execsql2 2.19.2__py3-none-any.whl → 2.21.0__py3-none-any.whl

execsql/cli/run.py

@@ -206,9 +206,29 @@ def _ping_db(db: Any) -> None:
 # ---------------------------------------------------------------------------
 
 
-# B12/F014: shared sensitive-name filter used by env-var seeding, -a
-# value logging, and any future credential-redaction sites.
-_SENSITIVE_SUBSTRINGS = ("SECRET", "TOKEN", "PASSWORD", "PASSWD", "PRIVATE_KEY", "CREDENTIAL")
+# B12/F014: shared sensitive-name filter for env-var seeding and any
+# other name-based credential-redaction sites. Case-insensitive substring
+# matches: an env var whose name (uppercased) contains any of these is
+# not seeded into the substitution pool. "_KEY" uses a leading underscore
+# so it catches AWS_ACCESS_KEY_ID / SECRET_KEY without also blocking
+# KEYBOARD-style names. Substring matching catches the common service-
+# prefixed forms (STRIPE_KEY, OPENAI_API_KEY, SENTRY_DSN, SLACK_WEBHOOK);
+# GitHub PAT-suffixed names (GITHUB_PAT) and URL-encoded DSNs
+# (DATABASE_URL) are documented gaps — use a TOKEN- or SECRET-prefixed
+# name when storing those.
+_SENSITIVE_SUBSTRINGS = (
+    "SECRET",
+    "TOKEN",
+    "PASSWORD",
+    "PASSWD",
+    "PRIVATE_KEY",
+    "CREDENTIAL",
+    "_KEY",
+    "APIKEY",
+    "API_KEY",
+    "DSN",
+    "WEBHOOK",
+)
 
 
 def _seed_early_subvars() -> SubVarSet:
@@ -517,15 +537,12 @@ def _setup_logging(
         for n, repl in enumerate(sub_vars):
             var = f"$ARG_{n + 1}"
             subvars.add_substitution(var, repl)
-            # B12/F014: -a values are user input that may contain
-            # secrets. Redact the value in the log line when the
-            # surrounding -a payload looks sensitive (matches the
-            # existing env-var filter at _seed_early_subvars).
-            display_repl = repl
-            if any(s in str(repl).upper() for s in _SENSITIVE_SUBSTRINGS):
-                display_repl = "***"
+            # `-a` values are positional and opaque (no name to denylist
+            # against). High-entropy secrets (sk-live-*, AKIA*, ghp_*,
+            # JWTs) pass any substring/value heuristic, so log the
+            # assignment confirmation without the value.
             logger.log_status_info(
-                f"Command-line substitution variable assignment: {var} set to {{{display_repl}}}",
+                f"Command-line substitution variable assignment: {var} set to {{***}}",
             )
 
     return logger

execsql/db/access.py

@@ -107,7 +107,11 @@ class AccessDatabase(Database):
                 else:
                     connstr = cs % db_name
                 try:
-                    self.conn = pyodbc.connect(connstr)
+                    # Access is file-based but a UNC path on an
+                    # unreachable share can still block forever; cap
+                    # the connect attempt at 30 s to match the other
+                    # adapters.
+                    self.conn = pyodbc.connect(connstr, timeout=30)
                 except Exception:
                     if _state.exec_log is not None:
                         _state.exec_log.log_status_info(

execsql/db/base.py

@@ -239,8 +239,14 @@ class Database(ABC):
         if self.conn:
             try:
                 self.conn.rollback()
-            except Exception:
-                pass  # Best-effort; connection may already be closed.
+            except Exception as e:
+                # Best-effort; connection may already be closed. Still
+                # log so a cascading rollback failure isn't invisible
+                # in a CI / cron log.
+                if _state.exec_log is not None:
+                    _state.exec_log.log_status_info(
+                        f"Rollback failed on {self.__class__.__name__}: {e!r}",
+                    )
 
     def needs_explicit_commit_after_ddl(self) -> bool:
         """Return True if this adapter's driver does NOT auto-commit DDL.

execsql/db/dsn.py

@@ -90,7 +90,9 @@ class DsnDatabase(Database):
                 parts.append(f"PWD={_odbc_quote(self.password)}")
             connstr = ";".join(parts) + ";"
             kwargs = {"autocommit": autocommit} if autocommit else {}
-            self.conn = pyodbc.connect(connstr, **kwargs)
+            # 30 s connect timeout matches the Postgres adapter default
+            # so a wedged DSN peer cannot hang a script indefinitely.
+            self.conn = pyodbc.connect(connstr, timeout=30, **kwargs)
 
         def _try_connect():
             try:

execsql/db/factory.py

@@ -63,7 +63,7 @@ def db_Postgres(
     new_db: bool = False,
     password: str | None = None,
 ) -> PostgresDatabase:
-    """Open a new PostgreSQL connection via psycopg2."""
+    """Open a new PostgreSQL connection via psycopg (psycopg3)."""
     return PostgresDatabase(server_name, database_name, user, pw_needed, port, new_db=new_db, password=password)
 
 

execsql/db/firebird.py

@@ -18,7 +18,7 @@ __all__ = ["FirebirdDatabase"]
 
 
 class FirebirdDatabase(Database):
-    """Firebird adapter using the firebird-driver (fdb) package."""
+    """Firebird adapter using the firebird-driver package."""
 
     def __init__(
         self,
@@ -31,10 +31,11 @@ class FirebirdDatabase(Database):
         password: str | None = None,
     ) -> None:
         try:
-            import fdb as firebird_lib  # noqa: F401
+            from firebird import driver as firebird_lib  # noqa: F401
         except Exception:
             fatal_error(
-                "The fdb module is required to connect to Firebird.   See https://pypi.python.org/pypi/fdb/",
+                "The firebird-driver module is required to connect to Firebird.   "
+                "See https://pypi.org/project/firebird-driver/",
             )
         from execsql.types import dbt_firebird
 
@@ -67,7 +68,10 @@ class FirebirdDatabase(Database):
 
     def open_db(self) -> None:
         """Open a connection to the Firebird database."""
-        import fdb as firebird_lib
+        from firebird import driver as firebird_lib
+
+        # 30 s connect timeout matches the Postgres adapter default.
+        connect_timeout = 30
 
         def db_conn():
             if self.user and self.password:
@@ -78,6 +82,7 @@ class FirebirdDatabase(Database):
                     user=self.user,
                     password=self.password,
                     charset=self.encoding,
+                    timeout=connect_timeout,
                 )
             else:
                 return firebird_lib.connect(
@@ -85,6 +90,7 @@ class FirebirdDatabase(Database):
                     database=self.db_name,
                     port=self.port,
                     charset=self.encoding,
+                    timeout=connect_timeout,
                 )
 
         if self.conn is None:

execsql/db/mysql.py

@@ -152,6 +152,10 @@ class MySQLDatabase(Database):
         """Open a connection to the MySQL or MariaDB server."""
         import pymysql as mysql_lib
 
+        # 30 s default matches the Postgres adapter so a wedged peer
+        # can't hang a script indefinitely.
+        connect_timeout = 30
+
         def db_conn():
             if self.user and self.password:
                 return mysql_lib.connect(
@@ -162,6 +166,7 @@ class MySQLDatabase(Database):
                     password=self.password,
                     charset=self.encoding,
                     local_infile=True,
+                    connect_timeout=connect_timeout,
                 )
             else:
                 return mysql_lib.connect(
@@ -170,6 +175,7 @@ class MySQLDatabase(Database):
                     port=self.port,
                     charset=self.encoding,
                     local_infile=True,
+                    connect_timeout=connect_timeout,
                 )
 
         if self.conn is None:

execsql/db/postgres.py

@@ -3,7 +3,7 @@ from __future__ import annotations
 """
 PostgreSQL database adapter for execsql.
 
-Implements :class:`PostgresDatabase`. Uses ``psycopg2`` for the
+Implements :class:`PostgresDatabase`. Uses ``psycopg`` (psycopg3) for the
 connection, supports schema-qualified tables, server-side ``COPY`` for
 fast IMPORT, ``CREATE DATABASE`` when ``new_db=True``, ``ROLE_EXISTS``,
 and the ``PG_VACUUM`` metacommand (``vacuum()`` method). Corresponds to
@@ -26,7 +26,7 @@ DEFAULT_CONNECT_TIMEOUT = 30  # seconds
 
 
 class PostgresDatabase(Database):
-    """PostgreSQL adapter using psycopg2, with schema support, server-side COPY, and keyring auth."""
+    """PostgreSQL adapter using psycopg (psycopg3), with schema support, server-side COPY, and keyring auth."""
 
     def __init__(
         self,
@@ -41,10 +41,11 @@ class PostgresDatabase(Database):
         connect_timeout: int = DEFAULT_CONNECT_TIMEOUT,
     ) -> None:
         try:
-            import psycopg2  # noqa: F401
+            import psycopg  # noqa: F401
         except Exception:
             fatal_error(
-                "The psycopg2 module is required to connect to PostgreSQL.   See http://initd.org/psycopg/",
+                "The psycopg module (psycopg3) is required to connect to PostgreSQL.   "
+                "See https://www.psycopg.org/psycopg3/",
             )
         from execsql.types import dbt_postgres
 
@@ -73,23 +74,23 @@ class PostgresDatabase(Database):
 
     def open_db(self) -> None:
         """Open a connection to the PostgreSQL database."""
-        import psycopg2
+        import psycopg
 
         def db_conn(db: PostgresDatabase, db_name: str):
             try:
                 if db.user and db.password:
-                    return psycopg2.connect(
+                    return psycopg.connect(
                         host=str(db.server_name),
-                        database=str(db_name),
+                        dbname=str(db_name),
                         port=db.port,
                         user=db.user,
                         password=db.password,
                         connect_timeout=db.connect_timeout,
                     )
                 else:
-                    return psycopg2.connect(
+                    return psycopg.connect(
                         host=str(db.server_name),
-                        database=db_name,
+                        dbname=db_name,
                         port=db.port,
                         connect_timeout=db.connect_timeout,
                     )
@@ -148,7 +149,7 @@ class PostgresDatabase(Database):
                 msg = f"Failed to open PostgreSQL database {self.db_name} on {self.server_name}"
                 raise ErrInfo(type="exception", exception_msg=exception_desc(), other_msg=msg) from e
             # (Re)set the encoding to match the database.
-            self.encoding = self.conn.encoding
+            self.encoding = self.conn.info.encoding
 
     def exec_cmd(self, querycommand: str) -> None:
         """Execute a stored function by name."""
@@ -242,13 +243,13 @@ class PostgresDatabase(Database):
         but should not be exposed to untrusted input.
         """
         self.commit()
-        self.conn.set_session(autocommit=True)
+        self.conn.autocommit = True
         curs = self.conn.cursor()
         try:
             curs.execute(f"VACUUM {argstring};")
         finally:
             curs.close()
-            self.conn.set_session(autocommit=False)
+            self.conn.autocommit = False
 
     def import_tabular_file(
         self,
@@ -290,7 +291,7 @@ class PostgresDatabase(Database):
         import_cols = [self.type.quoted(col) for col in import_cols]
         csv_file_cols_q = [self.type.quoted(col) for col in csv_file_cols]
         input_col_list = ",".join(import_cols)
-        # If encodings match, use copy_expert.
+        # If encodings match, use server-side COPY.
         # If encodings don't match, and the file encoding isn't recognized by CSV, read as CSV.
         enc_xlates = {
             "cp1252": "win1252",
@@ -319,7 +320,7 @@ class PostgresDatabase(Database):
             and not _state.conf.trim_strings
             and not _state.conf.replace_newlines
         ):
-            # Use Postgres' COPY FROM method via psycopg2's copy_expert() method.
+            # Use Postgres' COPY FROM method via psycopg3's cursor.copy() context manager.
             rf = csv_file_obj.open("rt")
             if skipheader:
                 next(rf)
@@ -346,7 +347,9 @@ class PostgresDatabase(Database):
                 )
             with self._cursor() as curs:
                 try:
-                    curs.copy_expert(copy_cmd, rf, _state.conf.import_buffer)
+                    with curs.copy(copy_cmd) as copy:
+                        while chunk := rf.read(_state.conf.import_buffer):
+                            copy.write(chunk)
                 except ErrInfo:
                     raise
                 except Exception as e:
@@ -461,12 +464,11 @@ class PostgresDatabase(Database):
         file_name: str,
     ) -> None:
         """Import an entire binary file into a single column of a table."""
-        import psycopg2
-
         with open(file_name, "rb") as f:
             filedata = f.read()
         sq_name = self.schema_qualified_table_name(schema_name, table_name)
         quoted_col = self.quote_identifier(column_name)
         sql = f"insert into {sq_name} ({quoted_col}) values ({self.paramsubs(1)});"
         with self._cursor() as curs:
-            curs.execute(sql, (psycopg2.Binary(filedata),))
+            # psycopg3 sends ``bytes`` to a ``bytea`` column directly; no Binary() wrapper.
+            curs.execute(sql, (filedata,))

execsql/db/sqlserver.py

@@ -113,7 +113,10 @@ class SqlServerDatabase(Database):
                             f"DATABASE={self.db_name};Trusted_Connection=yes"
                         )
                     try:
-                        self.conn = pyodbc.connect(connstr)
+                        # 30 s connect timeout matches the Postgres adapter
+                        # default; pyodbc treats `timeout` as the login-and-
+                        # query timeout on the connection.
+                        self.conn = pyodbc.connect(connstr, timeout=30)
                     except Exception:
                         if _state.exec_log is not None:
                             _state.exec_log.log_status_info(

execsql/format.py

@@ -45,6 +45,13 @@ METACOMMAND_RE = re.compile(r"^\s*--\s*!x!\s*(.*)", re.IGNORECASE)
 
 # Multi-word keywords — checked longest-first before single-word fallback.
 # Order matters: more-specific variants must precede their prefixes.
+# Only entries that appear at the *start* of a `-- !x!` payload belong
+# here — `parse_keyword()` matches against the beginning of the payload,
+# not embedded sub-clauses. `IN ZIPFILE` / `WITH TEMPLATE` are EXPORT
+# sub-clauses and never appear at the start, so they don't go here.
+# When adding a new dispatch keyword, mirror it here (or fix the missing
+# entry via the `tests/test_format.py` drift check that pulls names from
+# the dispatch table).
 MULTIWORD_KEYWORDS = [
     "METACOMMAND_ERROR_HALT",
     "ON ERROR_HALT",
@@ -77,18 +84,31 @@ MULTIWORD_KEYWORDS = [
     "SUB_INI",
     "PROMPT ENTRY_FORM",
     "PROMPT SELECT_SUB",
+    "PROMPT SELECT_ROWS",
     "PROMPT ENTER_SUB",
     "PROMPT DIRECTORY",
+    "PROMPT CREDENTIALS",
     "PROMPT CONNECT",
     "PROMPT COMPARE",
     "PROMPT MESSAGE",
     "PROMPT DISPLAY",
     "PROMPT ACTION",
+    "PROMPT OPENFILE",
+    "PROMPT SAVEFILE",
     "PROMPT PAUSE",
-    "PROMPT FILE",
+    # PROMPT ASK COMPARE must precede PROMPT ASK so longest-match wins;
+    # parse_keyword iterates in list order, not by length.
+    "PROMPT ASK COMPARE",
     "PROMPT ASK",
-    "WITH TEMPLATE",
-    "IN ZIPFILE",
+    "PROMPT MAP",
+    "APPEND SCRIPT",
+    "PG_UPSERT CHECK",
+    "PG_UPSERT QA",
+    "RESET COUNTER",
+    "RESET DIALOG_CANCELED",
+    "SET COUNTER",
+    "WRITE CREATE_TABLE",
+    "WRITE SCRIPT",
     "SHOW SCRIPTS",
 ]
 
@@ -98,9 +118,18 @@ BLOCK_CLOSE = frozenset({"ENDIF", "END LOOP", "ENDLOOP", "END SCRIPT", "END BATC
 PIVOT = frozenset({"ELSE", "ELSEIF"})  # decrease depth before emit, increase after
 CONTINUATION = frozenset({"ANDIF", "ORIF"})  # emit at depth-1, no depth change
 
-# Inline IF: "IF (cond) { command }" — self-contained, no ENDIF, no depth change.
-# Mirrors src/execsql/cli/lint.py:_RX_IF_INLINE so formatter and linter agree.
+# Inline IF: "IF (cond) { command }" — self-contained, no ENDIF, no depth
+# change. Pattern must accept the same payloads as
+# src/execsql/script/parser.py:_IF_INLINE_RX. Kept as a separate compiled
+# pattern (not an import) so execsql-format doesn't pull in the AST parser
+# module graph at startup; tests/test_format.py has a drift check that
+# asserts both regexes recognise the same inputs.
 _IF_INLINE_RE = re.compile(r"^\s*IF\s*\(\s*.+\s*\)\s*\{.+\}\s*$", re.I)
+
+# Matches both untagged `$$` and tagged `$tag$` dollar-quote markers
+# (PostgreSQL PL/pgSQL / DO-block syntax). Tags are letter-or-underscore
+# followed by word characters; the empty tag (just `$$`) is also valid.
+_DOLLAR_QUOTE_RE = re.compile(r"\$([A-Za-z_][A-Za-z0-9_]*)?\$")
 # BLOCK_OPEN keywords whose bodies are guaranteed-SQL (not metacommand-driven).
 # Blank lines inside these belong to the SQL accumulator, not the output stream.
 _SQL_BODY_BLOCKS = frozenset({"BEGIN SQL", "BEGIN BATCH"})
@@ -180,9 +209,16 @@ def _is_comment_line(line: str, in_block: bool) -> tuple[bool, bool]:
 def _sqlglot_format(
     sql_lines: list[str],
     sql_indent: int = 4,
-    leading_comma: bool = False,
+    leading_comma: bool = False,  # noqa: ARG001 — leading-comma layout is applied as a textual post-pass on the assembled output; sqlglot's own `leading_comma=True` is non-idempotent under inline comments.
 ) -> list[str]:
-    """Format a list of SQL-only lines (no comment-only lines) via sqlglot."""
+    """Format a list of SQL-only lines (no comment-only lines) via sqlglot.
+
+    Always emits trailing-comma style; if the caller wants leading commas
+    they are produced by ``_apply_leading_comma`` at the end of
+    ``format_file``. sqlglot's own ``leading_comma=True`` reshuffles inline
+    comments and is therefore non-idempotent on SQL with mid-statement
+    comments, which is the dominant real-world case.
+    """
     sqlglot = _require_sqlglot()
     import sqlglot.errors as sqlglot_errors
 
@@ -211,7 +247,6 @@ def _sqlglot_format(
                             pad=sql_indent,
                             indent=sql_indent,
                             max_text_width=120,
-                            leading_comma=leading_comma,
                         ),
                     )
         stmts = [s for s in statements if s]
@@ -508,13 +543,105 @@ def format_metacommand(payload: str, depth: int, indent: int) -> str:
     return f"{prefix}-- !x! {keyword}"
 
 
+def _is_comment_only(s: str) -> bool:
+    """Strict comment classifier for the leading-comma post/pre passes."""
+    st = s.strip()
+    return st.startswith("--") or st.startswith("/*") or st.startswith("*/")
+
+
+def _normalize_to_trailing_comma(text: str) -> str:
+    """Rewrite leading-comma SQL (`, foo`) back to trailing-comma style.
+
+    Symmetric inverse of ``_apply_leading_comma``. Used as a pre-pass so
+    that sqlglot — which migrates inline ``/* marker */`` comments under
+    leading-comma input — sees a consistent trailing-comma shape on
+    every invocation. Comments between the two SQL lines stay in place.
+    """
+    lines = text.split("\n")
+
+    def find_prev_sql_line(idx: int) -> int:
+        k = idx - 1
+        while k >= 0 and (not lines[k].strip() or _is_comment_only(lines[k])):
+            k -= 1
+        return k
+
+    for i, line in enumerate(lines):
+        stripped = line.lstrip()
+        if not stripped.startswith(",") or _is_comment_only(line):
+            continue
+        # Don't try to rewrite leading-comma inside a comment-only line.
+        # Move the comma onto the previous SQL line as a trailing `,`.
+        prev = find_prev_sql_line(i)
+        if prev < 0:
+            continue
+        # Drop the `, ` (or `,`) at the start of this line.
+        indent_len = len(line) - len(stripped)
+        rest = stripped[1:].lstrip()
+        lines[i] = line[:indent_len] + rest
+        # Append `,` to the prev SQL line (preserving any existing right-side
+        # trailing whitespace — there shouldn't be any after format_file).
+        prev_rstripped = lines[prev].rstrip()
+        if not prev_rstripped.endswith(","):
+            lines[prev] = prev_rstripped + ","
+    return "\n".join(lines)
+
+
+def _apply_leading_comma(text: str) -> str:
+    """Rewrite trailing-comma SQL to leading-comma style as a textual pass.
+
+    Walks the assembled output line-by-line. For every line that ends with
+    ``,`` (and is not a comment), strip the comma and prepend ``, `` to the
+    next non-blank, non-comment line — preserving that target line's
+    indent. Comments between the two SQL lines stay in place. The
+    transformation is idempotent: rerunning it on its own output is a
+    no-op (the source line no longer ends with ``,``).
+
+    This decouples our user-facing ``--leading-comma`` flag from
+    sqlglot's own ``leading_comma=True`` mode, which is non-idempotent
+    when inline ``/* marker */`` comments are present — sqlglot moves
+    the markers around between passes (verified in tests/test_format.py
+    TestIdempotency).
+    """
+    lines = text.split("\n")
+    i = 0
+    n = len(lines)
+    while i < n:
+        rstripped = lines[i].rstrip()
+        if rstripped.endswith(",") and not _is_comment_only(lines[i]):
+            j = i + 1
+            while j < n and (not lines[j].strip() or _is_comment_only(lines[j])):
+                j += 1
+            if j < n:
+                stripped = lines[i].rstrip()
+                comma_idx = stripped.rfind(",")
+                lines[i] = stripped[:comma_idx] + stripped[comma_idx + 1 :]
+                target = lines[j]
+                indent_len = len(target) - len(target.lstrip())
+                lines[j] = target[:indent_len] + ", " + target[indent_len:]
+        i += 1
+    return "\n".join(lines)
+
+
 def format_file(source: str, indent: int = 4, use_sql: bool = True, leading_comma: bool = False) -> str:
     """Format the source text of an execsql script and return the result."""
+    # Normalize any leading-comma SQL in the source to trailing commas so
+    # that sqlglot always sees the same comma shape regardless of how
+    # the user saved the file. The post-pass at the bottom of this
+    # function re-applies leading commas when the caller asked for them.
+    # This is what makes leading_comma=True idempotent under inline
+    # comments — sqlglot itself migrates `/* marker */` comments when
+    # parsing leading-comma input.
+    source = _normalize_to_trailing_comma(source)
+
     depth = 0
     sql_acc: list[str] = []
     output: list[str] = []
 
     in_dollar_quote = False
+    # When in_dollar_quote, the tag string we are inside ("" for `$$`,
+    # "body" for `$body$`, etc.). Nested markers with a different tag
+    # are ignored — only a matching close marker re-opens us.
+    current_dq_tag: str | None = None
     in_block_comment = False
     # Track whether we are inside an open SQL statement (last SQL line
     # did not end with ';').  Blank lines mid-statement should NOT flush
@@ -527,7 +654,7 @@ def format_file(source: str, indent: int = 4, use_sql: bool = True, leading_comm
     in_explicit_sql_block = False
 
     def flush_sql() -> None:
-        nonlocal in_dollar_quote, in_sql_statement
+        nonlocal in_dollar_quote, current_dq_tag, in_sql_statement
         if sql_acc:
             # If any line in the accumulated block is inside a $$-delimited
             # region, skip sqlglot formatting entirely.  PL/pgSQL function
@@ -596,9 +723,19 @@ def format_file(source: str, indent: int = 4, use_sql: bool = True, leading_comm
                 output.append(format_metacommand(payload, depth, indent))
 
         else:
-            # Track $$ boundaries to prevent sqlglot from mangling PL/pgSQL
-            if "$$" in raw_line and raw_line.count("$$") % 2 == 1:
-                in_dollar_quote = not in_dollar_quote
+            # Track $$ and $tag$ boundaries to prevent sqlglot from mangling
+            # PL/pgSQL. Walk every dollar-quote marker on the line; toggle
+            # state only when we hit the matching open or close.
+            for m in _DOLLAR_QUOTE_RE.finditer(raw_line):
+                tag = m.group(1) or ""
+                if not in_dollar_quote:
+                    in_dollar_quote = True
+                    current_dq_tag = tag
+                elif tag == current_dq_tag:
+                    in_dollar_quote = False
+                    current_dq_tag = None
+                # else: tag mismatch — a foreign-tagged marker inside our
+                # quoted region; ignore (PG would treat it as literal text).
             sql_acc.append(raw_line)
             # Update statement tracking: if this SQL line ends with ';'
             # (and isn't a comment), the statement is complete.
@@ -610,6 +747,8 @@ def format_file(source: str, indent: int = 4, use_sql: bool = True, leading_comm
     flush_sql()
 
     result = "\n".join(output)
+    if leading_comma:
+        result = _apply_leading_comma(result)
     if not result.endswith("\n"):
         result += "\n"
     return result
@@ -665,6 +804,12 @@ def main() -> None:
             "--leading-comma",
             help="Place commas at the start of lines instead of the end.",
         ),
+        encoding: str = typer.Option(
+            "utf-8",
+            "--encoding",
+            metavar="NAME",
+            help="Text encoding used to read and write SQL files (default utf-8).",
+        ),
     ) -> None:
         use_sql = not no_sql
         paths = collect_paths(targets)
@@ -673,12 +818,23 @@ def main() -> None:
             raise typer.Exit(code=1)
 
         any_changed = False
+        any_errors = False
         for path in paths:
             try:
-                source = path.read_text(encoding="utf-8")
+                source = path.read_text(encoding=encoding)
             except OSError as exc:
                 _err_console.print(f"[bold red]Error:[/bold red] reading {path}: {exc}")
-                raise typer.Exit(code=1) from None
+                any_errors = True
+                # Collect read errors instead of short-circuiting so a single
+                # unreadable file doesn't hide the rest of the report.
+                continue
+            except UnicodeDecodeError as exc:
+                _err_console.print(
+                    f"[bold red]Error:[/bold red] decoding {path} as {encoding}: {exc}. "
+                    f"Try [bold]--encoding cp1252[/bold] or another text encoding.",
+                )
+                any_errors = True
+                continue
 
             formatted = format_file(source, indent=indent, use_sql=use_sql, leading_comma=leading_comma)
 
@@ -688,12 +844,12 @@ def main() -> None:
                     any_changed = True
             elif in_place:
                 if formatted != source:
-                    path.write_text(formatted, encoding="utf-8")
+                    path.write_text(formatted, encoding=encoding)
                     _console.print(f"reformatted {path}")
             else:
                 sys.stdout.write(formatted)
 
-        if check and any_changed:
+        if any_errors or (check and any_changed):
             raise typer.Exit(code=1)
 
     app()

execsql/utils/mail.py

@@ -51,16 +51,19 @@ class Mailer:
         conf = _state.conf
         if conf.smtp_host is None:
             raise ErrInfo(type="error", other_msg="Can't send email; the email host is not configured.")
+        # 30 s connect/read timeout matches the DB-adapter default so a
+        # silently-dropped SMTP peer can't hang a script (or a CI run).
+        smtp_timeout = 30
         if conf.smtp_port is None:
             if conf.smtp_ssl:
-                self.smtpconn = smtplib.SMTP_SSL(conf.smtp_host)
+                self.smtpconn = smtplib.SMTP_SSL(conf.smtp_host, timeout=smtp_timeout)
             else:
-                self.smtpconn = smtplib.SMTP(conf.smtp_host)
+                self.smtpconn = smtplib.SMTP(conf.smtp_host, timeout=smtp_timeout)
         else:
             if conf.smtp_ssl:
-                self.smtpconn = smtplib.SMTP_SSL(conf.smtp_host, conf.smtp_port)
+                self.smtpconn = smtplib.SMTP_SSL(conf.smtp_host, conf.smtp_port, timeout=smtp_timeout)
             else:
-                self.smtpconn = smtplib.SMTP(conf.smtp_host, conf.smtp_port)
+                self.smtpconn = smtplib.SMTP(conf.smtp_host, conf.smtp_port, timeout=smtp_timeout)
         self.smtpconn.ehlo_or_hello_if_needed()
         if conf.smtp_tls:
             self.smtpconn.starttls()

{execsql2-2.19.2.data → execsql2-2.21.0.data}/data/execsql2_extras/README.md

@@ -2,7 +2,7 @@
 
 Several types of templates are provided that may be useful in conjunction with execsql. These are:
 
-- **execsql.conf** — An annotated version of the configuration file that includes all configuration settings and notes on their usage.
+- **execsql.conf** — An annotated reference of every configuration setting with notes on its usage. Generate a fresh copy in any directory with `execsql --init-config > execsql.conf`; the canonical content ships inside the installed package and is loaded via `importlib.resources` (no need to find or copy a source file).
 
 - **script_template.sql** — A framework for SQL scripts that make use of several execsql features. It includes sections for custom configuration settings, custom logfile creation, and reporting of unexpected script exits (through user cancellation or errors).