uranio 1.1.7 → 1.1.9

package/.uranio/package.json

@@ -33,6 +33,6 @@
     "mongodb": "^7.1.0",
     "mysql2": "^3.17.5",
     "pg": "^8.18.0",
-    "uranio": "1.1.7"
+    "uranio": "1.1.9"
   }
 }

package/.uranio/src/atom/mysql.ts

@@ -20,12 +20,12 @@ export class MySQLAtomClient<S extends atom_types.mysql_atom> {
   ) {}
 
   public async getAtom(where: where_types.Where<S>): Promise<S | null> {
-    const {query, map} = sql.param.compose_select({
+    const query = sql.build.select({
       table: this.name,
       where,
       limit: '1',
     });
-    const [rows] = await this.client.exe(query, map);
+    const [rows] = await this.client.exe(query);
     if (Array.isArray(rows) && rows[0]) {
       return rows[0] as S;
     }
@@ -41,13 +41,13 @@ export class MySQLAtomClient<S extends atom_types.mysql_atom> {
     order?: sql_types.OrderBy;
     limit?: string;
   }): Promise<S[]> {
-    const {query, map} = sql.param.compose_select({
+    const query = sql.build.select({
       table: this.name,
       where,
       order,
       limit,
     });
-    const [rows] = await this.client.exe(query, map);
+    const [rows] = await this.client.exe(query);
     if (Array.isArray(rows)) {
       return rows as S[];
     }
@@ -59,12 +59,12 @@ export class MySQLAtomClient<S extends atom_types.mysql_atom> {
     for(const [key, _] of Object.entries(shape)){
       columns.push(key as keyof S);
     }
-    const {query, query_records} = sql.param.compose_insert({
+    const query = sql.build.insert({
       table: this.name,
       columns,
       records: [shape]
     });
-    const response = await this.client.exe(query, query_records);
+    const response = await this.client.exe(query);
     return response;
   }
 
@@ -76,12 +76,12 @@ export class MySQLAtomClient<S extends atom_types.mysql_atom> {
     for(const [key, _] of Object.entries(shapes[0])){
       columns.push(key as keyof S);
     }
-    const {query, query_records} = sql.param.compose_insert({
+    const query = sql.build.insert({
       table: this.name,
       columns,
       records: shapes
     });
-    const response = await this.client.exe(query, query_records);
+    const response = await this.client.exe(query);
     return response;
   }
 
@@ -89,21 +89,21 @@ export class MySQLAtomClient<S extends atom_types.mysql_atom> {
     atom: Partial<S>,
     where?: where_types.Where<S>,
   ): Promise<any> {
-    const {query, map} = sql.param.compose_update({
+    const query = sql.build.update({
       table: this.name,
       where,
       update: atom
     });
-    const response = await this.client.exe(query, map);
+    const response = await this.client.exe(query);
     return response;
   }
 
   public async deleteAtoms(where: where_types.Where<S>): Promise<any> {
-    const {query, map} = sql.param.compose_delete({
+    const query = sql.build.del({
       table: this.name,
       where,
     });
-    const response = await this.client.exe(query, map);
+    const response = await this.client.exe(query);
     return response;
   }
 }

package/.uranio/src/atom/postgresql.ts

@@ -20,12 +20,12 @@ export class PostgreSQLAtomClient<S extends atom_types.postgresql_atom> {
   ) {}
 
   public async getAtom(where: where_types.Where<S>): Promise<S | null> {
-    const {query, map} = sql.param.compose_select({
+    const query = sql.build.select({
       table: this.name,
       where,
       limit: '1',
     });
-    const [rows] = await this.client.exe(query, map);
+    const [rows] = await this.client.exe(query);
     if (Array.isArray(rows) && rows[0]) {
       return rows[0] as S;
     }
@@ -41,13 +41,13 @@ export class PostgreSQLAtomClient<S extends atom_types.postgresql_atom> {
     order?: sql_types.OrderBy;
     limit?: string;
   }): Promise<S[]> {
-    const {query, map} = sql.param.compose_select({
+    const query = sql.build.select({
       table: this.name,
       where,
       order,
       limit,
     });
-    const [rows] = await this.client.exe(query, map);
+    const [rows] = await this.client.exe(query);
     if (Array.isArray(rows)) {
       return rows as S[];
     }
@@ -59,12 +59,12 @@ export class PostgreSQLAtomClient<S extends atom_types.postgresql_atom> {
     for(const [key, _] of Object.entries(shape)){
       columns.push(key as keyof S);
     }
-    const {query, query_records} = sql.param.compose_insert({
+    const query = sql.build.insert({
       table: this.name,
       columns,
       records: [shape]
     });
-    const response = await this.client.exe(query, query_records);
+    const response = await this.client.exe(query);
     return response;
   }
 
@@ -76,12 +76,12 @@ export class PostgreSQLAtomClient<S extends atom_types.postgresql_atom> {
     for(const [key, _] of Object.entries(shapes[0])){
       columns.push(key as keyof S);
     }
-    const {query, query_records} = sql.param.compose_insert({
+    const query = sql.build.insert({
       table: this.name,
       columns,
       records: shapes
     });
-    const response = await this.client.exe(query, query_records);
+    const response = await this.client.exe(query);
     return response;
   }
 
@@ -89,21 +89,21 @@ export class PostgreSQLAtomClient<S extends atom_types.postgresql_atom> {
     atom: Partial<S>,
     where?: where_types.Where<S>,
   ): Promise<any> {
-    const {query, map} = sql.param.compose_update({
+    const query = sql.build.update({
       table: this.name,
       where,
       update: atom
     });
-    const response = await this.client.exe(query, map);
+    const response = await this.client.exe(query);
     return response;
   }
 
   public async deleteAtoms(where: where_types.Where<S>): Promise<any> {
-    const {query, map} = sql.param.compose_delete({
+    const query = sql.build.del({
       table: this.name,
       where,
     });
-    const response = await this.client.exe(query, map);
+    const response = await this.client.exe(query);
     return response;
   }
 }

package/.uranio/src/client/mongodb.ts

@@ -38,16 +38,16 @@ export class MongoDBClient {
     try {
       // Check if the client is already connected by pinging the database
       await this.client.db().command({ping: 1});
-      log.trace('MongoDB is already connected.');
+      log.debug('MongoDB is already connected.');
     } catch (error) {
       log.trace('Connecting to MongoDB...');
       await this.client.connect();
-      log.trace('MongoDB connected.');
+      log.debug('MongoDB connected.');
     }
   }
   public async disconnect() {
-    log.trace('Disconnecting...');
+    log.trace('Disconnecting from MongoDB...');
     await this.client.close();
-    log.trace('Disconnected.');
+    log.debug('MongoDB disconnected.');
   }
 }

package/.uranio/src/client/mysql.ts

@@ -8,6 +8,7 @@
 
 import mysql from 'mysql2/promise';
 import {log} from '../log/index';
+import {SQLStatement} from '../sql/template';
 
 export type MySQLClientParams = {
   uri: string;
@@ -31,12 +32,18 @@ export class MySQLClient {
       });
     }
   }
-  public async exe(sql: string, values?: any) {
+  public async exe(sql: string | SQLStatement, values?: any): Promise<any[]> {
+    // Handle SQLStatement objects
+    if (sql instanceof SQLStatement) {
+      const {sql: query, values: params} = sql.mysql();
+      return this.exe(query, params);
+    }
+
     const with_values =
       typeof values !== 'undefined'
         ? ` with values [${Object.entries(values)}]`
         : '';
-    log.trace(`Excuting query '${sql}'${with_values}`);
+    log.debug(`Excuting query '${sql}'${with_values}`);
     if (this.pool) {
       return await this._execute_from_pool_connection(sql, values);
     }

package/.uranio/src/client/postgresql.ts

@@ -8,6 +8,7 @@
 
 import {Pool, PoolClient} from 'pg';
 import {log} from '../log/index';
+import {SQLStatement} from '../sql/template';
 
 export type PostgreSQLClientParams = {
   uri: string;
@@ -26,14 +27,22 @@ export class PostgreSQLClient {
       });
     }
   }
-  public async exe(sql: string, values?: any) {
+  public async exe(sql: string | SQLStatement, values?: any): Promise<any[]> {
+    // Handle SQLStatement objects
+    if (sql instanceof SQLStatement) {
+      const {sql: query, values: params} = sql.postgres();
+      // Convert backticks to double quotes for PostgreSQL
+      const pgQuery = query.replace(/`/g, '"');
+      return this.exe(pgQuery, params);
+    }
+
     // Convert named parameters object to positional parameters array
     const {query, paramValues} = this._convert_named_to_positional(sql, values);
     const with_values =
       typeof paramValues !== 'undefined' && paramValues.length > 0
         ? ` with values [${paramValues}]`
         : '';
-    log.trace(`Excuting query '${query}'${with_values}`);
+    log.debug(`Excuting query '${query}'${with_values}`);
     if (this.pool) {
       return await this._execute_from_pool_connection(query, paramValues);
     }

package/.uranio/src/sql/builder.ts

@@ -0,0 +1,315 @@
+/**
+ * Simplified SQL query builder
+ * Much simpler than full_query.ts + param_query.ts
+ *
+ * Key differences:
+ * - Uses template literals internally (no string replacement bugs)
+ * - Direct parameterization (no two-stage conversion)
+ * - Each value gets its own parameter (no duplicate value issues)
+ *
+ * @packageDocumentation
+ */
+
+import {SQL, SQLStatement} from './template';
+import * as atom_types from '../types/atom';
+import * as where_types from '../types/where';
+import * as sql_types from '../types/sql';
+
+/**
+ * Build a SELECT query
+ */
+export function select<S extends atom_types.atom>({
+  projection = ['*'],
+  table,
+  where,
+  order,
+  limit,
+}: {
+  projection?: string[];
+  table: string;
+  where?: where_types.Where<S>;
+  order?: sql_types.OrderBy;
+  limit?: string;
+}): SQLStatement {
+  // Start with SELECT columns FROM table
+  const cols = projection.join(', ');
+  let query = new SQLStatement([`SELECT ${cols} FROM \`${table}\``], []);
+
+  // Add WHERE clause
+  if (where && Object.keys(where).length > 0) {
+    const whereStmt = _where(where);
+    query.append(' WHERE ').append(whereStmt);
+  }
+
+  // Add ORDER BY
+  if (order && Object.keys(order).length > 0) {
+    query.append(_orderBy(order));
+  }
+
+  // Add LIMIT
+  if (limit) {
+    query.append(_limit(limit));
+  }
+
+  return query;
+}
+
+/**
+ * Build an INSERT query
+ */
+export function insert<S extends atom_types.atom>({
+  table,
+  columns,
+  records,
+}: {
+  table: string;
+  columns: (keyof S)[];
+  records: Partial<S>[];
+}): SQLStatement {
+  const colNames = columns.map(c => `\`${String(c)}\``).join(', ');
+  let query = new SQLStatement([`INSERT INTO \`${table}\` (${colNames}) VALUES `], []);
+
+  // Add each record as (?, ?, ?) with actual values
+  for (let i = 0; i < records.length; i++) {
+    if (i > 0) query.append(', ');
+
+    query.append('(');
+    for (let j = 0; j < columns.length; j++) {
+      if (j > 0) query.append(', ');
+      const col = columns[j];
+      const rec = records[i];
+      if (rec && col) {
+        const value = rec[col];
+        query.append(SQL`${value}`);
+      }
+    }
+    query.append(')');
+  }
+
+  return query;
+}
+
+/**
+ * Build an UPDATE query
+ */
+export function update<S extends atom_types.atom>({
+  table,
+  update,
+  where,
+}: {
+  table: string;
+  update: Partial<S>;
+  where?: where_types.Where<S>;
+}): SQLStatement {
+  let query = new SQLStatement([`UPDATE \`${table}\` SET `], []);
+
+  // Add SET clause
+  const keys = Object.keys(update);
+  for (let i = 0; i < keys.length; i++) {
+    if (i > 0) query.append(', ');
+    const key = keys[i];
+    if (key) {
+      const value = (update as any)[key];
+      query.append(`${key} = `).append(SQL`${value}`);
+    }
+  }
+
+  // Add WHERE clause
+  if (where) {
+    query.append(' WHERE ').append(_where(where));
+  }
+
+  return query;
+}
+
+/**
+ * Build a DELETE query
+ */
+export function del<S extends atom_types.atom>({
+  table,
+  where,
+}: {
+  table: string;
+  where?: where_types.Where<S>;
+}): SQLStatement {
+  let query = new SQLStatement([`DELETE FROM \`${table}\``], []);
+
+  if (where) {
+    query.append(' WHERE ').append(_where(where));
+  }
+
+  return query;
+}
+
+/**
+ * Build WHERE clause
+ */
+function _where<S extends atom_types.atom>(where: where_types.Where<S>): SQLStatement {
+  const parts: SQLStatement[] = [];
+
+  for (const [key, value] of Object.entries(where)) {
+    // Root operators: $and, $or, $nor
+    if (sql_types.root_operators.includes(key as sql_types.RootOperator)) {
+      if (!Array.isArray(value)) {
+        throw new Error(`Root operator '${key}' must have an Array as value`);
+      }
+
+      const subclauses = value.map(el => _where(el));
+      const op = key === '$and' ? ' AND ' : key === '$or' ? ' OR ' : ' NOR ';
+
+      let combined = new SQLStatement(['('], []);
+      const firstClause = subclauses[0];
+      if (firstClause) {
+        combined.append(firstClause);
+      }
+      for (let i = 1; i < subclauses.length; i++) {
+        const clause = subclauses[i];
+        if (clause) {
+          combined.append(op).append(clause);
+        }
+      }
+      combined.append(')');
+      parts.push(combined);
+      continue;
+    }
+
+    // RegExp
+    if (value instanceof RegExp) {
+      parts.push(new SQLStatement([`\`${key}\` REGEXP `], []).append(SQL`${value.source}`));
+      continue;
+    }
+
+    // Filter operators: {age: {$gte: 18}}
+    if (value && typeof value === 'object' && !(value instanceof Date)) {
+      if (Object.keys(value).length === 0) {
+        throw new Error('Cannot compare to empty object value');
+      }
+      parts.push(_filter(key, value as sql_types.Operator));
+      continue;
+    }
+
+    // Simple equality
+    parts.push(new SQLStatement([`\`${key}\` = `], []).append(SQL`${value}`));
+  }
+
+  // Join with AND
+  if (parts.length === 0) {
+    return new SQLStatement([''], []);
+  }
+  let result = parts[0]!;
+  for (let i = 1; i < parts.length; i++) {
+    const part = parts[i];
+    if (part) {
+      result.append(' AND ').append(part);
+    }
+  }
+  return result;
+}
+
+/**
+ * Build filter operators like {$gte: 18, $lte: 65}
+ */
+function _filter(column: string, operator: sql_types.Operator): SQLStatement {
+  const parts: SQLStatement[] = [];
+
+  for (const [key, value] of Object.entries(operator)) {
+    switch (key) {
+      case '$eq':
+        parts.push(new SQLStatement([`\`${column}\` = `], []).append(SQL`${value}`));
+        break;
+      case '$gt':
+        parts.push(new SQLStatement([`\`${column}\` > `], []).append(SQL`${value}`));
+        break;
+      case '$gte':
+        parts.push(new SQLStatement([`\`${column}\` >= `], []).append(SQL`${value}`));
+        break;
+      case '$lt':
+        parts.push(new SQLStatement([`\`${column}\` < `], []).append(SQL`${value}`));
+        break;
+      case '$lte':
+        parts.push(new SQLStatement([`\`${column}\` <= `], []).append(SQL`${value}`));
+        break;
+      case '$ne':
+        parts.push(new SQLStatement([`\`${column}\` <> `], []).append(SQL`${value}`));
+        break;
+      case '$in':
+        if (Array.isArray(value) && value.length > 0) {
+          let stmt = new SQLStatement([`\`${column}\` IN (`], []);
+          stmt.append(SQL`${value[0]}`);
+          for (let i = 1; i < value.length; i++) {
+            stmt.append(', ').append(SQL`${value[i]}`);
+          }
+          stmt.append(')');
+          parts.push(stmt);
+        }
+        break;
+      case '$nin':
+        if (Array.isArray(value) && value.length > 0) {
+          let stmt = new SQLStatement([`\`${column}\` NOT IN (`], []);
+          stmt.append(SQL`${value[0]}`);
+          for (let i = 1; i < value.length; i++) {
+            stmt.append(', ').append(SQL`${value[i]}`);
+          }
+          stmt.append(')');
+          parts.push(stmt);
+        }
+        break;
+      case '$exists':
+        const suffix = value === true ? ' IS NOT NULL' : ' IS NULL';
+        parts.push(new SQLStatement([`\`${column}\`${suffix}`], []));
+        break;
+      case '$not':
+        const notClause = _filter(column, value);
+        parts.push(new SQLStatement([`\`${column}\` NOT (`], []).append(notClause).append(')'));
+        break;
+      default:
+        throw new Error(`Invalid filter operator: ${key}`);
+    }
+  }
+
+  // Join with AND
+  if (parts.length === 0) {
+    return new SQLStatement([''], []);
+  }
+  let result = parts[0]!;
+  for (let i = 1; i < parts.length; i++) {
+    const part = parts[i];
+    if (part) {
+      result.append(' AND ').append(part);
+    }
+  }
+  return result;
+}
+
+/**
+ * Build ORDER BY clause (returns plain string - no params)
+ */
+function _orderBy(order: sql_types.OrderBy): string {
+  const VALID_COLUMN = /^[a-zA-Z_][a-zA-Z0-9_]*$/;
+  const VALID_DIR = ['asc', 'desc'];
+
+  const parts: string[] = [];
+  for (const [col, dir] of Object.entries(order)) {
+    if (!VALID_COLUMN.test(col)) {
+      throw new Error(`Invalid column name in ORDER BY: "${col}"`);
+    }
+    const normalized = dir.toLowerCase();
+    if (!VALID_DIR.includes(normalized)) {
+      throw new Error(`Invalid direction in ORDER BY: "${dir}"`);
+    }
+    parts.push(`\`${col}\` ${normalized.toUpperCase()}`);
+  }
+
+  return ` ORDER BY ${parts.join(', ')}`;
+}
+
+/**
+ * Build LIMIT clause (returns plain string - no params)
+ */
+function _limit(limit: string): string {
+  const pattern = /^(\d+)(?:\s*,\s*(\d+)|\s+OFFSET\s+(\d+))?$/i;
+  if (!pattern.test(limit)) {
+    throw new Error(`Invalid LIMIT clause: "${limit}"`);
+  }
+  return ` LIMIT ${limit}`;
+}

package/.uranio/src/sql/index.ts

@@ -6,8 +6,7 @@
  *
  */
 
-import * as full from './full_query';
-export {full};
+import * as build from './builder';
+export {build};
 
-import * as param from  './param_query';
-export {param};
+export {SQL, SQLStatement} from './template';

package/.uranio/src/sql/template.ts

@@ -0,0 +1,100 @@
+/**
+ * SQL template string builder
+ * Simplified implementation inspired by sql-template-strings
+ *
+ * This provides a secure way to build SQL queries using template literals.
+ * Values are never embedded into SQL strings, preventing SQL injection.
+ *
+ * Usage:
+ *   const name = 'John';
+ *   const query = SQL`SELECT * FROM users WHERE name = ${name}`;
+ *
+ *   // For MySQL:
+ *   query.mysql()  // { sql: "SELECT * FROM users WHERE name = ?", values: ['John'] }
+ *
+ *   // For PostgreSQL:
+ *   query.postgres()  // { sql: "SELECT * FROM users WHERE name = $1", values: ['John'] }
+ *
+ * @packageDocumentation
+ */
+
+export class SQLStatement {
+  private strings: string[];
+  private values: any[];
+
+  constructor(strings: string[], values: any[]) {
+    this.strings = strings;
+    this.values = values;
+  }
+
+  /**
+   * Returns MySQL/MariaDB-compatible query with ? placeholders
+   */
+  mysql(): { sql: string; values: any[] } {
+    return {
+      sql: this.strings.join('?'),
+      values: this.values,
+    };
+  }
+
+  /**
+   * Returns PostgreSQL-compatible query with $1, $2, ... placeholders
+   */
+  postgres(): { sql: string; values: any[] } {
+    const sql = this.strings.reduce((prev, curr, i) => {
+      if (i === 0) return curr;
+      return prev + '$' + i + curr;
+    }, '');
+    return {
+      sql,
+      values: this.values,
+    };
+  }
+
+  /**
+   * Append another SQL statement or string
+   */
+  append(statement: SQLStatement | string): this {
+    if (statement instanceof SQLStatement) {
+      // Merge the last string of this with the first string of statement
+      const lastIdx = this.strings.length - 1;
+      const firstString = statement.strings[0] || '';
+      this.strings[lastIdx] = (this.strings[lastIdx] || '') + firstString;
+      this.strings.push(...statement.strings.slice(1));
+      this.values.push(...statement.values);
+    } else {
+      // Just append a string to the last segment
+      const lastIdx = this.strings.length - 1;
+      this.strings[lastIdx] = (this.strings[lastIdx] || '') + statement;
+    }
+    return this;
+  }
+
+  /**
+   * Get the raw values array
+   */
+  getValues(): any[] {
+    return this.values;
+  }
+
+  /**
+   * Get the number of parameters
+   */
+  get paramCount(): number {
+    return this.values.length;
+  }
+}
+
+/**
+ * Tagged template function for SQL queries
+ *
+ * @example
+ * const name = 'John';
+ * const age = 30;
+ * const query = SQL`SELECT * FROM users WHERE name = ${name} AND age = ${age}`;
+ */
+export function SQL(strings: TemplateStringsArray, ...values: any[]): SQLStatement {
+  return new SQLStatement(Array.from(strings), values);
+}
+
+export default SQL;