npm - @useatlas/create - Versions diffs - 0.0.2 → 0.0.3 - Mend

@useatlas/create 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (296) hide show

package/templates/docker/src/lib/tools/soql-validation.ts DELETED Viewed

@@ -1,172 +0,0 @@
-/**
- * SOQL validation — regex + structural checks.
- *
- * SOQL is simpler than SQL, so no AST parser is needed. Validation layers:
- * 0. Empty check
- * 1. Regex mutation guard (INSERT, UPDATE, DELETE, UPSERT, MERGE, UNDELETE)
- * 2. Must start with SELECT, no semicolons
- * 3. Object whitelist — FROM object must be in the allowed set
- */
-const SOQL_FORBIDDEN_PATTERNS = [
-  /\b(INSERT)\b/i,
-  /\b(UPDATE)\b/i,
-  /\b(DELETE)\b/i,
-  /\b(UPSERT)\b/i,
-  /\b(MERGE)\b/i,
-  /\b(UNDELETE)\b/i,
-];
-/**
- * Strip single-quoted string literals from SOQL so regex guards don't match
- * keywords embedded in user values (e.g. `WHERE Name = 'delete this'`).
- */
-function stripStringLiterals(soql: string): string {
-  return soql.replace(/'[^']*'/g, "''");
-}
-/**
- * Extract top-level object names referenced in FROM clauses.
- *
- * Parent-to-child relationship subqueries — `(SELECT ... FROM Contacts)` inside
- * the SELECT list — use relationship names (plural) that don't appear in the
- * object whitelist. Salesforce enforces object-level security server-side for
- * these, so we skip nested FROM inside parenthesized subqueries.
- *
- * Semi-join / anti-join subqueries in WHERE — `WHERE Id IN (SELECT ... FROM Contact)`
- * — reference real object names and ARE checked.
- */
-function extractFromObjects(soql: string): string[] {
-  const objects: string[] = [];
-  // Step 1: Remove parenthesized subqueries that appear in the SELECT clause
-  // (relationship subqueries). We do this by stripping content between the
-  // top-level SELECT and the top-level FROM, then extracting FROM objects from
-  // the remainder.
-  //
-  // Strategy: find the top-level FROM position (not inside parens), then only
-  // extract FROM objects from that point onward.
-  let depth = 0;
-  let topLevelFromIndex = -1;
-  // We need to find the top-level FROM keyword (not inside parentheses)
-  const upperSoql = soql.toUpperCase();
-  for (let i = 0; i < soql.length; i++) {
-    if (soql[i] === "(") {
-      depth++;
-    } else if (soql[i] === ")") {
-      depth--;
-    } else if (depth === 0) {
-      // Check if this position starts "FROM " at the top level
-      if (
-        upperSoql.startsWith("FROM", i) &&
-        (i === 0 || /\s/.test(soql[i - 1])) &&
-        i + 4 < soql.length &&
-        /\s/.test(soql[i + 4])
-      ) {
-        topLevelFromIndex = i;
-        break;
-      }
-    }
-  }
-  if (topLevelFromIndex === -1) {
-    return objects;
-  }
-  // Extract the top-level FROM object
-  const afterFrom = soql.slice(topLevelFromIndex);
-  const topMatch = /\bFROM\s+(\w+)/i.exec(afterFrom);
-  if (topMatch) {
-    objects.push(topMatch[1]);
-  }
-  // Now extract FROM objects in WHERE/HAVING subqueries (semi-joins/anti-joins).
-  // These are parenthesized SELECT...FROM blocks that appear AFTER the top-level FROM.
-  const whereClause = soql.slice(topLevelFromIndex + (topMatch ? topMatch[0].length : 4));
-  // Find FROM inside parenthesized subqueries in WHERE — these are real object references
-  const subqueryPattern = /\(\s*SELECT\b[^)]*\bFROM\s+(\w+)/gi;
-  let subMatch;
-  while ((subMatch = subqueryPattern.exec(whereClause)) !== null) {
-    objects.push(subMatch[1]);
-  }
-  return objects;
-}
-/**
- * Validate a SOQL query for safety.
- *
- * @param soql - The SOQL query string.
- * @param allowedObjects - Set of allowed Salesforce object names (case-insensitive).
- * @returns Validation result.
- */
-export function validateSOQL(
-  soql: string,
-  allowedObjects: Set<string>,
-): { valid: boolean; error?: string } {
-  // 0. Empty check
-  const trimmed = soql.trim();
-  if (!trimmed) {
-    return { valid: false, error: "Empty query" };
-  }
-  // Reject semicolons (no statement chaining)
-  if (trimmed.includes(";")) {
-    return { valid: false, error: "Semicolons are not allowed in SOQL queries" };
-  }
-  // 1. Regex mutation guard — strip string literals first so keywords inside
-  //    values like `WHERE Name = 'delete this'` don't trigger false positives.
-  const stripped = stripStringLiterals(trimmed);
-  for (const pattern of SOQL_FORBIDDEN_PATTERNS) {
-    if (pattern.test(stripped)) {
-      return {
-        valid: false,
-        error: `Forbidden SOQL operation detected: ${pattern.source}`,
-      };
-    }
-  }
-  // 2. Must start with SELECT
-  if (!/^\s*SELECT\b/i.test(trimmed)) {
-    return {
-      valid: false,
-      error: "Only SELECT queries are allowed in SOQL",
-    };
-  }
-  // 3. Object whitelist
-  const objects = extractFromObjects(trimmed);
-  if (objects.length === 0) {
-    return { valid: false, error: "No FROM clause found in query" };
-  }
-  // Build lowercase allowed set for case-insensitive comparison
-  const allowedLower = new Set(
-    Array.from(allowedObjects).map((o) => o.toLowerCase()),
-  );
-  for (const obj of objects) {
-    if (!allowedLower.has(obj.toLowerCase())) {
-      return {
-        valid: false,
-        error: `Object "${obj}" is not in the allowed list. Check catalog.yml for available objects.`,
-      };
-    }
-  }
-  return { valid: true };
-}
-/**
- * Append a LIMIT clause to a SOQL query if one is not already present.
- */
-export function appendSOQLLimit(soql: string, limit: number): string {
-  const trimmed = soql.trim();
-  if (/\bLIMIT\b/i.test(trimmed)) {
-    return trimmed;
-  }
-  return `${trimmed} LIMIT ${limit}`;
-}

package/templates/nextjs-standalone/semantic/entities/.gitkeep DELETED Viewed

File without changes

package/templates/nextjs-standalone/semantic/metrics/.gitkeep DELETED Viewed

File without changes

package/templates/nextjs-standalone/src/lib/db/__tests__/duckdb.test.ts DELETED Viewed

@@ -1,141 +0,0 @@
-/**
- * Tests for the DuckDB adapter (duckdb.ts) and DuckDB URL parsing.
- *
- * Uses a real in-memory DuckDB instance (no mocks) to verify end-to-end
- * query execution, column extraction, and close behavior.
- */
-import { describe, it, expect, afterEach } from "bun:test";
-import { parseDuckDBUrl, createDuckDBConnection } from "../duckdb";
-import type { DBConnection } from "../connection";
-import * as fs from "fs";
-import * as path from "path";
-import * as os from "os";
-describe("parseDuckDBUrl", () => {
-  it("parses duckdb://:memory: as in-memory", () => {
-    const config = parseDuckDBUrl("duckdb://:memory:");
-    expect(config.path).toBe(":memory:");
-  });
-  it("parses bare duckdb:// as in-memory", () => {
-    const config = parseDuckDBUrl("duckdb://");
-    expect(config.path).toBe(":memory:");
-  });
-  it("parses duckdb:///absolute/path.duckdb", () => {
-    const config = parseDuckDBUrl("duckdb:///tmp/test.duckdb");
-    expect(config.path).toBe("/tmp/test.duckdb");
-  });
-  it("parses duckdb://relative/path.duckdb", () => {
-    const config = parseDuckDBUrl("duckdb://data/test.duckdb");
-    expect(config.path).toBe("data/test.duckdb");
-  });
-  it("throws for non-duckdb:// URL", () => {
-    expect(() => parseDuckDBUrl("postgresql://localhost/db")).toThrow("Invalid DuckDB URL");
-  });
-});
-describe("createDuckDBConnection", () => {
-  let conn: DBConnection | null = null;
-  afterEach(async () => {
-    if (conn) {
-      await conn.close();
-      conn = null;
-    }
-  });
-  it("creates a connection and runs a simple query", async () => {
-    conn = createDuckDBConnection({ path: ":memory:", readOnly: false });
-    const result = await conn.query("SELECT 42 AS answer");
-    expect(result.columns).toEqual(["answer"]);
-    expect(result.rows).toHaveLength(1);
-    expect(result.rows[0].answer).toBe(42);
-  });
-  it("returns correct columns and rows for multi-column queries", async () => {
-    conn = createDuckDBConnection({ path: ":memory:", readOnly: false });
-    const result = await conn.query("SELECT 1 AS a, 'hello' AS b, true AS c");
-    expect(result.columns).toEqual(["a", "b", "c"]);
-    expect(result.rows).toHaveLength(1);
-    expect(result.rows[0].a).toBe(1);
-    expect(result.rows[0].b).toBe("hello");
-    expect(result.rows[0].c).toBe(true);
-  });
-  it("handles empty result sets", async () => {
-    conn = createDuckDBConnection({ path: ":memory:", readOnly: false });
-    const result = await conn.query("SELECT 1 AS n WHERE false");
-    expect(result.columns).toEqual(["n"]);
-    expect(result.rows).toHaveLength(0);
-  });
-  it("supports CREATE TABLE and SELECT in read-write mode", async () => {
-    conn = createDuckDBConnection({ path: ":memory:", readOnly: false });
-    await conn.query("CREATE TABLE test (id INTEGER, name VARCHAR)");
-    await conn.query("INSERT INTO test VALUES (1, 'alice'), (2, 'bob')");
-    const result = await conn.query("SELECT * FROM test ORDER BY id");
-    expect(result.columns).toEqual(["id", "name"]);
-    expect(result.rows).toHaveLength(2);
-    expect(result.rows[0].name).toBe("alice");
-    expect(result.rows[1].name).toBe("bob");
-  });
-  it("supports VALUES clause for inline data", async () => {
-    conn = createDuckDBConnection({ path: ":memory:", readOnly: false });
-    const result = await conn.query(
-      "SELECT * FROM (VALUES (1, 'a'), (2, 'b'), (3, 'c')) AS t(id, letter)"
-    );
-    expect(result.rows).toHaveLength(3);
-  });
-  it("close is idempotent", async () => {
-    conn = createDuckDBConnection({ path: ":memory:", readOnly: false });
-    await conn.query("SELECT 1");
-    await conn.close();
-    await conn.close(); // Should not throw
-    conn = null; // Prevent afterEach from closing again
-  });
-  it("enforces read-only mode for file-based databases", async () => {
-    const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), "atlas-duckdb-ro-"));
-    try {
-      const dbPath = path.join(tmpDir, "test.duckdb");
-      // Create and populate the database first (read-write)
-      const rwConn = createDuckDBConnection({ path: dbPath, readOnly: false });
-      await rwConn.query("CREATE TABLE test (id INTEGER)");
-      await rwConn.query("INSERT INTO test VALUES (1)");
-      await rwConn.close();
-      // Open in read-only mode (default for file-based)
-      conn = createDuckDBConnection({ path: dbPath });
-      const result = await conn.query("SELECT * FROM test");
-      expect(result.rows).toHaveLength(1);
-      // Write operations should fail
-      expect(conn.query("INSERT INTO test VALUES (2)")).rejects.toThrow();
-    } finally {
-      fs.rmSync(tmpDir, { recursive: true, force: true });
-    }
-  });
-  it("respects timeoutMs parameter", async () => {
-    conn = createDuckDBConnection({ path: ":memory:", readOnly: false });
-    // A very short timeout on a query that takes some time
-    await expect(
-      conn.query("SELECT COUNT(*) FROM generate_series(1, 100000000)", 1)
-    ).rejects.toThrow("timed out");
-  });
-  it("can recover after close by re-initializing", async () => {
-    conn = createDuckDBConnection({ path: ":memory:", readOnly: false });
-    await conn.query("SELECT 1");
-    await conn.close();
-    // After close + retry, lazy init should re-create the connection
-    const result = await conn.query("SELECT 42 AS answer");
-    expect(result.rows[0].answer).toBe(42);
-  });
-});

package/templates/nextjs-standalone/src/lib/db/__tests__/salesforce.test.ts DELETED Viewed

@@ -1,339 +0,0 @@
-/**
- * Tests for the Salesforce DataSource adapter and registry.
- */
-import { describe, it, expect, beforeEach, mock } from "bun:test";
-// Mock jsforce before importing the module under test
-const mockLogin = mock(() => Promise.resolve());
-const mockLogout = mock(() => Promise.resolve());
-const mockQuery = mock(() =>
-  Promise.resolve({
-    records: [
-      { attributes: { type: "Account" }, Id: "001", Name: "Acme" },
-      { attributes: { type: "Account" }, Id: "002", Name: "Widget Co" },
-    ],
-  }),
-);
-const mockDescribe = mock(() =>
-  Promise.resolve({
-    name: "Account",
-    label: "Account",
-    fields: [
-      {
-        name: "Id",
-        type: "id",
-        label: "Account ID",
-        picklistValues: [],
-        referenceTo: [],
-        nillable: false,
-        length: 18,
-      },
-      {
-        name: "Name",
-        type: "string",
-        label: "Account Name",
-        picklistValues: [],
-        referenceTo: [],
-        nillable: false,
-        length: 255,
-      },
-      {
-        name: "Industry",
-        type: "picklist",
-        label: "Industry",
-        picklistValues: [
-          { value: "Technology", label: "Technology", active: true },
-          { value: "Finance", label: "Finance", active: true },
-        ],
-        referenceTo: [],
-        nillable: true,
-        length: 255,
-      },
-    ],
-  }),
-);
-const mockDescribeGlobal = mock(() =>
-  Promise.resolve({
-    sobjects: [
-      { name: "Account", label: "Account", queryable: true },
-      { name: "Contact", label: "Contact", queryable: true },
-      { name: "ApexLog", label: "Apex Log", queryable: false },
-    ],
-  }),
-);
-mock.module("jsforce", () => ({
-  Connection: class MockConnection {
-    login = mockLogin;
-    logout = mockLogout;
-    query = mockQuery;
-    describe = mockDescribe;
-    describeGlobal = mockDescribeGlobal;
-  },
-}));
-const {
-  parseSalesforceURL,
-  createSalesforceDataSource,
-  registerSalesforceSource,
-  getSalesforceSource,
-  listSalesforceSources,
-  describeSalesforceSources,
-  _resetSalesforceSources,
-} = await import("@atlas/api/lib/db/salesforce");
-describe("parseSalesforceURL", () => {
-  it("parses a full URL", () => {
-    const config = parseSalesforceURL(
-      "salesforce://user%40example.com:pass123@login.salesforce.com?token=SECTOKEN",
-    );
-    expect(config.loginUrl).toBe("https://login.salesforce.com");
-    expect(config.username).toBe("user@example.com");
-    expect(config.password).toBe("pass123");
-    expect(config.securityToken).toBe("SECTOKEN");
-  });
-  it("parses minimal URL with defaults", () => {
-    const config = parseSalesforceURL("salesforce://admin:secret@localhost");
-    expect(config.loginUrl).toBe("https://localhost");
-    expect(config.username).toBe("admin");
-    expect(config.password).toBe("secret");
-    expect(config.securityToken).toBeUndefined();
-  });
-  it("parses sandbox URL (test.salesforce.com)", () => {
-    const config = parseSalesforceURL(
-      "salesforce://user:pass@test.salesforce.com",
-    );
-    expect(config.loginUrl).toBe("https://test.salesforce.com");
-  });
-  it("parses OAuth params", () => {
-    const config = parseSalesforceURL(
-      "salesforce://user:pass@login.salesforce.com?clientId=CID&clientSecret=CSEC",
-    );
-    expect(config.clientId).toBe("CID");
-    expect(config.clientSecret).toBe("CSEC");
-  });
-  it("throws for non-salesforce scheme", () => {
-    expect(() => parseSalesforceURL("postgresql://user:pass@localhost")).toThrow(
-      "expected salesforce://",
-    );
-  });
-  it("throws for missing username", () => {
-    expect(() =>
-      parseSalesforceURL("salesforce://:pass@login.salesforce.com"),
-    ).toThrow("missing username");
-  });
-  it("throws for missing password", () => {
-    expect(() =>
-      parseSalesforceURL("salesforce://user@login.salesforce.com"),
-    ).toThrow("missing password");
-  });
-});
-describe("createSalesforceDataSource", () => {
-  beforeEach(() => {
-    mockLogin.mockClear();
-    mockLogout.mockClear();
-    mockQuery.mockClear();
-    mockDescribe.mockClear();
-    mockDescribeGlobal.mockClear();
-  });
-  it("query returns columns and rows without attributes key", async () => {
-    const source = createSalesforceDataSource({
-      loginUrl: "https://login.salesforce.com",
-      username: "user",
-      password: "pass",
-    });
-    const result = await source.query("SELECT Id, Name FROM Account");
-    expect(result.columns).toEqual(["Id", "Name"]);
-    expect(result.rows).toEqual([
-      { Id: "001", Name: "Acme" },
-      { Id: "002", Name: "Widget Co" },
-    ]);
-    expect(mockLogin).toHaveBeenCalledTimes(1);
-  });
-  it("query returns empty result for no records", async () => {
-    mockQuery.mockImplementationOnce(() =>
-      Promise.resolve({ records: [] }),
-    );
-    const source = createSalesforceDataSource({
-      loginUrl: "https://login.salesforce.com",
-      username: "user",
-      password: "pass",
-    });
-    const result = await source.query("SELECT Id FROM Account WHERE Id = 'none'");
-    expect(result.columns).toEqual([]);
-    expect(result.rows).toEqual([]);
-  });
-  it("describe returns mapped fields", async () => {
-    const source = createSalesforceDataSource({
-      loginUrl: "https://login.salesforce.com",
-      username: "user",
-      password: "pass",
-    });
-    const desc = await source.describe("Account");
-    expect(desc.name).toBe("Account");
-    expect(desc.fields).toHaveLength(3);
-    expect(desc.fields[0].name).toBe("Id");
-    expect(desc.fields[2].picklistValues).toHaveLength(2);
-  });
-  it("listObjects filters to queryable only", async () => {
-    const source = createSalesforceDataSource({
-      loginUrl: "https://login.salesforce.com",
-      username: "user",
-      password: "pass",
-    });
-    const objects = await source.listObjects();
-    expect(objects).toHaveLength(2);
-    expect(objects.map((o) => o.name)).toEqual(["Account", "Contact"]);
-  });
-  it("close calls logout", async () => {
-    const source = createSalesforceDataSource({
-      loginUrl: "https://login.salesforce.com",
-      username: "user",
-      password: "pass",
-    });
-    // Force login first
-    await source.listObjects();
-    await source.close();
-    expect(mockLogout).toHaveBeenCalledTimes(1);
-  });
-  it("appends security token to password on login", async () => {
-    const source = createSalesforceDataSource({
-      loginUrl: "https://login.salesforce.com",
-      username: "user",
-      password: "pass",
-      securityToken: "TOKEN123",
-    });
-    await source.listObjects();
-    expect(mockLogin).toHaveBeenCalledWith("user", "passTOKEN123");
-  });
-  it("serializes concurrent login attempts (no duplicate logins)", async () => {
-    // Make login take some time so concurrent calls overlap
-    mockLogin.mockImplementation(
-      () => new Promise((resolve) => setTimeout(resolve, 50)),
-    );
-    const source = createSalesforceDataSource({
-      loginUrl: "https://login.salesforce.com",
-      username: "user",
-      password: "pass",
-    });
-    // Fire three concurrent queries — all need login
-    await Promise.all([
-      source.query("SELECT Id FROM Account"),
-      source.listObjects(),
-      source.describe("Account"),
-    ]);
-    // Login should have been called exactly once despite three concurrent callers
-    expect(mockLogin).toHaveBeenCalledTimes(1);
-  });
-  it("close without prior login is a no-op", async () => {
-    const source = createSalesforceDataSource({
-      loginUrl: "https://login.salesforce.com",
-      username: "user",
-      password: "pass",
-    });
-    // Close without ever calling login — should not throw or call logout
-    await source.close();
-    expect(mockLogout).not.toHaveBeenCalled();
-    expect(mockLogin).not.toHaveBeenCalled();
-  });
-});
-describe("Salesforce source registry", () => {
-  beforeEach(() => {
-    _resetSalesforceSources();
-    mockLogin.mockClear();
-    mockLogout.mockClear();
-  });
-  it("register and get a source", () => {
-    registerSalesforceSource("sf1", {
-      loginUrl: "https://login.salesforce.com",
-      username: "user",
-      password: "pass",
-    });
-    const source = getSalesforceSource("sf1");
-    expect(source).toBeDefined();
-    expect(source.query).toBeDefined();
-  });
-  it("throws for unregistered source", () => {
-    expect(() => getSalesforceSource("nonexistent")).toThrow(
-      'not registered',
-    );
-  });
-  it("lists registered sources", () => {
-    registerSalesforceSource("sf1", {
-      loginUrl: "https://login.salesforce.com",
-      username: "user",
-      password: "pass",
-    });
-    registerSalesforceSource("sf2", {
-      loginUrl: "https://test.salesforce.com",
-      username: "admin",
-      password: "secret",
-    });
-    expect(listSalesforceSources()).toEqual(["sf1", "sf2"]);
-  });
-  it("reset clears all sources", () => {
-    registerSalesforceSource("sf1", {
-      loginUrl: "https://login.salesforce.com",
-      username: "user",
-      password: "pass",
-    });
-    _resetSalesforceSources();
-    expect(listSalesforceSources()).toEqual([]);
-  });
-  it("describeSalesforceSources returns metadata for registered sources", () => {
-    registerSalesforceSource("sf1", {
-      loginUrl: "https://login.salesforce.com",
-      username: "user",
-      password: "pass",
-    });
-    registerSalesforceSource("sf2", {
-      loginUrl: "https://test.salesforce.com",
-      username: "admin",
-      password: "secret",
-    });
-    const meta = describeSalesforceSources();
-    expect(meta).toEqual([
-      { id: "sf1", dbType: "salesforce" },
-      { id: "sf2", dbType: "salesforce" },
-    ]);
-  });
-  it("describeSalesforceSources returns empty array when no sources registered", () => {
-    expect(describeSalesforceSources()).toEqual([]);
-  });
-});