Skip to content

Commit

Permalink
Merge pull request #25 from amoffat/dev
Browse files Browse the repository at this point in the history
Version 1.0.3
  • Loading branch information
amoffat authored Feb 3, 2024
2 parents 28aa4c9 + 735f11c commit 3bc5e7c
Show file tree
Hide file tree
Showing 8 changed files with 29 additions and 21 deletions.
6 changes: 1 addition & 5 deletions .vscode/settings.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,9 @@
"[python]": {
"editor.defaultFormatter": "ms-python.black-formatter"
},
"python.formatting.provider": "none",
"python.testing.pytestArgs": ["heimdallm", "-s"],
"python.testing.unittestEnabled": false,
"python.testing.pytestEnabled": true,
"editor.rulers": [88],
"notebook.formatOnSave.enabled": true,
"python.linting.flake8Enabled": false,
"python.linting.mypyEnabled": true,
"python.linting.enabled": true
"notebook.formatOnSave.enabled": true
}
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
# Changelog

## 1.0.3 - 2/3/24

- Bugfix where elided tree from a boolean token triggered ambiguity resolver

## 1.0.2 - 11/10/23

- Resolving Dependabot suggestions
Expand Down
9 changes: 0 additions & 9 deletions docs/source/blog/posts/safe-sql-execution.rst
Original file line number Diff line number Diff line change
@@ -1,11 +1,6 @@
🛡️ Safely executing LLM-generated SQL
=====================================

.. image:: https://img.shields.io/badge/Upvote%20on%20HN-ff6600.svg?logo=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAUCAYAAACNiR0NAAABhWlDQ1BJQ0MgcHJvZmlsZQAAKJF9kT1Iw0AYht+2SlUqCu0g4pChOlkRFXHUKhShQqgVWnUwufQPmjQkKS6OgmvBwZ/FqoOLs64OroIg+APi6uKk6CIlfpcUWsR4x3EP733vy913gL9eZqrZMQ6ommWkEnEhk10Vgq/ophnGGPolZupzopiE5/i6h4/vdzGe5V335+hVciYDfALxLNMNi3iDeHrT0jnvE0dYUVKIz4lHDbog8SPXZZffOBcc9vPMiJFOzRNHiIVCG8ttzIqGSjxFHFVUjfL9GZcVzluc1XKVNe/JXxjKaSvLXKc1hAQWsQQRAmRUUUIZFmK0a6SYSNF53MM/6PhFcsnkKoGRYwEVqJAcP/gf/O6tmZ+ccJNCcaDzxbY/hoHgLtCo2fb3sW03ToDAM3CltfyVOjDzSXqtpUWPgL5t4OK6pcl7wOUOMPCkS4bkSAFa/nweeD+jb8oC4VugZ83tW/Mcpw9AmnqVvAEODoGRAmWve7y7q71v/9Y0+/cDaTFyo01kSV8AAAAGYktHRAD/AP8A/6C9p5MAAAAJcEhZcwAALiMAAC4jAXilP3YAAAAHdElNRQfnCQkUMwK2x6PRAAAAGXRFWHRDb21tZW50AENyZWF0ZWQgd2l0aCBHSU1QV4EOFwAAALxJREFUOMtj/P///38GKgIWBgYGBoY6deqY1nQTaiADAwPDy1uUGcYrxsDAwMDAxEBlQEcD4+czMBTvZ2AQVkCICStAxOLnk2Hg7YMMDGoODAyW8Qgxy3iI2PGFZBh4bAEDw9sHDAxWCQhX+jZAxG4dIJBscIEFiRAvIrtyQSIR6RAXuHUA4lKYK28dwOs64mJ5SyPRriPsQgYGSJgh48GTDgeLgSxEqSIiMkgzkIjIoIOXoeUZpYCR2lUAAM9jNTfnrPBaAAAAAElFTkSuQmCC
:target: https://news.ycombinator.com/item?id=38518256
:alt: Hackernews post


LLMs are surprisingly good at generating SQL from natural-language prompts. When given
the schema of a database and a few guiding instructions, LLMs can construct
reasonably-complex SQL queries that answer natural language questions about the data in
Expand Down Expand Up @@ -431,7 +426,3 @@ denylist.

Other, non-complete solutions should not be considered if you value the safety of your
data.

.. image:: https://img.shields.io/badge/Upvote%20on%20HN-ff6600.svg?logo=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAUCAYAAACNiR0NAAABhWlDQ1BJQ0MgcHJvZmlsZQAAKJF9kT1Iw0AYht+2SlUqCu0g4pChOlkRFXHUKhShQqgVWnUwufQPmjQkKS6OgmvBwZ/FqoOLs64OroIg+APi6uKk6CIlfpcUWsR4x3EP733vy913gL9eZqrZMQ6ommWkEnEhk10Vgq/ophnGGPolZupzopiE5/i6h4/vdzGe5V335+hVciYDfALxLNMNi3iDeHrT0jnvE0dYUVKIz4lHDbog8SPXZZffOBcc9vPMiJFOzRNHiIVCG8ttzIqGSjxFHFVUjfL9GZcVzluc1XKVNe/JXxjKaSvLXKc1hAQWsQQRAmRUUUIZFmK0a6SYSNF53MM/6PhFcsnkKoGRYwEVqJAcP/gf/O6tmZ+ccJNCcaDzxbY/hoHgLtCo2fb3sW03ToDAM3CltfyVOjDzSXqtpUWPgL5t4OK6pcl7wOUOMPCkS4bkSAFa/nweeD+jb8oC4VugZ83tW/Mcpw9AmnqVvAEODoGRAmWve7y7q71v/9Y0+/cDaTFyo01kSV8AAAAGYktHRAD/AP8A/6C9p5MAAAAJcEhZcwAALiMAAC4jAXilP3YAAAAHdElNRQfnCQkUMwK2x6PRAAAAGXRFWHRDb21tZW50AENyZWF0ZWQgd2l0aCBHSU1QV4EOFwAAALxJREFUOMtj/P///38GKgIWBgYGBoY6deqY1nQTaiADAwPDy1uUGcYrxsDAwMDAxEBlQEcD4+czMBTvZ2AQVkCICStAxOLnk2Hg7YMMDGoODAyW8Qgxy3iI2PGFZBh4bAEDw9sHDAxWCQhX+jZAxG4dIJBscIEFiRAvIrtyQSIR6RAXuHUA4lKYK28dwOs64mJ5SyPRriPsQgYGSJgh48GTDgeLgSxEqSIiMkgzkIjIoIOXoeUZpYCR2lUAAM9jNTfnrPBaAAAAAElFTkSuQmCC
:target: https://news.ycombinator.com/item?id=38518256
:alt: Hackernews post
4 changes: 2 additions & 2 deletions heimdallm/bifrosts/sql/mysql/select/grammar.lark
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ between_comparison : value (_WS NOT)? _WS BETWEEN _WS value _WS AND _WS value
// are declared, so we cannot use this there
?value : NUMBER
| string
| boolean
| BOOLEAN
| NULL
| NUMBER_PREFIX? value_expr
| NUMBER_PREFIX? fq_column
Expand All @@ -135,7 +135,7 @@ function : FUNCTION_NAME "(" \
")"
FUNCTION_NAME : /[a-zA-Z_]+/

?boolean : TRUE | FALSE
BOOLEAN : TRUE | FALSE
?string : ESCAPED_STRING

// a placeholder for a value passed in as a parameter at query execution time
Expand Down
4 changes: 2 additions & 2 deletions heimdallm/bifrosts/sql/postgres/select/grammar.lark
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,7 @@ fts_comparison : value "@@" value
// are declared, so we cannot use this there
?value : PREFIX_CAST? (NUMBER
| string
| boolean
| BOOLEAN
| NULL
| NUMBER_PREFIX? value_expr
| NUMBER_PREFIX? fq_column
Expand All @@ -143,7 +143,7 @@ SUBSTRING_FN_NAME : "substring"i
EXTRACT_FN_NAME : "extract"i
CAST_FN_NAME : "cast"i

?boolean : TRUE | FALSE
BOOLEAN : TRUE | FALSE
?string : ESCAPE_PREFIX? ESCAPED_STRING

// a placeholder for a value passed in as a parameter at query execution time
Expand Down
4 changes: 2 additions & 2 deletions heimdallm/bifrosts/sql/sqlite/select/grammar.lark
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,7 @@ between_comparison : value (_WS NOT)? _WS BETWEEN _WS value _WS AND _WS value
// are declared, so we cannot use this there
?value : NUMBER
| string
| boolean
| BOOLEAN
| NULL
| NUMBER_PREFIX? value_expr
| NUMBER_PREFIX? fq_column
Expand All @@ -136,7 +136,7 @@ function : FUNCTION_NAME "(" \
")"
FUNCTION_NAME : /[a-zA-Z_]+/

?boolean : TRUE | FALSE
BOOLEAN : TRUE | FALSE
?string : ESCAPED_STRING

// a placeholder for a value passed in as a parameter at query execution time
Expand Down
17 changes: 17 additions & 0 deletions heimdallm/bifrosts/sql/tests/sql/select/test_ambiguous.py
Original file line number Diff line number Diff line change
Expand Up @@ -24,3 +24,20 @@ def test_ambiguous_arith(dialect: str, Bifrost: Type[Bifrost]):
"""

bifrost.traverse(query)


@dialects()
def test_ambiguous_bool(dialect: str, Bifrost: Type[Bifrost]):
"""A regression test to ensure that boolean tokens do not trigger the ambiguity
resolver"""
bifrost = Bifrost.validation_only(PermissiveConstraints())

query = """
SELECT
col
FROM
postings AS p
WHERE
p.is_hired = true
"""
bifrost.traverse(query)
2 changes: 1 addition & 1 deletion pyproject.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[tool.poetry]
name = "heimdallm"
version = "1.0.2"
version = "1.0.3"
description = "Construct trusted SQL queries from untrusted input"
homepage = "https://github.com/amoffat/HeimdaLLM"
repository = "https://github.com/amoffat/HeimdaLLM"
Expand Down

0 comments on commit 3bc5e7c

Please sign in to comment.