Skip to content

Releases: nickklos10/QueryPilot

v0.1.1 — Examples, README hero, MCP registry readiness

Choose a tag to compare

@nickklos10 nickklos10 released this 11 Jul 17:51
90c4a42

Distribution and MCP-registry readiness release. No library API changes.

pip install querypilot

Added

  • README hero image (docs/assets/eval-report.svg) — a self-contained SVG rendering of the querypilot eval run terminal report.
  • First-class examples/ directory: offline quickstart, OpenAI and Anthropic tool-use loops, an access-control walkthrough (blocked columns, row filters, masking), a custom eval suite with querypilot eval run/check, and an MCP server guide with a paste-ready Claude Desktop / Claude Code config.
  • server.json MCP-registry manifest at the repo root and an mcp-name ownership marker in the README, preparing the official MCP registry submission.
  • SECURITY.md security policy, Contributor Covenant code of conduct, issue templates, and a pull-request template.
  • PyPI release workflow using trusted publishing, triggered by publishing a GitHub Release.

Changed

  • CI now tests Python 3.11, 3.12, and 3.13 and runs ruff check as a separate lint job.
  • MCP docs: uvx-launching clients should use uvx --from 'querypilot[mcp]' querypilot mcp ... so the MCP SDK dependency is included.

Removed

  • Internal planning documents from docs/.

Full changelog: v0.1.0...v0.1.1

v0.1.0 — Initial public release

Choose a tag to compare

@nickklos10 nickklos10 released this 11 Jul 17:18
52a83d7

Initial public release. Foundation and eval-driven harness shipped.

pip install querypilot

Safety engine

  • sqlglot-based SQL validation with single-statement and SELECT-only enforcement, blocked-keyword filter, table/column allowlist + blocklist, Cartesian-join detection, automatic LIMIT injection and max-row capping, SELECT * policy, query fingerprinting, and risk-level scoring.
  • SQLite and PostgreSQL connectors with per-dialect read-only execution and query timeouts.

Audit & access control

  • Structured audit trail: QueryAuditRecord with audit ID, original SQL, rewritten SQL, validation result, applied access policy, row count, and execution timing.
  • InMemoryAuditSink and JSONLAuditSink implementations.
  • Access-control policies: column allowlist + blocklist, row-filter injection ANDed into WHERE, post-execution column masking (redact / null / hash).

Runtimes

  • FastAPI server runtime (querypilot serve) with /health, /schema, /search-schema, /ask, /generate-sql, /validate-sql, /execute-sql, /evals/run, and /audit/recent endpoints.
  • MCP server runtime (querypilot mcp) over stdio and Streamable HTTP with ask_database, search_schema, validate_sql, and execute_sql tools.

Generation

  • DemoSQLGenerator (offline, deterministic) plus OpenAISQLGenerator and AnthropicSQLGenerator provider implementations with a validator-driven repair loop.
  • Tool-schema producers as_openai_tools() and as_anthropic_tools() for drop-in agent use.

Eval-driven harness

  • BenchmarkCase / BenchmarkSuite Pydantic schema with thresholds, comparison config, and tags. YAML and JSON suite loaders with shared-config validation across multi-file suite directories.
  • Result-set comparator with column- and row-order normalization, abs-difference float tolerance, datetime ISO normalization, NaN handling, and structured row diffs.
  • pipeline.run_case per-case runner reusing existing QueryPilot.generate_sql, validate_sql, and execute_sql; per-stage timings; failure classification across 12 categories.
  • Cost trackers for OpenAI and Anthropic, NullCostTracker, and a MODEL_PRICING table.
  • run_suite aggregator producing SuiteReport with pass / safety / correctness / repair rates, p50/p95 latency, token totals, $ estimate, tag rollups, failure breakdown, and threshold violations.
  • Stdlib JSON writer and screenshot-quality terminal renderer.
  • querypilot eval run|replay|check|init CLI with audit-log → regression-suite replay, baseline-vs-current regression detection, and a starter scaffold for suites/ and .eval/.
  • CI regression gate: GitHub Actions workflow running eval run + eval check on every PR.

Full changelog: CHANGELOG.md