From 92027f2ceceb52914f46bbfd188179cfc6d8f70b Mon Sep 17 00:00:00 2001
From: Kyle Conroy <kyle@sqlc.dev>
Date: Wed, 18 Oct 2023 12:11:19 -0700
Subject: [PATCH 1/2] fix(analyzer): Error on unexpanded star expression

If a query includes a star reference, error if we're unable to expand
that reference. The new analyzer will happily anaylyze that code. If
executed at runtime, these queries could change values.
---
 internal/compiler/parse.go                    | 12 +++++++
 .../case_value_param/postgresql/exec.json     |  3 ++
 .../postgresql/pgx/exec.json                  |  3 ++
 .../postgresql/pgx/go/db.go                   | 32 +++++++++++++++++++
 .../postgresql/pgx/go/models.go               | 15 +++++++++
 .../postgresql/pgx/go/query.sql.go            | 32 +++++++++++++++++++
 .../postgresql/pgx/query.sql                  | 13 ++++++++
 .../postgresql/pgx/schema.sql                 |  6 ++++
 .../postgresql/pgx/sqlc.yaml                  | 14 ++++++++
 .../postgresql/pgx/stderr.txt                 |  2 ++
 10 files changed, 132 insertions(+)
 create mode 100644 internal/endtoend/testdata/case_value_param/postgresql/exec.json
 create mode 100644 internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/exec.json
 create mode 100644 internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/go/db.go
 create mode 100644 internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/go/models.go
 create mode 100644 internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/go/query.sql.go
 create mode 100644 internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/query.sql
 create mode 100644 internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/schema.sql
 create mode 100644 internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/sqlc.yaml
 create mode 100644 internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/stderr.txt

diff --git a/internal/compiler/parse.go b/internal/compiler/parse.go
index 0b626e1081..2cc575b4d5 100644
--- a/internal/compiler/parse.go
+++ b/internal/compiler/parse.go
@@ -84,6 +84,18 @@ func (c *Compiler) parseQuery(stmt ast.Node, src string, o opts.Parser) (*Query,
 			return nil, err
 		}
 
+		// If the query uses star expansion, verify that it was edited. If not,
+		// return an error.
+		stars := astutils.Search(raw, func(node ast.Node) bool {
+			_, ok := node.(*ast.A_Star)
+			return ok
+		})
+		hasStars := len(stars.Items) > 0
+		unchanged := inference.Query == rawSQL
+		if unchanged && hasStars {
+			return nil, fmt.Errorf("star expansion failed for query")
+		}
+
 		// FOOTGUN: combineAnalysis mutates inference
 		anlys = combineAnalysis(inference, result)
 	} else {
diff --git a/internal/endtoend/testdata/case_value_param/postgresql/exec.json b/internal/endtoend/testdata/case_value_param/postgresql/exec.json
new file mode 100644
index 0000000000..97f81fbc66
--- /dev/null
+++ b/internal/endtoend/testdata/case_value_param/postgresql/exec.json
@@ -0,0 +1,3 @@
+{
+    "contexts": ["base"]
+}
diff --git a/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/exec.json b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/exec.json
new file mode 100644
index 0000000000..ee1b7ecd9e
--- /dev/null
+++ b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/exec.json
@@ -0,0 +1,3 @@
+{
+  "contexts": ["managed-db"]
+}
diff --git a/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/go/db.go b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/go/db.go
new file mode 100644
index 0000000000..8a010ccc48
--- /dev/null
+++ b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/go/db.go
@@ -0,0 +1,32 @@
+// Code generated by sqlc. DO NOT EDIT.
+// versions:
+//   sqlc v1.22.0
+
+package querytest
+
+import (
+	"context"
+
+	"github.com/jackc/pgx/v5"
+	"github.com/jackc/pgx/v5/pgconn"
+)
+
+type DBTX interface {
+	Exec(context.Context, string, ...interface{}) (pgconn.CommandTag, error)
+	Query(context.Context, string, ...interface{}) (pgx.Rows, error)
+	QueryRow(context.Context, string, ...interface{}) pgx.Row
+}
+
+func New(db DBTX) *Queries {
+	return &Queries{db: db}
+}
+
+type Queries struct {
+	db DBTX
+}
+
+func (q *Queries) WithTx(tx pgx.Tx) *Queries {
+	return &Queries{
+		db: tx,
+	}
+}
diff --git a/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/go/models.go b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/go/models.go
new file mode 100644
index 0000000000..aee0aedce6
--- /dev/null
+++ b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/go/models.go
@@ -0,0 +1,15 @@
+// Code generated by sqlc. DO NOT EDIT.
+// versions:
+//   sqlc v1.22.0
+
+package querytest
+
+import (
+	"github.com/jackc/pgx/v5/pgtype"
+)
+
+type Version struct {
+	ID                int64
+	Name              pgtype.Text
+	PreviousVersionID int64
+}
diff --git a/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/go/query.sql.go b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/go/query.sql.go
new file mode 100644
index 0000000000..3c8f876d38
--- /dev/null
+++ b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/go/query.sql.go
@@ -0,0 +1,32 @@
+// Code generated by sqlc. DO NOT EDIT.
+// versions:
+//   sqlc v1.22.0
+// source: query.sql
+
+package querytest
+
+import (
+	"context"
+)
+
+const getLatestVersionWithSubquery = `-- name: GetLatestVersionWithSubquery :one
+SELECT * 
+FROM versions
+WHERE versions.id IN (
+  WITH RECURSIVE search_tree(id) AS (
+	SELECT id, 0 as chain_id, 0 as chain_counter
+    FROM versions
+  )
+  SELECT DISTINCT ON (search_tree.chain_id) 
+	search_tree.id
+  FROM search_tree   
+  ORDER BY search_tree.chain_id, chain_counter DESC
+)
+`
+
+func (q *Queries) GetLatestVersionWithSubquery(ctx context.Context) (Version, error) {
+	row := q.db.QueryRow(ctx, getLatestVersionWithSubquery)
+	var i Version
+	err := row.Scan(&i.ID, &i.Name, &i.PreviousVersionID)
+	return i, err
+}
diff --git a/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/query.sql b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/query.sql
new file mode 100644
index 0000000000..4a667243fd
--- /dev/null
+++ b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/query.sql
@@ -0,0 +1,13 @@
+-- name: GetLatestVersionWithSubquery :one
+SELECT * 
+FROM versions
+WHERE versions.id IN (
+  WITH RECURSIVE search_tree(id) AS (
+	SELECT id, 0 as chain_id, 0 as chain_counter
+    FROM versions
+  )
+  SELECT DISTINCT ON (search_tree.chain_id) 
+	search_tree.id
+  FROM search_tree   
+  ORDER BY search_tree.chain_id, chain_counter DESC
+);
diff --git a/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/schema.sql b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/schema.sql
new file mode 100644
index 0000000000..1825de4f8f
--- /dev/null
+++ b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/schema.sql
@@ -0,0 +1,6 @@
+-- Example queries for sqlc
+CREATE TABLE versions (
+  id   BIGSERIAL PRIMARY KEY,
+  name TEXT,
+  previous_version_id bigint NOT NULL
+);
diff --git a/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/sqlc.yaml b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/sqlc.yaml
new file mode 100644
index 0000000000..2f12715923
--- /dev/null
+++ b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/sqlc.yaml
@@ -0,0 +1,14 @@
+version: "2"
+cloud:
+  project: "01HAQMMECEYQYKFJN8MP16QC41"
+sql:
+  - engine: "postgresql"
+    schema: "schema.sql"
+    queries: "query.sql"
+    gen:
+      go:
+        package: "querytest"
+        out: "go"
+        sql_package: "pgx/v5"
+    database:
+      managed: true
diff --git a/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/stderr.txt b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/stderr.txt
new file mode 100644
index 0000000000..2a064b8184
--- /dev/null
+++ b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/stderr.txt
@@ -0,0 +1,2 @@
+# package querytest
+query.sql:1:1: star expansion failed for query

From 15fbc40a589a3ba432bf46a520cca1a4c50c7a0e Mon Sep 17 00:00:00 2001
From: Kyle Conroy <kyle@sqlc.dev>
Date: Wed, 18 Oct 2023 12:16:28 -0700
Subject: [PATCH 2/2] Update config

---
 .../testdata/star_expansion_failed/postgresql/pgx/sqlc.yaml   | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/sqlc.yaml b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/sqlc.yaml
index 2f12715923..5dc63e3f91 100644
--- a/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/sqlc.yaml
+++ b/internal/endtoend/testdata/star_expansion_failed/postgresql/pgx/sqlc.yaml
@@ -1,6 +1,4 @@
 version: "2"
-cloud:
-  project: "01HAQMMECEYQYKFJN8MP16QC41"
 sql:
   - engine: "postgresql"
     schema: "schema.sql"
@@ -10,5 +8,3 @@ sql:
         package: "querytest"
         out: "go"
         sql_package: "pgx/v5"
-    database:
-      managed: true