sql-dashboard 1.0.0

package/dist/chunk-TNHUK2FI.mjs

@@ -0,0 +1,1033 @@
+import {
+  MSSQLDriver
+} from "./chunk-MTCZXLV5.mjs";
+import {
+  MySQLDriver
+} from "./chunk-7YLO3OSN.mjs";
+import {
+  PostgresDriver
+} from "./chunk-YGKUVVJT.mjs";
+import {
+  BaseDriver,
+  QueryTimer
+} from "./chunk-P4QE6SGC.mjs";
+
+// src/engine.ts
+import { EventEmitter } from "eventemitter3";
+
+// src/drivers/sqlite.driver.ts
+import initSqlJs from "sql.js";
+import path from "path";
+import fs from "fs";
+var SQLiteDriver = class extends BaseDriver {
+  constructor(config) {
+    super();
+    this.type = "sqlite" /* SQLITE */;
+    this.db = null;
+    this.sqlJs = null;
+    this.memoryMode = config.mode === "memory" || !config.path;
+    this.dbPath = config.path || ":memory:";
+    this.config = { ...config };
+  }
+  async connect() {
+    try {
+      this.sqlJs = await initSqlJs();
+      if (this.memoryMode) {
+        this.db = new this.sqlJs.Database();
+      } else {
+        const fullPath = path.resolve(this.dbPath);
+        const dir = path.dirname(fullPath);
+        if (!fs.existsSync(dir)) {
+          fs.mkdirSync(dir, { recursive: true });
+        }
+        if (fs.existsSync(fullPath)) {
+          const buffer = fs.readFileSync(fullPath);
+          this.db = new this.sqlJs.Database(buffer);
+        } else {
+          this.db = new this.sqlJs.Database();
+          this.saveToFile();
+        }
+      }
+      this.db.run("PRAGMA journal_mode=WAL;");
+      this.db.run("PRAGMA foreign_keys=ON;");
+      this.connected = true;
+    } catch (error) {
+      throw new Error(`Failed to connect to SQLite: ${error.message}`);
+    }
+  }
+  async disconnect() {
+    if (this.db) {
+      if (!this.memoryMode && this.dbPath !== ":memory:") {
+        this.saveToFile();
+      }
+      this.db.close();
+      this.db = null;
+    }
+    this.connected = false;
+  }
+  isConnected() {
+    return this.connected && this.db !== null;
+  }
+  saveToFile() {
+    if (this.db && !this.memoryMode) {
+      const data = this.db.export();
+      const buffer = Buffer.from(data);
+      fs.writeFileSync(path.resolve(this.dbPath), buffer);
+    }
+  }
+  async executeQuery(sql, params) {
+    this.ensureConnected();
+    const timer = new QueryTimer();
+    try {
+      const normalizedSql = sql.trim().replace(/;$/, "");
+      const isSelect = /^\s*(SELECT|PRAGMA|SHOW|DESCRIBE|EXPLAIN)/i.test(normalizedSql);
+      if (isSelect) {
+        const stmt = this.db.prepare(normalizedSql);
+        const rows = [];
+        const columns = [];
+        columns.push(...stmt.getColumnNames());
+        if (params && params.length > 0) {
+          stmt.bind(params);
+        }
+        while (stmt.step()) {
+          const row = stmt.getAsObject();
+          rows.push(row);
+        }
+        stmt.free();
+        return this.createResult(sql, rows, timer.elapsed);
+      } else {
+        this.db.run(normalizedSql, params);
+        const affectedRows = this.db.getRowsModified();
+        return this.createResult(sql, [], timer.elapsed, affectedRows);
+      }
+    } catch (error) {
+      return this.createErrorResult(sql, error, timer.elapsed);
+    }
+  }
+  async executeBatch(queries) {
+    this.ensureConnected();
+    const results = [];
+    try {
+      this.db.run("BEGIN TRANSACTION;");
+      for (const query of queries) {
+        const result = await this.executeQuery(query);
+        results.push(result);
+        if (result.status === "error") {
+          this.db.run("ROLLBACK;");
+          return results;
+        }
+      }
+      this.db.run("COMMIT;");
+    } catch (error) {
+      this.db.run("ROLLBACK;");
+      results.push(this.createErrorResult("Batch", error, 0));
+    }
+    return results;
+  }
+  async getSchema() {
+    this.ensureConnected();
+    return {
+      name: "main",
+      tables: await this.getTables(),
+      views: await this.getViews(),
+      procedures: []
+    };
+  }
+  async getTables() {
+    const result = await this.executeQuery(
+      "SELECT name FROM sqlite_master WHERE type='table' AND name NOT LIKE 'sqlite_%' ORDER BY name;"
+    );
+    const tables = [];
+    for (const row of result.rows) {
+      const tableName = row.name;
+      const columns = await this.getColumns(tableName);
+      const indexes = await this.getIndexes(tableName);
+      const foreignKeys = await this.getForeignKeys(tableName);
+      const rowCount = await this.getTableRowCount(tableName);
+      tables.push({
+        name: tableName,
+        schema: "main",
+        type: "table",
+        columns,
+        indexes,
+        foreignKeys,
+        rowCount
+      });
+    }
+    return tables;
+  }
+  async getTableInfo(tableName) {
+    const columns = await this.getColumns(tableName);
+    const indexes = await this.getIndexes(tableName);
+    const foreignKeys = await this.getForeignKeys(tableName);
+    const rowCount = await this.getTableRowCount(tableName);
+    return {
+      name: tableName,
+      schema: "main",
+      type: "table",
+      columns,
+      indexes,
+      foreignKeys,
+      rowCount
+    };
+  }
+  async getColumns(tableName) {
+    const result = await this.executeQuery(`PRAGMA table_info("${tableName}");`);
+    return result.rows.map((row) => ({
+      name: row.name,
+      type: row.type || "TEXT",
+      nullable: !row.notnull,
+      primaryKey: row.pk === 1,
+      defaultValue: row.dflt_value
+    }));
+  }
+  async getIndexes(tableName) {
+    const result = await this.executeQuery(`PRAGMA index_list("${tableName}");`);
+    const indexes = [];
+    for (const row of result.rows) {
+      const indexName = row.name;
+      const unique = !!row.unique;
+      const primary = indexName.startsWith("sqlite_autoindex");
+      const indexInfo = await this.executeQuery(`PRAGMA index_info("${indexName}");`);
+      const columns = indexInfo.rows.map((r) => r.name);
+      indexes.push({
+        name: indexName,
+        columns,
+        unique,
+        primary,
+        type: primary ? "primary" : unique ? "unique" : "index"
+      });
+    }
+    return indexes;
+  }
+  async getForeignKeys(tableName) {
+    const result = await this.executeQuery(`PRAGMA foreign_key_list("${tableName}");`);
+    return result.rows.map((row) => ({
+      name: `fk_${tableName}_${row.from}`,
+      column: row.from,
+      referencedSchema: "main",
+      referencedTable: row.table,
+      referencedColumn: row.to,
+      onDelete: row.on_delete || "NO ACTION",
+      onUpdate: row.on_update || "NO ACTION"
+    }));
+  }
+  async getViews() {
+    const result = await this.executeQuery(
+      "SELECT name, sql FROM sqlite_master WHERE type='view' ORDER BY name;"
+    );
+    return result.rows.map((row) => ({
+      name: row.name,
+      schema: "main",
+      definition: row.sql || "",
+      columns: []
+    }));
+  }
+  async getTableRowCount(tableName) {
+    const result = await this.executeQuery(
+      `SELECT COUNT(*) as count FROM "${tableName}";`
+    );
+    return result.rows[0]?.count || 0;
+  }
+  async getVersion() {
+    const result = await this.executeQuery("SELECT sqlite_version() as version;");
+    return result.rows[0]?.version || "unknown";
+  }
+  async getDatabases() {
+    return ["main"];
+  }
+};
+
+// src/drivers/index.ts
+function createDriver(config) {
+  switch (config.type) {
+    case "sqlite" /* SQLITE */:
+      return new SQLiteDriver(config.connection);
+    case "mysql" /* MYSQL */:
+      return new MySQLDriver(config.connection);
+    case "postgres" /* POSTGRES */:
+      return new PostgresDriver(config.connection);
+    case "mssql" /* MSSQL */:
+      return new MSSQLDriver(config.connection);
+    default:
+      throw new Error(`Unsupported driver type: ${config.type}`);
+  }
+}
+
+// src/admin/schema.ts
+var SchemaBrowser = class {
+  constructor(driver) {
+    this.driver = driver;
+  }
+  async getSchema() {
+    return this.driver.getSchema();
+  }
+  async getTables(filter) {
+    const tables = await this.driver.getTables();
+    if (filter?.table) {
+      return tables.filter((t) => t.name.toLowerCase().includes(filter.table.toLowerCase()));
+    }
+    return tables;
+  }
+  async getTable(name) {
+    return this.driver.getTableInfo(name);
+  }
+  async getColumns(tableName) {
+    return this.driver.getColumns(tableName);
+  }
+  async getIndexes(tableName) {
+    return this.driver.getIndexes(tableName);
+  }
+  async getForeignKeys(tableName) {
+    return this.driver.getForeignKeys(tableName);
+  }
+  async getViews() {
+    return this.driver.getViews();
+  }
+  async getTableRowCount(tableName) {
+    return this.driver.getTableRowCount(tableName);
+  }
+  async searchTables(query) {
+    const tables = await this.driver.getTables();
+    const lower = query.toLowerCase();
+    return tables.filter(
+      (t) => t.name.toLowerCase().includes(lower)
+    );
+  }
+  async getTableSummary(tableName) {
+    const info = await this.getTable(tableName);
+    return {
+      name: info.name,
+      columnCount: info.columns.length,
+      indexCount: info.indexes.length,
+      foreignKeyCount: info.foreignKeys.length,
+      rowCount: info.rowCount || 0,
+      size: info.size
+    };
+  }
+};
+
+// src/utils/pagination.ts
+function createPaginatedResult(data, total, params) {
+  const page = Math.max(1, params.page ?? 1);
+  const pageSize = Math.min(Math.max(1, params.pageSize ?? 50), 1e3);
+  return {
+    data,
+    total,
+    page,
+    pageSize,
+    totalPages: Math.ceil(total / pageSize)
+  };
+}
+
+// src/admin/history.ts
+var MemoryStorage = class {
+  constructor(maxEntries = 500) {
+    this.entries = [];
+    this.maxEntries = maxEntries;
+  }
+  getEntries() {
+    return [...this.entries];
+  }
+  addEntry(entry) {
+    this.entries.unshift(entry);
+    if (this.entries.length > this.maxEntries) {
+      this.entries = this.entries.slice(0, this.maxEntries);
+    }
+  }
+  clear() {
+    this.entries = [];
+  }
+  removeEntry(id) {
+    this.entries = this.entries.filter((e) => e.id !== id);
+  }
+};
+var QueryHistory = class {
+  constructor(maxEntries = 500) {
+    this.storage = new MemoryStorage(maxEntries);
+  }
+  record(result, database, user) {
+    const entry = {
+      id: result.id,
+      query: result.query.length > 500 ? result.query.substring(0, 500) + "..." : result.query,
+      executedAt: /* @__PURE__ */ new Date(),
+      duration: result.duration,
+      status: result.status,
+      rowCount: result.rowCount,
+      database,
+      user
+    };
+    this.storage.addEntry(entry);
+    return entry;
+  }
+  list(params = {}) {
+    let entries = this.storage.getEntries();
+    if (params.database) {
+      entries = entries.filter((e) => e.database === params.database);
+    }
+    if (params.status) {
+      entries = entries.filter((e) => e.status === params.status);
+    }
+    if (params.search) {
+      const lower = params.search.toLowerCase();
+      entries = entries.filter((e) => e.query.toLowerCase().includes(lower));
+    }
+    const total = entries.length;
+    const { page = 1, pageSize = 50 } = params;
+    const start = (page - 1) * pageSize;
+    const data = entries.slice(start, start + pageSize);
+    return createPaginatedResult(data, total, { page, pageSize });
+  }
+  getRecent(limit = 10) {
+    return this.storage.getEntries().slice(0, limit);
+  }
+  getStats() {
+    const entries = this.storage.getEntries();
+    const successful = entries.filter((e) => e.status === "success").length;
+    const totalDuration = entries.reduce((sum, e) => sum + e.duration, 0);
+    return {
+      totalQueries: entries.length,
+      successfulQueries: successful,
+      failedQueries: entries.length - successful,
+      avgDuration: entries.length > 0 ? totalDuration / entries.length : 0
+    };
+  }
+  clear() {
+    this.storage.clear();
+  }
+  remove(id) {
+    this.storage.removeEntry(id);
+  }
+};
+
+// src/security/readonly.ts
+var ReadOnlyGuard = class {
+  constructor(rule = {}) {
+    this.rule = {
+      enabled: true,
+      allowSelect: true,
+      allowShow: true,
+      allowDescribe: true,
+      allowExplain: true,
+      bypassUsers: [],
+      ...rule
+    };
+  }
+  isAllowed(sql, user) {
+    if (!this.rule.enabled) return true;
+    if (user && this.rule.bypassUsers?.includes(user)) return true;
+    const trimmed = sql.trim().toUpperCase();
+    if (this.rule.allowSelect && trimmed.startsWith("SELECT")) return true;
+    if (this.rule.allowShow && trimmed.startsWith("SHOW")) return true;
+    if (this.rule.allowDescribe && trimmed.startsWith("DESCRIBE")) return true;
+    if (this.rule.allowExplain && trimmed.startsWith("EXPLAIN")) return true;
+    if (trimmed.startsWith("WITH")) return true;
+    if (trimmed.startsWith("PRAGMA")) return true;
+    return false;
+  }
+  checkReadOnly(sql, user) {
+    if (this.isAllowed(sql, user)) {
+      return { allowed: true };
+    }
+    return {
+      allowed: false,
+      reason: "Database is in read-only mode. Write operations are not permitted."
+    };
+  }
+  updateRule(rule) {
+    this.rule = { ...this.rule, ...rule };
+  }
+};
+
+// src/security/ratelimit.ts
+var RateLimiter = class {
+  constructor(config = {}) {
+    this.store = /* @__PURE__ */ new Map();
+    this.config = {
+      enabled: true,
+      windowMs: 6e4,
+      maxQueries: 100,
+      maxQueriesPerUser: {},
+      errorMessage: "Too many queries. Please slow down.",
+      ...config
+    };
+    this.cleanupInterval = setInterval(() => this.cleanup(), 6e4);
+  }
+  cleanup() {
+    const now = Date.now();
+    for (const [key, entry] of this.store.entries()) {
+      if (entry.resetAt <= now) {
+        this.store.delete(key);
+      }
+    }
+  }
+  check(key) {
+    if (!this.config.enabled) {
+      return { allowed: true, remaining: Infinity, resetAt: 0 };
+    }
+    const now = Date.now();
+    const entry = this.store.get(key);
+    if (!entry || entry.resetAt <= now) {
+      const maxQueries2 = this.config.maxQueriesPerUser[key] || this.config.maxQueries;
+      this.store.set(key, {
+        count: 1,
+        resetAt: now + this.config.windowMs
+      });
+      return { allowed: true, remaining: maxQueries2 - 1, resetAt: now + this.config.windowMs };
+    }
+    const maxQueries = this.config.maxQueriesPerUser[key] || this.config.maxQueries;
+    entry.count++;
+    if (entry.count > maxQueries) {
+      return {
+        allowed: false,
+        remaining: 0,
+        resetAt: entry.resetAt,
+        error: this.config.errorMessage
+      };
+    }
+    return { allowed: true, remaining: maxQueries - entry.count, resetAt: entry.resetAt };
+  }
+  getRemaining(key) {
+    const entry = this.store.get(key);
+    if (!entry || entry.resetAt <= Date.now()) {
+      return this.config.maxQueries;
+    }
+    const maxQueries = this.config.maxQueriesPerUser[key] || this.config.maxQueries;
+    return Math.max(0, maxQueries - entry.count);
+  }
+  reset(key) {
+    if (key) {
+      this.store.delete(key);
+    } else {
+      this.store.clear();
+    }
+  }
+  updateConfig(config) {
+    this.config = { ...this.config, ...config };
+  }
+  destroy() {
+    clearInterval(this.cleanupInterval);
+    this.store.clear();
+  }
+};
+
+// src/utils/logger.ts
+var LOG_LEVELS = {
+  debug: 0,
+  info: 1,
+  warn: 2,
+  error: 3,
+  silent: 4
+};
+var Logger = class {
+  constructor(config) {
+    this.timers = /* @__PURE__ */ new Map();
+    this.config = {
+      level: config?.level ?? "info",
+      queries: config?.queries ?? true,
+      slowQueryThreshold: config?.slowQueryThreshold ?? 1e3,
+      format: config?.format ?? "text"
+    };
+  }
+  shouldLog(level) {
+    return LOG_LEVELS[level] >= LOG_LEVELS[this.config.level];
+  }
+  formatMessage(level, message, data) {
+    const timestamp = (/* @__PURE__ */ new Date()).toISOString();
+    if (this.config.format === "json") {
+      return JSON.stringify({ timestamp, level, message, data });
+    }
+    const prefix = `[${timestamp}] [${level.toUpperCase()}]`;
+    const dataStr = data ? ` ${typeof data === "string" ? data : JSON.stringify(data)}` : "";
+    return `${prefix} ${message}${dataStr}`;
+  }
+  debug(message, data) {
+    if (this.shouldLog("debug")) {
+      console.debug(this.formatMessage("debug", message, data));
+    }
+  }
+  info(message, data) {
+    if (this.shouldLog("info")) {
+      console.info(this.formatMessage("info", message, data));
+    }
+  }
+  warn(message, data) {
+    if (this.shouldLog("warn")) {
+      console.warn(this.formatMessage("warn", message, data));
+    }
+  }
+  error(message, data) {
+    if (this.shouldLog("error")) {
+      console.error(this.formatMessage("error", message, data));
+    }
+  }
+  query(sql, duration, rowCount) {
+    if (this.config.queries && this.shouldLog("info")) {
+      const slow = duration >= this.config.slowQueryThreshold ? " [SLOW]" : "";
+      this.info(`Query (${duration}ms, ${rowCount} rows)${slow}: ${sql.substring(0, 200)}`);
+      if (sql.length > 200) {
+        this.debug(`Full query: ${sql}`);
+      }
+    }
+  }
+  startTimer(label) {
+    this.timers.set(label, Date.now());
+  }
+  endTimer(label) {
+    const start = this.timers.get(label);
+    if (start === void 0) return 0;
+    const duration = Date.now() - start;
+    this.timers.delete(label);
+    this.debug(`Timer "${label}": ${duration}ms`);
+    return duration;
+  }
+  updateConfig(config) {
+    this.config = { ...this.config, ...config };
+  }
+};
+
+// src/core/validator.ts
+var STATEMENT_TYPES = [
+  "SELECT",
+  "INSERT",
+  "UPDATE",
+  "DELETE",
+  "CREATE",
+  "ALTER",
+  "DROP",
+  "TRUNCATE",
+  "GRANT",
+  "REVOKE",
+  "SHOW",
+  "DESCRIBE",
+  "EXPLAIN",
+  "USE",
+  "SET",
+  "CALL",
+  "EXEC",
+  "MERGE",
+  "REPLACE",
+  "RENAME",
+  "BEGIN",
+  "COMMIT",
+  "ROLLBACK",
+  "SAVEPOINT",
+  "LOCK",
+  "UNLOCK",
+  "ANALYZE",
+  "OPTIMIZE",
+  "REPAIR",
+  "BACKUP",
+  "RESTORE"
+];
+var DML_STATEMENTS = /* @__PURE__ */ new Set(["INSERT", "UPDATE", "DELETE", "TRUNCATE", "MERGE", "REPLACE"]);
+var DDL_STATEMENTS = /* @__PURE__ */ new Set(["CREATE", "ALTER", "DROP", "RENAME", "TRUNCATE"]);
+var DCL_STATEMENTS = /* @__PURE__ */ new Set(["GRANT", "REVOKE"]);
+var DANGEROUS_STATEMENTS = /* @__PURE__ */ new Set(["DROP", "TRUNCATE", "GRANT", "REVOKE", "ALTER"]);
+function detectStatementType(sql) {
+  const trimmed = sql.trim().toUpperCase();
+  for (const type of STATEMENT_TYPES) {
+    if (trimmed.startsWith(type)) return type;
+  }
+  const words = trimmed.split(/\s+/);
+  return words[0] || "UNKNOWN";
+}
+function isReadOnlyStatement(sql) {
+  const type = detectStatementType(sql);
+  return !DML_STATEMENTS.has(type) && !DDL_STATEMENTS.has(type) && !DCL_STATEMENTS.has(type) && !DANGEROUS_STATEMENTS.has(type);
+}
+function extractTableNames(sql) {
+  const patterns = [
+    /(?:FROM|JOIN|INTO|UPDATE|TABLE|FROM|USING)\s+[`"']?(\w+)[`"']?/gi,
+    /(?:INSERT\s+(?:INTO\s+)?|REPLACE\s+(?:INTO\s+)?)[`"']?(\w+)[`"']?/gi,
+    /(?:DELETE\s+(?:FROM\s+)?)[`"']?(\w+)[`"']?/gi,
+    /(?:ALTER\s+TABLE\s+)[`"']?(\w+)[`"']?/gi,
+    /(?:DROP\s+(?:TABLE|VIEW|INDEX|PROCEDURE|FUNCTION)\s+)[`"']?(\w+)[`"']?/gi,
+    /(?:CREATE\s+(?:TABLE|VIEW|INDEX|PROCEDURE|FUNCTION)\s+)[`"']?(\w+)[`"']?/gi,
+    /(?:TRUNCATE\s+TABLE\s+)[`"']?(\w+)[`"']?/gi
+  ];
+  const tables = /* @__PURE__ */ new Set();
+  for (const pattern of patterns) {
+    let match;
+    while ((match = pattern.exec(sql)) !== null) {
+      if (match[1]) tables.add(match[1]);
+    }
+  }
+  return Array.from(tables);
+}
+function validateQuery(sql, security) {
+  const errors = [];
+  const trimmedSql = sql.trim();
+  if (!trimmedSql) {
+    errors.push({
+      code: "EMPTY_QUERY",
+      message: "Query is empty",
+      severity: "error"
+    });
+    return { valid: false, errors, normalizedQuery: sql, statementType: "UNKNOWN", isReadOnly: true, tables: [] };
+  }
+  if (!trimmedSql.endsWith(";")) {
+    trimmedSql + ";";
+  }
+  const statementType = detectStatementType(trimmedSql);
+  const detectedTables = extractTableNames(trimmedSql);
+  const readOnly = isReadOnlyStatement(trimmedSql);
+  if (security?.maxQueryLength && trimmedSql.length > security.maxQueryLength) {
+    errors.push({
+      code: "QUERY_TOO_LONG",
+      message: `Query exceeds maximum length of ${security.maxQueryLength} characters`,
+      severity: "error"
+    });
+  }
+  if (security?.bannedStatements) {
+    for (const banned of security.bannedStatements) {
+      const bannedUpper = banned.toUpperCase();
+      if (trimmedSql.toUpperCase().includes(bannedUpper)) {
+        errors.push({
+          code: "BANNED_STATEMENT",
+          message: `Statement "${bannedUpper}" is not allowed`,
+          severity: "error"
+        });
+      }
+    }
+  }
+  if (security?.readOnly === true && !readOnly && statementType !== "UNKNOWN") {
+    errors.push({
+      code: "READ_ONLY_MODE",
+      message: "Database is in read-only mode. Write operations are not allowed.",
+      severity: "error"
+    });
+  }
+  if (security?.requireWhere && ["UPDATE", "DELETE"].includes(statementType)) {
+    if (!/\bWHERE\b/i.test(trimmedSql)) {
+      errors.push({
+        code: "MISSING_WHERE",
+        message: `${statementType} without WHERE clause is not allowed`,
+        severity: "error"
+      });
+    }
+  }
+  return {
+    valid: errors.length === 0,
+    errors,
+    normalizedQuery: trimmedSql,
+    statementType,
+    isReadOnly: readOnly,
+    tables: detectedTables
+  };
+}
+
+// src/core/sanitizer.ts
+var SQL_INJECTION_PATTERNS = [
+  /'.*OR.*'='/i,
+  /'.*AND.*'='/i,
+  /OR\s+'.*'='.*'/i,
+  /AND\s+'.*'='.*'/i,
+  /\bOR\s+\d+\s*=\s*\d+/i,
+  /\bAND\s+\d+\s*=\s*\d+/i,
+  /\bOR\s+\w+\s*=\s*\w+/i,
+  /\bAND\s+\w+\s*=\s*\w+/i,
+  /--\s*$/m,
+  /\/\*.*\*\//,
+  /;\s*DROP\s+/i,
+  /;\s*DELETE\s+/i,
+  /;\s*UPDATE\s+/i,
+  /;\s*INSERT\s+/i,
+  /;\s*EXEC(?:UTE)?\s+/i,
+  /\bUNION\s+ALL\s+SELECT\b/i,
+  /\bUNION\s+SELECT\b/i,
+  /\bINTO\s+OUTFILE\b/i,
+  /\bINTO\s+DUMPFILE\b/i,
+  /\bLOAD_FILE\s*\(/i,
+  /\bpg_sleep\s*\(/i,
+  /\bWAITFOR\s+DELAY\b/i,
+  /\bBENCHMARK\s*\(/i,
+  /\bSLEEP\s*\(/i
+];
+var STRING_LITERALS = /'(?:[^'\\]|\\.)*'/g;
+function sanitizeComment(sql) {
+  return sql.replace(/--.*$/gm, "").replace(/\/\*[\s\S]*?\*\//g, "").replace(/#.*$/gm, "").trim();
+}
+function detectInjection(sql) {
+  const noComments = sql.replace(/--.*$/gm, "").replace(/\/\*[\s\S]*?\*\//g, "");
+  const noStrings = noComments.replace(STRING_LITERALS, "");
+  if (SQL_INJECTION_PATTERNS.some((pattern) => pattern.test(noStrings))) {
+    return true;
+  }
+  for (const pattern of SQL_INJECTION_PATTERNS) {
+    if (pattern.test(noComments)) {
+      return true;
+    }
+  }
+  return false;
+}
+function prepareBatchQueries(sql) {
+  const sanitized = sanitizeComment(sql);
+  const queries = sanitized.split(";").map((q) => q.trim()).filter((q) => q.length > 0).map((q) => q + ";");
+  return queries;
+}
+
+// src/core/formatter.ts
+function truncateResult(rows, maxRows) {
+  if (rows.length <= maxRows) {
+    return { rows, truncated: false };
+  }
+  return { rows: rows.slice(0, maxRows), truncated: true };
+}
+
+// src/engine.ts
+var SQLDashboard = class extends EventEmitter {
+  constructor(options) {
+    super();
+    this.version = "1.0.0";
+    this.connected = false;
+    this.connectionPromise = null;
+    this.config = {
+      driver: options.driver,
+      security: options.security || {},
+      logger: options.logger || { level: "info", queries: true, slowQueryThreshold: 1e3, format: "text" },
+      autoConnect: options.autoConnect ?? true,
+      version: this.version
+    };
+    this.logger = new Logger(this.config.logger);
+    this.driver = createDriver(this.config.driver);
+    this.schema = new SchemaBrowser(this.driver);
+    this.history = new QueryHistory();
+    this.setupSecurity();
+    this.setupEventHandlers();
+    if (this.config.autoConnect) {
+      this.connect().catch((err) => {
+        this.logger.error(`Auto-connect failed: ${err.message}`);
+      });
+    }
+  }
+  setupSecurity() {
+    const security = this.config.security;
+    if (!security) return;
+    if (security.readOnly) {
+      this.readOnlyGuard = new ReadOnlyGuard(
+        typeof security.readOnly === "object" ? security.readOnly : void 0
+      );
+    }
+    if (security.rateLimit) {
+      this.rateLimiter = new RateLimiter(security.rateLimit);
+    }
+  }
+  setupEventHandlers() {
+    this.on("error", (error) => {
+      this.logger.error(`Dashboard error: ${error.message}`);
+    });
+  }
+  async connect() {
+    if (this.connected) return;
+    if (this.connectionPromise) return this.connectionPromise;
+    this.connectionPromise = this.driver.connect().then(() => {
+      this.connected = true;
+      this.connectionPromise = null;
+      this.logger.info(`Connected to ${this.driver.type} database`);
+      this.emit("connect");
+    }).catch((err) => {
+      this.connectionPromise = null;
+      this.emit("error", err);
+      throw err;
+    });
+    return this.connectionPromise;
+  }
+  async disconnect() {
+    if (!this.connected) return;
+    await this.driver.disconnect();
+    this.connected = false;
+    this.logger.info("Disconnected from database");
+    this.emit("disconnect");
+  }
+  async query(sql, options) {
+    await this.ensureConnected();
+    const timer = new QueryTimer();
+    const opts = {
+      timeout: options?.timeout ?? this.config.security?.queryTimeout ?? 3e4,
+      params: options?.params,
+      readOnly: options?.readOnly ?? this.config.security?.readOnly === true,
+      maxRows: options?.maxRows ?? this.config.security?.maxRows ?? 1e3
+    };
+    const validation = this.validateQuery(sql, opts);
+    if (!validation.valid) {
+      const errorResult = {
+        id: crypto.randomUUID(),
+        status: "error",
+        rows: [],
+        columns: [],
+        rowCount: 0,
+        duration: 0,
+        query: sql,
+        error: validation.errors.map((e) => e.message).join("; ")
+      };
+      this.emit("error", new Error(errorResult.error), sql);
+      return errorResult;
+    }
+    if (detectInjection(sql)) {
+      const errorResult = {
+        id: crypto.randomUUID(),
+        status: "error",
+        rows: [],
+        columns: [],
+        rowCount: 0,
+        duration: 0,
+        query: sql,
+        error: "Potential SQL injection detected"
+      };
+      this.emit("error", new Error("SQL injection detected"), sql);
+      return errorResult;
+    }
+    try {
+      const queryPromise = opts.params ? this.driver.executeQuery(sql, opts.params) : this.driver.executeQuery(sql);
+      const result = await this.withTimeout(queryPromise, opts.timeout);
+      const truncated = truncateResult(result.rows, opts.maxRows);
+      const finalResult = {
+        ...result,
+        rows: truncated.rows,
+        rowCount: truncated.truncated ? truncated.rows.length : result.rowCount,
+        warning: truncated.truncated ? `Results truncated to ${opts.maxRows} rows. Total results: ${result.rowCount}` : void 0
+      };
+      this.logger.query(sql, finalResult.duration, finalResult.rowCount);
+      this.history.record(finalResult, this.getDriverType());
+      this.emit("query", finalResult);
+      return finalResult;
+    } catch (error) {
+      const errorResult = this.driver["createErrorResult"](sql, error, timer.elapsed);
+      this.history.record(errorResult, this.getDriverType());
+      this.emit("error", error, sql);
+      if (errorResult.error) {
+        this.logger.error(`Query failed: ${errorResult.error}`);
+      }
+      return errorResult;
+    }
+  }
+  async execute(sql, options) {
+    return this.query(sql, options);
+  }
+  async batch(queries) {
+    await this.ensureConnected();
+    const results = [];
+    for (const query of queries) {
+      const result = await this.query(query);
+      results.push(result);
+      if (result.status === "error") break;
+    }
+    return results;
+  }
+  async executeBatch(sql) {
+    const queries = prepareBatchQueries(sql);
+    return this.batch(queries);
+  }
+  async transaction(callback) {
+    await this.ensureConnected();
+    await this.query("BEGIN");
+    try {
+      const result = await callback(async (sql, params) => {
+        return this.query(sql, { params, transaction: true });
+      });
+      await this.query("COMMIT");
+      return result;
+    } catch (error) {
+      await this.query("ROLLBACK");
+      throw error;
+    }
+  }
+  async explain(sql) {
+    const explainSql = `EXPLAIN ${sql.trim().replace(/;$/, "")}`;
+    return this.query(explainSql);
+  }
+  async analyze(sql) {
+    const analyzeSql = `EXPLAIN ANALYZE ${sql.trim().replace(/;$/, "")}`;
+    return this.query(analyzeSql);
+  }
+  async status() {
+    let dbVersion;
+    try {
+      if (this.connected) {
+        dbVersion = await this.driver.getVersion();
+      }
+    } catch {
+    }
+    const histStats = this.history.getStats();
+    return {
+      connected: this.connected,
+      driver: this.driver.type,
+      version: this.version,
+      uptime: process.uptime(),
+      history: {
+        total: histStats.totalQueries,
+        successful: histStats.successfulQueries,
+        failed: histStats.failedQueries
+      },
+      databaseVersion: dbVersion
+    };
+  }
+  async getDriverVersion() {
+    await this.ensureConnected();
+    return this.driver.getVersion();
+  }
+  async getDatabases() {
+    await this.ensureConnected();
+    return this.driver.getDatabases();
+  }
+  validate(sql) {
+    return validateQuery(sql, this.config.security);
+  }
+  validateQuery(sql, options) {
+    const result = validateQuery(sql, this.config.security);
+    if (options.readOnly && !result.isReadOnly) {
+      result.valid = false;
+      result.errors.push({
+        code: "READ_ONLY",
+        message: "Query is not allowed in read-only mode",
+        severity: "error"
+      });
+    }
+    return result;
+  }
+  async ensureConnected() {
+    if (!this.connected) {
+      await this.connect();
+    }
+  }
+  async withTimeout(promise, ms) {
+    if (ms <= 0) return promise;
+    return Promise.race([
+      promise,
+      new Promise(
+        (_, reject) => setTimeout(() => reject(new Error(`Query timed out after ${ms}ms`)), ms)
+      )
+    ]);
+  }
+  getDriverType() {
+    return this.driver.type;
+  }
+  updateSecurity(config) {
+    if (config.readOnly !== void 0) {
+      if (this.readOnlyGuard) {
+        this.readOnlyGuard.updateRule(
+          typeof config.readOnly === "object" ? config.readOnly : { enabled: config.readOnly }
+        );
+      } else if (config.readOnly) {
+        this.readOnlyGuard = new ReadOnlyGuard(
+          typeof config.readOnly === "object" ? config.readOnly : void 0
+        );
+      }
+    }
+    if (config.rateLimit && this.rateLimiter) {
+      this.rateLimiter.updateConfig(config.rateLimit);
+    }
+    this.config.security = { ...this.config.security, ...config };
+  }
+  destroy() {
+    this.rateLimiter?.destroy();
+    this.disconnect().catch(() => {
+    });
+    this.removeAllListeners();
+  }
+};
+
+export {
+  SQLDashboard
+};