slowql 0.0.0__tar.gz

slowql-0.0.0/.dockerignore

@@ -0,0 +1,9 @@
+.git
+.gitignore
+dist
+build
+*.egg-info
+.venv*
+__pycache__
+node_modules
+*.pyc

slowql-0.0.0/.github/CODEOWNERS

@@ -0,0 +1,11 @@
+# Global owner
+* @makroumi
+
+# Detectors require specialized review
+/slowql/detectors/ @makroumi @security-team
+
+# CI/CD changes
+/.github/workflows/ @makroumi @devops-team
+
+# Documentation
+/docs/ @makroumi @docs-team

slowql-0.0.0/.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,34 @@
+name: 🐛 Bug Report
+description: Report a reproducible bug in SlowQL
+title: "[Bug]: "
+labels: ["bug"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for reporting a bug! Please fill out the details below.
+  - type: input
+    id: environment
+    attributes:
+      label: Environment
+      description: OS, Python version, SlowQL version
+      placeholder: "Ubuntu 22.04, Python 3.11, SlowQL 1.0.4"
+  - type: textarea
+    id: steps
+    attributes:
+      label: Steps to Reproduce
+      description: What commands or inputs caused the bug?
+  - type: textarea
+    id: expected
+    attributes:
+      label: Expected Behavior
+  - type: textarea
+    id: actual
+    attributes:
+      label: Actual Behavior
+  - type: textarea
+    id: logs
+    attributes:
+      label: Relevant Logs/Output
+      render: shell
+      description: Please format logs/output as code for readability.

slowql-0.0.0/.github/ISSUE_TEMPLATE/detector_request.yml

@@ -0,0 +1,24 @@
+name: 🔍 Detector Request
+description: Propose a new SQL detector
+title: "[Detector]: "
+labels: ["detector"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Help us expand SlowQL’s detector library!
+  - type: input
+    id: name
+    attributes:
+      label: Detector Name
+      placeholder: "Missing WHERE clause detector"
+  - type: textarea
+    id: description
+    attributes:
+      label: Detector Description
+      description: What issue does this detector catch?
+  - type: textarea
+    id: example
+    attributes:
+      label: Example SQL
+      description: Provide sample queries that should trigger this detector.

slowql-0.0.0/.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,24 @@
+name: ✨ Feature Request
+description: Suggest a new feature or enhancement
+title: "[Feature]: "
+labels: ["enhancement"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for suggesting a feature! Please describe your idea clearly.
+  - type: textarea
+    id: description
+    attributes:
+      label: Feature Description
+      description: What should SlowQL do?
+  - type: textarea
+    id: motivation
+    attributes:
+      label: Motivation
+      description: Why is this feature useful?
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternatives
+      description: Other ways you considered solving this?

slowql-0.0.0/.github/dependabot.yml

@@ -0,0 +1,10 @@
+version: 2
+updates:
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    groups:
+      all-deps:
+        patterns:
+          - "*"

slowql-0.0.0/.github/pull_request_template.md

@@ -0,0 +1,15 @@
+# Pull Request
+
+## Description
+<!-- Describe your changes clearly -->
+
+## Related Issue
+<!-- Link to issue if applicable -->
+
+## Checklist
+- [ ] Tests added/updated
+- [ ] Linting and type checks pass (`make all`)
+- [ ] Documentation updated
+- [ ] CI pipeline green
+
+## Screenshots (if applicable)

slowql-0.0.0/.github/security.md

@@ -0,0 +1,15 @@
+# 🔐 Security Policy
+
+If you discover a vulnerability in SlowQL, please report it privately.
+
+## Reporting
+- Email: elmehdi.makroumi@gmail.com
+- GitHub: [Open a private advisory](https://github.com/makroumi/slowql/security/advisories)
+
+We aim to respond within 48 hours and patch within 7 days.
+
+## Scope
+This policy covers:
+- SQL parsing and analysis logic
+- CLI behavior and output
+- Containerized builds and published packages

slowql-0.0.0/.github/workflows/ci.yml

@@ -0,0 +1,189 @@
+name: CI Pipeline
+
+on:
+  push:
+    branches: [ main ]
+    tags:
+      - 'v*'
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  # -------------------------------
+  # Linting
+  # -------------------------------
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python 3.12
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+          cache: "pip"
+
+      - name: Install Ruff
+        run: pip install ruff
+
+      - name: Run Ruff linter
+        run: ruff check src tests
+
+  # -------------------------------
+  # Type Checking
+  # -------------------------------
+  type-check:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python 3.12
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+          cache: "pip"
+
+      - name: Install Mypy
+        run: pip install mypy
+
+      - name: Run Mypy type checker
+        run: mypy src
+
+  # -------------------------------
+  # Tests + Coverage
+  # -------------------------------
+  tests:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python 3.12
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+          cache: "pip"
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements.txt
+          pip install -e .
+          pip install pytest pytest-cov pytest-benchmark
+
+      - name: Run test suite
+        run: |
+          pytest --maxfail=1 --disable-warnings --benchmark-disable -v \
+                 --cov=src --cov-report=xml --cov-report=term-missing \
+                 --junitxml=junit.xml -o junit_family=legacy
+
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v4
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          files: coverage.xml
+          flags: unittests
+          name: codecov-slowql
+          fail_ci_if_error: true
+
+      - name: Upload test results to Codecov
+        if: ${{ !cancelled() }}
+        uses: codecov/test-results-action@v1
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+
+      - name: Upload coverage report artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: coverage-report
+          path: coverage.xml
+
+  # -------------------------------
+  # Docker Build & Push (DockerHub)
+  # -------------------------------
+  docker-build-and-push:
+    runs-on: ubuntu-latest
+    needs: [lint, type-check, tests]
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: |
+            makroumi/slowql:latest
+            makroumi/slowql:${{ github.ref_name }}
+
+  # -------------------------------
+  # Docker Build & Push (GHCR)
+  # -------------------------------
+  docker-build-and-push-ghcr:
+    runs-on: ubuntu-latest
+    needs: [lint, type-check, tests]
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Log in to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Build and push GHCR image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: |
+            ghcr.io/makroumi/slowql:latest
+            ghcr.io/makroumi/slowql:${{ github.ref_name }}
+
+  # -------------------------------
+  # Publish to PyPI
+  # -------------------------------
+  publish-pypi:
+    runs-on: ubuntu-latest
+    needs: [lint, type-check, tests]
+    permissions:
+      id-token: write   # Required for OIDC
+      contents: read
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Install build tools
+        run: |
+          python -m pip install --upgrade pip
+          pip install build
+
+      - name: Build package
+        run: python -m build
+
+      - name: Publish to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          skip-existing: true

slowql-0.0.0/.github/workflows/dependency-review.yml

@@ -0,0 +1,17 @@
+name: Dependency Review
+
+on:
+  pull_request:
+    branches: [ "main" ]
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Dependency Review
+        uses: actions/dependency-review-action@v4
+        with:
+          fail-on-severity: high

slowql-0.0.0/.github/workflows/docs.yml

@@ -0,0 +1,26 @@
+name: Deploy Docs
+
+on:
+  push:
+    branches: [ "main" ]
+
+permissions:
+  contents: write   # <-- critical: allows github-actions[bot] to push to gh-pages
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0   # <-- ensures full history for git-revision-date-localized plugin
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+      - run: pip install mkdocs mkdocs-material mkdocstrings[python] mkdocs-git-revision-date-localized-plugin
+      - run: mkdocs build --strict
+      - name: Deploy to GitHub Pages
+        uses: peaceiris/actions-gh-pages@v4
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          publish_dir: ./site

slowql-0.0.0/.github/workflows/sbom.yml

@@ -0,0 +1,27 @@
+name: SBOM
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+jobs:
+  sbom:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Generate SBOM
+        uses: anchore/sbom-action@v0
+        with:
+          path: .
+          format: spdx-json
+          output-file: sbom.spdx.json
+
+      - name: Upload SBOM artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: sbom
+          path: sbom.spdx.json

slowql-0.0.0/.github/workflows/snyk.yml

@@ -0,0 +1,19 @@
+name: Security Scan
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+      - run: pip install -e .
+      - uses: snyk/actions/python@main
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

slowql-0.0.0/.gitignore

@@ -0,0 +1,29 @@
+.venv
+
+__pycache__/
+*.pyc
+.coverage
+*.egg-info/
+sql_analysis_*.json
+.pytest_cache/
+
+# Generated files
+htmlcov/
+dist/
+build/
+*.egg-info/
+.coverage
+.pytest_cache/
+reports/
+*.html
+*.json
+*.csv
+
+# Generated
+htmlcov/
+report/
+reports/
+.coverage
+*.egg-info/
+__pycache__/
+

slowql-0.0.0/CHANGELOG.md

@@ -0,0 +1,14 @@
+# Changelog
+
+All notable changes to this project will be documented here.
+
+---
+
+## [1.0.3] - 2025-12-03
+### Added
+- Initial release of SlowQL
+- Critical and High severity detectors
+- CI/CD examples (GitHub, GitLab, Jenkins, Pre-Commit)
+
+### Fixed
+- MkDocs strict build errors

slowql-0.0.0/CODE_OF_CONDUCT.md

@@ -0,0 +1,27 @@
+# Code of Conduct
+
+## Our Pledge
+
+We pledge to make participation in SlowQL a harassment-free experience for everyone.
+
+## Standards
+
+**Positive behavior:**
+- Welcoming and inclusive language
+- Respectful of differing viewpoints
+- Gracefully accepting constructive criticism
+
+**Unacceptable behavior:**
+- Harassment, trolling, insulting comments
+- Publishing others' private information
+- Unprofessional conduct
+
+## Enforcement
+
+Report violations to: elmehdi.makroumi@gmail.com
+
+Consequences: Warning → Temporary ban → Permanent ban
+
+## Attribution
+
+Adapted from [Contributor Covenant](https://www.contributor-covenant.org/).

slowql-0.0.0/CONTRIBUTING.md

@@ -0,0 +1,27 @@
+# Contributing to SlowQL
+
+Thank you for your interest in contributing!
+
+## How to Contribute
+- Fork the repository
+- Create a feature branch (`git checkout -b feat/my-feature`)
+- Write tests for new code
+- Run `make all` to ensure lint, type checks, and tests pass
+- Submit a pull request
+
+## Code Style
+- Use `black` for formatting
+- Use `ruff` for linting
+- Type hints required (`mypy`)
+
+## Commit Messages
+Follow [Conventional Commits](https://www.conventionalcommits.org/):
+- `feat:` new feature
+- `fix:` bug fix
+- `docs:` documentation
+- `chore:` maintenance
+
+## Pull Requests
+- Include a clear description
+- Reference related issues
+- Ensure CI passes before requesting review

slowql-0.0.0/Dockerfile

@@ -0,0 +1,65 @@
+# syntax=docker/dockerfile:1.5
+####################################
+# Builder: create wheel from source
+####################################
+FROM python:3.12-slim AS builder
+
+ENV PYTHONUNBUFFERED=1 \
+    PIP_NO_CACHE_DIR=1 \
+    LC_ALL=C.UTF-8 \
+    LANG=C.UTF-8
+
+WORKDIR /src
+
+# Install build-time system deps. Keep small and explicit.
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends \
+    build-essential \
+    ca-certificates \
+    curl \
+    git \
+ && rm -rf /var/lib/apt/lists/*
+
+# Install pip tooling used to build wheel
+RUN python -m pip install --upgrade pip build setuptools wheel
+
+# Copy project metadata and source code
+# Include README.md and LICENSE so setuptools can find them
+COPY pyproject.toml README.md LICENSE /src/
+COPY src/ /src/src/
+
+# Build wheel into /out
+RUN python -m build --wheel --outdir /out
+
+####################################
+# Runtime image: minimal, only runtime deps
+####################################
+FROM python:3.12-slim AS runtime
+
+ENV PYTHONUNBUFFERED=1 \
+    PIP_NO_CACHE_DIR=1 \
+    LC_ALL=C.UTF-8 \
+    LANG=C.UTF-8
+
+WORKDIR /app
+
+# Runtime system deps (keep ca-certificates for HTTPS)
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends \
+    ca-certificates \
+ && rm -rf /var/lib/apt/lists/*
+
+# Copy built wheel from builder stage and install it
+COPY --from=builder /out /out
+RUN python -m pip install --upgrade pip setuptools wheel \
+ && python -m pip install /out/slowql-*.whl \
+ && rm -rf /root/.cache/pip /out
+
+# Use a non-root user for better security
+RUN groupadd --gid 1000 slowql && useradd --uid 1000 --gid slowql --create-home slowql
+USER slowql
+WORKDIR /home/slowql
+
+# Default CLI entrypoint
+ENTRYPOINT ["slowql"]
+CMD ["--help"]

slowql-0.0.0/LICENSE

@@ -0,0 +1,53 @@
+# License
+
+SlowQL is released under the Apache License, Version 2.0.
+
+---
+
+## Apache License
+Version 2.0, January 2004  
+http://www.apache.org/licenses/
+
+### TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+**1. Definitions.**  
+"License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document.  
+"Licensor" shall mean the copyright owner or entity authorized by the copyright owner.  
+"Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity.  
+"Source" form shall mean the preferred form for making modifications.  
+"Object" form shall mean any form resulting from mechanical transformation or translation of a Source form.  
+
+**2. Grant of Copyright License.**  
+Subject to the terms and conditions of this License, each Contributor hereby grants You a perpetual, worldwide, non‑exclusive, no‑charge, royalty‑free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute the Work and Derivative Works in Source or Object form.
+
+**3. Grant of Patent License.**  
+Each Contributor grants You a perpetual, worldwide, non‑exclusive, no‑charge, royalty‑free, irrevocable patent license to make, use, sell, offer to sell, import, and otherwise transfer the Work.
+
+**4. Redistribution.**  
+You may reproduce and distribute copies of the Work or Derivative Works in any medium, with or without modifications, provided that You meet the following conditions:  
+- Include a copy of this License in each copy.  
+- Provide prominent notices stating that You have changed the files if modifications were made.  
+- Retain all copyright, patent, trademark, and attribution notices.  
+- Include a NOTICE file with attribution if applicable.  
+
+**5. Disclaimer of Warranty.**  
+Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND.
+
+**6. Limitation of Liability.**  
+In no event shall the Licensor or Contributors be liable for damages arising in any way out of the use of the Work.
+
+---
+
+## NOTICE
+
+Copyright © 2025 El Mehdi Makroumi 
+
+Licensed under the Apache License, Version 2.0 (the "License");  
+you may not use this file except in compliance with the License.  
+You may obtain a copy of the License at:
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS,  
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  
+See the License for the specific language governing permissions and limitations under the License.

slowql-0.0.0/MANIFEST.in

@@ -0,0 +1,12 @@
+include README.md
+include LICENSE
+
+# create or ensure entries exist
+if [ -f MANIFEST.in ]; then
+  grep -q "^include LICENSE$" MANIFEST.in || echo "include LICENSE" >> MANIFEST.in
+  grep -q "^include NOTICE$" MANIFEST.in || echo "include NOTICE" >> MANIFEST.in
+  git add MANIFEST.in && git commit -m "Ensure LICENSE and NOTICE are included in source distribution" || true
+else
+  printf "include LICENSE\ninclude NOTICE\n" > MANIFEST.in
+  git add MANIFEST.in && git commit -m "Add MANIFEST.in to include LICENSE and NOTICE"
+fi