Skip to content

Schema Brain 0.2.0a1

Pre-release
Pre-release

Choose a tag to compare

View all tags
@Arun-kc Arun-kc released this 15 May 18:40
· 705 commits to main since this release
v0.2.0a1
68ceff9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Second alpha preview. Live on PyPI: `pip install schemabrain==0.2.0a1`.

This release rolls up six months of work between the original 0.1.0a1 cut and now. APIs may still change before v1 — pin the exact version if you need stability.

Highlights

  • Charter v1.1 envelope on every MCP tool response: `status` enum with reserved `refused` literal, three new error kinds (`pii_blocked`, `policy_blocked`, `allowlist_violation`), optional `suggested_rewrite` and `widening_hint` recovery fields. The wire `charter_version` field bumps from `"1.0"` to `"1.1"`; clients pinning `"1.0"` continue to deserialise cleanly.
  • Pre-v1 security hardening: `--url-env VARNAME` flag keeps DB passwords out of `ps` / shell history / journald; `SECURITY.md` published with disclosure SLA; Dependabot configured; `pip-audit`, `bandit`, and `semgrep` run on every PR; Postgres source-side enforcement of `default_transaction_read_only=on` so the read-only contract holds at the database level rather than by convention.
  • `mine-queries` cleanup: Schema Brain's own profiler statements (positional-alias counts queries and `::text AS v` value samplers) are filtered out of `example_queries` so `get_example_queries` returns only real user workload. sqlglot WARNING-level chatter no longer leaks to stderr.
  • `suggest_joins` default `max_hops` raised 4 → 6. Covers M:N junction chains common in normalised OLTP schemas; the bundled e-commerce fixture's `users → categories` pair (5 hops) is now reachable without an override.
  • `IndexResult.summary()` fix: cache-hit re-indexes no longer print `LLM: 0 descriptions ($X)` from the cumulative ledger total.
  • PEP 561 `py.typed` marker shipped. Type checkers in downstream projects now pick up Schema Brain's annotations.
  • CLI ergonomics: `schemabrain --version`, `schemabrain fixture-path `, `--dry-run` on `index`, persistent cost ledger with `--max-cost` default of $1, guided errors throughout.

What's not in this release

Same scope boundary as 0.1.0a1: this is schema-intelligence with five MCP tools. The semantic-substrate (entities, metrics, canonical joins) lands at v1; the SQL-boundary safety primitives (`validate_query`, `execute`, PII-tagged refusal, sub-query refusal with recovery) land at v2.

Full changelog

See CHANGELOG.md `[0.2.0a1]`.

Assets 2
Loading