mcp-read-only-sql 0.1.1__tar.gz → 0.2.2__tar.gz

{mcp_read_only_sql-0.1.1 → mcp_read_only_sql-0.2.2}/AGENTS.md

@@ -1,7 +1,7 @@
 # Repository Guidelines
 
 ## Project Structure & Module Organization
-`src/mcp_read_only_sql/server.py` exposes the MCP entry point, while `src/mcp_read_only_sql/connectors/` hosts the PostgreSQL and ClickHouse adapters. Cross-cutting helpers (`ssh_tunnel.py`, `sql_guard.py`, TSV formatting) live in `src/mcp_read_only_sql/utils/`. Configuration tooling, including DBeaver import and manifest validation, sits in `src/mcp_read_only_sql/config/` and `src/mcp_read_only_sql/tools/`. Tests are grouped in `tests/`, and Docker fixtures for integration runs reside in `docker/`. The package ships a sample `connections.yaml`, and runtime config lives under `~/.config/lukleh/mcp-read-only-sql/`.
+`src/mcp_read_only_sql/server.py` exposes the MCP entry point, while `src/mcp_read_only_sql/connectors/` hosts the PostgreSQL and ClickHouse adapters for both CLI and Python implementations. Cross-cutting helpers (`ssh_tunnel.py`, `ssh_tunnel_cli.py`, `sql_guard.py`, TSV formatting, timeout handling) live in `src/mcp_read_only_sql/utils/`. Configuration tooling, including DBeaver import and manifest validation, sits in `src/mcp_read_only_sql/config/` and `src/mcp_read_only_sql/tools/`. Tests are grouped in `tests/`, and Docker fixtures for integration runs reside in `docker/`. The package ships a sample `connections.yaml`, and runtime config lives under `~/.config/lukleh/mcp-read-only-sql/`.
 
 ## Build, Test, and Development Commands
 - `uv sync --extra dev` — install runtime and development dependencies.
@@ -11,9 +11,11 @@
 - `just validate` — lint `connections.yaml` against the schema and safety checks.
 - `just test` — spin up Dockerized fixtures and execute the full pytest suite via `./run_tests.sh`.
 - `uv run python -m pytest tests/test_sql_guard.py` — run an individual module when iterating quickly.
+- `uv run ruff check .` and `uv run black .` — run linting and formatting for the Python tree.
+- `uv run ty check` — type-check the full `src/` tree; there are no remaining package excludes.
 
 ## Coding Style & Naming Conventions
-Target Python 3.11+, four-space indentation, and Unix newlines. Format with `uv run black .` and lint via `uv run ruff check .`; CI mirrors these checks. Modules and callables use snake_case, classes PascalCase (e.g., `TestReadOnlyGuards`), and immutable settings uppercase (`DEFAULT_QUERY_TIMEOUT`). Apply type hints on public surfaces and keep docstrings brief, emphasising read-only guarantees.
+Target Python 3.11+, four-space indentation, and Unix newlines. Format with `uv run black .`, lint via `uv run ruff check .`, and keep `uv run ty check` passing for `src/`. Modules and callables use snake_case, classes PascalCase (e.g., `TestReadOnlyGuards`), and immutable settings uppercase (`DEFAULT_QUERY_TIMEOUT`). Apply type hints on public surfaces and keep docstrings brief, emphasizing read-only guarantees and connector behavior.
 
 ## Testing Guidelines
 Pytest discovers `test_*.py` modules, `Test*` classes, and `test_*` functions per `pytest.ini`. Use the built-in markers (`security`, `cli`, `python`, `ssh`, `slow`) to scope runs, e.g. `pytest -m "security and not slow"`. A 30s default timeout applies, so tear down tunnels and subprocesses explicitly. `just test` emits JUnit XML at `test-results/pytest.xml` for CI uploads.
@@ -22,4 +24,4 @@ Pytest discovers `test_*.py` modules, `Test*` classes, and `test_*` functions pe
 Recent commits favour imperative, concise subjects (“Refactor PostgreSQL read-only guard into shared utility”). Keep changes focused and explain security or connector impacts in the body when needed. Pull requests should describe motivation, list affected modules or scripts, link issues, and attach logs or screenshots for operational updates.
 
 ## Security & Configuration Tips
-Do not relax safeguards in `src/mcp_read_only_sql/utils/sql_guard.py` or connector factories without matching tests. Treat `connections.yaml` as sensitive; the server stores database and SSH passwords directly in that file, so keep it private and user-readable only. Use the SSH tunnel helpers instead of bespoke subprocesses to preserve timeout and read-only enforcement.
+Do not relax safeguards in `src/mcp_read_only_sql/utils/sql_guard.py` or connector factories without matching tests. Treat `connections.yaml` as sensitive; the server stores database and SSH passwords directly in that file, so keep it private and user-readable only. Use the shared SSH tunnel and timeout helpers instead of bespoke subprocesses so read-only enforcement, cleanup, and managed result-file behavior stay consistent.

{mcp_read_only_sql-0.1.1 → mcp_read_only_sql-0.2.2}/CHANGELOG.md

@@ -7,6 +7,24 @@ and this project aims to follow [Semantic Versioning](https://semver.org/).
 
 ## [Unreleased]
 
+## [0.2.2] - 2026-04-03
+
+### Added
+
+- Added `ty` as a supported development check for the full packaged `src/` tree.
+
+### Changed
+
+- Added repo-specific `AGENTS.md` guidance covering connector layout, shared timeout and SSH helpers, and the typed development workflow.
+- Reworked `RELEASING.md` into an evergreen release checklist with explicit validation, tagging, and publish steps.
+
+### Fixed
+
+- Flushed the final buffered TSV line when PostgreSQL and ClickHouse CLI queries stream results to an output file.
+- Hardened DBeaver credential import so missing or non-dictionary decrypted sections are ignored cleanly instead of being treated as valid connection data.
+
+## [0.2.1] - 2026-04-02
+
 ### Added
 
 - Root `CHANGELOG.md` using the Keep a Changelog format and seeded package history.
@@ -15,6 +33,12 @@ and this project aims to follow [Semantic Versioning](https://semver.org/).
 
 - `project.urls.Changelog` now points to the in-repo changelog instead of the generic GitHub releases page.
 - The release flow now treats changelog maintenance as a required step and reuses changelog sections for GitHub release notes.
+- Breaking: `run_query_read_only` now always writes successful query results under the managed state directory and returns the TSV file path instead of inline query output.
+- Breaking: removed the `file_path` tool parameter and `max_result_bytes` configuration/result-size limit behavior.
+
+### Fixed
+
+- Restored Python connector executor compatibility so non-file query execution no longer passes unexpected positional arguments to synchronous workers or test stubs after the managed result-file refactor.
 
 ## [0.1.0] - 2026-03-29
 

{mcp_read_only_sql-0.1.1 → mcp_read_only_sql-0.2.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mcp-read-only-sql
-Version: 0.1.1
+Version: 0.2.2
 Summary: MCP server for read-only SQL queries supporting PostgreSQL and ClickHouse
 Project-URL: Homepage, https://github.com/lukleh/mcp-read-only-sql
 Project-URL: Repository, https://github.com/lukleh/mcp-read-only-sql
@@ -29,6 +29,7 @@ Requires-Dist: black>=23.0.0; extra == 'dev'
 Requires-Dist: pytest-timeout>=2.2.0; extra == 'dev'
 Requires-Dist: pytest>=7.0.0; extra == 'dev'
 Requires-Dist: ruff>=0.1.0; extra == 'dev'
+Requires-Dist: ty>=0.0.28; extra == 'dev'
 Description-Content-Type: text/markdown
 
 # MCP Read-Only SQL Server
@@ -41,6 +42,7 @@ A secure MCP (Model Context Protocol) server that provides **read-only** SQL acc
 > - Config: `~/.config/lukleh/mcp-read-only-sql/connections.yaml`
 > - Credentials: stored in `connections.yaml`
 > - State: `~/.local/state/lukleh/mcp-read-only-sql/`
+> - Query results: `~/.local/state/lukleh/mcp-read-only-sql/results/`
 > - Cache: `~/.cache/lukleh/mcp-read-only-sql/`
 
 ## Security
@@ -48,8 +50,8 @@ A secure MCP (Model Context Protocol) server that provides **read-only** SQL acc
 The server implements a **three-layer security model**:
 
 1. **Database-level read-only** - Sessions forced to read-only mode
-2. **Timeout protection** - Connection timeout (5s), query timeout (10s) - configurable per connection
-3. **Result size limits** - Default 5KB, prevents memory exhaustion
+2. **Timeout protection** - Connection and query timeouts are configurable per connection
+3. **Managed result files** - Successful query results are written to `state_dir/results` with `0600` permissions
 
 All write operations (INSERT, UPDATE, DELETE, etc.) are blocked at the database level.
 
@@ -60,7 +62,7 @@ All write operations (INSERT, UPDATE, DELETE, etc.) are blocked at the database
 - **ClickHouse (Python)** – The driver sets `readonly=1` plus connection/query timeouts, forcing the server to reject any write or DDL attempt.
 - **ClickHouse (CLI)** – `clickhouse-client` is invoked with `--readonly=1`, `--max_execution_time`, and connection timeouts, turning the session into a read-only context.
 
-The shared connector base also applies hard timeouts and result-size ceilings, giving the MCP server deterministic behaviour even if the database misbehaves.
+The shared connector base also applies hard timeouts, giving the MCP server deterministic behaviour even if the database misbehaves.
 
 See [READ_ONLY_ENFORCEMENT_MATRIX.md](READ_ONLY_ENFORCEMENT_MATRIX.md) for a statement-by-statement view of every write-capable command and the tests that enforce it.
 
@@ -70,7 +72,7 @@ See [READ_ONLY_ENFORCEMENT_MATRIX.md](READ_ONLY_ENFORCEMENT_MATRIX.md) for a sta
 - **Multi-database support** - PostgreSQL and ClickHouse
 - **Dual implementations** - Choose between Python (pure Python, no dependencies) or CLI (uses `psql`/`clickhouse-client`)
 - **SSH tunnel support** - Both implementations support key authentication; Python uses Paramiko for passwords and CLI uses `sshpass` for password-based tunnels
-- **Security built-in** - Timeouts, size limits, session controls
+- **Security built-in** - Timeouts, managed result files, session controls
 - **DBeaver import** - Import existing connections easily
 
 ## Prerequisites
@@ -98,7 +100,25 @@ sshpass -V
 
 ## Quick Start
 
-### 1. Install or Run from This Checkout
+### 1. Install or Run the Server
+
+For the published package, prefer `@latest` with `uvx`:
+
+```bash
+uvx mcp-read-only-sql@latest --write-sample-config
+```
+
+Or install it once and reuse the command directly:
+
+```bash
+uv tool install mcp-read-only-sql
+mcp-read-only-sql --write-sample-config
+```
+
+When using `uvx` with the published package, prefer
+`mcp-read-only-sql@latest` in user-facing docs and MCP client configs. This
+avoids reusing a stale cached tool environment after a new release is
+published.
 
 For one-off runs from this checkout, use `uvx --from .`:
 
@@ -113,12 +133,14 @@ uv tool install .
 mcp-read-only-sql --write-sample-config
 ```
 
-After the package is published to PyPI, you can replace `.` with `mcp-read-only-sql`.
+For checkout-based commands below, you can replace `uvx --from . mcp-read-only-sql`
+with `uvx mcp-read-only-sql@latest` once you want to use the published package instead.
 
 That creates:
 
 - `~/.config/lukleh/mcp-read-only-sql/connections.yaml`
 - `~/.local/state/lukleh/mcp-read-only-sql/`
+- `~/.local/state/lukleh/mcp-read-only-sql/results/`
 - `~/.cache/lukleh/mcp-read-only-sql/`
 
 ### 2. Choose an Implementation Per Connection
@@ -203,19 +225,19 @@ just print-paths
 For Claude Code:
 
 ```bash
-claude mcp add mcp-read-only-sql -- uvx --from . mcp-read-only-sql
+claude mcp add mcp-read-only-sql -- uvx mcp-read-only-sql@latest
 ```
 
 For Codex:
 
 ```bash
-codex mcp add mcp-read-only-sql -- uvx --from . mcp-read-only-sql
+codex mcp add mcp-read-only-sql -- uvx mcp-read-only-sql@latest
 ```
 
 For manual testing with a different config root:
 
 ```bash
-uvx --from . mcp-read-only-sql --config-dir /path/to/config-dir --print-paths
+uvx mcp-read-only-sql@latest --config-dir /path/to/config-dir --print-paths
 ```
 
 ## MCP Tools
@@ -228,8 +250,7 @@ Execute read-only SQL queries on configured databases.
   "connection_name": "my_postgres",
   "query": "SELECT * FROM users LIMIT 10",
   "database": "analytics",
-  "server": "db2.example.com",
-  "file_path": "~/Downloads/query.tsv"
+  "server": "db2.example.com"
 }
 ```
 
@@ -238,12 +259,15 @@ Execute read-only SQL queries on configured databases.
 - `query` (required): SQL text that must remain read-only
 - `database` (optional): Database to use (must be listed in the connection's allowlist).
 - `server` (optional): Hostname to target a specific server. If not provided, uses the first server in the connection's list.
-- `file_path` (optional): When provided, results are written to this path (parents created if needed) and the tool returns the absolute path string instead of TSV content. The file must not already exist; if it does, the tool returns an error instead of overwriting. The result-size limit is skipped when saving to a file so the full output is streamed to disk.
 
-**Returns:** Tab-separated text (TSV) with a header row followed by data rows.
-The structured MCP payload mirrors the same TSV string. If results exceed
-`max_result_bytes`, a trailing notice indicates truncation. When `file_path`
-is supplied, the returned value is the absolute path of the written file, the tool refuses to overwrite existing files, and result-size truncation is not applied (full result is written).
+**Returns:** Absolute path to a TSV file created under the server's managed
+state directory, typically `~/.local/state/lukleh/mcp-read-only-sql/results/`.
+Successful query results are persisted with `0600` permissions and are no
+longer returned inline on success.
+
+Result files accumulate under `state_dir/results/` until you remove them.
+If you do not want to retain old query output, periodically clean
+`~/.local/state/lukleh/mcp-read-only-sql/results/`.
 
 ### `list_connections`
 List all available database connections.

{mcp_read_only_sql-0.1.1 → mcp_read_only_sql-0.2.2}/README.md

@@ -8,6 +8,7 @@ A secure MCP (Model Context Protocol) server that provides **read-only** SQL acc
 > - Config: `~/.config/lukleh/mcp-read-only-sql/connections.yaml`
 > - Credentials: stored in `connections.yaml`
 > - State: `~/.local/state/lukleh/mcp-read-only-sql/`
+> - Query results: `~/.local/state/lukleh/mcp-read-only-sql/results/`
 > - Cache: `~/.cache/lukleh/mcp-read-only-sql/`
 
 ## Security
@@ -15,8 +16,8 @@ A secure MCP (Model Context Protocol) server that provides **read-only** SQL acc
 The server implements a **three-layer security model**:
 
 1. **Database-level read-only** - Sessions forced to read-only mode
-2. **Timeout protection** - Connection timeout (5s), query timeout (10s) - configurable per connection
-3. **Result size limits** - Default 5KB, prevents memory exhaustion
+2. **Timeout protection** - Connection and query timeouts are configurable per connection
+3. **Managed result files** - Successful query results are written to `state_dir/results` with `0600` permissions
 
 All write operations (INSERT, UPDATE, DELETE, etc.) are blocked at the database level.
 
@@ -27,7 +28,7 @@ All write operations (INSERT, UPDATE, DELETE, etc.) are blocked at the database
 - **ClickHouse (Python)** – The driver sets `readonly=1` plus connection/query timeouts, forcing the server to reject any write or DDL attempt.
 - **ClickHouse (CLI)** – `clickhouse-client` is invoked with `--readonly=1`, `--max_execution_time`, and connection timeouts, turning the session into a read-only context.
 
-The shared connector base also applies hard timeouts and result-size ceilings, giving the MCP server deterministic behaviour even if the database misbehaves.
+The shared connector base also applies hard timeouts, giving the MCP server deterministic behaviour even if the database misbehaves.
 
 See [READ_ONLY_ENFORCEMENT_MATRIX.md](READ_ONLY_ENFORCEMENT_MATRIX.md) for a statement-by-statement view of every write-capable command and the tests that enforce it.
 
@@ -37,7 +38,7 @@ See [READ_ONLY_ENFORCEMENT_MATRIX.md](READ_ONLY_ENFORCEMENT_MATRIX.md) for a sta
 - **Multi-database support** - PostgreSQL and ClickHouse
 - **Dual implementations** - Choose between Python (pure Python, no dependencies) or CLI (uses `psql`/`clickhouse-client`)
 - **SSH tunnel support** - Both implementations support key authentication; Python uses Paramiko for passwords and CLI uses `sshpass` for password-based tunnels
-- **Security built-in** - Timeouts, size limits, session controls
+- **Security built-in** - Timeouts, managed result files, session controls
 - **DBeaver import** - Import existing connections easily
 
 ## Prerequisites
@@ -65,7 +66,25 @@ sshpass -V
 
 ## Quick Start
 
-### 1. Install or Run from This Checkout
+### 1. Install or Run the Server
+
+For the published package, prefer `@latest` with `uvx`:
+
+```bash
+uvx mcp-read-only-sql@latest --write-sample-config
+```
+
+Or install it once and reuse the command directly:
+
+```bash
+uv tool install mcp-read-only-sql
+mcp-read-only-sql --write-sample-config
+```
+
+When using `uvx` with the published package, prefer
+`mcp-read-only-sql@latest` in user-facing docs and MCP client configs. This
+avoids reusing a stale cached tool environment after a new release is
+published.
 
 For one-off runs from this checkout, use `uvx --from .`:
 
@@ -80,12 +99,14 @@ uv tool install .
 mcp-read-only-sql --write-sample-config
 ```
 
-After the package is published to PyPI, you can replace `.` with `mcp-read-only-sql`.
+For checkout-based commands below, you can replace `uvx --from . mcp-read-only-sql`
+with `uvx mcp-read-only-sql@latest` once you want to use the published package instead.
 
 That creates:
 
 - `~/.config/lukleh/mcp-read-only-sql/connections.yaml`
 - `~/.local/state/lukleh/mcp-read-only-sql/`
+- `~/.local/state/lukleh/mcp-read-only-sql/results/`
 - `~/.cache/lukleh/mcp-read-only-sql/`
 
 ### 2. Choose an Implementation Per Connection
@@ -170,19 +191,19 @@ just print-paths
 For Claude Code:
 
 ```bash
-claude mcp add mcp-read-only-sql -- uvx --from . mcp-read-only-sql
+claude mcp add mcp-read-only-sql -- uvx mcp-read-only-sql@latest
 ```
 
 For Codex:
 
 ```bash
-codex mcp add mcp-read-only-sql -- uvx --from . mcp-read-only-sql
+codex mcp add mcp-read-only-sql -- uvx mcp-read-only-sql@latest
 ```
 
 For manual testing with a different config root:
 
 ```bash
-uvx --from . mcp-read-only-sql --config-dir /path/to/config-dir --print-paths
+uvx mcp-read-only-sql@latest --config-dir /path/to/config-dir --print-paths
 ```
 
 ## MCP Tools
@@ -195,8 +216,7 @@ Execute read-only SQL queries on configured databases.
   "connection_name": "my_postgres",
   "query": "SELECT * FROM users LIMIT 10",
   "database": "analytics",
-  "server": "db2.example.com",
-  "file_path": "~/Downloads/query.tsv"
+  "server": "db2.example.com"
 }
 ```
 
@@ -205,12 +225,15 @@ Execute read-only SQL queries on configured databases.
 - `query` (required): SQL text that must remain read-only
 - `database` (optional): Database to use (must be listed in the connection's allowlist).
 - `server` (optional): Hostname to target a specific server. If not provided, uses the first server in the connection's list.
-- `file_path` (optional): When provided, results are written to this path (parents created if needed) and the tool returns the absolute path string instead of TSV content. The file must not already exist; if it does, the tool returns an error instead of overwriting. The result-size limit is skipped when saving to a file so the full output is streamed to disk.
 
-**Returns:** Tab-separated text (TSV) with a header row followed by data rows.
-The structured MCP payload mirrors the same TSV string. If results exceed
-`max_result_bytes`, a trailing notice indicates truncation. When `file_path`
-is supplied, the returned value is the absolute path of the written file, the tool refuses to overwrite existing files, and result-size truncation is not applied (full result is written).
+**Returns:** Absolute path to a TSV file created under the server's managed
+state directory, typically `~/.local/state/lukleh/mcp-read-only-sql/results/`.
+Successful query results are persisted with `0600` permissions and are no
+longer returned inline on success.
+
+Result files accumulate under `state_dir/results/` until you remove them.
+If you do not want to retain old query output, periodically clean
+`~/.local/state/lukleh/mcp-read-only-sql/results/`.
 
 ### `list_connections`
 List all available database connections.

mcp_read_only_sql-0.2.2/RELEASING.md

@@ -0,0 +1,76 @@
+# Releasing `mcp-read-only-sql`
+
+This repository publishes to PyPI from Git tags through GitHub Actions.
+
+Release automation lives in:
+- `.github/workflows/publish.yml`
+- `.github/workflows/test.yml`
+- the GitHub environment named `pypi`
+- the PyPI trusted publisher for `lukleh/mcp-read-only-sql`
+
+## What To Change For A Release
+
+Update these files in the release commit:
+
+1. `CHANGELOG.md`
+   Move the user-visible items from `## [Unreleased]` into a new section:
+   `## [X.Y.Z] - YYYY-MM-DD`
+2. `pyproject.toml`
+   Update `[project].version` to `X.Y.Z`
+
+Do not expect a tracked `uv.lock` change in this repository. `uv.lock` is
+gitignored here, so it is not part of the release diff.
+
+`RELEASING.md` should stay evergreen. It should explain the process, not carry a
+release-specific version number.
+
+## How To Update The Version
+
+1. Edit `pyproject.toml`
+2. Refresh the local environment if needed:
+
+```bash
+uv sync --extra dev
+```
+
+3. Confirm the installed package metadata and CLI version output match:
+
+```bash
+uv run --extra dev pytest tests/test_server.py tests/test_cli_versions.py -q -k 'package_version_matches_distribution_metadata or support_version'
+```
+
+## Pre-Release Validation
+
+Run the normal local checks before tagging:
+
+```bash
+uv run --extra dev ruff check .
+uv run --extra dev ty check
+./run_tests.sh
+```
+
+If you are iterating on release metadata only, the focused version tests above
+are the minimum sanity check.
+
+## How To Publish
+
+1. Make the release commit on `main`
+2. Create and push the matching tag:
+
+```bash
+git tag vX.Y.Z
+git push origin main
+git push origin vX.Y.Z
+```
+
+3. GitHub Actions starts `.github/workflows/publish.yml`
+4. The workflow runs the test matrix, builds the wheel and sdist, and smoke-tests the built artifacts
+5. The final publish job pauses on the GitHub `pypi` environment
+6. Approve the deployment in GitHub Actions
+7. GitHub publishes the package to PyPI
+
+## Notes
+
+- Keep both `implementation: cli` and `implementation: python` clearly supported in release notes and docs
+- `uvx` installs the Python package only; it does not install `psql`, `clickhouse-client`, or `sshpass`
+- If the public CLI or result-file behavior changes, keep the package smoke tests and README aligned with `mcp-read-only-sql`

{mcp_read_only_sql-0.1.1 → mcp_read_only_sql-0.2.2}/connections.yaml.sample

@@ -1,6 +1,6 @@
 # MCP Read-Only SQL Server - Connection Configuration Sample
 # This file demonstrates all connection variations and options.
-# `uvx --from . mcp-read-only-sql --write-sample-config` writes it to
+# `uvx mcp-read-only-sql@latest --write-sample-config` writes it to
 # ~/.config/lukleh/mcp-read-only-sql/connections.yaml
 
 # ============================================================================
@@ -115,7 +115,7 @@
 # SECURITY-LIMITED CONNECTIONS
 # ============================================================================
 
-# Strict security limits for sensitive data
+# Strict security defaults for sensitive data
 - connection_name: restricted_postgres
   description: Highly restricted connection for sensitive data
   type: postgresql
@@ -125,10 +125,9 @@
   db: sensitive_data  # Connect to specific database
   username: auditor
   password: change_me
-  # Strict security limits (stricter than defaults)
-  query_timeout: 2            # Max 2 seconds per query (default: 10)
-  connection_timeout: 2       # Max 2 seconds to connect (default: 5)
-  max_result_bytes: 1024      # Max 1KB results (default: 5KB)
+  # Strict timeouts for sensitive data
+  query_timeout: 2            # Max 2 seconds per query
+  connection_timeout: 2       # Max 2 seconds to connect
 
 # Moderate limits for general use
 - connection_name: limited_analytics
@@ -140,9 +139,8 @@
   db: analytics
   username: analyst
   password: change_me
-  query_timeout: 60           # 1 minute for complex queries (default: 10)
-  connection_timeout: 10      # 10 seconds to connect (default: 5)
-  max_result_bytes: 20971520  # 20MB for larger datasets (default: 5KB)
+  query_timeout: 60           # 1 minute for complex queries
+  connection_timeout: 10      # 10 seconds to connect
 
 # Very strict limits for public/untrusted queries
 - connection_name: public_readonly
@@ -153,9 +151,8 @@
   db: public_data
   username: public_reader
   password: change_me
-  query_timeout: 1            # 1 second max (default: 10)
-  connection_timeout: 1       # Quick connect only (default: 5)
-  max_result_bytes: 512       # 512 bytes max (default: 5KB)
+  query_timeout: 1            # 1 second max
+  connection_timeout: 1       # Quick connect only
 
 # ============================================================================
 # CLI IMPLEMENTATION CONNECTIONS
@@ -200,10 +197,9 @@
   db: production  # For multiple databases, use allowed_databases + default_database
   username: power_user
   password: change_me
-  # Security limits (reasonable for production)
-  query_timeout: 30           # 30 seconds (default: 10)
-  connection_timeout: 10      # 10 seconds to connect (default: 5)
-  max_result_bytes: 10485760  # 10MB (default: 5KB)
+  # Security timeouts (reasonable for production)
+  query_timeout: 30           # 30 seconds
+  connection_timeout: 10      # 10 seconds to connect
   # SSH tunnel
   ssh_tunnel:
     host: bastion.example.com
@@ -242,15 +238,13 @@
 # ============================================================================
 # 1. Default implementation is 'cli' if not specified
 # 2. Default ports: PostgreSQL=5432, ClickHouse=9000 (native protocol)
-# 3. Default security limits:
-#    - query_timeout: 10 seconds
-#    - connection_timeout: 5 seconds
-#    - max_result_bytes: 5120 bytes (5KB)
-# 4. Use 'db' for a single allowed database, or 'allowed_databases' + 'default_database' for multiple
-# 5. Multiple servers: Currently always uses first server (no load balancing/failover)
-# 6. Passwords live directly in this YAML file
-# 7. All queries are forced to be read-only at multiple levels
-# 8. CLI implementations require the respective tools installed:
+# 3. Query and connection timeouts are configurable per connection
+# 4. Successful query results are written to ~/.local/state/lukleh/mcp-read-only-sql/results/
+# 5. Use 'db' for a single allowed database, or 'allowed_databases' + 'default_database' for multiple
+# 6. Multiple servers: Currently always uses first server (no load balancing/failover)
+# 7. Passwords live directly in this YAML file
+# 8. All queries are forced to be read-only at multiple levels
+# 9. CLI implementations require the respective tools installed:
 #    - PostgreSQL: psql
 #    - ClickHouse: clickhouse-client
-# 9. Never commit actual passwords from this file; keep permissions restricted
+# 10. Never commit actual passwords from this file; keep permissions restricted

{mcp_read_only_sql-0.1.1 → mcp_read_only_sql-0.2.2}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "mcp-read-only-sql"
-version = "0.1.1"
+version = "0.2.2"
 description = "MCP server for read-only SQL queries supporting PostgreSQL and ClickHouse"
 readme = "README.md"
 requires-python = ">=3.11"
@@ -39,6 +39,7 @@ dev = [
     "pytest-timeout>=2.2.0",
     "black>=23.0.0",
     "ruff>=0.1.0",
+    "ty>=0.0.28",
 ]
 
 [build-system]
@@ -50,3 +51,6 @@ mcp-read-only-sql = "mcp_read_only_sql.server:main"
 
 [tool.hatch.build.targets.wheel]
 packages = ["src/mcp_read_only_sql"]
+
+[tool.ty.src]
+include = ["src"]

{mcp_read_only_sql-0.1.1 → mcp_read_only_sql-0.2.2}/src/mcp_read_only_sql/__init__.py

@@ -2,7 +2,6 @@
 
 from importlib.metadata import PackageNotFoundError, version
 
-
 try:
     __version__ = version("mcp-read-only-sql")
 except PackageNotFoundError:

{mcp_read_only_sql-0.1.1 → mcp_read_only_sql-0.2.2}/src/mcp_read_only_sql/config/connection.py

@@ -9,7 +9,6 @@ DEFAULT_IMPLEMENTATION = "cli"
 DEFAULT_SSH_PORT = 22
 DEFAULT_QUERY_TIMEOUT = 120
 DEFAULT_CONNECTION_TIMEOUT = 10
-DEFAULT_MAX_RESULT_BYTES = 10_000_000
 
 
 def _normalize_positive_timeout(value: Any, field_name: str) -> float:
@@ -21,15 +20,6 @@ def _normalize_positive_timeout(value: Any, field_name: str) -> float:
     return value
 
 
-def _normalize_positive_int(value: Any, field_name: str) -> int:
-    """Validate positive integer settings used at runtime."""
-    if isinstance(value, bool) or not isinstance(value, int):
-        raise ValueError(f"Field '{field_name}' must be a positive integer")
-    if value <= 0:
-        raise ValueError(f"Field '{field_name}' must be a positive integer")
-    return value
-
-
 def _normalize_database_list(value: Any, field_name: str) -> List[str]:
     """Normalize a database list field to a deduplicated list of names."""
     if value is None:
@@ -119,7 +109,7 @@ class SSHTunnelConfig:
                 raise ValueError("SSH tunnel timeout must be a positive integer")
 
     @classmethod
-    def from_dict(cls, data: Dict[str, Any]) -> "SSHTunnelConfig":
+    def from_dict(cls, data: Dict[str, Any]) -> Optional["SSHTunnelConfig"]:
         """Create SSHTunnelConfig from dict with validation."""
         if not data.get("enabled", True):
             return None
@@ -221,6 +211,10 @@ class Connection:
             raise ValueError(
                 "Field 'password_env' is no longer supported; put the database password in 'password'"
             )
+        if "max_result_bytes" in config:
+            raise ValueError(
+                "Field 'max_result_bytes' is no longer supported; successful query results are now written to managed files"
+            )
 
         password = config.get("password", "")
 
@@ -302,10 +296,6 @@ class Connection:
             config.get("connection_timeout", DEFAULT_CONNECTION_TIMEOUT),
             "connection_timeout",
         )
-        self._max_result_bytes = _normalize_positive_int(
-            config.get("max_result_bytes", DEFAULT_MAX_RESULT_BYTES),
-            "max_result_bytes",
-        )
         self._description = config.get("description", "")
 
     @property
@@ -378,11 +368,6 @@ class Connection:
         """Connection timeout in seconds"""
         return self._connection_timeout
 
-    @property
-    def max_result_bytes(self) -> Optional[int]:
-        """Maximum result size in bytes (None for unlimited)"""
-        return self._max_result_bytes
-
     @property
     def description(self) -> str:
         """Connection description (optional)"""