npm - @reasoningco/infer - Versions diffs - 0.0.2 - Mend

@reasoningco/infer 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (59) hide show

package/LICENSE +21 -0
package/README.md +42 -0
package/dist/catalog.d.ts +39 -0
package/dist/catalog.d.ts.map +1 -0
package/dist/catalog.js +249 -0
package/dist/catalog.js.map +1 -0
package/dist/connectors.d.ts +63 -0
package/dist/connectors.d.ts.map +1 -0
package/dist/connectors.js +263 -0
package/dist/connectors.js.map +1 -0
package/dist/dates.d.ts +35 -0
package/dist/dates.d.ts.map +1 -0
package/dist/dates.js +293 -0
package/dist/dates.js.map +1 -0
package/dist/entity-resolver.d.ts +29 -0
package/dist/entity-resolver.d.ts.map +1 -0
package/dist/entity-resolver.js +91 -0
package/dist/entity-resolver.js.map +1 -0
package/dist/errors.d.ts +10 -0
package/dist/errors.d.ts.map +1 -0
package/dist/errors.js +28 -0
package/dist/errors.js.map +1 -0
package/dist/index.d.ts +43 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +240 -0
package/dist/index.js.map +1 -0
package/dist/llm.d.ts +50 -0
package/dist/llm.d.ts.map +1 -0
package/dist/llm.js +311 -0
package/dist/llm.js.map +1 -0
package/dist/query-validator.d.ts +6 -0
package/dist/query-validator.d.ts.map +1 -0
package/dist/query-validator.js +136 -0
package/dist/query-validator.js.map +1 -0
package/dist/schemas.d.ts +170 -0
package/dist/schemas.d.ts.map +1 -0
package/dist/schemas.js +44 -0
package/dist/schemas.js.map +1 -0
package/dist/security.d.ts +9 -0
package/dist/security.d.ts.map +1 -0
package/dist/security.js +97 -0
package/dist/security.js.map +1 -0
package/dist/sql-builder.d.ts +5 -0
package/dist/sql-builder.d.ts.map +1 -0
package/dist/sql-builder.js +121 -0
package/dist/sql-builder.js.map +1 -0
package/dist/sql-validator.d.ts +8 -0
package/dist/sql-validator.d.ts.map +1 -0
package/dist/sql-validator.js +160 -0
package/dist/sql-validator.js.map +1 -0
package/dist/testing.d.ts +22 -0
package/dist/testing.d.ts.map +1 -0
package/dist/testing.js +78 -0
package/dist/testing.js.map +1 -0
package/dist/types.d.ts +214 -0
package/dist/types.d.ts.map +1 -0
package/dist/types.js +27 -0
package/dist/types.js.map +1 -0
package/package.json +72 -0

package/dist/schemas.js ADDED Viewed

@@ -0,0 +1,44 @@
+import { z } from "zod";
+// ── Filter schema ──
+export const FilterSchema = z.object({
+    field: z.string(),
+    op: z.enum(["=", "!=", ">", "<", ">=", "<=", "in", "not_in", "like", "ilike"]),
+    value: z.union([
+        z.string(),
+        z.number(),
+        z.boolean(),
+        z.array(z.union([z.string(), z.number()])),
+    ]),
+});
+// ── Entity filter schema ──
+export const EntityFilterSchema = z.object({
+    resolver: z.string(),
+    input: z.string(),
+    outputColumn: z.string(),
+});
+// ── Date range schema ──
+export const DateRangeSchema = z.object({
+    mode: z.enum(["relative", "explicit", "latest", "none"]),
+    phrase: z.string().optional(),
+    startDate: z.string().optional(),
+    endDate: z.string().optional(),
+});
+// ── Order-by schema ──
+export const OrderBySchema = z.object({
+    field: z.string(),
+    dir: z.enum(["asc", "desc"]).default("asc"),
+});
+// ── Smart query plan schema ──
+export const SmartQueryPlanSchema = z.object({
+    dataset: z.string(),
+    select: z.array(z.string()).optional().default([]),
+    metrics: z.array(z.string()).optional().default([]),
+    groupBy: z.array(z.string()).optional().default([]),
+    filters: z.array(FilterSchema).optional().default([]),
+    entityFilters: z.array(EntityFilterSchema).optional().default([]),
+    dateRange: DateRangeSchema.optional(),
+    orderBy: z.array(OrderBySchema).optional().default([]),
+    limit: z.number().int().positive().max(200).optional(),
+    answerMode: z.enum(["rows", "aggregate_table", "scalar"]).optional().default("rows"),
+});
+//# sourceMappingURL=schemas.js.map

package/dist/schemas.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"schemas.js","sourceRoot":"","sources":["../src/schemas.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,sBAAsB;AAEtB,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC;IACnC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;IACjB,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;IAC9E,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC;QACb,CAAC,CAAC,MAAM,EAAE;QACV,CAAC,CAAC,MAAM,EAAE;QACV,CAAC,CAAC,OAAO,EAAE;QACX,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;KAC3C,CAAC;CACH,CAAC,CAAC;AAEH,6BAA6B;AAE7B,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;IACzC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;IACpB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;IACjB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;CACzB,CAAC,CAAC;AAEH,0BAA0B;AAE1B,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC,MAAM,CAAC;IACtC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;IACxD,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC7B,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAChC,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CAC/B,CAAC,CAAC;AAEH,wBAAwB;AAExB,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,CAAC,MAAM,CAAC;IACpC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;IACjB,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC;CAC5C,CAAC,CAAC;AAEH,gCAAgC;AAEhC,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC3C,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,MAAM,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IAClD,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IACnD,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IACnD,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IACrD,aAAa,EAAE,CAAC,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IACjE,SAAS,EAAE,eAAe,CAAC,QAAQ,EAAE;IACrC,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IACtD,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;IACtD,UAAU,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,iBAAiB,EAAE,QAAQ,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC;CACrF,CAAC,CAAC"}

package/dist/security.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+export declare function validateInput(input: string): void;
+export type ClassificationResult = {
+    safe: boolean;
+    confidence: number;
+    reason?: string;
+};
+export declare function classifyInjection(input: string): ClassificationResult;
+export declare function sanitizeResult(rows: Record<string, unknown>[], sensitiveColumns: readonly string[]): Record<string, unknown>[];
+//# sourceMappingURL=security.d.ts.map

package/dist/security.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../src/security.ts"],"names":[],"mappings":"AAaA,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAkBjD;AAGD,MAAM,MAAM,oBAAoB,GAAG;IACjC,IAAI,EAAE,OAAO,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,CAAC;AAuCF,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,oBAAoB,CAkBrE;AAGD,wBAAgB,cAAc,CAC5B,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,EAC/B,gBAAgB,EAAE,SAAS,MAAM,EAAE,GAClC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAY3B"}

package/dist/security.js ADDED Viewed

@@ -0,0 +1,97 @@
+import { InferError } from './errors.js';
+// ── Input validation ──
+const MAX_INPUT_LENGTH = 500;
+// PII patterns
+const PII_PATTERNS = [
+    /\b\d{3}-\d{2}-\d{4}\b/, // SSN
+    /\b\d{4}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4}\b/, // Credit card
+    /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z]{2,}\b/i, // Email
+    /\b\d{3}[-.]?\d{3}[-.]?\d{4}\b/, // Phone number
+];
+export function validateInput(input) {
+    if (input.length > MAX_INPUT_LENGTH) {
+        throw new InferError('INPUT_TOO_LONG', 'input', `Input exceeds maximum length of ${MAX_INPUT_LENGTH} characters`);
+    }
+    if (input.trim().length === 0) {
+        throw new InferError('INPUT_TOO_LONG', 'input', 'Input cannot be empty');
+    }
+    // Check for PII
+    for (const pattern of PII_PATTERNS) {
+        if (pattern.test(input)) {
+            throw new InferError('INPUT_PII_DETECTED', 'input', 'Input appears to contain personal information');
+        }
+    }
+    // Check for prompt injection
+    const result = classifyInjection(input);
+    if (!result.safe) {
+        throw new InferError('INPUT_INJECTION_BLOCKED', 'input', 'Input blocked by security classifier');
+    }
+}
+const INJECTION_PATTERNS = [
+    { pattern: /ignore\s+(all\s+)?previous\s+instructions/i, reason: 'instruction override attempt' },
+    { pattern: /you\s+are\s+now/i, reason: 'role reassignment attempt' },
+    { pattern: /system\s*prompt/i, reason: 'system prompt probe' },
+    { pattern: /\bDROP\b/i, reason: 'SQL DROP keyword' },
+    { pattern: /\bDELETE\s+FROM\b/i, reason: 'SQL DELETE keyword' },
+    { pattern: /\bINSERT\s+INTO\b/i, reason: 'SQL INSERT keyword' },
+    { pattern: /\bUPDATE\b.*\bSET\b/i, reason: 'SQL UPDATE keyword' },
+    { pattern: /\bALTER\b/i, reason: 'SQL ALTER keyword' },
+    { pattern: /\bTRUNCATE\b/i, reason: 'SQL TRUNCATE keyword' },
+    { pattern: /\bGRANT\b/i, reason: 'SQL GRANT keyword' },
+    { pattern: /\bREVOKE\b/i, reason: 'SQL REVOKE keyword' },
+    { pattern: /\bpg_catalog\b/i, reason: 'system catalog reference' },
+    { pattern: /\binformation_schema\b/i, reason: 'information schema reference' },
+    { pattern: /\bpg_shadow\b/i, reason: 'pg_shadow reference' },
+    { pattern: /\bpg_stat\b/i, reason: 'pg_stat reference' },
+    { pattern: /\breturn\s+(json|sql|raw)\b/i, reason: 'output format manipulation' },
+    { pattern: /\bpg_sleep\b/i, reason: 'pg_sleep DoS attempt' },
+    { pattern: /\bpg_read_file\b/i, reason: 'file read attempt' },
+    { pattern: /\bdblink\b/i, reason: 'dblink access attempt' },
+    { pattern: /\blo_import\b|\blo_export\b/i, reason: 'large object manipulation' },
+    { pattern: /\bpg_terminate_backend\b/i, reason: 'backend termination attempt' },
+    { pattern: /\bCOPY\b.*\bTO\b/i, reason: 'COPY command' },
+    { pattern: /\bEXPLAIN\b/i, reason: 'EXPLAIN command' },
+    { pattern: /;\s*(DROP|DELETE|INSERT|UPDATE|ALTER)/i, reason: 'SQL injection via semicolon' },
+    { pattern: /'\s*(OR|AND)\s+'?\d*'?\s*=\s*'?\d*'?/i, reason: 'SQL injection via tautology' },
+    { pattern: /\bunion\s+select\b/i, reason: 'UNION injection' },
+    { pattern: /<!--.*-->/i, reason: 'HTML comment injection' },
+    { pattern: /\{\{.*\}\}/i, reason: 'template injection' },
+    { pattern: /\bact\s+as\b/i, reason: 'role play attempt' },
+    { pattern: /\bpretend\s+(to\s+be|you're|you\s+are)\b/i, reason: 'role play attempt' },
+    { pattern: /\bdo\s+not\s+follow\b/i, reason: 'instruction override attempt' },
+    { pattern: /\boverride\b.*\brules?\b/i, reason: 'rule override attempt' },
+    { pattern: /\bjailbreak\b/i, reason: 'jailbreak attempt' },
+    { pattern: /\bDAN\b.*\bmode\b/i, reason: 'DAN mode attempt' },
+];
+export function classifyInjection(input) {
+    // Normalize via NFKC before checking
+    const normalized = input.normalize('NFKC');
+    for (const { pattern, reason } of INJECTION_PATTERNS) {
+        if (pattern.test(normalized)) {
+            return { safe: false, confidence: 0.95, reason };
+        }
+    }
+    // Structural analysis: high ratio of SQL tokens to natural language
+    const sqlTokens = (normalized.match(/\b(SELECT|FROM|WHERE|JOIN|GROUP|ORDER|HAVING|UNION|INSERT|DELETE|UPDATE|DROP|ALTER|CREATE|SET|LIMIT)\b/gi) || []).length;
+    const wordCount = normalized.split(/\s+/).length;
+    if (wordCount > 3 && sqlTokens / wordCount > 0.4) {
+        return { safe: false, confidence: 0.8, reason: 'high SQL token density' };
+    }
+    return { safe: true, confidence: 0.95 };
+}
+// ── Result sanitization ──
+export function sanitizeResult(rows, sensitiveColumns) {
+    if (sensitiveColumns.length === 0)
+        return rows;
+    const sensitiveSet = new Set(sensitiveColumns);
+    return rows.map(row => {
+        const sanitized = {};
+        for (const [key, value] of Object.entries(row)) {
+            if (!sensitiveSet.has(key)) {
+                sanitized[key] = value;
+            }
+        }
+        return sanitized;
+    });
+}
+//# sourceMappingURL=security.js.map

package/dist/security.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"security.js","sourceRoot":"","sources":["../src/security.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,yBAAyB;AACzB,MAAM,gBAAgB,GAAG,GAAG,CAAC;AAE7B,eAAe;AACf,MAAM,YAAY,GAAG;IACnB,uBAAuB,EAAqB,MAAM;IAClD,4CAA4C,EAAE,cAAc;IAC5D,kDAAkD,EAAE,QAAQ;IAC5D,+BAA+B,EAAa,eAAe;CAC5D,CAAC;AAEF,MAAM,UAAU,aAAa,CAAC,KAAa;IACzC,IAAI,KAAK,CAAC,MAAM,GAAG,gBAAgB,EAAE,CAAC;QACpC,MAAM,IAAI,UAAU,CAAC,gBAAgB,EAAE,OAAO,EAAE,mCAAmC,gBAAgB,aAAa,CAAC,CAAC;IACpH,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,UAAU,CAAC,gBAAgB,EAAE,OAAO,EAAE,uBAAuB,CAAC,CAAC;IAC3E,CAAC;IACD,gBAAgB;IAChB,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;QACnC,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,IAAI,UAAU,CAAC,oBAAoB,EAAE,OAAO,EAAE,+CAA+C,CAAC,CAAC;QACvG,CAAC;IACH,CAAC;IACD,6BAA6B;IAC7B,MAAM,MAAM,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC;IACxC,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACjB,MAAM,IAAI,UAAU,CAAC,yBAAyB,EAAE,OAAO,EAAE,sCAAsC,CAAC,CAAC;IACnG,CAAC;AACH,CAAC;AASD,MAAM,kBAAkB,GAA0C;IAChE,EAAE,OAAO,EAAE,4CAA4C,EAAE,MAAM,EAAE,8BAA8B,EAAE;IACjG,EAAE,OAAO,EAAE,kBAAkB,EAAE,MAAM,EAAE,2BAA2B,EAAE;IACpE,EAAE,OAAO,EAAE,kBAAkB,EAAE,MAAM,EAAE,qBAAqB,EAAE;IAC9D,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,kBAAkB,EAAE;IACpD,EAAE,OAAO,EAAE,oBAAoB,EAAE,MAAM,EAAE,oBAAoB,EAAE;IAC/D,EAAE,OAAO,EAAE,oBAAoB,EAAE,MAAM,EAAE,oBAAoB,EAAE;IAC/D,EAAE,OAAO,EAAE,sBAAsB,EAAE,MAAM,EAAE,oBAAoB,EAAE;IACjE,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,mBAAmB,EAAE;IACtD,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,sBAAsB,EAAE;IAC5D,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,mBAAmB,EAAE;IACtD,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,oBAAoB,EAAE;IACxD,EAAE,OAAO,EAAE,iBAAiB,EAAE,MAAM,EAAE,0BAA0B,EAAE;IAClE,EAAE,OAAO,EAAE,yBAAyB,EAAE,MAAM,EAAE,8BAA8B,EAAE;IAC9E,EAAE,OAAO,EAAE,gBAAgB,EAAE,MAAM,EAAE,qBAAqB,EAAE;IAC5D,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,mBAAmB,EAAE;IACxD,EAAE,OAAO,EAAE,8BAA8B,EAAE,MAAM,EAAE,4BAA4B,EAAE;IACjF,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,sBAAsB,EAAE;IAC5D,EAAE,OAAO,EAAE,mBAAmB,EAAE,MAAM,EAAE,mBAAmB,EAAE;IAC7D,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,uBAAuB,EAAE;IAC3D,EAAE,OAAO,EAAE,8BAA8B,EAAE,MAAM,EAAE,2BAA2B,EAAE;IAChF,EAAE,OAAO,EAAE,2BAA2B,EAAE,MAAM,EAAE,6BAA6B,EAAE;IAC/E,EAAE,OAAO,EAAE,mBAAmB,EAAE,MAAM,EAAE,cAAc,EAAE;IACxD,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,iBAAiB,EAAE;IACtD,EAAE,OAAO,EAAE,wCAAwC,EAAE,MAAM,EAAE,6BAA6B,EAAE;IAC5F,EAAE,OAAO,EAAE,uCAAuC,EAAE,MAAM,EAAE,6BAA6B,EAAE;IAC3F,EAAE,OAAO,EAAE,qBAAqB,EAAE,MAAM,EAAE,iBAAiB,EAAE;IAC7D,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,wBAAwB,EAAE;IAC3D,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,oBAAoB,EAAE;IACxD,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,mBAAmB,EAAE;IACzD,EAAE,OAAO,EAAE,2CAA2C,EAAE,MAAM,EAAE,mBAAmB,EAAE;IACrF,EAAE,OAAO,EAAE,wBAAwB,EAAE,MAAM,EAAE,8BAA8B,EAAE;IAC7E,EAAE,OAAO,EAAE,2BAA2B,EAAE,MAAM,EAAE,uBAAuB,EAAE;IACzE,EAAE,OAAO,EAAE,gBAAgB,EAAE,MAAM,EAAE,mBAAmB,EAAE;IAC1D,EAAE,OAAO,EAAE,oBAAoB,EAAE,MAAM,EAAE,kBAAkB,EAAE;CAC9D,CAAC;AAEF,MAAM,UAAU,iBAAiB,CAAC,KAAa;IAC7C,qCAAqC;IACrC,MAAM,UAAU,GAAG,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IAE3C,KAAK,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,kBAAkB,EAAE,CAAC;QACrD,IAAI,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YAC7B,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;QACnD,CAAC;IACH,CAAC;IAED,oEAAoE;IACpE,MAAM,SAAS,GAAG,CAAC,UAAU,CAAC,KAAK,CAAC,0GAA0G,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;IAC9J,MAAM,SAAS,GAAG,UAAU,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC;IACjD,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,SAAS,GAAG,GAAG,EAAE,CAAC;QACjD,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,UAAU,EAAE,GAAG,EAAE,MAAM,EAAE,wBAAwB,EAAE,CAAC;IAC5E,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;AAC1C,CAAC;AAED,4BAA4B;AAC5B,MAAM,UAAU,cAAc,CAC5B,IAA+B,EAC/B,gBAAmC;IAEnC,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAC/C,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAC/C,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;QACpB,MAAM,SAAS,GAA4B,EAAE,CAAC;QAC9C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/C,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC3B,SAAS,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YACzB,CAAC;QACH,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/sql-builder.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import type { ValidatedSmartPlan, ExecutionContext, CompiledSQL } from './types.js';
+declare function quoteIdentifier(id: string): string;
+export { quoteIdentifier };
+export declare function compileSQL(plan: ValidatedSmartPlan, ctx: ExecutionContext): CompiledSQL;
+//# sourceMappingURL=sql-builder.d.ts.map

package/dist/sql-builder.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"sql-builder.d.ts","sourceRoot":"","sources":["../src/sql-builder.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAIpF,iBAAS,eAAe,CAAC,EAAE,EAAE,MAAM,GAAG,MAAM,CAM3C;AAED,OAAO,EAAE,eAAe,EAAE,CAAC;AAE3B,wBAAgB,UAAU,CAAC,IAAI,EAAE,kBAAkB,EAAE,GAAG,EAAE,gBAAgB,GAAG,WAAW,CAuGvF"}

package/dist/sql-builder.js ADDED Viewed

@@ -0,0 +1,121 @@
+import { InferError } from './errors.js';
+// Use pg driver's native escapeIdentifier pattern
+// Since we can't import pg at compile time (it's optional), we implement the safe quoting
+function quoteIdentifier(id) {
+    // Validate: identifiers must be alphanumeric + underscore (no SQL injection via identifiers)
+    if (!/^[a-zA-Z_][a-zA-Z0-9_]*$/.test(id)) {
+        throw new InferError('SQL_VALIDATION_FAILED', 'compiler', `Invalid identifier: ${id}`);
+    }
+    return `"${id.replace(/"/g, '""')}"`;
+}
+export { quoteIdentifier };
+export function compileSQL(plan, ctx) {
+    const params = [];
+    let paramIdx = 1;
+    // ── Build SELECT clause ──
+    let selectCols;
+    if (plan.metrics.length > 0) {
+        // Aggregate query: groupBy columns + metric expressions
+        const groupCols = plan.groupBy.map(col => quoteIdentifier(col));
+        const metricCols = plan.metrics.map(m => `${m.expression} AS ${quoteIdentifier(m.id)}`);
+        selectCols = [...groupCols, ...metricCols];
+    }
+    else if (plan.select.length > 0) {
+        // Raw row query: specific columns
+        selectCols = plan.select.map(col => quoteIdentifier(col));
+    }
+    else {
+        // Fallback: select all selectable columns from dataset
+        selectCols = plan.dataset.selectableColumns.map(col => quoteIdentifier(col));
+    }
+    if (selectCols.length === 0) {
+        throw new InferError('PLAN_INVALID', 'compiler', 'No columns to select');
+    }
+    // ── Build FROM clause ──
+    const fromTable = `${quoteIdentifier(plan.dataset.table.schema)}.${quoteIdentifier(plan.dataset.table.name)}`;
+    // ── Build WHERE clause ──
+    const whereParts = [];
+    // Tenant isolation (ALWAYS injected server-side)
+    params.push(ctx.tenantId);
+    whereParts.push(`"tenant_id" = $${paramIdx++}`);
+    // Location scoping (optional)
+    if (ctx.locationIds && ctx.locationIds.length > 0) {
+        params.push(ctx.locationIds);
+        whereParts.push(`"location_id" = ANY($${paramIdx++})`);
+    }
+    // Date range
+    if (plan.dateRange && plan.dataset.dateColumn) {
+        params.push(plan.dateRange.startDate);
+        whereParts.push(`${quoteIdentifier(plan.dataset.dateColumn)} >= $${paramIdx++}`);
+        params.push(plan.dateRange.endDate);
+        whereParts.push(`${quoteIdentifier(plan.dataset.dateColumn)} <= $${paramIdx++}`);
+    }
+    // User filters (parameterized)
+    for (const filter of plan.filters) {
+        const col = quoteIdentifier(filter.field);
+        const op = sanitizeOperator(filter.op);
+        if (op === 'IN' || op === 'NOT IN') {
+            // Array parameter
+            params.push(filter.value);
+            whereParts.push(`${col} ${op === 'NOT IN' ? 'NOT ' : ''}= ANY($${paramIdx++})`);
+        }
+        else if (op === 'LIKE' || op === 'ILIKE') {
+            params.push(filter.value);
+            whereParts.push(`${col} ${op} $${paramIdx++}`);
+        }
+        else {
+            params.push(filter.value);
+            whereParts.push(`${col} ${op} $${paramIdx++}`);
+        }
+    }
+    // Entity filters (resolved IDs)
+    for (const entity of plan.resolvedEntities) {
+        if (entity.resolvedIds.length > 0) {
+            const col = quoteIdentifier(entity.outputColumn);
+            params.push(entity.resolvedIds);
+            whereParts.push(`${col} = ANY($${paramIdx++})`);
+        }
+    }
+    const whereClause = whereParts.length > 0 ? whereParts.join(' AND ') : '1=1';
+    // ── Build GROUP BY ──
+    const groupBySql = plan.groupBy.length > 0
+        ? `GROUP BY ${plan.groupBy.map(col => quoteIdentifier(col)).join(', ')}`
+        : '';
+    // ── Build ORDER BY (direction whitelisted to ASC/DESC only) ──
+    const orderBySql = plan.orderBy.length > 0
+        ? `ORDER BY ${plan.orderBy.map(o => `${quoteIdentifier(o.field)} ${o.dir === 'desc' ? 'DESC' : 'ASC'}`).join(', ')}`
+        : '';
+    // ── LIMIT (always applied) ──
+    params.push(plan.limit);
+    const limitSql = `LIMIT $${paramIdx++}`;
+    // ── Assemble ──
+    const sql = [
+        `SELECT ${selectCols.join(', ')}`,
+        `FROM ${fromTable}`,
+        `WHERE ${whereClause}`,
+        groupBySql,
+        orderBySql,
+        limitSql,
+    ].filter(Boolean).join('\n');
+    return { sql, params };
+}
+function sanitizeOperator(op) {
+    const ALLOWED_OPS = {
+        '=': '=',
+        '!=': '!=',
+        '>': '>',
+        '<': '<',
+        '>=': '>=',
+        '<=': '<=',
+        'in': 'IN',
+        'not_in': 'NOT IN',
+        'like': 'LIKE',
+        'ilike': 'ILIKE',
+    };
+    const sanitized = ALLOWED_OPS[op];
+    if (!sanitized) {
+        throw new InferError('SQL_VALIDATION_FAILED', 'compiler', `Invalid operator: ${op}`);
+    }
+    return sanitized;
+}
+//# sourceMappingURL=sql-builder.js.map

package/dist/sql-builder.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"sql-builder.js","sourceRoot":"","sources":["../src/sql-builder.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAGzC,kDAAkD;AAClD,0FAA0F;AAC1F,SAAS,eAAe,CAAC,EAAU;IACjC,6FAA6F;IAC7F,IAAI,CAAC,0BAA0B,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;QACzC,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,UAAU,EAAE,uBAAuB,EAAE,EAAE,CAAC,CAAC;IACzF,CAAC;IACD,OAAO,IAAI,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,CAAC;AACvC,CAAC;AAED,OAAO,EAAE,eAAe,EAAE,CAAC;AAE3B,MAAM,UAAU,UAAU,CAAC,IAAwB,EAAE,GAAqB;IACxE,MAAM,MAAM,GAAc,EAAE,CAAC;IAC7B,IAAI,QAAQ,GAAG,CAAC,CAAC;IAEjB,4BAA4B;IAC5B,IAAI,UAAoB,CAAC;IACzB,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,wDAAwD;QACxD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC;QAChE,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,OAAO,eAAe,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QACxF,UAAU,GAAG,CAAC,GAAG,SAAS,EAAE,GAAG,UAAU,CAAC,CAAC;IAC7C,CAAC;SAAM,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAClC,kCAAkC;QAClC,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5D,CAAC;SAAM,CAAC;QACN,uDAAuD;QACvD,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,iBAAiB,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC;IAC/E,CAAC;IAED,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,UAAU,CAAC,cAAc,EAAE,UAAU,EAAE,sBAAsB,CAAC,CAAC;IAC3E,CAAC;IAED,0BAA0B;IAC1B,MAAM,SAAS,GAAG,GAAG,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;IAE9G,2BAA2B;IAC3B,MAAM,UAAU,GAAa,EAAE,CAAC;IAEhC,iDAAiD;IACjD,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC1B,UAAU,CAAC,IAAI,CAAC,kBAAkB,QAAQ,EAAE,EAAE,CAAC,CAAC;IAEhD,8BAA8B;IAC9B,IAAI,GAAG,CAAC,WAAW,IAAI,GAAG,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAClD,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC7B,UAAU,CAAC,IAAI,CAAC,wBAAwB,QAAQ,EAAE,GAAG,CAAC,CAAC;IACzD,CAAC;IAED,aAAa;IACb,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;QAC9C,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACtC,UAAU,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,QAAQ,EAAE,EAAE,CAAC,CAAC;QACjF,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACpC,UAAU,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,QAAQ,EAAE,EAAE,CAAC,CAAC;IACnF,CAAC;IAED,+BAA+B;IAC/B,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;QAClC,MAAM,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC1C,MAAM,EAAE,GAAG,gBAAgB,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAEvC,IAAI,EAAE,KAAK,IAAI,IAAI,EAAE,KAAK,QAAQ,EAAE,CAAC;YACnC,kBAAkB;YAClB,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC1B,UAAU,CAAC,IAAI,CAAC,GAAG,GAAG,IAAI,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,UAAU,QAAQ,EAAE,GAAG,CAAC,CAAC;QAClF,CAAC;aAAM,IAAI,EAAE,KAAK,MAAM,IAAI,EAAE,KAAK,OAAO,EAAE,CAAC;YAC3C,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC1B,UAAU,CAAC,IAAI,CAAC,GAAG,GAAG,IAAI,EAAE,KAAK,QAAQ,EAAE,EAAE,CAAC,CAAC;QACjD,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC1B,UAAU,CAAC,IAAI,CAAC,GAAG,GAAG,IAAI,EAAE,KAAK,QAAQ,EAAE,EAAE,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;IAED,gCAAgC;IAChC,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAC3C,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClC,MAAM,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YACjD,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YAChC,UAAU,CAAC,IAAI,CAAC,GAAG,GAAG,WAAW,QAAQ,EAAE,GAAG,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAED,MAAM,WAAW,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;IAE7E,uBAAuB;IACvB,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC;QACxC,CAAC,CAAC,YAAY,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QACxE,CAAC,CAAC,EAAE,CAAC;IAEP,gEAAgE;IAChE,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC;QACxC,CAAC,CAAC,YAAY,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAC/B,GAAG,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,EAAE,CACnE,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QAChB,CAAC,CAAC,EAAE,CAAC;IAEP,+BAA+B;IAC/B,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACxB,MAAM,QAAQ,GAAG,UAAU,QAAQ,EAAE,EAAE,CAAC;IAExC,iBAAiB;IACjB,MAAM,GAAG,GAAG;QACV,UAAU,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QACjC,QAAQ,SAAS,EAAE;QACnB,SAAS,WAAW,EAAE;QACtB,UAAU;QACV,UAAU;QACV,QAAQ;KACT,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAE7B,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC;AACzB,CAAC;AAED,SAAS,gBAAgB,CAAC,EAAU;IAClC,MAAM,WAAW,GAA2B;QAC1C,GAAG,EAAE,GAAG;QACR,IAAI,EAAE,IAAI;QACV,GAAG,EAAE,GAAG;QACR,GAAG,EAAE,GAAG;QACR,IAAI,EAAE,IAAI;QACV,IAAI,EAAE,IAAI;QACV,IAAI,EAAE,IAAI;QACV,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,OAAO;KACjB,CAAC;IACF,MAAM,SAAS,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;IAClC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,UAAU,EAAE,qBAAqB,EAAE,EAAE,CAAC,CAAC;IACvF,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC"}

package/dist/sql-validator.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+export interface SQLValidationOptions {
+    allowedTables?: string[];
+    requireTenantFilter?: boolean;
+    tenantColumn?: string;
+}
+export declare function validateSQL(sql: string, options?: SQLValidationOptions): void;
+export declare function validateMetricExpression(expr: string): boolean;
+//# sourceMappingURL=sql-validator.d.ts.map

package/dist/sql-validator.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"sql-validator.d.ts","sourceRoot":"","sources":["../src/sql-validator.ts"],"names":[],"mappings":"AA8CA,MAAM,WAAW,oBAAoB;IACnC,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,GAAE,oBAAyB,GAAG,IAAI,CAgEjF;AA2CD,wBAAgB,wBAAwB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAyB9D"}

package/dist/sql-validator.js ADDED Viewed

@@ -0,0 +1,160 @@
+import { InferError } from './errors.js';
+// Function ALLOWLIST (not blocklist) - exhaustive list from spec
+const ALLOWED_FUNCTIONS = new Set([
+    // Aggregates
+    'sum', 'avg', 'count', 'min', 'max',
+    // Math
+    'round', 'ceil', 'floor', 'abs', 'sign', 'mod', 'power',
+    // Date/Time
+    'date_trunc', 'extract', 'now', 'current_date', 'current_timestamp', 'age',
+    // String
+    'lower', 'upper', 'trim', 'length', 'substring', 'concat', 'left', 'right',
+    // Type
+    'cast', 'coalesce', 'nullif', 'greatest', 'least',
+    // Format
+    'to_char', 'to_date', 'to_number', 'to_timestamp',
+]);
+// Forbidden SQL keywords that should NEVER appear
+const FORBIDDEN_KEYWORDS = new Set([
+    'insert', 'update', 'delete', 'drop', 'alter', 'create', 'truncate',
+    'grant', 'revoke', 'copy', 'execute', 'call', 'reset', 'prepare',
+    'deallocate', 'listen', 'notify', 'vacuum', 'analyze', 'load',
+    'outfile', 'dumpfile', 'handler',
+]);
+// System catalogs that must never be referenced
+const FORBIDDEN_TABLES = [
+    'information_schema.',
+    'pg_catalog.',
+    'pg_stat_',
+    'pg_shadow',
+    'pg_authid',
+    'pg_roles',
+];
+// Forbidden function names (dangerous postgres functions)
+const FORBIDDEN_FUNCTIONS = new Set([
+    'pg_sleep', 'pg_read_file', 'pg_ls_dir', 'pg_stat_file',
+    'dblink', 'lo_import', 'lo_export',
+    'pg_terminate_backend', 'pg_cancel_backend', 'pg_advisory_lock',
+    'current_setting', 'set_config',
+    'generate_series', 'unnest',
+    'xml_parse', 'xpath',
+]);
+export function validateSQL(sql, options = {}) {
+    const normalized = sql.toLowerCase().trim();
+    // 1. Single statement only
+    const statementCount = sql.split(';').filter(s => s.trim().length > 0).length;
+    if (statementCount > 1) {
+        throw new InferError('SQL_VALIDATION_FAILED', 'sql_check', 'Multiple statements not allowed');
+    }
+    // 2. Must be SELECT or WITH (CTE)
+    if (!normalized.startsWith('select') && !normalized.startsWith('with')) {
+        throw new InferError('SQL_VALIDATION_FAILED', 'sql_check', 'Only SELECT statements are allowed');
+    }
+    // 3. Check forbidden keywords
+    for (const keyword of FORBIDDEN_KEYWORDS) {
+        // Use word boundary matching to avoid false positives
+        const regex = new RegExp(`\\b${keyword}\\b`, 'i');
+        if (regex.test(normalized)) {
+            throw new InferError('SQL_VALIDATION_FAILED', 'sql_check', 'Forbidden SQL keyword detected');
+        }
+    }
+    // 4. Check for system catalog references
+    for (const table of FORBIDDEN_TABLES) {
+        if (normalized.includes(table.toLowerCase())) {
+            throw new InferError('SQL_VALIDATION_FAILED', 'sql_check', 'System catalog access not allowed');
+        }
+    }
+    // 5. Check for forbidden functions
+    for (const func of FORBIDDEN_FUNCTIONS) {
+        const regex = new RegExp(`\\b${func}\\s*\\(`, 'i');
+        if (regex.test(normalized)) {
+            throw new InferError('SQL_VALIDATION_FAILED', 'sql_check', 'Forbidden function detected');
+        }
+    }
+    // 6. Check for dangerous patterns
+    if (/\bfor\s+(update|share)\b/i.test(sql)) {
+        throw new InferError('SQL_VALIDATION_FAILED', 'sql_check', 'FOR UPDATE/SHARE not allowed');
+    }
+    if (/\breturning\b/i.test(sql)) {
+        throw new InferError('SQL_VALIDATION_FAILED', 'sql_check', 'RETURNING clause not allowed');
+    }
+    if (/\binto\s+(outfile|dumpfile)\b/i.test(sql)) {
+        throw new InferError('SQL_VALIDATION_FAILED', 'sql_check', 'INTO OUTFILE/DUMPFILE not allowed');
+    }
+    // 7. Validate table allowlist if provided
+    if (options.allowedTables && options.allowedTables.length > 0) {
+        validateTableAllowlist(normalized, options.allowedTables);
+    }
+    // 8. Validate functions against allowlist
+    validateFunctions(normalized);
+    // 9. Check for tenant filter if required
+    if (options.requireTenantFilter) {
+        const tenantCol = options.tenantColumn || 'tenant_id';
+        if (!normalized.includes(tenantCol)) {
+            throw new InferError('SQL_VALIDATION_FAILED', 'sql_check', 'Missing required tenant filter');
+        }
+    }
+}
+function validateFunctions(sql) {
+    // Extract function calls using regex (matches function_name followed by open paren)
+    const functionPattern = /\b([a-z_][a-z0-9_]*)\s*\(/gi;
+    let match;
+    while ((match = functionPattern.exec(sql)) !== null) {
+        const funcName = match[1].toLowerCase();
+        // Skip SQL keywords that look like functions
+        const sqlKeywords = new Set(['select', 'from', 'where', 'and', 'or', 'not', 'in', 'exists', 'case', 'when', 'then', 'else', 'end', 'as', 'on', 'join', 'left', 'right', 'inner', 'outer', 'cross', 'having', 'group', 'order', 'with', 'over', 'partition', 'between', 'like', 'ilike', 'any', 'all', 'some', 'values']);
+        if (sqlKeywords.has(funcName))
+            continue;
+        // Check against forbidden functions first (more specific error)
+        if (FORBIDDEN_FUNCTIONS.has(funcName)) {
+            throw new InferError('SQL_VALIDATION_FAILED', 'sql_check', 'Forbidden function detected');
+        }
+        // Check against allowlist
+        if (!ALLOWED_FUNCTIONS.has(funcName)) {
+            throw new InferError('SQL_VALIDATION_FAILED', 'sql_check', `Function not allowed: ${funcName}`);
+        }
+    }
+}
+function validateTableAllowlist(sql, allowedTables) {
+    // Extract table references from FROM and JOIN clauses
+    const fromPattern = /\b(?:from|join)\s+([a-z_][a-z0-9_.]*)/gi;
+    let match;
+    const allowedSet = new Set(allowedTables.map(t => t.toLowerCase()));
+    while ((match = fromPattern.exec(sql)) !== null) {
+        const tableName = match[1].toLowerCase().replace(/^"|"$/g, '');
+        if (!allowedSet.has(tableName)) {
+            throw new InferError('SQL_VALIDATION_FAILED', 'sql_check', 'Table not in allowlist');
+        }
+    }
+}
+// Validate metric expressions at catalog load time
+const SAFE_METRIC_REGEX = /^(SUM|AVG|COUNT|MIN|MAX|ROUND|ABS|CEIL|FLOOR|COALESCE|NULLIF|CAST)\s*\(/i;
+export function validateMetricExpression(expr) {
+    // Simple metric expressions: FUNC(column)
+    const simplePattern = /^(SUM|AVG|COUNT|MIN|MAX|ROUND|ABS|CEIL|FLOOR)\s*\(\s*[a-zA-Z_][a-zA-Z0-9_]*\s*\)$/i;
+    if (simplePattern.test(expr))
+        return true;
+    // COUNT(*) special case
+    if (/^COUNT\s*\(\s*\*\s*\)$/i.test(expr))
+        return true;
+    // Nested single-level: ROUND(AVG(column))
+    const nestedPattern = /^(ROUND|CEIL|FLOOR|ABS)\s*\(\s*(SUM|AVG|COUNT|MIN|MAX)\s*\(\s*[a-zA-Z_][a-zA-Z0-9_]*\s*\)\s*(,\s*\d+\s*)?\)$/i;
+    if (nestedPattern.test(expr))
+        return true;
+    // ROUND(expr, precision)
+    const roundPattern = /^ROUND\s*\(\s*[a-zA-Z_][a-zA-Z0-9_]*\s*,\s*\d+\s*\)$/i;
+    if (roundPattern.test(expr))
+        return true;
+    // Check for any forbidden patterns
+    if (FORBIDDEN_FUNCTIONS.has(expr.split('(')[0].trim().toLowerCase()))
+        return false;
+    if (/;|--|\/\*|\*\//i.test(expr))
+        return false;
+    if (/\b(SELECT|FROM|WHERE|JOIN|INSERT|UPDATE|DELETE|DROP)\b/i.test(expr))
+        return false;
+    // If starts with an allowed function, tentatively accept
+    if (SAFE_METRIC_REGEX.test(expr.trim()))
+        return true;
+    return false;
+}
+//# sourceMappingURL=sql-validator.js.map

package/dist/sql-validator.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"sql-validator.js","sourceRoot":"","sources":["../src/sql-validator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,iEAAiE;AACjE,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC;IAChC,aAAa;IACb,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK;IACnC,OAAO;IACP,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO;IACvD,YAAY;IACZ,YAAY,EAAE,SAAS,EAAE,KAAK,EAAE,cAAc,EAAE,mBAAmB,EAAE,KAAK;IAC1E,SAAS;IACT,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO;IAC1E,OAAO;IACP,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO;IACjD,SAAS;IACT,SAAS,EAAE,SAAS,EAAE,WAAW,EAAE,cAAc;CAClD,CAAC,CAAC;AAEH,kDAAkD;AAClD,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC;IACjC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,UAAU;IACnE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS;IAChE,YAAY,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM;IAC7D,SAAS,EAAE,UAAU,EAAE,SAAS;CACjC,CAAC,CAAC;AAEH,gDAAgD;AAChD,MAAM,gBAAgB,GAAG;IACvB,qBAAqB;IACrB,aAAa;IACb,UAAU;IACV,WAAW;IACX,WAAW;IACX,UAAU;CACX,CAAC;AAEF,0DAA0D;AAC1D,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC;IAClC,UAAU,EAAE,cAAc,EAAE,WAAW,EAAE,cAAc;IACvD,QAAQ,EAAE,WAAW,EAAE,WAAW;IAClC,sBAAsB,EAAE,mBAAmB,EAAE,kBAAkB;IAC/D,iBAAiB,EAAE,YAAY;IAC/B,iBAAiB,EAAE,QAAQ;IAC3B,WAAW,EAAE,OAAO;CACrB,CAAC,CAAC;AAQH,MAAM,UAAU,WAAW,CAAC,GAAW,EAAE,UAAgC,EAAE;IACzE,MAAM,UAAU,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAC;IAE5C,2BAA2B;IAC3B,MAAM,cAAc,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC;IAC9E,IAAI,cAAc,GAAG,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,WAAW,EAAE,iCAAiC,CAAC,CAAC;IAChG,CAAC;IAED,kCAAkC;IAClC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QACvE,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,WAAW,EAAE,oCAAoC,CAAC,CAAC;IACnG,CAAC;IAED,8BAA8B;IAC9B,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;QACzC,sDAAsD;QACtD,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,MAAM,OAAO,KAAK,EAAE,GAAG,CAAC,CAAC;QAClD,IAAI,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,WAAW,EAAE,gCAAgC,CAAC,CAAC;QAC/F,CAAC;IACH,CAAC;IAED,yCAAyC;IACzC,KAAK,MAAM,KAAK,IAAI,gBAAgB,EAAE,CAAC;QACrC,IAAI,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,WAAW,EAAE,mCAAmC,CAAC,CAAC;QAClG,CAAC;IACH,CAAC;IAED,mCAAmC;IACnC,KAAK,MAAM,IAAI,IAAI,mBAAmB,EAAE,CAAC;QACvC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,MAAM,IAAI,SAAS,EAAE,GAAG,CAAC,CAAC;QACnD,IAAI,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,WAAW,EAAE,6BAA6B,CAAC,CAAC;QAC5F,CAAC;IACH,CAAC;IAED,kCAAkC;IAClC,IAAI,2BAA2B,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QAC1C,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,WAAW,EAAE,8BAA8B,CAAC,CAAC;IAC7F,CAAC;IACD,IAAI,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,WAAW,EAAE,8BAA8B,CAAC,CAAC;IAC7F,CAAC;IACD,IAAI,gCAAgC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/C,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,WAAW,EAAE,mCAAmC,CAAC,CAAC;IAClG,CAAC;IAED,0CAA0C;IAC1C,IAAI,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9D,sBAAsB,CAAC,UAAU,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;IAC5D,CAAC;IAED,0CAA0C;IAC1C,iBAAiB,CAAC,UAAU,CAAC,CAAC;IAE9B,yCAAyC;IACzC,IAAI,OAAO,CAAC,mBAAmB,EAAE,CAAC;QAChC,MAAM,SAAS,GAAG,OAAO,CAAC,YAAY,IAAI,WAAW,CAAC;QACtD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YACpC,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,WAAW,EAAE,gCAAgC,CAAC,CAAC;QAC/F,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,iBAAiB,CAAC,GAAW;IACpC,oFAAoF;IACpF,MAAM,eAAe,GAAG,6BAA6B,CAAC;IACtD,IAAI,KAA6B,CAAC;IAElC,OAAO,CAAC,KAAK,GAAG,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACpD,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;QAExC,6CAA6C;QAC7C,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;QACzT,IAAI,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC;YAAE,SAAS;QAExC,gEAAgE;QAChE,IAAI,mBAAmB,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YACtC,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,WAAW,EAAE,6BAA6B,CAAC,CAAC;QAC5F,CAAC;QAED,0BAA0B;QAC1B,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YACrC,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,WAAW,EAAE,yBAAyB,QAAQ,EAAE,CAAC,CAAC;QAClG,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,sBAAsB,CAAC,GAAW,EAAE,aAAuB;IAClE,sDAAsD;IACtD,MAAM,WAAW,GAAG,yCAAyC,CAAC;IAC9D,IAAI,KAA6B,CAAC;IAClC,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IAEpE,OAAO,CAAC,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAChD,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QAC/D,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;YAC/B,MAAM,IAAI,UAAU,CAAC,uBAAuB,EAAE,WAAW,EAAE,wBAAwB,CAAC,CAAC;QACvF,CAAC;IACH,CAAC;AACH,CAAC;AAED,mDAAmD;AACnD,MAAM,iBAAiB,GAAG,0EAA0E,CAAC;AAErG,MAAM,UAAU,wBAAwB,CAAC,IAAY;IACnD,0CAA0C;IAC1C,MAAM,aAAa,GAAG,oFAAoF,CAAC;IAC3G,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IAE1C,wBAAwB;IACxB,IAAI,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IAEtD,0CAA0C;IAC1C,MAAM,aAAa,GAAG,+GAA+G,CAAC;IACtI,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IAE1C,yBAAyB;IACzB,MAAM,YAAY,GAAG,uDAAuD,CAAC;IAC7E,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IAEzC,mCAAmC;IACnC,IAAI,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAAE,OAAO,KAAK,CAAC;IACnF,IAAI,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAC/C,IAAI,yDAAyD,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAEvF,yDAAyD;IACzD,IAAI,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QAAE,OAAO,IAAI,CAAC;IAErD,OAAO,KAAK,CAAC;AACf,CAAC"}

package/dist/testing.d.ts ADDED Viewed

@@ -0,0 +1,22 @@
+import type { InferConnector, ColumnMeta, IntrospectedSchema, SmartQueryPlan, LLMMessage, LLMOptions } from './types.js';
+import type { LLMProvider } from './llm.js';
+export declare class MockConnector implements InferConnector {
+    private tables;
+    constructor(config: {
+        tables: Record<string, Record<string, unknown>[]>;
+    });
+    execute(sql: string, _params: unknown[]): Promise<{
+        rows: Record<string, unknown>[];
+        columns: ColumnMeta[];
+    }>;
+    introspect(): Promise<IntrospectedSchema>;
+    close(): Promise<void>;
+}
+export declare class MockLLM implements LLMProvider {
+    private responses;
+    constructor(config: {
+        responses: Record<string, SmartQueryPlan>;
+    });
+    chat(messages: LLMMessage[], _options?: LLMOptions): Promise<string>;
+}
+//# sourceMappingURL=testing.d.ts.map

package/dist/testing.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"testing.d.ts","sourceRoot":"","sources":["../src/testing.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,UAAU,EAAE,kBAAkB,EAAE,cAAc,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACzH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AAG5C,qBAAa,aAAc,YAAW,cAAc;IAClD,OAAO,CAAC,MAAM,CAA4C;gBAE9C,MAAM,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC,CAAA;KAAE;IAQnE,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;QAAC,OAAO,EAAE,UAAU,EAAE,CAAA;KAAE,CAAC;IAa7G,UAAU,IAAI,OAAO,CAAC,kBAAkB,CAAC;IAuBzC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAC7B;AAGD,qBAAa,OAAQ,YAAW,WAAW;IACzC,OAAO,CAAC,SAAS,CAAiC;gBAEtC,MAAM,EAAE;QAAE,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,CAAA;KAAE;IAO3D,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,EAAE,QAAQ,CAAC,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC;CA0B3E"}

package/dist/testing.js ADDED Viewed

@@ -0,0 +1,78 @@
+// ── MockConnector ──
+export class MockConnector {
+    tables;
+    constructor(config) {
+        // Safety: MockConnector must NEVER be used in production
+        if (typeof process !== 'undefined' && process.env?.NODE_ENV === 'production') {
+            throw new Error('MockConnector cannot be used in NODE_ENV=production');
+        }
+        this.tables = config.tables;
+    }
+    async execute(sql, _params) {
+        // Extract table name from SQL (basic parser for testing)
+        const fromMatch = sql.match(/FROM\s+"?(\w+)"?/i);
+        const tableName = fromMatch?.[1] ?? '';
+        const rows = this.tables[tableName] ?? [];
+        const columns = rows.length > 0
+            ? Object.keys(rows[0]).map(name => ({ name, type: 'text' }))
+            : [];
+        return { rows, columns };
+    }
+    async introspect() {
+        return {
+            tables: Object.entries(this.tables).map(([name, rows]) => ({
+                schema: 'public',
+                name,
+                columns: rows.length > 0
+                    ? Object.keys(rows[0]).map(col => ({
+                        name: col,
+                        dataType: typeof rows[0][col] === 'number' ? 'numeric' : 'text',
+                        typeCategory: typeof rows[0][col] === 'number' ? 'N' : 'S',
+                        notNull: false,
+                        defaultValue: null,
+                        comment: null,
+                    }))
+                    : [],
+                estimatedRows: rows.length,
+                foreignKeys: [],
+                indexes: [],
+            })),
+            enums: {},
+        };
+    }
+    async close() { }
+}
+// ── MockLLM ──
+export class MockLLM {
+    responses;
+    constructor(config) {
+        if (typeof process !== 'undefined' && process.env?.NODE_ENV === 'production') {
+            throw new Error('MockLLM cannot be used in NODE_ENV=production');
+        }
+        this.responses = config.responses;
+    }
+    async chat(messages, _options) {
+        // Find the user message
+        const userMsg = messages.find(m => m.role === 'user')?.content ?? '';
+        // Check for exact match first
+        if (this.responses[userMsg]) {
+            return JSON.stringify(this.responses[userMsg]);
+        }
+        // Check for partial match
+        for (const [key, plan] of Object.entries(this.responses)) {
+            if (userMsg.toLowerCase().includes(key.toLowerCase())) {
+                return JSON.stringify(plan);
+            }
+        }
+        // Default response
+        return JSON.stringify({
+            dataset: 'unknown',
+            select: [],
+            metrics: [],
+            groupBy: [],
+            filters: [],
+            answerMode: 'rows',
+        });
+    }
+}
+//# sourceMappingURL=testing.js.map

package/dist/testing.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"testing.js","sourceRoot":"","sources":["../src/testing.ts"],"names":[],"mappings":"AAGA,sBAAsB;AACtB,MAAM,OAAO,aAAa;IAChB,MAAM,CAA4C;IAE1D,YAAY,MAA6D;QACvE,yDAAyD;QACzD,IAAI,OAAO,OAAO,KAAK,WAAW,IAAI,OAAO,CAAC,GAAG,EAAE,QAAQ,KAAK,YAAY,EAAE,CAAC;YAC7E,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;QACzE,CAAC;QACD,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;IAC9B,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,GAAW,EAAE,OAAkB;QAC3C,yDAAyD;QACzD,MAAM,SAAS,GAAG,GAAG,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACjD,MAAM,SAAS,GAAG,SAAS,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACvC,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;QAE1C,MAAM,OAAO,GAAiB,IAAI,CAAC,MAAM,GAAG,CAAC;YAC3C,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,MAAe,EAAE,CAAC,CAAC;YACrE,CAAC,CAAC,EAAE,CAAC;QAEP,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,UAAU;QACd,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;gBACzD,MAAM,EAAE,QAAQ;gBAChB,IAAI;gBACJ,OAAO,EAAE,IAAI,CAAC,MAAM,GAAG,CAAC;oBACtB,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;wBAC/B,IAAI,EAAE,GAAG;wBACT,QAAQ,EAAE,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM;wBAC/D,YAAY,EAAE,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG;wBAC1D,OAAO,EAAE,KAAK;wBACd,YAAY,EAAE,IAAI;wBAClB,OAAO,EAAE,IAAI;qBACd,CAAC,CAAC;oBACL,CAAC,CAAC,EAAE;gBACN,aAAa,EAAE,IAAI,CAAC,MAAM;gBAC1B,WAAW,EAAE,EAAE;gBACf,OAAO,EAAE,EAAE;aACZ,CAAC,CAAC;YACH,KAAK,EAAE,EAAE;SACV,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,KAAK,KAAmB,CAAC;CAChC;AAED,gBAAgB;AAChB,MAAM,OAAO,OAAO;IACV,SAAS,CAAiC;IAElD,YAAY,MAAqD;QAC/D,IAAI,OAAO,OAAO,KAAK,WAAW,IAAI,OAAO,CAAC,GAAG,EAAE,QAAQ,KAAK,YAAY,EAAE,CAAC;YAC7E,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;QACnE,CAAC;QACD,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;IACpC,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,QAAsB,EAAE,QAAqB;QACtD,wBAAwB;QACxB,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,EAAE,OAAO,IAAI,EAAE,CAAC;QAErE,8BAA8B;QAC9B,IAAI,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;QACjD,CAAC;QAED,0BAA0B;QAC1B,KAAK,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;YACzD,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACtD,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YAC9B,CAAC;QACH,CAAC;QAED,mBAAmB;QACnB,OAAO,IAAI,CAAC,SAAS,CAAC;YACpB,OAAO,EAAE,SAAS;YAClB,MAAM,EAAE,EAAE;YACV,OAAO,EAAE,EAAE;YACX,OAAO,EAAE,EAAE;YACX,OAAO,EAAE,EAAE;YACX,UAAU,EAAE,MAAM;SACnB,CAAC,CAAC;IACL,CAAC;CACF"}