npm - migraguard - Versions diffs - 0.4.1 → 0.5.1 - Mend

migraguard 0.4.1 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/COMMANDS.md CHANGED Viewed

@@ -66,24 +66,28 @@ migraguard check
 Run built-in safety rules on all migration files. Rules use libpg-query AST analysis — no external tools required.
-Rules (all enabled by default):
-- `require-if-not-exists` — CREATE/DROP must use IF NOT EXISTS / IF EXISTS
-- `require-concurrent-index` — CREATE INDEX must use CONCURRENTLY (skipped for tables created in the same file)
-- `require-lock-timeout` — SET lock_timeout must appear before DDL statements
-- `ban-concurrent-index-in-transaction` — CONCURRENTLY cannot be inside BEGIN...COMMIT
-- `adding-not-nullable-field` — NOT NULL column must have a DEFAULT value
-- `constraint-missing-not-valid` — ADD CONSTRAINT must use NOT VALID
-Disable specific rules or add custom rules via config:
+19 rules (all enabled by default). See README for the full table. Key categories:
+**Idempotency**: `require-if-not-exists`, `require-create-or-replace-view`
+**Concurrency safety**: `require-concurrent-index`, `require-drop-index-concurrently`, `ban-concurrent-index-in-transaction`
+**Timeout discipline**: `require-lock-timeout`, `require-statement-timeout`, `require-reset-timeouts`
+**Constraint safety**: `constraint-missing-not-valid`, `require-unique-via-concurrent-index`, `ban-validate-constraint-same-file`, `adding-not-nullable-field`
+**Destructive DDL**: `ban-drop-column`, `ban-alter-column-type`, `ban-drop-cascade`, `ban-truncate`
+**DML safety**: `ban-update-without-where`, `ban-delete-without-where`
+**Statistics**: `require-analyze-after-index`
+Configure severity per rule (`"error"` / `"warn"` / `"off"`) or add custom rules:
 ```json
 {
   "lint": {
-    "rules": { "require-lock-timeout": false },
+    "rules": { "ban-drop-column": "warn", "ban-alter-column-type": "off" },
     "customRulesDir": "lint-rules"
   }
 }
 ```
+Per-file exceptions via SQL comment: `-- migraguard:allow ban-drop-column`
 Custom rule files (`.js` / `.mjs`) in the specified directory are loaded automatically. Each file must default-export a `LintRule` object. See README for an example.
 ```bash

package/README.md CHANGED Viewed

@@ -241,12 +241,11 @@ jobs:
   },
   "lint": {
     "rules": {
-      "require-concurrent-index": true,
-      "require-if-not-exists": true,
-      "require-lock-timeout": true,
-      "ban-concurrent-index-in-transaction": true,
-      "adding-not-nullable-field": true,
-      "constraint-missing-not-valid": true
+      "require-concurrent-index": "error",
+      "require-if-not-exists": "error",
+      "require-lock-timeout": "error",
+      "ban-drop-column": "warn",
+      "ban-alter-column-type": "off"
     }
   }
 }
@@ -320,12 +319,40 @@ UPDATE users SET status = 'active' WHERE status IS NULL;
 |------|---------|
 | `require-if-not-exists` | CREATE/DROP without IF NOT EXISTS / IF EXISTS |
 | `require-concurrent-index` | CREATE INDEX without CONCURRENTLY on existing tables |
+| `require-drop-index-concurrently` | DROP INDEX without CONCURRENTLY |
 | `require-lock-timeout` | DDL without prior SET lock_timeout |
+| `require-statement-timeout` | DDL without prior SET statement_timeout |
+| `require-reset-timeouts` | SET lock/statement_timeout without RESET at end |
+| `require-analyze-after-index` | CREATE INDEX without subsequent ANALYZE \<table\> |
+| `require-create-or-replace-view` | CREATE VIEW without OR REPLACE |
+| `require-unique-via-concurrent-index` | UNIQUE constraint added directly (not via USING INDEX) |
 | `ban-concurrent-index-in-transaction` | CONCURRENTLY inside BEGIN...COMMIT |
+| `ban-drop-cascade` | DROP ... CASCADE |
+| `ban-truncate` | TRUNCATE |
+| `ban-update-without-where` | UPDATE without WHERE |
+| `ban-delete-without-where` | DELETE without WHERE |
+| `ban-drop-column` | ALTER TABLE ... DROP COLUMN |
+| `ban-alter-column-type` | ALTER TABLE ... ALTER COLUMN TYPE |
+| `ban-validate-constraint-same-file` | VALIDATE CONSTRAINT in same file as NOT VALID |
+| `ban-bare-analyze` | ANALYZE without table name |
 | `adding-not-nullable-field` | NOT NULL column without DEFAULT |
-| `constraint-missing-not-valid` | ADD CONSTRAINT without NOT VALID |
+| `constraint-missing-not-valid` | ADD CONSTRAINT (FK/CHECK) without NOT VALID |
+| `ban-select-star-in-view` | SELECT * in VIEW / MATERIALIZED VIEW definitions |
+| `require-if-not-exists-materialized-view` | CREATE MATERIALIZED VIEW without IF NOT EXISTS |
+| `ban-refresh-materialized-view-in-migration` | REFRESH MATERIALIZED VIEW in migration files |
+| `ban-rename-column` | ALTER TABLE ... RENAME COLUMN |
+| `ban-rename-table` | ALTER TABLE ... RENAME TO |
+| `ban-drop-table` | DROP TABLE |
+| `require-pk-via-concurrent-index` | PRIMARY KEY added directly (not via USING INDEX) |
+| `ban-set-not-null` | ALTER COLUMN ... SET NOT NULL (use CHECK NOT VALID pattern) |
+| `ban-alter-enum-in-transaction` | ALTER TYPE ... ADD VALUE inside BEGIN...COMMIT |
+Each rule can be set to `"error"` (default — fail lint), `"warn"` (report but pass), or `"off"` (skip). Per-file exceptions use a comment directive:
-Rules are enabled by default and can be disabled per-rule in `migraguard.config.json` under `lint.rules`.
+```sql
+-- migraguard:allow ban-drop-column, ban-alter-column-type
+ALTER TABLE users DROP COLUMN legacy_field;
+```
 Project-specific rules can be added via `lint.customRulesDir`. See [docs/safe-ddl.md](docs/safe-ddl.md) for built-in rule details and custom rule examples.