sqlsaber 0.26.0__tar.gz → 0.28.0__tar.gz

{sqlsaber-0.26.0 → sqlsaber-0.28.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: sqlsaber
-Version: 0.26.0
+Version: 0.28.0
 Summary: SQLsaber - Open-source agentic SQL assistant
 License-File: LICENSE
 Requires-Python: >=3.12
@@ -17,6 +17,7 @@ Requires-Dist: prompt-toolkit>3.0.51
 Requires-Dist: pydantic-ai
 Requires-Dist: questionary>=2.1.0
 Requires-Dist: rich>=13.7.0
+Requires-Dist: sqlglot[rs]>=27.20.0
 Description-Content-Type: text/markdown
 
 # SQLsaber

{sqlsaber-0.26.0 → sqlsaber-0.28.0}/docs/src/content/docs/changelog.md

@@ -7,6 +7,36 @@ All notable changes to SQLsaber will be documented here.
 
 ### Unreleased
 
+### v0.28.0 - 2025-10-03
+
+#### Added
+
+- Unified theming system
+  - 7 built-in themes with exact Pygments color matching
+    - Dark themes: `nord` (default), `dracula`, `one-dark`, `material`, `lightbulb`
+    - Light themes: `solarized-light`, `vs`
+  - Easy theme switching via `SQLSABER_THEME` environment variable or config file
+
+#### Changed
+
+- Enhanced read-only query validation using `sqlglot` AST analysis
+  - Improved security with comprehensive AST-based detection of write operations
+  - Blocks dangerous operations in nested queries, CTEs, and subqueries
+  - Detects dialect-specific dangerous functions (pg_read_file, LOAD_FILE, readfile, etc.)
+  - Prevents SELECT INTO, SELECT FOR UPDATE/SHARE, and multi-statement queries
+  - Dialect-aware LIMIT clause injection for Postgres, MySQL, SQLite, and DuckDB
+
+### v0.27.0 - 2025-10-01
+
+#### Added
+
+- Added onboarding flow for new users
+  - If users don't have a database set up or model provider API key setup, SQLsaber will guide them through the process interactively in a frictionless and delightful manner.
+
+#### Changed
+
+- Final thinking blocks now render Markdown
+
 ### v0.26.0 - 2025-09-30
 
 #### Added

{sqlsaber-0.26.0 → sqlsaber-0.28.0}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "sqlsaber"
-version = "0.26.0"
+version = "0.28.0"
 description = "SQLsaber - Open-source agentic SQL assistant"
 readme = "README.md"
 requires-python = ">=3.12"
@@ -18,6 +18,7 @@ dependencies = [
     "fastmcp>=2.9.0",
     "cyclopts>=3.22.1",
     "prompt-toolkit>3.0.51",
+    "sqlglot[rs]>=27.20.0",
 ]
 
 [tool.uv]

sqlsaber-0.28.0/src/sqlsaber/application/__init__.py

@@ -0,0 +1 @@
+"""Application layer for SQLsaber - shared business logic and interactive flows."""

sqlsaber-0.28.0/src/sqlsaber/application/auth_setup.py

@@ -0,0 +1,164 @@
+"""Shared auth setup logic for onboarding and CLI."""
+
+import asyncio
+
+from questionary import Choice
+
+from sqlsaber.application.prompts import Prompter
+from sqlsaber.config import providers
+from sqlsaber.config.api_keys import APIKeyManager
+from sqlsaber.config.auth import AuthConfigManager, AuthMethod
+from sqlsaber.config.oauth_flow import AnthropicOAuthFlow
+from sqlsaber.theme.manager import create_console
+
+console = create_console()
+
+
+async def select_provider(prompter: Prompter, default: str = "anthropic") -> str | None:
+    """Interactive provider selection.
+
+    Args:
+        prompter: Prompter instance for interaction
+        default: Default provider to select
+
+    Returns:
+        Selected provider name or None if cancelled
+    """
+    provider = await prompter.select(
+        "Select AI provider:", choices=providers.all_keys(), default=default
+    )
+    return provider
+
+
+async def configure_oauth_anthropic(
+    auth_manager: AuthConfigManager, run_in_thread: bool = False
+) -> bool:
+    """Configure Anthropic OAuth.
+
+    Args:
+        auth_manager: AuthConfigManager instance
+        run_in_thread: Whether to run OAuth flow in a separate thread (for onboarding)
+
+    Returns:
+        True if OAuth configured successfully, False otherwise
+    """
+    flow = AnthropicOAuthFlow()
+
+    if run_in_thread:
+        # Run in thread to avoid event loop conflicts (onboarding)
+        oauth_success = await asyncio.to_thread(flow.authenticate)
+    else:
+        # Run directly (CLI)
+        oauth_success = flow.authenticate()
+
+    if oauth_success:
+        auth_manager.set_auth_method(AuthMethod.CLAUDE_PRO)
+        return True
+
+    return False
+
+
+async def configure_api_key(
+    provider: str, api_key_manager: APIKeyManager, auth_manager: AuthConfigManager
+) -> bool:
+    """Configure API key for a provider.
+
+    Args:
+        provider: Provider name
+        api_key_manager: APIKeyManager instance
+        auth_manager: AuthConfigManager instance
+
+    Returns:
+        True if API key configured successfully, False otherwise
+    """
+    # Get API key (cascades env -> keyring -> prompt)
+    api_key = api_key_manager.get_api_key(provider)
+
+    if api_key:
+        auth_manager.set_auth_method(AuthMethod.API_KEY)
+        return True
+
+    return False
+
+
+async def setup_auth(
+    prompter: Prompter,
+    auth_manager: AuthConfigManager,
+    api_key_manager: APIKeyManager,
+    allow_oauth: bool = True,
+    default_provider: str = "anthropic",
+    run_oauth_in_thread: bool = False,
+) -> tuple[bool, str | None]:
+    """Interactive authentication setup.
+
+    Args:
+        prompter: Prompter instance for interaction
+        auth_manager: AuthConfigManager instance
+        api_key_manager: APIKeyManager instance
+        allow_oauth: Whether to offer OAuth option for Anthropic
+        default_provider: Default provider to select
+        run_oauth_in_thread: Whether to run OAuth in thread (for onboarding)
+
+    Returns:
+        Tuple of (success: bool, provider: str | None)
+    """
+    # Check if auth is already configured
+    if auth_manager.has_auth_configured():
+        console.print("[green]✓ Authentication already configured![/green]")
+        return True, None
+
+    # Select provider
+    provider = await select_provider(prompter, default=default_provider)
+
+    if provider is None:
+        return False, None
+
+    # For Anthropic, offer OAuth or API key
+    if provider == "anthropic" and allow_oauth:
+        method_choice = await prompter.select(
+            "Authentication method:",
+            choices=[
+                Choice("API Key", value=AuthMethod.API_KEY),
+                Choice("Claude Pro/Max (OAuth)", value=AuthMethod.CLAUDE_PRO),
+            ],
+        )
+
+        if method_choice is None:
+            return False, None
+
+        if method_choice == AuthMethod.CLAUDE_PRO:
+            console.print()
+            oauth_success = await configure_oauth_anthropic(
+                auth_manager, run_in_thread=run_oauth_in_thread
+            )
+            if oauth_success:
+                console.print(
+                    "[green]✓ Anthropic OAuth configured successfully![/green]"
+                )
+                return True, provider
+            else:
+                console.print("[red]✗ Anthropic OAuth setup failed.[/red]")
+                return False, None
+
+    # API key flow
+    env_var = api_key_manager.get_env_var_name(provider)
+
+    console.print()
+    console.print(f"[dim]To use {provider.title()}, you need an API key.[/dim]")
+    console.print(f"[dim]You can set the {env_var} environment variable,[/dim]")
+    console.print("[dim]or enter it now to store securely in your OS keychain.[/dim]")
+    console.print()
+
+    # Configure API key
+    api_key_configured = await configure_api_key(
+        provider, api_key_manager, auth_manager
+    )
+
+    if api_key_configured:
+        console.print(
+            f"[green]✓ {provider.title()} API key configured successfully![/green]"
+        )
+        return True, provider
+    else:
+        console.print("[yellow]No API key provided.[/yellow]")
+        return False, None

sqlsaber-0.28.0/src/sqlsaber/application/db_setup.py

@@ -0,0 +1,222 @@
+"""Shared database setup logic for onboarding and CLI."""
+
+import getpass
+from dataclasses import dataclass
+from pathlib import Path
+
+from sqlsaber.application.prompts import Prompter
+from sqlsaber.config.database import DatabaseConfig, DatabaseConfigManager
+from sqlsaber.theme.manager import create_console
+
+console = create_console()
+
+
+@dataclass
+class DatabaseInput:
+    """Input data for database configuration."""
+
+    name: str
+    type: str
+    host: str
+    port: int
+    database: str
+    username: str
+    password: str | None
+    ssl_mode: str | None = None
+    ssl_ca: str | None = None
+    ssl_cert: str | None = None
+    ssl_key: str | None = None
+
+
+async def collect_db_input(
+    prompter: Prompter,
+    name: str,
+    db_type: str = "postgresql",
+    include_ssl: bool = True,
+) -> DatabaseInput | None:
+    """Collect database connection details interactively.
+
+    Args:
+        prompter: Prompter instance for interaction
+        name: Database connection name
+        db_type: Initial database type (can be changed via prompt)
+        include_ssl: Whether to prompt for SSL configuration
+
+    Returns:
+        DatabaseInput with collected values or None if cancelled
+    """
+    # Ask for database type
+    db_type = await prompter.select(
+        "Database type:",
+        choices=["postgresql", "mysql", "sqlite", "duckdb"],
+        default=db_type,
+    )
+
+    if db_type is None:
+        return None
+
+    # Handle file-based databases
+    if db_type in {"sqlite", "duckdb"}:
+        database_path = await prompter.path(
+            f"{db_type.upper()} file path:", only_directories=False
+        )
+
+        if database_path is None:
+            return None
+
+        database = str(Path(database_path).expanduser().resolve())
+        host = "localhost"
+        port = 0
+        username = db_type
+        password = ""
+        ssl_mode = None
+        ssl_ca = None
+        ssl_cert = None
+        ssl_key = None
+
+    else:
+        # PostgreSQL/MySQL need connection details
+        host = await prompter.text("Host:", default="localhost")
+        if host is None:
+            return None
+
+        default_port = 5432 if db_type == "postgresql" else 3306
+        port_str = await prompter.text("Port:", default=str(default_port))
+        if port_str is None:
+            return None
+
+        try:
+            port = int(port_str)
+        except ValueError:
+            console.print("[red]Invalid port number. Using default.[/red]")
+            port = default_port
+
+        database = await prompter.text("Database name:")
+        if database is None:
+            return None
+
+        username = await prompter.text("Username:")
+        if username is None:
+            return None
+
+        password = getpass.getpass("Password (stored in your OS keychain): ")
+
+        ssl_mode = None
+        ssl_ca = None
+        ssl_cert = None
+        ssl_key = None
+
+        # Ask for SSL configuration if enabled
+        if include_ssl:
+            configure_ssl = await prompter.confirm(
+                "Configure SSL/TLS settings?", default=False
+            )
+            if configure_ssl:
+                if db_type == "postgresql":
+                    ssl_mode = await prompter.select(
+                        "SSL mode for PostgreSQL:",
+                        choices=[
+                            "disable",
+                            "allow",
+                            "prefer",
+                            "require",
+                            "verify-ca",
+                            "verify-full",
+                        ],
+                        default="prefer",
+                    )
+                elif db_type == "mysql":
+                    ssl_mode = await prompter.select(
+                        "SSL mode for MySQL:",
+                        choices=[
+                            "DISABLED",
+                            "PREFERRED",
+                            "REQUIRED",
+                            "VERIFY_CA",
+                            "VERIFY_IDENTITY",
+                        ],
+                        default="PREFERRED",
+                    )
+
+                if ssl_mode and ssl_mode not in ["disable", "DISABLED"]:
+                    specify_certs = await prompter.confirm(
+                        "Specify SSL certificate files?", default=False
+                    )
+                    if specify_certs:
+                        ssl_ca = await prompter.path("SSL CA certificate file:")
+                        specify_client = await prompter.confirm(
+                            "Specify client certificate?", default=False
+                        )
+                        if specify_client:
+                            ssl_cert = await prompter.path(
+                                "SSL client certificate file:"
+                            )
+                            ssl_key = await prompter.path(
+                                "SSL client private key file:"
+                            )
+
+    return DatabaseInput(
+        name=name,
+        type=db_type,
+        host=host,
+        port=port,
+        database=database,
+        username=username,
+        password=password,
+        ssl_mode=ssl_mode,
+        ssl_ca=ssl_ca,
+        ssl_cert=ssl_cert,
+        ssl_key=ssl_key,
+    )
+
+
+def build_config(db_input: DatabaseInput) -> DatabaseConfig:
+    """Build DatabaseConfig from DatabaseInput."""
+    return DatabaseConfig(
+        name=db_input.name,
+        type=db_input.type,
+        host=db_input.host,
+        port=db_input.port,
+        database=db_input.database,
+        username=db_input.username,
+        ssl_mode=db_input.ssl_mode,
+        ssl_ca=db_input.ssl_ca,
+        ssl_cert=db_input.ssl_cert,
+        ssl_key=db_input.ssl_key,
+    )
+
+
+async def test_connection(config: DatabaseConfig, password: str | None) -> bool:
+    """Test database connection.
+
+    Args:
+        config: DatabaseConfig to test
+        password: Password for connection (not stored in config yet)
+
+    Returns:
+        True if connection successful, False otherwise
+    """
+    from sqlsaber.database import DatabaseConnection
+
+    try:
+        connection_string = config.to_connection_string()
+        db_conn = DatabaseConnection(connection_string)
+        await db_conn.execute_query("SELECT 1 as test")
+        await db_conn.close()
+        return True
+    except Exception as e:
+        console.print(f"[bold red]Connection failed:[/bold red] {e}", style="red")
+        return False
+
+
+def save_database(
+    config_manager: DatabaseConfigManager, config: DatabaseConfig, password: str | None
+) -> None:
+    """Save database configuration.
+
+    Args:
+        config_manager: DatabaseConfigManager instance
+        config: DatabaseConfig to save
+        password: Password to store in keyring (if provided)
+    """
+    config_manager.add_database(config, password if password else None)

sqlsaber-0.28.0/src/sqlsaber/application/model_selection.py

@@ -0,0 +1,98 @@
+"""Shared model selection logic for onboarding and CLI."""
+
+from questionary import Choice
+
+from sqlsaber.application.prompts import Prompter
+from sqlsaber.cli.models import ModelManager
+from sqlsaber.theme.manager import create_console
+
+console = create_console()
+
+
+async def fetch_models(
+    model_manager: ModelManager, providers: list[str] | None = None
+) -> list[dict]:
+    """Fetch available models from models.dev API."""
+    return await model_manager.fetch_available_models(providers=providers)
+
+
+async def choose_model(
+    prompter: Prompter,
+    models: list[dict],
+    restrict_provider: str | None = None,
+    use_search_filter: bool = True,
+) -> str | None:
+    """Interactive model selection with recommended models prioritized.
+
+    Args:
+        prompter: Prompter instance for interaction
+        models: List of model dicts from fetch_models
+        restrict_provider: If set, only show models from this provider and use provider-specific recommendation
+        use_search_filter: Enable search filter for large lists
+
+    Returns:
+        Selected model ID (provider:model_id) or None if cancelled
+    """
+    if not models:
+        console.print("[yellow]No models available[/yellow]")
+        return None
+
+    # Filter by provider if restricted
+    if restrict_provider:
+        models = [m for m in models if m.get("provider") == restrict_provider]
+        if not models:
+            console.print(
+                f"[yellow]No models available for {restrict_provider}[/yellow]"
+            )
+            return None
+
+    # Get recommended model for the provider
+    recommended_id = None
+    if restrict_provider and restrict_provider in ModelManager.RECOMMENDED_MODELS:
+        recommended_id = ModelManager.RECOMMENDED_MODELS[restrict_provider]
+
+    # Build choices
+    choices = []
+    recommended_index = 0
+
+    for i, model in enumerate(models):
+        model_id_without_provider = model["id"].split(":", 1)[1]
+        is_recommended = recommended_id == model_id_without_provider
+
+        choice_text = model["name"]
+        if is_recommended:
+            choice_text += " (Recommended)"
+            recommended_index = i
+        elif model["description"]:
+            desc_short = model["description"][:40]
+            choice_text += (
+                f" ({desc_short}...)"
+                if len(model["description"]) > 40
+                else f" ({desc_short})"
+            )
+
+        choices.append(Choice(choice_text, value=model["id"]))
+
+    # Move recommended model to top if it exists
+    if recommended_index > 0:
+        choices.insert(0, choices.pop(recommended_index))
+
+    # Prompt user
+    selected_model = await prompter.select(
+        "Select a model:",
+        choices=choices,
+        use_search_filter=use_search_filter,
+    )
+
+    if selected_model:
+        return selected_model
+
+    # User cancelled, return recommended or first available
+    if recommended_id and restrict_provider:
+        return f"{restrict_provider}:{recommended_id}"
+    return models[0]["id"] if models else None
+
+
+def set_model(model_manager: ModelManager, model_id: str) -> bool:
+    """Set the current model."""
+    return model_manager.set_model(model_id)

sqlsaber-0.28.0/src/sqlsaber/application/prompts.py

@@ -0,0 +1,115 @@
+"""Prompter abstraction for sync/async questionary interactions."""
+
+from abc import ABC, abstractmethod
+from typing import Any, Callable
+
+import questionary
+from questionary import Choice
+
+
+class Prompter(ABC):
+    """Abstract base class for interactive prompting."""
+
+    @abstractmethod
+    async def text(
+        self,
+        message: str,
+        default: str = "",
+        validate: Callable[[str], bool | str] | None = None,
+    ) -> str | None:
+        """Prompt for text input."""
+        pass
+
+    @abstractmethod
+    async def select(
+        self,
+        message: str,
+        choices: list[str] | list[Choice] | list[dict],
+        default: Any = None,
+        use_search_filter: bool = False,
+        use_jk_keys: bool = True,
+    ) -> Any:
+        """Prompt for selection from choices."""
+        pass
+
+    @abstractmethod
+    async def confirm(self, message: str, default: bool = False) -> bool | None:
+        """Prompt for yes/no confirmation."""
+        pass
+
+    @abstractmethod
+    async def path(self, message: str, only_directories: bool = False) -> str | None:
+        """Prompt for file/directory path."""
+        pass
+
+
+class AsyncPrompter(Prompter):
+    """Async prompter using questionary.ask_async() for onboarding."""
+
+    async def text(
+        self,
+        message: str,
+        default: str = "",
+        validate: Callable[[str], bool | str] | None = None,
+    ) -> str | None:
+        return await questionary.text(
+            message, default=default, validate=validate
+        ).ask_async()
+
+    async def select(
+        self,
+        message: str,
+        choices: list[str] | list[Choice] | list[dict],
+        default: Any = None,
+        use_search_filter: bool = True,
+        use_jk_keys: bool = False,
+    ) -> Any:
+        return await questionary.select(
+            message,
+            choices=choices,
+            default=default,
+            use_search_filter=use_search_filter,
+            use_jk_keys=use_jk_keys,
+        ).ask_async()
+
+    async def confirm(self, message: str, default: bool = False) -> bool | None:
+        return await questionary.confirm(message, default=default).ask_async()
+
+    async def path(self, message: str, only_directories: bool = False) -> str | None:
+        return await questionary.path(
+            message, only_directories=only_directories
+        ).ask_async()
+
+
+class SyncPrompter(Prompter):
+    """Sync prompter using questionary.ask() for CLI commands."""
+
+    async def text(
+        self,
+        message: str,
+        default: str = "",
+        validate: Callable[[str], bool | str] | None = None,
+    ) -> str | None:
+        return questionary.text(message, default=default, validate=validate).ask()
+
+    async def select(
+        self,
+        message: str,
+        choices: list[str] | list[Choice] | list[dict],
+        default: Any = None,
+        use_search_filter: bool = True,
+        use_jk_keys: bool = False,
+    ) -> Any:
+        return questionary.select(
+            message,
+            choices=choices,
+            default=default,
+            use_search_filter=use_search_filter,
+            use_jk_keys=use_jk_keys,
+        ).ask()
+
+    async def confirm(self, message: str, default: bool = False) -> bool | None:
+        return questionary.confirm(message, default=default).ask()
+
+    async def path(self, message: str, only_directories: bool = False) -> str | None:
+        return questionary.path(message, only_directories=only_directories).ask()