agent-sql 0.2.1 → 0.2.2

package/README.md

@@ -12,6 +12,8 @@ It ensures that that the needed tenant table is somewhere in the query,
 and adds a `WHERE` clause ensuring that only values from the supplied ID are returned.
 Then it checks that the tables and `JOIN`s follow the schema, preventing sneaky joins.
 
+Function calls also go through a whitelist (configurable).
+
 Finally, we throw in a `LIMIT` clause (configurable) to prevent accidental LLM denial-of-service.
 
 Apparently this is how [Trigger.dev does it](https://x.com/mattaitken/status/2033928542975639785).

package/dist/index.d.mts

@@ -1,5 +1,8 @@
 import { i as SelectStatement, n as defineSchema, r as Result, t as Schema } from "./joins-Cu_0yAgN.mjs";
 
+//#region src/functions.d.ts
+type DbType = "postgres" | "pglite" | "sqlite";
+//#endregion
 //#region src/guard.d.ts
 type GuardVal = string | number;
 interface GuardCol {
@@ -23,18 +26,26 @@ declare function parseSql(expr: string): Result<SelectStatement>;
 //#region src/index.d.ts
 declare function agentSql<S extends string>(sql: string, column: S & OneOrTwoDots<S>, value: GuardVal, {
   schema,
-  limit
+  limit,
+  db,
+  allowExtraFunctions
 }?: {
   schema?: Schema;
   limit?: number;
+  db?: DbType;
+  allowExtraFunctions?: string[];
 }): string;
 declare function createAgentSql<T extends Schema, S extends SchemaGuardKeys<T>>(schema: T, guards: Record<S, GuardVal>, opts: {
   limit?: number;
   throws: false;
+  db?: DbType;
+  allowExtraFunctions?: string[];
 }): (expr: string) => Result<string>;
 declare function createAgentSql<T extends Schema, S extends SchemaGuardKeys<T>>(schema: T, guards: Record<S, GuardVal>, opts?: {
   limit?: number;
   throws?: true;
+  db?: DbType;
+  allowExtraFunctions?: string[];
 }): (expr: string) => string;
 //#endregion
-export { agentSql, createAgentSql, defineSchema, outputSql, parseSql, applyGuards as sanitiseSql };
+export { type DbType, agentSql, createAgentSql, defineSchema, outputSql, parseSql, applyGuards as sanitiseSql };

package/dist/index.mjs

@@ -10,6 +10,769 @@ var AgentSqlError = class extends Error {
 	type = "agent_sql_error";
 };
 //#endregion
+//#region src/result.ts
+function Err(error) {
+	return {
+		ok: false,
+		error,
+		unwrap() {
+			throw new Error(String(error));
+		}
+	};
+}
+function Ok(data) {
+	return {
+		ok: true,
+		data,
+		unwrap() {
+			return data;
+		}
+	};
+}
+function returnOrThrow(result, throws) {
+	if (!throws) return result;
+	if (result.ok) return result.data;
+	throw result.error;
+}
+//#endregion
+//#region src/functions.ts
+const COMMON_FUNCTIONS = [
+	"count",
+	"sum",
+	"avg",
+	"min",
+	"max",
+	"coalesce",
+	"nullif",
+	"greatest",
+	"least",
+	"lower",
+	"upper",
+	"trim",
+	"ltrim",
+	"rtrim",
+	"length",
+	"replace",
+	"substr",
+	"substring",
+	"concat",
+	"reverse",
+	"repeat",
+	"position",
+	"left",
+	"right",
+	"lpad",
+	"rpad",
+	"translate",
+	"char_length",
+	"character_length",
+	"octet_length",
+	"overlay",
+	"ascii",
+	"chr",
+	"starts_with",
+	"abs",
+	"ceil",
+	"ceiling",
+	"floor",
+	"round",
+	"trunc",
+	"truncate",
+	"mod",
+	"power",
+	"sqrt",
+	"cbrt",
+	"log",
+	"ln",
+	"exp",
+	"sign",
+	"random",
+	"pi",
+	"degrees",
+	"radians",
+	"div",
+	"gcd",
+	"lcm",
+	"cast"
+];
+const PGVECTOR_FUNCTIONS = [
+	"l2_distance",
+	"inner_product",
+	"cosine_distance",
+	"l1_distance",
+	"vector_dims",
+	"vector_norm",
+	"l2_normalize",
+	"binary_quantize",
+	"subvector",
+	"vector_avg"
+];
+const POSTGIS_FUNCTIONS = [
+	"st_geomfromtext",
+	"st_geomfromwkb",
+	"st_geomfromewkt",
+	"st_geomfromewkb",
+	"st_geomfromgeojson",
+	"st_geogfromtext",
+	"st_geogfromwkb",
+	"st_makepoint",
+	"st_makepoint",
+	"st_makepointm",
+	"st_makeenvelope",
+	"st_makeline",
+	"st_makepolygon",
+	"st_makebox2d",
+	"st_point",
+	"st_pointz",
+	"st_pointm",
+	"st_pointzm",
+	"st_polygon",
+	"st_linefrommultipoint",
+	"st_tileenvelope",
+	"st_hexagongrid",
+	"st_squaregrid",
+	"st_letters",
+	"st_collect",
+	"st_linemerge",
+	"st_buildarea",
+	"st_polygonize",
+	"st_unaryunion",
+	"st_astext",
+	"st_asewkt",
+	"st_asbinary",
+	"st_asewkb",
+	"st_asgeojson",
+	"st_asgml",
+	"st_askml",
+	"st_assvg",
+	"st_astwkb",
+	"st_asmvtgeom",
+	"st_asmvt",
+	"st_asencodedpolyline",
+	"st_ashexewkb",
+	"st_aslatlontext",
+	"st_x",
+	"st_y",
+	"st_z",
+	"st_m",
+	"st_geometrytype",
+	"st_srid",
+	"st_dimension",
+	"st_coorddim",
+	"st_numgeometries",
+	"st_numpoints",
+	"st_npoints",
+	"st_nrings",
+	"st_numinteriorrings",
+	"st_numinteriorring",
+	"st_exteriorring",
+	"st_interiorringn",
+	"st_geometryn",
+	"st_pointn",
+	"st_startpoint",
+	"st_endpoint",
+	"st_envelope",
+	"st_boundingdiagonal",
+	"st_xmin",
+	"st_xmax",
+	"st_ymin",
+	"st_ymax",
+	"st_zmin",
+	"st_zmax",
+	"st_isempty",
+	"st_isclosed",
+	"st_isring",
+	"st_issimple",
+	"st_isvalid",
+	"st_isvalidreason",
+	"st_isvaliddetail",
+	"st_hasm",
+	"st_hasz",
+	"st_ismeasured",
+	"st_intersects",
+	"st_disjoint",
+	"st_contains",
+	"st_within",
+	"st_covers",
+	"st_coveredby",
+	"st_crosses",
+	"st_overlaps",
+	"st_touches",
+	"st_equals",
+	"st_relate",
+	"st_containsproperly",
+	"st_dwithin",
+	"st_3dintersects",
+	"st_3ddwithin",
+	"st_orderingequals",
+	"st_distance",
+	"st_3ddistance",
+	"st_maxdistance",
+	"st_area",
+	"st_length",
+	"st_length2d",
+	"st_3dlength",
+	"st_perimeter",
+	"st_azimuth",
+	"st_angle",
+	"st_hausdorffdistance",
+	"st_frechetdistance",
+	"st_longestline",
+	"st_shortestline",
+	"st_transform",
+	"st_setsrid",
+	"st_force2d",
+	"st_force3d",
+	"st_force3dz",
+	"st_force3dm",
+	"st_force4d",
+	"st_forcecollection",
+	"st_forcepolygoncw",
+	"st_forcepolygonccw",
+	"st_forcecurve",
+	"st_forcesfs",
+	"st_multi",
+	"st_normalize",
+	"st_flipcoordinates",
+	"st_translate",
+	"st_scale",
+	"st_rotate",
+	"st_rotatex",
+	"st_rotatey",
+	"st_rotatez",
+	"st_affine",
+	"st_transscale",
+	"st_snap",
+	"st_snaptogrid",
+	"st_segmentize",
+	"st_simplify",
+	"st_simplifypreservetopology",
+	"st_simplifyvw",
+	"st_chaikinsmoothing",
+	"st_seteffectivearea",
+	"st_filterbym",
+	"st_locatebetween",
+	"st_locatebetweenelevations",
+	"st_offsetcurve",
+	"st_intersection",
+	"st_union",
+	"st_difference",
+	"st_symdifference",
+	"st_buffer",
+	"st_convexhull",
+	"st_concavehull",
+	"st_minimumboundingcircle",
+	"st_minimumboundingradius",
+	"st_orientedenvelope",
+	"st_centroid",
+	"st_pointonsurface",
+	"st_geometricmedian",
+	"st_voronoipolygons",
+	"st_voronoilines",
+	"st_delaunaytriangles",
+	"st_subdivide",
+	"st_split",
+	"st_sharedpaths",
+	"st_node",
+	"st_clusterdbscan",
+	"st_clusterkmeans",
+	"st_clusterintersecting",
+	"st_clusterwithin",
+	"st_makevalid",
+	"st_lineinterpolatepoint",
+	"st_lineinterpolatepoints",
+	"st_linelocatepoint",
+	"st_linesubstring",
+	"st_addmeasure",
+	"st_closestpoint",
+	"st_linefromencodedpolyline",
+	"box2d",
+	"box3d",
+	"st_expand",
+	"st_estimatedextent",
+	"st_extent",
+	"st_3dextent",
+	"st_memsize",
+	"st_distancesphere",
+	"st_distancespheroid",
+	"st_project",
+	"st_memunion",
+	"st_polygonize",
+	"st_nband",
+	"st_numbands",
+	"st_summary",
+	"st_dump",
+	"st_dumppoints",
+	"st_dumprings",
+	"postgis_version",
+	"postgis_full_version",
+	"postgis_geos_version",
+	"postgis_proj_version",
+	"postgis_lib_version",
+	"postgis_scripts_installed",
+	"postgis_scripts_released",
+	"postgis_type_name",
+	"populate_geometry_columns",
+	"find_srid",
+	"updategeometrysrid",
+	"addgeometrycolumn",
+	"dropgeometrycolumn",
+	"geography",
+	"geometry"
+];
+const POSTGRES_FUNCTIONS = [
+	...COMMON_FUNCTIONS,
+	"array_agg",
+	"string_agg",
+	"json_agg",
+	"jsonb_agg",
+	"json_object_agg",
+	"jsonb_object_agg",
+	"bool_and",
+	"bool_or",
+	"every",
+	"bit_and",
+	"bit_or",
+	"bit_xor",
+	"corr",
+	"covar_pop",
+	"covar_samp",
+	"regr_avgx",
+	"regr_avgy",
+	"regr_count",
+	"regr_intercept",
+	"regr_r2",
+	"regr_slope",
+	"regr_sxx",
+	"regr_sxy",
+	"regr_syy",
+	"stddev",
+	"stddev_pop",
+	"stddev_samp",
+	"variance",
+	"var_pop",
+	"var_samp",
+	"percentile_cont",
+	"percentile_disc",
+	"mode",
+	"rank",
+	"dense_rank",
+	"percent_rank",
+	"cume_dist",
+	"ntile",
+	"lag",
+	"lead",
+	"first_value",
+	"last_value",
+	"nth_value",
+	"row_number",
+	"initcap",
+	"strpos",
+	"encode",
+	"decode",
+	"md5",
+	"sha256",
+	"sha224",
+	"sha384",
+	"sha512",
+	"format",
+	"concat_ws",
+	"regexp_replace",
+	"regexp_match",
+	"regexp_matches",
+	"regexp_split_to_array",
+	"regexp_split_to_table",
+	"split_part",
+	"btrim",
+	"bit_length",
+	"quote_ident",
+	"quote_literal",
+	"quote_nullable",
+	"to_hex",
+	"convert",
+	"convert_from",
+	"convert_to",
+	"string_to_array",
+	"array_to_string",
+	"now",
+	"current_timestamp",
+	"current_date",
+	"current_time",
+	"localtime",
+	"localtimestamp",
+	"clock_timestamp",
+	"statement_timestamp",
+	"transaction_timestamp",
+	"timeofday",
+	"date_trunc",
+	"date_part",
+	"extract",
+	"age",
+	"to_char",
+	"to_date",
+	"to_timestamp",
+	"to_number",
+	"make_date",
+	"make_time",
+	"make_timestamp",
+	"make_timestamptz",
+	"make_interval",
+	"justify_days",
+	"justify_hours",
+	"justify_interval",
+	"isfinite",
+	"json_extract_path",
+	"json_extract_path_text",
+	"jsonb_extract_path",
+	"jsonb_extract_path_text",
+	"json_array_length",
+	"jsonb_array_length",
+	"json_typeof",
+	"jsonb_typeof",
+	"json_build_object",
+	"jsonb_build_object",
+	"json_build_array",
+	"jsonb_build_array",
+	"to_json",
+	"to_jsonb",
+	"row_to_json",
+	"json_each",
+	"json_each_text",
+	"jsonb_each",
+	"jsonb_each_text",
+	"json_object_keys",
+	"jsonb_object_keys",
+	"json_populate_record",
+	"jsonb_populate_record",
+	"json_populate_recordset",
+	"jsonb_populate_recordset",
+	"json_to_record",
+	"jsonb_to_record",
+	"json_to_recordset",
+	"jsonb_to_recordset",
+	"json_array_elements",
+	"jsonb_array_elements",
+	"json_array_elements_text",
+	"jsonb_array_elements_text",
+	"jsonb_set",
+	"jsonb_set_lax",
+	"jsonb_insert",
+	"jsonb_path_query",
+	"jsonb_path_query_array",
+	"jsonb_path_query_first",
+	"jsonb_path_exists",
+	"jsonb_path_match",
+	"jsonb_strip_nulls",
+	"jsonb_pretty",
+	"json_strip_nulls",
+	"to_tsvector",
+	"to_tsquery",
+	"plainto_tsquery",
+	"phraseto_tsquery",
+	"websearch_to_tsquery",
+	"ts_rank",
+	"ts_rank_cd",
+	"ts_headline",
+	"tsvector_to_array",
+	"array_to_tsvector",
+	"numnode",
+	"querytree",
+	"ts_rewrite",
+	"setweight",
+	"strip",
+	"ts_debug",
+	"ts_lexize",
+	"ts_parse",
+	"ts_token_type",
+	"get_current_ts_config",
+	"array_append",
+	"array_cat",
+	"array_dims",
+	"array_fill",
+	"array_length",
+	"array_lower",
+	"array_ndims",
+	"array_position",
+	"array_positions",
+	"array_prepend",
+	"array_remove",
+	"array_replace",
+	"array_upper",
+	"cardinality",
+	"unnest",
+	"generate_subscripts",
+	"lower",
+	"upper",
+	"isempty",
+	"lower_inc",
+	"lower_inf",
+	"upper_inc",
+	"upper_inf",
+	"range_merge",
+	"generate_series",
+	"pg_typeof",
+	"current_setting",
+	"current_database",
+	"current_schema",
+	"current_schemas",
+	"current_user",
+	"session_user",
+	"inet_client_addr",
+	"inet_client_port",
+	"version",
+	"obj_description",
+	"col_description",
+	"shobj_description",
+	"has_table_privilege",
+	"has_column_privilege",
+	"has_schema_privilege",
+	"txid_current",
+	"txid_current_snapshot",
+	"area",
+	"center",
+	"diameter",
+	"height",
+	"width",
+	"isclosed",
+	"isopen",
+	"npoints",
+	"pclose",
+	"popen",
+	"radius",
+	"abbrev",
+	"broadcast",
+	"family",
+	"host",
+	"hostmask",
+	"masklen",
+	"netmask",
+	"network",
+	"set_masklen",
+	"inet_merge",
+	"inet_same_family",
+	"gen_random_uuid",
+	"uuid_generate_v1",
+	"uuid_generate_v4",
+	...PGVECTOR_FUNCTIONS,
+	...POSTGIS_FUNCTIONS
+];
+const SQLITE_FUNCTIONS = [
+	...COMMON_FUNCTIONS,
+	"group_concat",
+	"total",
+	"char",
+	"format",
+	"glob",
+	"hex",
+	"unhex",
+	"instr",
+	"like",
+	"ltrim",
+	"rtrim",
+	"trim",
+	"printf",
+	"quote",
+	"soundex",
+	"unicode",
+	"zeroblob",
+	"acos",
+	"acosh",
+	"asin",
+	"asinh",
+	"atan",
+	"atan2",
+	"atanh",
+	"cos",
+	"cosh",
+	"sin",
+	"sinh",
+	"tan",
+	"tanh",
+	"date",
+	"time",
+	"datetime",
+	"julianday",
+	"unixepoch",
+	"strftime",
+	"timediff",
+	"typeof",
+	"type",
+	"last_insert_rowid",
+	"changes",
+	"total_changes",
+	"sqlite_version",
+	"json",
+	"json_array",
+	"json_array_length",
+	"json_extract",
+	"json_insert",
+	"json_object",
+	"json_patch",
+	"json_remove",
+	"json_replace",
+	"json_set",
+	"json_type",
+	"json_valid",
+	"json_quote",
+	"json_group_array",
+	"json_group_object",
+	"json_each",
+	"json_tree",
+	"iif",
+	"ifnull",
+	"likely",
+	"unlikely",
+	"max",
+	"min",
+	"nullif",
+	"randomblob",
+	"row_number",
+	"rank",
+	"dense_rank",
+	"percent_rank",
+	"cume_dist",
+	"ntile",
+	"lag",
+	"lead",
+	"first_value",
+	"last_value",
+	"nth_value"
+];
+function checkFunctions(ast, db, allowExtraFunctions) {
+	const bad = findDisallowedFunction(ast, buildAllowedSet(db, allowExtraFunctions));
+	if (bad !== null) return Err(new SanitiseError(`Function '${bad}' is not allowed`));
+	return Ok(ast);
+}
+function buildSet(list) {
+	return new Set(list.map((f) => f.toLowerCase()));
+}
+const PG_SET = buildSet(POSTGRES_FUNCTIONS);
+const SQLITE_SET = buildSet(SQLITE_FUNCTIONS);
+function getAllowedFunctions(db) {
+	return db === "sqlite" ? SQLITE_SET : PG_SET;
+}
+function buildAllowedSet(db, extra) {
+	const base = getAllowedFunctions(db);
+	if (extra.length === 0) return base;
+	const merged = new Set(base);
+	for (const f of extra) merged.add(f.toLowerCase());
+	return merged;
+}
+function findDisallowedFunction(ast, allowed) {
+	for (const col of ast.columns) if (col.expr.kind === "expr" && col.expr.expr) {
+		const bad = checkWhereValue(col.expr.expr, allowed);
+		if (bad) return bad;
+	}
+	if (ast.distinct && ast.distinct.type === "distinct_on") for (const val of ast.distinct.columns) {
+		const bad = checkWhereValue(val, allowed);
+		if (bad) return bad;
+	}
+	for (const join of ast.joins) if (join.condition && join.condition.type === "join_on") {
+		const bad = checkWhereExpr(join.condition.expr, allowed);
+		if (bad) return bad;
+	}
+	if (ast.where) {
+		const bad = checkWhereExpr(ast.where.inner, allowed);
+		if (bad) return bad;
+	}
+	if (ast.groupBy) for (const item of ast.groupBy.items) {
+		const bad = checkWhereValue(item, allowed);
+		if (bad) return bad;
+	}
+	if (ast.having) {
+		const bad = checkWhereExpr(ast.having.expr, allowed);
+		if (bad) return bad;
+	}
+	if (ast.orderBy) for (const item of ast.orderBy.items) {
+		const bad = checkWhereValue(item.expr, allowed);
+		if (bad) return bad;
+	}
+	return null;
+}
+function checkFuncCall(func, allowed) {
+	if (!allowed.has(func.name.toLowerCase())) return func.name;
+	if (func.args.kind === "args") for (const arg of func.args.args) {
+		const bad = checkWhereValue(arg, allowed);
+		if (bad) return bad;
+	}
+	return null;
+}
+function checkWhereValue(val, allowed) {
+	switch (val.type) {
+		case "where_value":
+			if (val.kind === "func_call") return checkFuncCall(val.func, allowed);
+			return null;
+		case "where_arith":
+		case "where_jsonb_op":
+		case "where_pgvector_op": {
+			const l = checkWhereValue(val.left, allowed);
+			if (l) return l;
+			return checkWhereValue(val.right, allowed);
+		}
+		case "where_unary_minus": return checkWhereValue(val.expr, allowed);
+		case "case_expr":
+			if (val.subject) {
+				const s = checkWhereValue(val.subject, allowed);
+				if (s) return s;
+			}
+			for (const w of val.whens) {
+				const c = checkWhereValue(w.condition, allowed);
+				if (c) return c;
+				const r = checkWhereValue(w.result, allowed);
+				if (r) return r;
+			}
+			if (val.else) return checkWhereValue(val.else, allowed);
+			return null;
+		case "cast_expr": return checkWhereValue(val.expr, allowed);
+		default: return null;
+	}
+}
+function checkWhereExpr(expr, allowed) {
+	switch (expr.type) {
+		case "where_and":
+		case "where_or": {
+			const l = checkWhereExpr(expr.left, allowed);
+			if (l) return l;
+			return checkWhereExpr(expr.right, allowed);
+		}
+		case "where_not": return checkWhereExpr(expr.expr, allowed);
+		case "where_comparison": {
+			const l = checkWhereValue(expr.left, allowed);
+			if (l) return l;
+			return checkWhereValue(expr.right, allowed);
+		}
+		case "where_is_null": return checkWhereValue(expr.expr, allowed);
+		case "where_is_bool": return checkWhereValue(expr.expr, allowed);
+		case "where_between": {
+			const e = checkWhereValue(expr.expr, allowed);
+			if (e) return e;
+			const lo = checkWhereValue(expr.low, allowed);
+			if (lo) return lo;
+			return checkWhereValue(expr.high, allowed);
+		}
+		case "where_in": {
+			const e = checkWhereValue(expr.expr, allowed);
+			if (e) return e;
+			for (const item of expr.list) {
+				const bad = checkWhereValue(item, allowed);
+				if (bad) return bad;
+			}
+			return null;
+		}
+		case "where_like": {
+			const e = checkWhereValue(expr.expr, allowed);
+			if (e) return e;
+			return checkWhereValue(expr.pattern, allowed);
+		}
+		case "where_ts_match": {
+			const l = checkWhereValue(expr.left, allowed);
+			if (l) return l;
+			return checkWhereValue(expr.right, allowed);
+		}
+		default: return null;
+	}
+}
+//#endregion
 //#region src/utils.ts
 function unreachable(x) {
 	throw new Error(`Unhandled variant: ${JSON.stringify(x)}`);
@@ -220,31 +983,6 @@ function handleColumnExpr(node) {
 	}
 }
 //#endregion
-//#region src/result.ts
-function Err(error) {
-	return {
-		ok: false,
-		error,
-		unwrap() {
-			throw new Error(String(error));
-		}
-	};
-}
-function Ok(data) {
-	return {
-		ok: true,
-		data,
-		unwrap() {
-			return data;
-		}
-	};
-}
-function returnOrThrow(result, throws) {
-	if (!throws) return result;
-	if (result.ok) return result.data;
-	throw result.error;
-}
-//#endregion
 //#region src/guard.ts
 const DEFAULT_LIMIT = 1e4;
 function applyGuards(ast, guards, limit = DEFAULT_LIMIT) {
@@ -6448,35 +7186,43 @@ function parseSql(expr) {
 }
 //#endregion
 //#region src/index.ts
-function agentSql(sql, column, value, { schema, limit } = {}) {
+function agentSql(sql, column, value, { schema, limit, db = "postgres", allowExtraFunctions = [] } = {}) {
 	return privateAgentSql(sql, {
 		guards: { [column]: value },
 		schema,
 		limit,
+		db,
+		allowExtraFunctions,
 		throws: true
 	});
 }
-function createAgentSql(schema, guards, { limit, throws = true } = {}) {
+function createAgentSql(schema, guards, { limit, throws = true, db = "postgres", allowExtraFunctions = [] } = {}) {
 	return (expr) => throws ? privateAgentSql(expr, {
 		guards,
 		schema,
 		limit,
+		db,
+		allowExtraFunctions,
 		throws
 	}) : privateAgentSql(expr, {
 		guards,
 		schema,
 		limit,
+		db,
+		allowExtraFunctions,
 		throws
 	});
 }
-function privateAgentSql(sql, { guards: guardsRaw, schema, limit, throws }) {
+function privateAgentSql(sql, { guards: guardsRaw, schema, limit, db, allowExtraFunctions, throws }) {
 	const guards = resolveGuards(guardsRaw);
 	if (!guards.ok) throw guards.error;
 	const ast = parseSql(sql);
 	if (!ast.ok) return returnOrThrow(ast, throws);
 	const ast2 = checkJoins(ast.data, schema);
 	if (!ast2.ok) return returnOrThrow(ast2, throws);
-	const san = applyGuards(ast2.data, guards.data, limit);
+	const ast3 = checkFunctions(ast2.data, db, allowExtraFunctions);
+	if (!ast3.ok) return returnOrThrow(ast3, throws);
+	const san = applyGuards(ast3.data, guards.data, limit);
 	if (!san.ok) return returnOrThrow(san, throws);
 	const res = outputSql(san.data);
 	if (throws) return res;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agent-sql",
-  "version": "0.2.1",
+  "version": "0.2.2",
   "description": "A starter for creating a TypeScript package.",
   "keywords": [
     "agent",
@@ -69,6 +69,5 @@
       "vite": "npm:@voidzero-dev/vite-plus-core@latest",
       "vitest": "npm:@voidzero-dev/vite-plus-test@latest"
     }
-  },
-  "logo": "https://cdn.jsdelivr.net/gh/carderne/agent-sql@main/docs/logo.png"
+  }
 }