Skip to content

Releases: thepradip/SQLAS

SQLAS v2.0.0 — Agentic Quality, Cache Metrics & AST Security

Choose a tag to compare

@thepradip thepradip released this 30 Apr 09:06

What's new in v2.0.0

🔒 Security fix — AST-based read-only enforcement

read_only_compliance upgraded from keyword regex to sqlglot AST parsing.
The old approach could be silently bypassed:

-- v1.x missed this (returned 1.0 wrong)                                                                                           
WITH x AS (INSERT INTO t VALUES(1)) SELECT 1                                                                                         
 
-- v2.0 correctly blocks it (returns 0.0)                                                                                            
No new dependencies — sqlglot was already required.