datasecops-cli 0.5.2__tar.gz → 0.5.4__tar.gz

{datasecops_cli-0.5.2 → datasecops_cli-0.5.4}/CHANGELOG.md

@@ -2,6 +2,21 @@
 
 All notable changes to the DataSecOps CLI are documented in this file.
 
+## [0.5.4] - 2026-06-05
+
+### Changed
+
+- **`get_linting_rules` returns `.sqlfluff` INI format** — the MCP tool now returns the rendered `.sqlfluff` config file content (INI format) instead of raw JSON, matching what `get_sqlfluff_config` returns and what SQLFluff actually consumes. Returns an empty string (not a prose message) when no config is found, so callers can reliably detect the empty case.
+- **MCP server uses project `.venv`** — `mcp-servers.json` now points `command` to `${PROJECT_DIR}/.venv/${VENV_BIN:-bin}/datasecops-mcp`, defaulting to `bin` (Unix) with `VENV_BIN=Scripts` for Windows, making the config cross-platform.
+
+## [0.5.3] - 2026-06-05
+
+### Changed
+
+- **MCP linting tools report progress** — `lint_sql`, `fix_sql`, and `lint_project` now use MCP `Context` to send progress notifications and info messages during execution, so callers can see what stage the tool is at (project discovery, running SQLFluff, processing results).
+- **MCP linting tools no longer block the event loop** — subprocess calls to SQLFluff are wrapped in `asyncio.to_thread` so the MCP server remains responsive while linting runs.
+- **`_ensure_dbt_packages` skips `dbt deps` when packages exist** — `dbt deps` is only triggered when `dbt_packages/` is actually empty, but the `dbt-snowflake` Python package check always runs to ensure the dbt templater works.
+
 ## [0.5.2] - 2026-06-05
 
 ### Added

{datasecops_cli-0.5.2 → datasecops_cli-0.5.4}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: datasecops-cli
-Version: 0.5.2
+Version: 0.5.4
 Summary: DataSecOps Framework CLI for Snowflake Native App
 License-Expression: MIT
 License-File: LICENSE

{datasecops_cli-0.5.2 → datasecops_cli-0.5.4}/mcp-servers.json

@@ -2,9 +2,9 @@
   "mcpServers": {
     "datasecops-framework": {
       "type": "stdio",
-      "command": "datasecops-mcp",
+      "command": "${PROJECT_DIR}/.venv/${VENV_BIN:-bin}/datasecops-mcp",
       "args": ["--connection-name", "<CONNECTION>", "--app-database", "<APP_DB>"],
-      "description": "DataSecOps Framework governance rules, branching conventions, linting config, and project profiles from your Snowflake Native App"
+      "description": "DataSecOps Framework governance rules, branching conventions, linting config, and project profiles from your Snowflake Native App. Set VENV_BIN=Scripts on Windows."
     },
     "github": {
       "type": "stdio",

{datasecops_cli-0.5.2 → datasecops_cli-0.5.4}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "datasecops-cli"
-version = "0.5.2"
+version = "0.5.4"
 description = "DataSecOps Framework CLI for Snowflake Native App"
 readme = "README.md"
 requires-python = ">=3.10"

datasecops_cli-0.5.4/src/datasecops_cli/__init__.py

@@ -0,0 +1 @@
+__version__ = "0.5.3"

{datasecops_cli-0.5.2 → datasecops_cli-0.5.4}/src/datasecops_mcp/server.py

@@ -8,7 +8,7 @@ dbt packages, project profiles, and deployment settings in real-time.
 import json
 import logging
 
-from mcp.server.fastmcp import FastMCP
+from mcp.server.fastmcp import Context, FastMCP
 
 from datasecops_mcp.connection import get_snowflake_service
 from datasecops_cli.models.project_config import DEFAULT_BRANCH_FORMAT
@@ -64,16 +64,18 @@ def get_work_items_config() -> str:
 def get_linting_rules() -> str:
     """Get the SQLFluff linting rules configured for this project.
 
-    Returns the active SQL linting rules including dialect, indentation settings,
-    and enabled rule codes. Use this when writing or reviewing SQL to ensure
+    Returns the .sqlfluff INI config file content (dialect, indentation settings,
+    and enabled rule codes). Use this when writing or reviewing SQL to ensure
     compliance with the team's standards.
+
+    Returns an empty string if no configuration is found in the native app.
     """
     sf = get_snowflake_service()
-    raw = sf.get_framework_config("SQLFLUFF_RULES")
+    raw = sf.get_sqlfluff_config_file()
     if not raw:
-        return "No SQLFluff rules found in native app"
+        return ""
 
-    return json.dumps(raw, indent=2)
+    return raw
 
 
 @mcp.tool()
@@ -429,7 +431,7 @@ def get_deployment_workflow() -> str:
 
 
 @mcp.tool()
-def lint_sql(file_path: str) -> str:
+async def lint_sql(file_path: str, ctx: Context) -> str:
     """Lint a SQL file using SQLFluff with the project's configured rules.
 
     Args:
@@ -438,11 +440,15 @@ def lint_sql(file_path: str) -> str:
     Returns the linting results including rule violations, line numbers,
     and descriptions. Uses the project's .sqlfluff config from the framework.
     """
+    import asyncio
     import subprocess
     from pathlib import Path
 
+    await ctx.report_progress(0, 3)
+    await ctx.info(f"Finding dbt project for: {file_path}")
     project_dir = _find_project_dir()
     _ensure_dbt_packages(project_dir)
+
     target = Path(file_path)
     if not target.is_absolute():
         target = project_dir / target
@@ -450,12 +456,20 @@ def lint_sql(file_path: str) -> str:
     if not target.exists():
         return json.dumps({"error": f"File not found: {target}"})
 
+    await ctx.report_progress(1, 3)
+    await ctx.info(f"Running SQLFluff lint on {target.name}...")
+
     cmd = ["sqlfluff", "lint", str(target), "--format", "json"]
     config_path = project_dir / ".sqlfluff"
     if config_path.exists():
         cmd += ["--config", str(config_path)]
 
-    result = subprocess.run(cmd, capture_output=True, text=True, cwd=str(project_dir))
+    result = await asyncio.to_thread(
+        subprocess.run, cmd, capture_output=True, text=True, cwd=str(project_dir)
+    )
+
+    await ctx.report_progress(2, 3)
+    await ctx.info("Processing lint results...")
 
     # SQLFluff returns exit code 1 when violations are found (not an error)
     if result.returncode > 1:
@@ -464,14 +478,17 @@ def lint_sql(file_path: str) -> str:
     if result.stdout.strip():
         try:
             violations = json.loads(result.stdout)
+            await ctx.report_progress(3, 3)
             return json.dumps(violations, indent=2)
         except json.JSONDecodeError:
+            await ctx.report_progress(3, 3)
             return result.stdout
+    await ctx.report_progress(3, 3)
     return json.dumps({"status": "clean", "message": "No linting issues found"})
 
 
 @mcp.tool()
-def fix_sql(file_path: str) -> str:
+async def fix_sql(file_path: str, ctx: Context) -> str:
     """Auto-fix linting issues in a SQL file using SQLFluff.
 
     Args:
@@ -480,11 +497,15 @@ def fix_sql(file_path: str) -> str:
     Applies automatic fixes using the project's .sqlfluff config.
     Returns the fix results and what was changed.
     """
+    import asyncio
     import subprocess
     from pathlib import Path
 
+    await ctx.report_progress(0, 3)
+    await ctx.info(f"Finding dbt project for: {file_path}")
     project_dir = _find_project_dir()
     _ensure_dbt_packages(project_dir)
+
     target = Path(file_path)
     if not target.is_absolute():
         target = project_dir / target
@@ -492,12 +513,20 @@ def fix_sql(file_path: str) -> str:
     if not target.exists():
         return json.dumps({"error": f"File not found: {target}"})
 
+    await ctx.report_progress(1, 3)
+    await ctx.info(f"Running SQLFluff fix on {target.name}...")
+
     cmd = ["sqlfluff", "fix", str(target), "--force", "--format", "json"]
     config_path = project_dir / ".sqlfluff"
     if config_path.exists():
         cmd += ["--config", str(config_path)]
 
-    result = subprocess.run(cmd, capture_output=True, text=True, cwd=str(project_dir))
+    result = await asyncio.to_thread(
+        subprocess.run, cmd, capture_output=True, text=True, cwd=str(project_dir)
+    )
+
+    await ctx.report_progress(2, 3)
+    await ctx.info("Processing fix results...")
 
     if result.returncode > 1:
         return json.dumps({"error": f"SQLFluff fix failed: {result.stderr.strip()}"})
@@ -505,14 +534,17 @@ def fix_sql(file_path: str) -> str:
     if result.stdout.strip():
         try:
             fix_results = json.loads(result.stdout)
+            await ctx.report_progress(3, 3)
             return json.dumps(fix_results, indent=2)
         except json.JSONDecodeError:
+            await ctx.report_progress(3, 3)
             return result.stdout
+    await ctx.report_progress(3, 3)
     return json.dumps({"status": "fixed", "message": f"Fixes applied to {target.name}"})
 
 
 @mcp.tool()
-def lint_project(fix: bool = False) -> str:
+async def lint_project(fix: bool, ctx: Context) -> str:
     """Lint all SQL models in the dbt project.
 
     Args:
@@ -521,16 +553,23 @@ def lint_project(fix: bool = False) -> str:
     Lints the models/ directory using the project's .sqlfluff config.
     Returns a summary of violations or fixes applied.
     """
+    import asyncio
     import subprocess
     from pathlib import Path
 
+    action = "fix" if fix else "lint"
+
+    await ctx.report_progress(0, 3)
+    await ctx.info("Finding dbt project...")
     project_dir = _find_project_dir()
     _ensure_dbt_packages(project_dir)
     models_dir = project_dir / "models"
     if not models_dir.exists():
         return json.dumps({"error": f"No models directory found at {models_dir}"})
 
-    action = "fix" if fix else "lint"
+    await ctx.report_progress(1, 3)
+    await ctx.info(f"Running SQLFluff {action} on models/...")
+
     cmd = ["sqlfluff", action, str(models_dir), "--format", "json"]
     if fix:
         cmd.append("--force")
@@ -539,7 +578,12 @@ def lint_project(fix: bool = False) -> str:
     if config_path.exists():
         cmd += ["--config", str(config_path)]
 
-    result = subprocess.run(cmd, capture_output=True, text=True, cwd=str(project_dir))
+    result = await asyncio.to_thread(
+        subprocess.run, cmd, capture_output=True, text=True, cwd=str(project_dir)
+    )
+
+    await ctx.report_progress(2, 3)
+    await ctx.info("Processing results...")
 
     if result.returncode > 1:
         return json.dumps({"error": f"SQLFluff {action} failed: {result.stderr.strip()}"})
@@ -560,10 +604,14 @@ def lint_project(fix: bool = False) -> str:
                     "truncated": True,
                     "message": f"Showing first 5 of {len(output)} files",
                 }
+                await ctx.report_progress(3, 3)
                 return json.dumps(summary, indent=2)
+            await ctx.report_progress(3, 3)
             return json.dumps(output, indent=2)
         except json.JSONDecodeError:
+            await ctx.report_progress(3, 3)
             return result.stdout
+    await ctx.report_progress(3, 3)
     return json.dumps({"status": "clean", "action": action, "message": "No issues found"})
 
 
@@ -580,15 +628,18 @@ def _find_project_dir() -> "Path":
 
 
 def _ensure_dbt_packages(project_dir: "Path") -> None:
-    """Ensure dbt-snowflake and dbt packages are available for sqlfluff dbt templater."""
+    """Ensure dbt-snowflake and dbt packages are available for sqlfluff dbt templater.
+
+    Skips expensive dbt deps if packages are already present, but always
+    ensures the dbt-snowflake Python package is importable.
+    """
     import subprocess
     from pathlib import Path
 
-    # Check that dbt-snowflake Python package is installed (required by sqlfluff-templater-dbt)
+    # Always ensure dbt-snowflake Python package is available (required by sqlfluff-templater-dbt)
     try:
         import dbt.adapters.snowflake  # noqa: F401
     except ImportError:
-        # Attempt to install dbt-snowflake
         subprocess.run(
             ["uv", "pip", "install", "dbt-snowflake"],
             capture_output=True, text=True,
@@ -609,8 +660,9 @@ def _ensure_dbt_packages(project_dir: "Path") -> None:
     if not packages_yml.exists():
         return  # No packages to install
 
-    # Run dbt deps to install packages
+    # Packages are missing — run dbt deps to install them
     import shutil
+
     for cmd in [["dbtf", "deps"], ["dbt", "deps"]]:
         if shutil.which(cmd[0]):
             subprocess.run(cmd, capture_output=True, text=True, cwd=str(project_dir))

datasecops_cli-0.5.2/src/datasecops_cli/__init__.py

@@ -1 +0,0 @@
-__version__ = "0.5.2"