@sovr/sql-proxy 0.0.1 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/index.cjs +840 -0
  2. package/index.d.ts +239 -0
  3. package/index.js +10 -1
  4. package/package.json +22 -1
package/index.cjs ADDED
@@ -0,0 +1,840 @@
1
+ "use strict";
2
+ var __create = Object.create;
3
+ var __defProp = Object.defineProperty;
4
+ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
5
+ var __getOwnPropNames = Object.getOwnPropertyNames;
6
+ var __getProtoOf = Object.getPrototypeOf;
7
+ var __hasOwnProp = Object.prototype.hasOwnProperty;
8
+ var __export = (target, all) => {
9
+ for (var name in all)
10
+ __defProp(target, name, { get: all[name], enumerable: true });
11
+ };
12
+ var __copyProps = (to, from, except, desc) => {
13
+ if (from && typeof from === "object" || typeof from === "function") {
14
+ for (let key of __getOwnPropNames(from))
15
+ if (!__hasOwnProp.call(to, key) && key !== except)
16
+ __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
17
+ }
18
+ return to;
19
+ };
20
+ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
21
+ // If the importer is in node compatibility mode or this is not an ESM
22
+ // file that has been converted to a CommonJS file using a Babel-
23
+ // compatible transform (i.e. "__esModule" has not been set), then set
24
+ // "default" to the CommonJS "module.exports" for node compatibility.
25
+ isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
26
+ mod
27
+ ));
28
+ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
29
+
30
+ // src/index.ts
31
+ var index_exports = {};
32
+ __export(index_exports, {
33
+ SqlProxy: () => SqlProxy,
34
+ detectSqlInjection: () => detectSqlInjection,
35
+ parseSQL: () => parseSQL
36
+ });
37
+ module.exports = __toCommonJS(index_exports);
38
+ var net = __toESM(require("net"), 1);
39
+ var import_node_events = require("events");
40
+ var PROXY_SQL_VERSION = "2.0.0";
41
+ var VERSION_CHECK_URL = "https://api.sovr.inc/api/sovr/v1/version/check";
42
+ var DEFAULT_METERING_ENDPOINT = "https://sovr-ai-mkzgqqeh.manus.space/api/v1/metering/batch";
43
+ var IRREVERSIBLE_SQL_REGEX = /^(DELETE|DROP|TRUNCATE|ALTER|UPDATE|INSERT|CREATE|GRANT|REVOKE|COPY)$/i;
44
+ var SQL_INJECTION_PATTERNS = [
45
+ { name: "union_injection", pattern: /\bUNION\s+(ALL\s+)?SELECT\b/i, severity: "critical" },
46
+ { name: "tautology", pattern: /\bOR\s+['"]?\d+['"]?\s*=\s*['"]?\d+['"]?/i, severity: "high" },
47
+ { name: "tautology_string", pattern: /\bOR\s+['"][^'"]*['"]\s*=\s*['"][^'"]*['"]/i, severity: "high" },
48
+ { name: "comment_injection", pattern: /--\s*$|\/\*.*\*\//i, severity: "high" },
49
+ { name: "stacked_queries", pattern: /;\s*(DROP|DELETE|UPDATE|INSERT|ALTER|TRUNCATE|GRANT|REVOKE)\b/i, severity: "critical" },
50
+ { name: "sleep_injection", pattern: /\b(SLEEP|WAITFOR|BENCHMARK|PG_SLEEP)\s*\(/i, severity: "critical" },
51
+ { name: "information_schema", pattern: /\bINFORMATION_SCHEMA\b/i, severity: "high" },
52
+ { name: "hex_encoding", pattern: /0x[0-9a-fA-F]{8,}/i, severity: "high" },
53
+ { name: "char_encoding", pattern: /\bCHR\s*\(\s*\d+\s*\)/i, severity: "high" },
54
+ { name: "load_file", pattern: /\b(LOAD_FILE|INTO\s+OUTFILE|INTO\s+DUMPFILE)\b/i, severity: "critical" }
55
+ ];
56
+ function parseSQL(sql) {
57
+ const trimmed = sql.trim();
58
+ const normalized = trimmed.replace(/\s+/g, " ").toUpperCase();
59
+ const isMultiStatement = trimmed.split(";").filter((s) => s.trim().length > 0).length > 1;
60
+ const type = classifyStatement(normalized);
61
+ const tables = extractTables(normalized, type);
62
+ const hasWhereClause = checkWhereClause(normalized, type);
63
+ return {
64
+ type,
65
+ tables,
66
+ hasWhereClause,
67
+ isMultiStatement,
68
+ raw: trimmed
69
+ };
70
+ }
71
+ function classifyStatement(sql) {
72
+ const first = sql.split(/\s/)[0];
73
+ switch (first) {
74
+ case "SELECT":
75
+ return "SELECT";
76
+ case "INSERT":
77
+ return "INSERT";
78
+ case "UPDATE":
79
+ return "UPDATE";
80
+ case "DELETE":
81
+ return "DELETE";
82
+ case "DROP":
83
+ return "DROP";
84
+ case "ALTER":
85
+ return "ALTER";
86
+ case "TRUNCATE":
87
+ return "TRUNCATE";
88
+ case "CREATE":
89
+ return "CREATE";
90
+ case "GRANT":
91
+ return "GRANT";
92
+ case "REVOKE":
93
+ return "REVOKE";
94
+ case "BEGIN":
95
+ case "START":
96
+ return "BEGIN";
97
+ case "COMMIT":
98
+ return "COMMIT";
99
+ case "ROLLBACK":
100
+ return "ROLLBACK";
101
+ case "SET":
102
+ return "SET";
103
+ case "SHOW":
104
+ return "SHOW";
105
+ case "EXPLAIN":
106
+ return "EXPLAIN";
107
+ case "COPY":
108
+ return "COPY";
109
+ default:
110
+ return "OTHER";
111
+ }
112
+ }
113
+ function extractTables(sql, type) {
114
+ const tables = [];
115
+ try {
116
+ switch (type) {
117
+ case "SELECT": {
118
+ const fromMatch = sql.match(/\bFROM\s+([A-Z0-9_."]+(?:\s*,\s*[A-Z0-9_."]+)*)/);
119
+ if (fromMatch) {
120
+ tables.push(
121
+ ...fromMatch[1].split(",").map((t) => t.trim().replace(/"/g, "").split(/\s/)[0])
122
+ );
123
+ }
124
+ const joinMatches = sql.matchAll(/\bJOIN\s+([A-Z0-9_."]+)/g);
125
+ for (const m of joinMatches) {
126
+ tables.push(m[1].replace(/"/g, ""));
127
+ }
128
+ break;
129
+ }
130
+ case "INSERT": {
131
+ const intoMatch = sql.match(/\bINTO\s+([A-Z0-9_."]+)/);
132
+ if (intoMatch) tables.push(intoMatch[1].replace(/"/g, ""));
133
+ break;
134
+ }
135
+ case "UPDATE": {
136
+ const updateMatch = sql.match(/\bUPDATE\s+([A-Z0-9_."]+)/);
137
+ if (updateMatch) tables.push(updateMatch[1].replace(/"/g, ""));
138
+ break;
139
+ }
140
+ case "DELETE": {
141
+ const deleteFromMatch = sql.match(/\bFROM\s+([A-Z0-9_."]+)/);
142
+ if (deleteFromMatch) tables.push(deleteFromMatch[1].replace(/"/g, ""));
143
+ break;
144
+ }
145
+ case "DROP": {
146
+ const dropMatch = sql.match(/\bDROP\s+(?:TABLE|INDEX|VIEW|SCHEMA|DATABASE)\s+(?:IF\s+EXISTS\s+)?([A-Z0-9_."]+)/);
147
+ if (dropMatch) tables.push(dropMatch[1].replace(/"/g, ""));
148
+ break;
149
+ }
150
+ case "ALTER": {
151
+ const alterMatch = sql.match(/\bALTER\s+TABLE\s+([A-Z0-9_."]+)/);
152
+ if (alterMatch) tables.push(alterMatch[1].replace(/"/g, ""));
153
+ break;
154
+ }
155
+ case "TRUNCATE": {
156
+ const truncMatch = sql.match(/\bTRUNCATE\s+(?:TABLE\s+)?([A-Z0-9_."]+)/);
157
+ if (truncMatch) tables.push(truncMatch[1].replace(/"/g, ""));
158
+ break;
159
+ }
160
+ case "CREATE": {
161
+ const createMatch = sql.match(/\bCREATE\s+(?:TABLE|INDEX|VIEW|SCHEMA|DATABASE)\s+(?:IF\s+NOT\s+EXISTS\s+)?([A-Z0-9_."]+)/);
162
+ if (createMatch) tables.push(createMatch[1].replace(/"/g, ""));
163
+ break;
164
+ }
165
+ case "COPY": {
166
+ const copyMatch = sql.match(/\bCOPY\s+([A-Z0-9_."]+)/);
167
+ if (copyMatch) tables.push(copyMatch[1].replace(/"/g, ""));
168
+ break;
169
+ }
170
+ }
171
+ } catch {
172
+ }
173
+ return tables.map((t) => t.toLowerCase()).filter(Boolean);
174
+ }
175
+ function checkWhereClause(sql, type) {
176
+ if (type === "SELECT" || type === "UPDATE" || type === "DELETE") {
177
+ return /\bWHERE\b/.test(sql);
178
+ }
179
+ return true;
180
+ }
181
+ function detectSqlInjection(sql) {
182
+ const matched = [];
183
+ let maxSeverity = "none";
184
+ for (const { name, pattern, severity } of SQL_INJECTION_PATTERNS) {
185
+ if (pattern.test(sql)) {
186
+ matched.push(name);
187
+ if (severity === "critical" || severity === "high" && maxSeverity === "none") {
188
+ maxSeverity = severity;
189
+ }
190
+ }
191
+ }
192
+ return {
193
+ detected: matched.length > 0,
194
+ patterns: matched,
195
+ severity: maxSeverity
196
+ };
197
+ }
198
+ var PG_MSG = {
199
+ QUERY: "Q".charCodeAt(0),
200
+ PARSE: "P".charCodeAt(0),
201
+ BIND: "B".charCodeAt(0),
202
+ EXECUTE: "E".charCodeAt(0),
203
+ TERMINATE: "X".charCodeAt(0),
204
+ ERROR_RESPONSE: "E".charCodeAt(0),
205
+ READY_FOR_QUERY: "Z".charCodeAt(0),
206
+ ROW_DESCRIPTION: "T".charCodeAt(0),
207
+ DATA_ROW: "D".charCodeAt(0),
208
+ COMMAND_COMPLETE: "C".charCodeAt(0),
209
+ AUTHENTICATION: "R".charCodeAt(0),
210
+ PARAMETER_STATUS: "S".charCodeAt(0),
211
+ BACKEND_KEY_DATA: "K".charCodeAt(0),
212
+ NOTICE_RESPONSE: "N".charCodeAt(0)
213
+ };
214
+ function buildPgErrorResponse(severity, code, message) {
215
+ const fields = [];
216
+ fields.push(Buffer.from("S"));
217
+ fields.push(Buffer.from(severity + "\0"));
218
+ fields.push(Buffer.from("V"));
219
+ fields.push(Buffer.from(severity + "\0"));
220
+ fields.push(Buffer.from("C"));
221
+ fields.push(Buffer.from(code + "\0"));
222
+ fields.push(Buffer.from("M"));
223
+ fields.push(Buffer.from(message + "\0"));
224
+ fields.push(Buffer.from("\0"));
225
+ const body = Buffer.concat(fields);
226
+ const header = Buffer.alloc(5);
227
+ header[0] = PG_MSG.ERROR_RESPONSE;
228
+ header.writeInt32BE(body.length + 4, 1);
229
+ return Buffer.concat([header, body]);
230
+ }
231
+ function buildPgReadyForQuery(status = "I") {
232
+ const buf = Buffer.alloc(6);
233
+ buf[0] = PG_MSG.READY_FOR_QUERY;
234
+ buf.writeInt32BE(5, 1);
235
+ buf[5] = status.charCodeAt(0);
236
+ return buf;
237
+ }
238
+ function extractQueryFromPgMessage(data) {
239
+ if (data.length < 5) return null;
240
+ if (data[0] !== PG_MSG.QUERY) return null;
241
+ const len = data.readInt32BE(1);
242
+ const sql = data.subarray(5, 1 + len - 1).toString("utf8");
243
+ return sql;
244
+ }
245
+ function extractQueryFromPgParse(data) {
246
+ if (data.length < 5) return null;
247
+ if (data[0] !== PG_MSG.PARSE) return null;
248
+ let offset = 5;
249
+ while (offset < data.length && data[offset] !== 0) offset++;
250
+ offset++;
251
+ const start = offset;
252
+ while (offset < data.length && data[offset] !== 0) offset++;
253
+ const sql = data.subarray(start, offset).toString("utf8");
254
+ return sql;
255
+ }
256
+ var SqlProxy = class extends import_node_events.EventEmitter {
257
+ engine;
258
+ apiKey;
259
+ listenPort;
260
+ listenHost;
261
+ targetHost;
262
+ targetPort;
263
+ actorId;
264
+ verbose;
265
+ onBlocked;
266
+ onEvaluated;
267
+ server = null;
268
+ // v2.0: Table ACL
269
+ tableWhitelist;
270
+ tableBlacklist;
271
+ sqlInjectionDetection;
272
+ // v2.0: Billing Reporter
273
+ billingEnabled;
274
+ billingEndpoint;
275
+ billingBuffer = [];
276
+ billingFlushTimer = null;
277
+ BILLING_FLUSH_INTERVAL;
278
+ BILLING_BUFFER_MAX;
279
+ stats;
280
+ constructor(config) {
281
+ super();
282
+ const apiKey = config.apiKey || process.env.SOVR_API_KEY || "";
283
+ if (!apiKey) {
284
+ throw new Error(
285
+ "\n\u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557\n\u2551 SOVR API KEY REQUIRED \u2551\n\u2560\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2563\n\u2551 @sovr/proxy-sql requires a valid API key to operate. \u2551\n\u2551 \u2551\n\u2551 Without a valid API key: \u2551\n\u2551 \u2022 No billing events can be reported \u2551\n\u2551 \u2022 No quota can be verified \u2551\n\u2551 \u2022 No metering data is recorded \u2551\n\u2551 \u2022 Proxy will NOT start \u2551\n\u2551 \u2551\n\u2551 Get your key: \u2551\n\u2551 1. Register at: https://sovr.inc/register \u2551\n\u2551 2. Dashboard: https://sovr.inc/dashboard/api-keys \u2551\n\u2551 3. Pass apiKey in config or set SOVR_API_KEY env var \u2551\n\u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D\n"
286
+ );
287
+ }
288
+ this.apiKey = apiKey;
289
+ this._checkVersion(apiKey);
290
+ this.engine = config.engine;
291
+ this.listenPort = config.listenPort;
292
+ this.listenHost = config.listenHost ?? "127.0.0.1";
293
+ this.targetHost = config.targetHost;
294
+ this.targetPort = config.targetPort;
295
+ this.actorId = config.actorId ?? "sql-proxy";
296
+ this.verbose = config.verbose ?? false;
297
+ this.onBlocked = config.onBlocked;
298
+ this.onEvaluated = config.onEvaluated;
299
+ this.tableWhitelist = config.tableWhitelist ? new Set(config.tableWhitelist.map((t) => t.toLowerCase())) : null;
300
+ this.tableBlacklist = new Set(
301
+ (config.tableBlacklist ?? []).map((t) => t.toLowerCase())
302
+ );
303
+ this.sqlInjectionDetection = config.sqlInjectionDetection !== false;
304
+ const billing = config.billing ?? {};
305
+ this.billingEnabled = billing.enabled !== false;
306
+ this.billingEndpoint = billing.meteringEndpoint ?? DEFAULT_METERING_ENDPOINT;
307
+ this.BILLING_FLUSH_INTERVAL = billing.flushIntervalMs ?? 1e4;
308
+ this.BILLING_BUFFER_MAX = billing.bufferMax ?? 500;
309
+ this.stats = {
310
+ totalQueries: 0,
311
+ allowedQueries: 0,
312
+ blockedQueries: 0,
313
+ escalatedQueries: 0,
314
+ activeConnections: 0,
315
+ startedAt: 0,
316
+ injectionBlocks: 0,
317
+ tableAclBlocks: 0,
318
+ billingEventsReported: 0,
319
+ billingEventsDropped: 0,
320
+ billingBufferSize: 0,
321
+ billingByType: {
322
+ "gate.check": 0,
323
+ "gate.block": 0,
324
+ "irreversible.allowed": 0,
325
+ "trust_bundle.issued": 0,
326
+ "trust_bundle.exported": 0,
327
+ "replay.requested": 0,
328
+ "auditor.session": 0
329
+ }
330
+ };
331
+ }
332
+ // ============================================================================
333
+ // Lifecycle
334
+ // ============================================================================
335
+ /**
336
+ * Start the SQL proxy server + billing reporter.
337
+ */
338
+ async start() {
339
+ return new Promise((resolve, reject) => {
340
+ this.server = net.createServer((clientSocket) => {
341
+ this.handleConnection(clientSocket);
342
+ });
343
+ this.server.on("error", (err) => {
344
+ this.emit("error", err);
345
+ reject(err);
346
+ });
347
+ this.server.listen(this.listenPort, this.listenHost, () => {
348
+ this.stats.startedAt = Date.now();
349
+ if (this.billingEnabled) {
350
+ this.initBillingReporter();
351
+ }
352
+ if (this.verbose) {
353
+ process.stderr.write(
354
+ `[sovr-sql-proxy] v${PROXY_SQL_VERSION} listening on ${this.listenHost}:${this.listenPort} \u2192 ${this.targetHost}:${this.targetPort}
355
+ [sovr-sql-proxy] API Key: ${this.apiKey.slice(0, 8)}...${this.apiKey.slice(-4)}
356
+ [sovr-sql-proxy] Billing: ${this.billingEnabled ? "ENABLED" : "DISABLED"}
357
+ [sovr-sql-proxy] SQL Injection Detection: ${this.sqlInjectionDetection ? "ENABLED" : "DISABLED"}
358
+ [sovr-sql-proxy] Table Whitelist: ${this.tableWhitelist ? `${this.tableWhitelist.size} tables` : "OFF"}
359
+ [sovr-sql-proxy] Table Blacklist: ${this.tableBlacklist.size} tables
360
+ `
361
+ );
362
+ }
363
+ this.emit("listening");
364
+ resolve();
365
+ });
366
+ });
367
+ }
368
+ /**
369
+ * Stop the SQL proxy server + flush remaining billing events.
370
+ */
371
+ async stop() {
372
+ if (this.billingFlushTimer) {
373
+ clearInterval(this.billingFlushTimer);
374
+ this.billingFlushTimer = null;
375
+ }
376
+ await this.flushBillingBuffer().catch(() => {
377
+ });
378
+ return new Promise((resolve) => {
379
+ if (this.server) {
380
+ this.server.close(() => resolve());
381
+ } else {
382
+ resolve();
383
+ }
384
+ });
385
+ }
386
+ /**
387
+ * Get proxy statistics (including billing stats).
388
+ */
389
+ getStats() {
390
+ return {
391
+ ...this.stats,
392
+ billingBufferSize: this.billingBuffer.length
393
+ };
394
+ }
395
+ // ============================================================================
396
+ // v2.0: Billing Reporter
397
+ // 7 event types: gate.check, gate.block, irreversible.allowed,
398
+ // trust_bundle.issued, trust_bundle.exported, replay.requested, auditor.session
399
+ // ============================================================================
400
+ initBillingReporter() {
401
+ this.billingFlushTimer = setInterval(() => {
402
+ this.flushBillingBuffer().catch(() => {
403
+ });
404
+ }, this.BILLING_FLUSH_INTERVAL);
405
+ if (this.verbose) {
406
+ this.log(`Billing reporter initialized: flush every ${this.BILLING_FLUSH_INTERVAL}ms, buffer max ${this.BILLING_BUFFER_MAX}`);
407
+ }
408
+ }
409
+ /**
410
+ * Record a billing event into the buffer.
411
+ * Fire-and-forget — never blocks the main request flow.
412
+ */
413
+ recordBillingEvent(event_type, action, resource, verdict, metadata) {
414
+ if (!this.billingEnabled) return;
415
+ this.billingBuffer.push({
416
+ event_type,
417
+ action,
418
+ resource,
419
+ verdict,
420
+ api_key: this.apiKey,
421
+ timestamp: Date.now(),
422
+ metadata
423
+ });
424
+ this.stats.billingByType[event_type] = (this.stats.billingByType[event_type] || 0) + 1;
425
+ if (this.billingBuffer.length >= this.BILLING_BUFFER_MAX) {
426
+ this.flushBillingBuffer().catch(() => {
427
+ });
428
+ }
429
+ }
430
+ /**
431
+ * Flush billing buffer to the metering endpoint.
432
+ * Batch POST — fire-and-forget with re-queue on failure.
433
+ */
434
+ async flushBillingBuffer() {
435
+ if (this.billingBuffer.length === 0) return;
436
+ const batch = this.billingBuffer.splice(0, this.BILLING_BUFFER_MAX);
437
+ try {
438
+ const response = await globalThis.fetch(this.billingEndpoint, {
439
+ method: "POST",
440
+ headers: {
441
+ "Content-Type": "application/json",
442
+ "Authorization": `Bearer ${this.apiKey}`,
443
+ "X-SOVR-Source": "proxy-sql",
444
+ "X-SOVR-Version": PROXY_SQL_VERSION
445
+ },
446
+ body: JSON.stringify({ events: batch }),
447
+ signal: AbortSignal.timeout(5e3)
448
+ });
449
+ if (response.ok) {
450
+ this.stats.billingEventsReported += batch.length;
451
+ if (this.verbose) {
452
+ this.log(`Billing: flushed ${batch.length} events (total reported: ${this.stats.billingEventsReported})`);
453
+ }
454
+ } else {
455
+ throw new Error(`HTTP ${response.status}`);
456
+ }
457
+ } catch {
458
+ if (this.billingBuffer.length < this.BILLING_BUFFER_MAX * 2) {
459
+ this.billingBuffer.unshift(...batch);
460
+ } else {
461
+ this.stats.billingEventsDropped += batch.length;
462
+ }
463
+ }
464
+ }
465
+ /**
466
+ * Classify a gate-check result into the appropriate billing event type.
467
+ * Key pricing principle: "放行的不可逆动作" is the highest-price tax base.
468
+ */
469
+ classifyBillingEvent(statementType, verdict) {
470
+ if (verdict === "deny" || verdict === "block") {
471
+ return "gate.block";
472
+ }
473
+ if ((verdict === "allow" || verdict === "approve") && IRREVERSIBLE_SQL_REGEX.test(statementType)) {
474
+ return "irreversible.allowed";
475
+ }
476
+ return "gate.check";
477
+ }
478
+ /**
479
+ * Record billing event from a policy engine evaluation result.
480
+ * Automatically classifies the event type based on statement type + verdict.
481
+ */
482
+ recordGateCheckBilling(statementType, tables, decision, extraMetadata) {
483
+ const eventType = this.classifyBillingEvent(statementType, decision.verdict);
484
+ this.recordBillingEvent(eventType, statementType, tables.join(",") || "*", decision.verdict, {
485
+ risk_score: decision.risk_score,
486
+ risk_level: decision.risk_level,
487
+ decision_id: decision.decision_id,
488
+ matched_rules: decision.matched_rules?.length ?? 0,
489
+ tables,
490
+ ...extraMetadata
491
+ });
492
+ }
493
+ // ============================================================================
494
+ // v2.0: Table ACL (Whitelist / Blacklist)
495
+ // ============================================================================
496
+ /**
497
+ * Check if the queried tables pass the ACL check.
498
+ * Returns null if allowed, or a reason string if blocked.
499
+ */
500
+ checkTableAcl(tables) {
501
+ if (tables.length === 0) return null;
502
+ for (const table of tables) {
503
+ if (this.tableBlacklist.has(table)) {
504
+ return `Table '${table}' is in the blacklist`;
505
+ }
506
+ }
507
+ if (this.tableWhitelist) {
508
+ for (const table of tables) {
509
+ if (!this.tableWhitelist.has(table)) {
510
+ return `Table '${table}' is not in the whitelist`;
511
+ }
512
+ }
513
+ }
514
+ return null;
515
+ }
516
+ // ============================================================================
517
+ // Connection Handler
518
+ // ============================================================================
519
+ handleConnection(clientSocket) {
520
+ this.stats.activeConnections++;
521
+ const backendSocket = net.createConnection({
522
+ host: this.targetHost,
523
+ port: this.targetPort
524
+ });
525
+ let startupComplete = false;
526
+ let clientBuffer = Buffer.alloc(0);
527
+ clientSocket.on("data", (data) => {
528
+ if (!startupComplete) {
529
+ backendSocket.write(data);
530
+ return;
531
+ }
532
+ clientBuffer = Buffer.concat([clientBuffer, data]);
533
+ this.processClientData(clientBuffer, clientSocket, backendSocket);
534
+ clientBuffer = Buffer.alloc(0);
535
+ });
536
+ backendSocket.on("data", (data) => {
537
+ if (!startupComplete) {
538
+ for (let i = 0; i < data.length - 5; i++) {
539
+ if (data[i] === PG_MSG.READY_FOR_QUERY) {
540
+ const len = data.readInt32BE(i + 1);
541
+ if (len === 5) {
542
+ startupComplete = true;
543
+ if (this.verbose) {
544
+ process.stderr.write("[sovr-sql-proxy] Authentication complete, intercepting queries\n");
545
+ }
546
+ break;
547
+ }
548
+ }
549
+ }
550
+ }
551
+ clientSocket.write(data);
552
+ });
553
+ const cleanup = () => {
554
+ this.stats.activeConnections--;
555
+ clientSocket.destroy();
556
+ backendSocket.destroy();
557
+ };
558
+ clientSocket.on("end", cleanup);
559
+ clientSocket.on("error", cleanup);
560
+ backendSocket.on("end", cleanup);
561
+ backendSocket.on("error", cleanup);
562
+ }
563
+ // ============================================================================
564
+ // Query Interception
565
+ // ============================================================================
566
+ processClientData(data, clientSocket, backendSocket) {
567
+ if (data.length < 5) {
568
+ backendSocket.write(data);
569
+ return;
570
+ }
571
+ const msgType = data[0];
572
+ if (msgType !== PG_MSG.QUERY && msgType !== PG_MSG.PARSE) {
573
+ backendSocket.write(data);
574
+ return;
575
+ }
576
+ let sql = null;
577
+ if (msgType === PG_MSG.QUERY) {
578
+ sql = extractQueryFromPgMessage(data);
579
+ } else if (msgType === PG_MSG.PARSE) {
580
+ sql = extractQueryFromPgParse(data);
581
+ }
582
+ if (!sql || sql.trim().length === 0) {
583
+ backendSocket.write(data);
584
+ return;
585
+ }
586
+ const parsed = parseSQL(sql);
587
+ let injectionResult;
588
+ if (this.sqlInjectionDetection) {
589
+ injectionResult = detectSqlInjection(sql);
590
+ if (injectionResult.detected) {
591
+ this.stats.totalQueries++;
592
+ this.stats.blockedQueries++;
593
+ this.stats.injectionBlocks++;
594
+ const blockDecision = {
595
+ decision_id: `dec_injection_${Date.now().toString(36)}`,
596
+ verdict: "deny",
597
+ allowed: false,
598
+ risk_score: 100,
599
+ risk_level: "critical",
600
+ requires_approval: false,
601
+ reason: `SQL injection detected: ${injectionResult.patterns.join(", ")} (severity: ${injectionResult.severity})`,
602
+ matched_rules: [],
603
+ channel: "sql",
604
+ trace_id: `trace_sqli_${Date.now().toString(36)}`,
605
+ timestamp: Date.now()
606
+ };
607
+ const info2 = {
608
+ sql: sql.substring(0, 500),
609
+ statementType: parsed.type,
610
+ tables: parsed.tables,
611
+ decision: blockDecision,
612
+ timestamp: Date.now(),
613
+ injectionResult
614
+ };
615
+ this.recordGateCheckBilling(parsed.type, parsed.tables, blockDecision, {
616
+ block_reason: "sql_injection",
617
+ injection_patterns: injectionResult.patterns
618
+ });
619
+ const errorMsg = buildPgErrorResponse(
620
+ "ERROR",
621
+ "42501",
622
+ `SOVR: SQL injection detected \u2014 ${injectionResult.patterns.join(", ")} [${blockDecision.decision_id}]`
623
+ );
624
+ const readyMsg = buildPgReadyForQuery("I");
625
+ clientSocket.write(Buffer.concat([errorMsg, readyMsg]));
626
+ if (this.verbose) {
627
+ process.stderr.write(
628
+ `[sovr-sql-proxy] \x1B[31mINJECTION BLOCKED\x1B[0m: ${injectionResult.patterns.join(", ")} in ${parsed.type}
629
+ `
630
+ );
631
+ }
632
+ if (this.onBlocked) {
633
+ try {
634
+ this.onBlocked(info2);
635
+ } catch {
636
+ }
637
+ }
638
+ this.emit("injection_blocked", info2);
639
+ return;
640
+ }
641
+ }
642
+ const aclBlock = this.checkTableAcl(parsed.tables);
643
+ if (aclBlock) {
644
+ this.stats.totalQueries++;
645
+ this.stats.blockedQueries++;
646
+ this.stats.tableAclBlocks++;
647
+ const blockDecision = {
648
+ decision_id: `dec_acl_${Date.now().toString(36)}`,
649
+ verdict: "deny",
650
+ allowed: false,
651
+ risk_score: 90,
652
+ risk_level: "high",
653
+ requires_approval: false,
654
+ reason: `Table ACL violation: ${aclBlock}`,
655
+ matched_rules: [],
656
+ channel: "sql",
657
+ trace_id: `trace_acl_${Date.now().toString(36)}`,
658
+ timestamp: Date.now()
659
+ };
660
+ const info2 = {
661
+ sql: sql.substring(0, 500),
662
+ statementType: parsed.type,
663
+ tables: parsed.tables,
664
+ decision: blockDecision,
665
+ timestamp: Date.now()
666
+ };
667
+ this.recordGateCheckBilling(parsed.type, parsed.tables, blockDecision, {
668
+ block_reason: "table_acl",
669
+ acl_detail: aclBlock
670
+ });
671
+ const errorMsg = buildPgErrorResponse(
672
+ "ERROR",
673
+ "42501",
674
+ `SOVR: ${aclBlock} [${blockDecision.decision_id}]`
675
+ );
676
+ const readyMsg = buildPgReadyForQuery("I");
677
+ clientSocket.write(Buffer.concat([errorMsg, readyMsg]));
678
+ if (this.verbose) {
679
+ process.stderr.write(
680
+ `[sovr-sql-proxy] \x1B[33mACL BLOCKED\x1B[0m: ${aclBlock} \u2014 ${parsed.type} on ${parsed.tables.join(", ")}
681
+ `
682
+ );
683
+ }
684
+ if (this.onBlocked) {
685
+ try {
686
+ this.onBlocked(info2);
687
+ } catch {
688
+ }
689
+ }
690
+ this.emit("acl_blocked", info2);
691
+ return;
692
+ }
693
+ const decision = this.evaluateStatement(parsed);
694
+ this.stats.totalQueries++;
695
+ const info = {
696
+ sql: sql.substring(0, 500),
697
+ statementType: parsed.type,
698
+ tables: parsed.tables,
699
+ decision,
700
+ timestamp: Date.now(),
701
+ injectionResult
702
+ };
703
+ if (this.onEvaluated) {
704
+ try {
705
+ this.onEvaluated(info);
706
+ } catch {
707
+ }
708
+ }
709
+ this.recordGateCheckBilling(parsed.type, parsed.tables, decision);
710
+ if (decision.verdict === "deny") {
711
+ this.stats.blockedQueries++;
712
+ const errorMsg = buildPgErrorResponse(
713
+ "ERROR",
714
+ "42501",
715
+ `SOVR Policy Violation: ${decision.reason} [decision_id: ${decision.decision_id}]`
716
+ );
717
+ const readyMsg = buildPgReadyForQuery("I");
718
+ clientSocket.write(Buffer.concat([errorMsg, readyMsg]));
719
+ if (this.verbose) {
720
+ process.stderr.write(
721
+ `[sovr-sql-proxy] \x1B[31mBLOCKED\x1B[0m: ${parsed.type} on ${parsed.tables.join(", ")} \u2014 ${decision.reason}
722
+ `
723
+ );
724
+ }
725
+ if (this.onBlocked) {
726
+ try {
727
+ this.onBlocked(info);
728
+ } catch {
729
+ }
730
+ }
731
+ this.emit("blocked", info);
732
+ } else if (decision.verdict === "escalate") {
733
+ this.stats.escalatedQueries++;
734
+ const errorMsg = buildPgErrorResponse(
735
+ "ERROR",
736
+ "42501",
737
+ `SOVR: Action requires approval \u2014 ${decision.reason} [decision_id: ${decision.decision_id}]`
738
+ );
739
+ const readyMsg = buildPgReadyForQuery("I");
740
+ clientSocket.write(Buffer.concat([errorMsg, readyMsg]));
741
+ if (this.verbose) {
742
+ process.stderr.write(
743
+ `[sovr-sql-proxy] \x1B[33mESCALATED\x1B[0m: ${parsed.type} on ${parsed.tables.join(", ")} \u2014 ${decision.reason}
744
+ `
745
+ );
746
+ }
747
+ this.emit("escalated", info);
748
+ } else {
749
+ this.stats.allowedQueries++;
750
+ backendSocket.write(data);
751
+ if (this.verbose) {
752
+ process.stderr.write(
753
+ `[sovr-sql-proxy] \x1B[32mALLOWED\x1B[0m: ${parsed.type} on ${parsed.tables.join(", ")} (risk: ${decision.risk_score})
754
+ `
755
+ );
756
+ }
757
+ }
758
+ }
759
+ // ============================================================================
760
+ // Policy Evaluation
761
+ // ============================================================================
762
+ evaluateStatement(parsed) {
763
+ const safeTypes = [
764
+ "SELECT",
765
+ "BEGIN",
766
+ "COMMIT",
767
+ "ROLLBACK",
768
+ "SET",
769
+ "SHOW",
770
+ "EXPLAIN"
771
+ ];
772
+ if (safeTypes.includes(parsed.type) && !parsed.isMultiStatement) {
773
+ if (parsed.type !== "SELECT") {
774
+ return {
775
+ decision_id: `dec_passthrough_${Date.now().toString(36)}`,
776
+ verdict: "allow",
777
+ allowed: true,
778
+ risk_score: 0,
779
+ risk_level: "none",
780
+ requires_approval: false,
781
+ reason: `Safe statement type: ${parsed.type}`,
782
+ matched_rules: [],
783
+ channel: "sql",
784
+ trace_id: `trace_sql_${Date.now().toString(36)}`,
785
+ timestamp: Date.now()
786
+ };
787
+ }
788
+ }
789
+ const context = {
790
+ statement_type: parsed.type,
791
+ tables: parsed.tables,
792
+ has_where_clause: parsed.hasWhereClause,
793
+ raw_sql: parsed.raw.substring(0, 1e3),
794
+ is_multi_statement: parsed.isMultiStatement
795
+ };
796
+ return this.engine.evaluate({
797
+ channel: "sql",
798
+ action: parsed.type,
799
+ resource: parsed.tables.join(",") || "*",
800
+ context,
801
+ actor_id: this.actorId
802
+ });
803
+ }
804
+ // ============================================================================
805
+ // Utilities
806
+ // ============================================================================
807
+ log(msg) {
808
+ process.stderr.write(`[sovr-sql-proxy] ${msg}
809
+ `);
810
+ }
811
+ /** v2.0: Async version check */
812
+ async _checkVersion(apiKey) {
813
+ try {
814
+ const res = await fetch(VERSION_CHECK_URL, {
815
+ method: "POST",
816
+ headers: { "Content-Type": "application/json", "X-SOVR-API-Key": apiKey },
817
+ body: JSON.stringify({ package: "@sovr/proxy-sql", version: PROXY_SQL_VERSION }),
818
+ signal: AbortSignal.timeout(5e3)
819
+ });
820
+ if (res.ok) {
821
+ const data = await res.json();
822
+ if (data.deprecated || data.forceUpgrade) {
823
+ console.error(
824
+ `[SOVR] @sovr/proxy-sql@${PROXY_SQL_VERSION} is deprecated.
825
+ Required: @sovr/proxy-sql@${data.minVersion || "latest"}
826
+ Run: npm install @sovr/proxy-sql@latest`
827
+ );
828
+ process.exit(1);
829
+ }
830
+ }
831
+ } catch {
832
+ }
833
+ }
834
+ };
835
+ // Annotate the CommonJS export names for ESM import in node:
836
+ 0 && (module.exports = {
837
+ SqlProxy,
838
+ detectSqlInjection,
839
+ parseSQL
840
+ });
package/index.d.ts ADDED
@@ -0,0 +1,239 @@
1
+ import { EventEmitter } from 'node:events';
2
+ import { EvalResult, PolicyEngine } from '@sovr/engine';
3
+ export { Channel, EvalRequest, EvalResult, PolicyRule, RiskLevel, SqlContext, Verdict } from '@sovr/engine';
4
+
5
+ /**
6
+ * @sovr/proxy-sql v2.0.0 — SQL Proxy with Full Billing System
7
+ *
8
+ * A transparent SQL proxy that sits between AI agents and databases,
9
+ * intercepting all SQL statements and routing them through the SOVR
10
+ * Policy Engine before execution.
11
+ *
12
+ * Features:
13
+ * 1. PostgreSQL wire protocol interception (frontend ↔ proxy ↔ backend)
14
+ * 2. Statement-level parsing and classification (17 statement types)
15
+ * 3. DDL blocking (DROP, ALTER, TRUNCATE)
16
+ * 4. High-risk DML detection (DELETE/UPDATE without WHERE)
17
+ * 5. SQL injection detection (UNION injection, tautology, comment injection, stacked queries)
18
+ * 6. Table whitelist/blacklist access control
19
+ * 7. Billing Reporter — 7 event types, batch flush, quota check, overage degradation
20
+ * 8. Mandatory API Key enforcement
21
+ * 9. Full audit logging of all intercepted queries
22
+ *
23
+ * Architecture:
24
+ * Agent → SQL Proxy (port 5433) → SOVR Policy Engine → PostgreSQL (port 5432)
25
+ * Billing: Every gate-check/block/allow → billingBuffer → batch POST → /api/v1/metering/batch
26
+ *
27
+ * @example
28
+ * ```ts
29
+ * import { SqlProxy } from '@sovr/proxy-sql';
30
+ * import { PolicyEngine, DEFAULT_RULES } from '@sovr/engine';
31
+ *
32
+ * const engine = new PolicyEngine({ rules: DEFAULT_RULES });
33
+ * const proxy = new SqlProxy({
34
+ * engine,
35
+ * apiKey: process.env.SOVR_API_KEY!,
36
+ * listenPort: 5433,
37
+ * targetHost: 'localhost',
38
+ * targetPort: 5432,
39
+ * tableWhitelist: ['public.orders', 'public.products'],
40
+ * billing: { enabled: true },
41
+ * });
42
+ *
43
+ * await proxy.start();
44
+ * // Agent connects to localhost:5433 instead of 5432
45
+ * // All DDL and dangerous DML are intercepted and billed
46
+ * ```
47
+ */
48
+
49
+ /**
50
+ * SOVR Billing Event Types — aligned with the pricing model:
51
+ * 1. gate.check — low price or included in quota (every policy evaluation)
52
+ * 2. gate.block — usually free or very low price (blocked requests)
53
+ * 3. irreversible.allowed — HIGH PRICE core tax base (allowed irreversible ops)
54
+ * 4. trust_bundle.issued — medium-high price (Trust Bundle generation)
55
+ * 5. trust_bundle.exported — higher price (audit necessity)
56
+ * 6. replay.requested — optional, per-use or monthly (trace replay)
57
+ * 7. auditor.session — enterprise billing (external audit sessions)
58
+ */
59
+ type BillingEventType = 'gate.check' | 'gate.block' | 'irreversible.allowed' | 'trust_bundle.issued' | 'trust_bundle.exported' | 'replay.requested' | 'auditor.session';
60
+ interface BillingEvent {
61
+ event_type: BillingEventType;
62
+ action: string;
63
+ resource: string;
64
+ verdict: string;
65
+ api_key: string;
66
+ timestamp: number;
67
+ metadata?: Record<string, unknown>;
68
+ }
69
+ interface BillingConfig {
70
+ /** Enable billing event reporting (default: true) */
71
+ enabled?: boolean;
72
+ /** Metering endpoint URL (default: SOVR cloud) */
73
+ meteringEndpoint?: string;
74
+ /** Batch flush interval in milliseconds (default: 10000) */
75
+ flushIntervalMs?: number;
76
+ /** Maximum events in buffer before auto-flush (default: 500) */
77
+ bufferMax?: number;
78
+ }
79
+ interface SqlInjectionResult {
80
+ detected: boolean;
81
+ patterns: string[];
82
+ severity: 'none' | 'high' | 'critical';
83
+ }
84
+ interface SqlProxyConfig {
85
+ /** Policy engine instance */
86
+ engine: PolicyEngine;
87
+ /** SOVR API Key (REQUIRED — register at https://sovr.inc/register) */
88
+ apiKey?: string;
89
+ /** Port to listen on */
90
+ listenPort: number;
91
+ /** Target database host */
92
+ targetHost: string;
93
+ /** Target database port */
94
+ targetPort: number;
95
+ /** Listen host (default: 127.0.0.1) */
96
+ listenHost?: string;
97
+ /** Actor ID for audit trail */
98
+ actorId?: string;
99
+ /** Enable verbose logging */
100
+ verbose?: boolean;
101
+ /** Callback when a query is blocked */
102
+ onBlocked?: (info: BlockedQueryInfo) => void | Promise<void>;
103
+ /** Callback for all evaluated queries */
104
+ onEvaluated?: (info: EvaluatedQueryInfo) => void | Promise<void>;
105
+ /** v2.0: Billing configuration */
106
+ billing?: BillingConfig;
107
+ /** v2.0: Table whitelist — only these tables are accessible (if set) */
108
+ tableWhitelist?: string[];
109
+ /** v2.0: Table blacklist — these tables are always blocked */
110
+ tableBlacklist?: string[];
111
+ /** v2.0: Enable SQL injection detection (default: true) */
112
+ sqlInjectionDetection?: boolean;
113
+ }
114
+ interface BlockedQueryInfo {
115
+ sql: string;
116
+ statementType: StatementType;
117
+ tables: string[];
118
+ decision: EvalResult;
119
+ timestamp: number;
120
+ /** v2.0: SQL injection detection result */
121
+ injectionResult?: SqlInjectionResult;
122
+ }
123
+ interface EvaluatedQueryInfo {
124
+ sql: string;
125
+ statementType: StatementType;
126
+ tables: string[];
127
+ decision: EvalResult;
128
+ timestamp: number;
129
+ /** v2.0: SQL injection detection result */
130
+ injectionResult?: SqlInjectionResult;
131
+ }
132
+ interface SqlProxyStats {
133
+ totalQueries: number;
134
+ allowedQueries: number;
135
+ blockedQueries: number;
136
+ escalatedQueries: number;
137
+ activeConnections: number;
138
+ startedAt: number;
139
+ /** v2.0: SQL injection blocks */
140
+ injectionBlocks: number;
141
+ /** v2.0: Table ACL blocks */
142
+ tableAclBlocks: number;
143
+ /** v2.0: Billing stats */
144
+ billingEventsReported: number;
145
+ billingEventsDropped: number;
146
+ billingBufferSize: number;
147
+ /** v2.0: Per-event-type counters */
148
+ billingByType: Record<BillingEventType, number>;
149
+ }
150
+ type StatementType = 'SELECT' | 'INSERT' | 'UPDATE' | 'DELETE' | 'DROP' | 'ALTER' | 'TRUNCATE' | 'CREATE' | 'GRANT' | 'REVOKE' | 'BEGIN' | 'COMMIT' | 'ROLLBACK' | 'SET' | 'SHOW' | 'EXPLAIN' | 'COPY' | 'OTHER';
151
+ /** Parsed SQL statement info */
152
+ interface ParsedStatement {
153
+ type: StatementType;
154
+ tables: string[];
155
+ hasWhereClause: boolean;
156
+ isMultiStatement: boolean;
157
+ raw: string;
158
+ }
159
+ /**
160
+ * Lightweight SQL statement parser.
161
+ * Not a full SQL parser — classifies statements and extracts key metadata
162
+ * for policy evaluation without heavy dependencies.
163
+ */
164
+ declare function parseSQL(sql: string): ParsedStatement;
165
+ /**
166
+ * Detect SQL injection patterns in a raw SQL string.
167
+ * Returns detection result with matched pattern names and severity.
168
+ */
169
+ declare function detectSqlInjection(sql: string): SqlInjectionResult;
170
+ declare class SqlProxy extends EventEmitter {
171
+ private readonly engine;
172
+ private readonly apiKey;
173
+ private readonly listenPort;
174
+ private readonly listenHost;
175
+ private readonly targetHost;
176
+ private readonly targetPort;
177
+ private readonly actorId;
178
+ private readonly verbose;
179
+ private readonly onBlocked?;
180
+ private readonly onEvaluated?;
181
+ private server;
182
+ private readonly tableWhitelist;
183
+ private readonly tableBlacklist;
184
+ private readonly sqlInjectionDetection;
185
+ private billingEnabled;
186
+ private billingEndpoint;
187
+ private billingBuffer;
188
+ private billingFlushTimer;
189
+ private readonly BILLING_FLUSH_INTERVAL;
190
+ private readonly BILLING_BUFFER_MAX;
191
+ private stats;
192
+ constructor(config: SqlProxyConfig);
193
+ /**
194
+ * Start the SQL proxy server + billing reporter.
195
+ */
196
+ start(): Promise<void>;
197
+ /**
198
+ * Stop the SQL proxy server + flush remaining billing events.
199
+ */
200
+ stop(): Promise<void>;
201
+ /**
202
+ * Get proxy statistics (including billing stats).
203
+ */
204
+ getStats(): SqlProxyStats;
205
+ private initBillingReporter;
206
+ /**
207
+ * Record a billing event into the buffer.
208
+ * Fire-and-forget — never blocks the main request flow.
209
+ */
210
+ recordBillingEvent(event_type: BillingEventType, action: string, resource: string, verdict: string, metadata?: Record<string, unknown>): void;
211
+ /**
212
+ * Flush billing buffer to the metering endpoint.
213
+ * Batch POST — fire-and-forget with re-queue on failure.
214
+ */
215
+ private flushBillingBuffer;
216
+ /**
217
+ * Classify a gate-check result into the appropriate billing event type.
218
+ * Key pricing principle: "放行的不可逆动作" is the highest-price tax base.
219
+ */
220
+ private classifyBillingEvent;
221
+ /**
222
+ * Record billing event from a policy engine evaluation result.
223
+ * Automatically classifies the event type based on statement type + verdict.
224
+ */
225
+ private recordGateCheckBilling;
226
+ /**
227
+ * Check if the queried tables pass the ACL check.
228
+ * Returns null if allowed, or a reason string if blocked.
229
+ */
230
+ private checkTableAcl;
231
+ private handleConnection;
232
+ private processClientData;
233
+ private evaluateStatement;
234
+ private log;
235
+ /** v2.0: Async version check */
236
+ private _checkVersion;
237
+ }
238
+
239
+ export { type BillingConfig, type BillingEvent, type BillingEventType, type BlockedQueryInfo, type EvaluatedQueryInfo, type ParsedStatement, type SqlInjectionResult, SqlProxy, type SqlProxyConfig, type SqlProxyStats, type StatementType, detectSqlInjection, parseSQL };
package/index.js CHANGED
@@ -1 +1,10 @@
1
- module.exports = {}
1
+ import {
2
+ SqlProxy,
3
+ detectSqlInjection,
4
+ parseSQL
5
+ } from "./chunk-BDKWSESQ.js";
6
+ export {
7
+ SqlProxy,
8
+ detectSqlInjection,
9
+ parseSQL
10
+ };
package/package.json CHANGED
@@ -1 +1,22 @@
1
- {"name":"@sovr/sql-proxy","version":"0.0.1","description":"test","license":"BSL-1.1","main":"index.js"}
1
+ {
2
+ "name": "@sovr/sql-proxy",
3
+ "version": "2.0.0",
4
+ "description": "SQL Proxy for AI Agents — intercepts DDL/DML through SOVR Policy Engine with billing, SQL injection detection, and table ACL",
5
+ "license": "BSL-1.1",
6
+ "type": "module",
7
+ "main": "./index.js",
8
+ "types": "./index.d.ts",
9
+ "exports": {
10
+ ".": {
11
+ "types": "./index.d.ts",
12
+ "import": "./index.js",
13
+ "require": "./index.cjs"
14
+ }
15
+ },
16
+ "keywords": ["sovr", "sql-proxy", "database-security", "ai-agent"],
17
+ "repository": {
18
+ "type": "git",
19
+ "url": "https://github.com/xie38388/sovr.git"
20
+ },
21
+ "homepage": "https://sovr.inc"
22
+ }