue;
+    }
+  }
+  return results;
+}
+async function searchIndexes(connector, pattern, schemaFilter, detailLevel, limit) {
+  const regex = likePatternToRegex(pattern);
+  const results = [];
+  let schemasToSearch;
+  if (schemaFilter) {
+    schemasToSearch = [schemaFilter];
+  } else {
+    schemasToSearch = await connector.getSchemas();
+  }
+  for (const schemaName of schemasToSearch) {
+    if (results.length >= limit) break;
+    try {
+      const tables = await connector.getTables(schemaName);
+      for (const tableName of tables) {
+        if (results.length >= limit) break;
+        try {
+          const indexes = await connector.getTableIndexes(tableName, schemaName);
+          const matchedIndexes = indexes.filter((idx) => regex.test(idx.index_name));
+          for (const index of matchedIndexes) {
+            if (results.length >= limit) break;
+            if (detailLevel === "names") {
+              results.push({
+                name: index.index_name,
+                table: tableName,
+                schema: schemaName
+              });
+            } else {
+              results.push({
+                name: index.index_name,
+                table: tableName,
+                schema: schemaName,
+                columns: index.column_names,
+                unique: index.is_unique,
+                primary: index.is_primary
+              });
+            }
+          }
+        } catch (error) {
+          continue;
+        }
+      }
+    } catch (error) {
+      continue;
+    }
+  }
+  return results;
+}
+function createSearchDatabaseObjectsToolHandler(sourceId) {
+  return async (args, _extra) => {
+    const {
+      object_type,
+      pattern = "%",
+      schema,
+      detail_level = "names",
+      limit = 100
+    } = args;
+    try {
+      const connector = ConnectorManager.getCurrentConnector(sourceId);
+      if (schema) {
+        const schemas = await connector.getSchemas();
+        if (!schemas.includes(schema)) {
+          return createToolErrorResponse(
+            `Schema '${schema}' does not exist. Available schemas: ${schemas.join(", ")}`,
+            "SCHEMA_NOT_FOUND"
+          );
+        }
+      }
+      let results = [];
+      switch (object_type) {
+        case "schema":
+          results = await searchSchemas(connector, pattern, detail_level, limit);
+          break;
+        case "table":
+          results = await searchTables(connector, pattern, schema, detail_level, limit);
+          break;
+        case "column":
+          results = await searchColumns(connector, pattern, schema, detail_level, limit);
+          break;
+        case "procedure":
+          results = await searchProcedures(connector, pattern, schema, detail_level, limit);
+          break;
+        case "index":
+          results = await searchIndexes(connector, pattern, schema, detail_level, limit);
+          break;
+        default:
+          return createToolErrorResponse(
+            `Unsupported object_type: ${object_type}`,
+            "INVALID_OBJECT_TYPE"
+          );
+      }
+      return createToolSuccessResponse({
+        object_type,
+        pattern,
+        schema,
+        detail_level,
+        count: results.length,
+        results,
+        truncated: results.length === limit
+      });
+    } catch (error) {
       return createToolErrorResponse(
-        `Read-only mode is enabled. Only the following SQL operations are allowed: ${allowedKeywords[connector.id]?.join(", ") || "none"}`,
-        "READONLY_VIOLATION"
+        `Error searching database objects: ${error.message}`,
+        "SEARCH_ERROR"
       );
     }
-    const result = await connector.executeSQL(sql2, executeOptions);
-    const responseData = {
-      rows: result.rows,
-      count: result.rows.length,
-      source_id: source_id || "(default)"
-      // Include source_id in response for clarity
-    };
-    return createToolSuccessResponse(responseData);
-  } catch (error) {
-    return createToolErrorResponse(error.message, "EXECUTION_ERROR");
+  };
+}
+
+// src/utils/tool-metadata.ts
+import { z as z3 } from "zod";
+
+// src/utils/normalize-id.ts
+function normalizeSourceId(id) {
+  return id.replace(/[^a-zA-Z0-9]/g, "_");
+}
+
+// src/utils/tool-metadata.ts
+function zodToParameters(schema) {
+  const parameters = [];
+  for (const [key, zodType] of Object.entries(schema)) {
+    const description = zodType.description || "";
+    const required = !(zodType instanceof z3.ZodOptional);
+    let type = "string";
+    if (zodType instanceof z3.ZodString) {
+      type = "string";
+    } else if (zodType instanceof z3.ZodNumber) {
+      type = "number";
+    } else if (zodType instanceof z3.ZodBoolean) {
+      type = "boolean";
+    } else if (zodType instanceof z3.ZodArray) {
+      type = "array";
+    } else if (zodType instanceof z3.ZodObject) {
+      type = "object";
+    }
+    parameters.push({
+      name: key,
+      type,
+      required,
+      description
+    });
   }
+  return parameters;
+}
+function getToolMetadataForSource(sourceId) {
+  const sourceIds = ConnectorManager.getAvailableSourceIds();
+  const sourceConfig = ConnectorManager.getSourceConfig(sourceId);
+  const executeOptions = ConnectorManager.getCurrentExecuteOptions(sourceId);
+  const dbType = sourceConfig?.type || "database";
+  const toolName = sourceId === "default" ? "execute_sql" : `execute_sql_${normalizeSourceId(sourceId)}`;
+  const isDefault = sourceIds[0] === sourceId;
+  const title = isDefault ? `Execute SQL (${dbType})` : `Execute SQL on ${sourceId} (${dbType})`;
+  const readonlyNote = executeOptions.readonly ? " [READ-ONLY MODE]" : "";
+  const maxRowsNote = executeOptions.maxRows ? ` (limited to ${executeOptions.maxRows} rows)` : "";
+  const description = `Execute SQL queries on the '${sourceId}' ${dbType} database${isDefault ? " (default)" : ""}${readonlyNote}${maxRowsNote}`;
+  const isReadonly = executeOptions.readonly === true;
+  const annotations = {
+    title,
+    readOnlyHint: isReadonly,
+    destructiveHint: !isReadonly,
+    // Can be destructive if not readonly
+    // In readonly mode, queries are more predictable (though still not strictly idempotent due to data changes)
+    // In write mode, queries are definitely not idempotent
+    idempotentHint: false,
+    // In readonly mode, it's safer to operate on arbitrary tables (just reading)
+    // In write mode, operating on arbitrary tables is more dangerous
+    openWorldHint: isReadonly
+  };
+  return {
+    name: toolName,
+    description,
+    schema: executeSqlSchema,
+    annotations
+  };
+}
+function getToolsForSource(sourceId) {
+  const metadata = getToolMetadataForSource(sourceId);
+  const parameters = zodToParameters(metadata.schema);
+  return [
+    {
+      name: metadata.name,
+      description: metadata.description,
+      parameters
+    }
+  ];
 }
 
 // src/tools/index.ts
-function registerTools(server, id) {
-  const toolName = id ? `execute_sql_${id}` : "execute_sql";
-  server.tool(
-    toolName,
-    "Execute a SQL query on the current database",
-    executeSqlSchema,
-    executeSqlToolHandler
-  );
+function registerTools(server) {
+  const sourceIds = ConnectorManager.getAvailableSourceIds();
+  if (sourceIds.length === 0) {
+    throw new Error("No database sources configured");
+  }
+  for (const sourceId of sourceIds) {
+    const isDefault = sourceIds[0] === sourceId;
+    const sourceConfig = ConnectorManager.getSourceConfig(sourceId);
+    const dbType = sourceConfig?.type || "database";
+    const executeSqlMetadata = getToolMetadataForSource(sourceId);
+    server.registerTool(
+      executeSqlMetadata.name,
+      {
+        description: executeSqlMetadata.description,
+        inputSchema: executeSqlMetadata.schema,
+        annotations: executeSqlMetadata.annotations
+      },
+      createExecuteSqlToolHandler(sourceId)
+    );
+    const searchToolName = sourceId === "default" ? "search_objects" : `search_objects_${sourceId}`;
+    const searchToolTitle = isDefault ? `Search Database Objects (${dbType})` : `Search Database Objects on ${sourceId} (${dbType})`;
+    const searchToolDescription = `Search and list database objects (schemas, tables, columns, procedures, indexes) on the '${sourceId}' ${dbType} database${isDefault ? " (default)" : ""}. Supports SQL LIKE patterns (default: '%' for all), filtering, and token-efficient progressive disclosure.`;
+    server.registerTool(
+      searchToolName,
+      {
+        description: searchToolDescription,
+        inputSchema: searchDatabaseObjectsSchema,
+        annotations: {
+          title: searchToolTitle,
+          readOnlyHint: true,
+          destructiveHint: false,
+          idempotentHint: true,
+          // Operation is read-only and idempotent
+          openWorldHint: true
+        }
+      },
+      createSearchDatabaseObjectsToolHandler(sourceId)
+    );
+  }
 }
 
 // src/prompts/sql-generator.ts
-import { z as z2 } from "zod";
+import { z as z4 } from "zod";
 var sqlGeneratorSchema = {
-  description: z2.string().describe("Natural language description of the SQL query to generate"),
-  schema: z2.string().optional().describe("Optional database schema to use")
+  description: z4.string().describe("Natural language description of the SQL query to generate"),
+  schema: z4.string().optional().describe("Optional database schema to use")
 };
 async function sqlGeneratorPromptHandler({
   description,
@@ -3745,10 +4407,10 @@ LIMIT 10;`;
 }
 
 // src/prompts/db-explainer.ts
-import { z as z3 } from "zod";
+import { z as z5 } from "zod";
 var dbExplainerSchema = {
-  schema: z3.string().optional().describe("Optional database schema to use"),
-  table: z3.string().optional().describe("Optional specific table to explain")
+  schema: z5.string().optional().describe("Optional database schema to use"),
+  table: z5.string().optional().describe("Optional specific table to explain")
 };
 async function dbExplainerPromptHandler({
   schema,
@@ -4036,6 +4698,7 @@ function transformSourceConfig(source, isDefault) {
     }
     dataSource.ssh_tunnel = sshTunnel;
   }
+  dataSource.tools = getToolsForSource(source.id);
   return dataSource;
 }
 function listSources(req, res) {
@@ -4079,6 +4742,23 @@ function getSource(req, res) {
   }
 }
 
+// src/api/requests.ts
+function listRequests(req, res) {
+  try {
+    const sourceId = req.query.source_id;
+    const requests = requestStore.getAll(sourceId);
+    res.json({
+      requests,
+      total: requests.length
+    });
+  } catch (error) {
+    console.error("Error listing requests:", error);
+    res.status(500).json({
+      error: error instanceof Error ? error.message : "Internal server error"
+    });
+  }
+}
+
 // src/server.ts
 var __filename2 = fileURLToPath2(import.meta.url);
 var __dirname2 = path3.dirname(__filename2);
@@ -4101,12 +4781,10 @@ v${version}${modeText} - Universal Database MCP Server
 }
 async function main() {
   try {
-    const idData = resolveId();
-    const id = idData?.id;
     const sourceConfigsData = await resolveSourceConfigs();
     if (!sourceConfigsData) {
       const samples = ConnectorRegistry.getAllSampleDSNs();
-      const sampleFormats = Object.entries(samples).map(([id2, dsn]) => `  - ${id2}: ${dsn}`).join("\n");
+      const sampleFormats = Object.entries(samples).map(([id, dsn]) => `  - ${id}: ${dsn}`).join("\n");
       console.error(`
 ERROR: Database connection configuration is required.
 Please provide configuration in one of these ways (in order of priority):
@@ -4135,16 +4813,13 @@ See documentation for more details on configuring database connections.
         version: SERVER_VERSION
       });
       registerResources(server);
-      registerTools(server, id);
+      registerTools(server);
       registerPrompts(server);
       return server;
     };
     const connectorManager = new ConnectorManager();
     const sources = sourceConfigsData.sources;
     console.error(`Configuration source: ${sourceConfigsData.source}`);
-    if (idData) {
-      console.error(`ID: ${idData.id} (from ${idData.source})`);
-    }
     console.error(`Connecting to ${sources.length} database source(s)...`);
     for (const source of sources) {
       const dsn = source.dsn || buildDSNFromSource(source);
@@ -4201,13 +4876,20 @@ See documentation for more details on configuring database connections.
       });
       app.get("/api/sources", listSources);
       app.get("/api/sources/:sourceId", getSource);
+      app.get("/api/requests", listRequests);
+      app.get("/mcp", (req, res) => {
+        res.status(405).json({
+          error: "Method Not Allowed",
+          message: "SSE streaming is not supported in stateless mode. Use POST requests with JSON responses."
+        });
+      });
       app.post("/mcp", async (req, res) => {
         try {
           const transport = new StreamableHTTPServerTransport({
             sessionIdGenerator: void 0,
             // Disable session management for stateless mode
-            enableJsonResponse: false
-            // Use SSE streaming
+            enableJsonResponse: true
+            // Use JSON responses (SSE not supported in stateless mode)
           });
           const server = createServer2();
           await server.connect(transport);
@@ -4219,9 +4901,11 @@ See documentation for more details on configuring database connections.
           }
         }
       });
-      app.get("*", (req, res) => {
-        res.sendFile(path3.join(frontendPath, "index.html"));
-      });
+      if (process.env.NODE_ENV !== "development") {
+        app.get("*", (req, res) => {
+          res.sendFile(path3.join(frontendPath, "index.html"));
+        });
+      }
       app.listen(port, "0.0.0.0", () => {
         if (process.env.NODE_ENV === "development") {
           console.error("Development mode detected!");