Mark provenance of SQL via the branded types SafeSqlFragment and
UntrustedSqlFragment. Only SafeSqlFragment should be executed;
UntrustedSqlFragments require some kind of implicit user approval (show
on screen + user has to click something) before they are promoted to
SafeSqlFragment.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Editor and RLS tester show loading states for inferred/generated SQL
and include a dedicated user SQL editor for safer edits.
* **Refactor**
* Platform-wide SQL handling tightened: snippets and AI-generated SQL
are treated as untrusted/display-only until promoted, improving safety
and consistency.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
* **Refactor**
* Updated internal module import paths to use standardized alias
conventions across the codebase.
* Reorganized import statement ordering for improved code consistency.
## Context
Just adding some documentation to the more complex parts of the
dashboard in hopes to ease working on these parts for those who aren't
familiar
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Folder creation and updates in the SQL Editor now properly sync to the
backend with API calls, success notifications, and improved error
handling.
* Snippet save/upsert behavior updated: saves run via API with
optimistic handling and debounced execution; default automatic refresh
after save has been reduced to avoid unnecessary invalidations.
* **Documentation**
* Added a comprehensive SQL Editor guide covering UI, data flow, snippet
management, and improvement notes.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
* wip: explain tab in results editor
* updated to add sql explain
* updated to default back to results
* updated explain function
* updated case with multiple statements
* updated to reset explain query results
* added tests for semi colon comments
* feature: add explain w/ AI on pretty-explain tab (#41588)
* wip: added explain with AI
* wip: updated header with new buttons
* updated prompt
* remove any types
* removed unused flag
* updated header
* formatted code
* Use the .sql suffix when generating ids.
* Fix a bug where a new snippet would not show up in the snippet list until refresh.
* Add API routes which serve file snippets.
* Refactor the renameSnippet and moveSnippet to work with file snippets.
* Change the link to the SQL Editor.
* Minor fixes from CodeRabbit.
* Check the file/folder name for invalid chars.
* More fixes from CodeRabbit review.
* Fix minor issues.
* Use zod to parse the snippet ids when deleting.
* Try to fix snyk issue.
* Add validation to the GET content index route.
* Minor fixes.
* Show create a new folder, it was hidden by mistake.
* Add SNIPPETS_MANAGEMENT_FOLDER env var.
* Add snippets folder in the docker-compose.
* Add error toasts if the env var is not set.
* Add snippets management folder to the generateLocalEnv script.
* Revert the docker-compose changes, will be done in a followup PR.
* Revert also the snippets volume folder.
* Remove unneeded line.
* Remove leftover resizable group which weren't interactive.
* Put the input focus in a setTimeout.
* Alternative solution
* Small fix
* Bump threshold to 400ms
* Final fix, hopefully.
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
* fix: response error codes
* upgrade docs
* remove request url modification middleware
* move api routes for self-hosted to platform folder
* remove some lib/common/fetch usage
* docs: use middleware for openapi-fetch (#30600)
Get rid of the unauthedAllowedPost function (I don't think there's any harm in letting any requests that require authentication to just 403, they should be disabled at the React Query level and if not they will fail gracefully enough...)
* fix local count query
* add default values for clone mutation
* fix ts and codegen
* add missing lodash dep to playwright tests
* Fix the playwright tests to match the new folder structure for selfhosted variant.
* remove unused import
* Remove unused state
* remove unused sql debug mutation
* remove unused export
* fix notifications query
* fix jwt updating status
* fix typescript
* save sql snippet after renaming
* update codegen & fix ts error
* override array querySerializer
---------
Co-authored-by: Charis <26616127+charislam@users.noreply.github.com>
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
Co-authored-by: Ivan Vasilov <vasilov.ivan@gmail.com>
* chore: paginate user content
* progress
* loading states
* add load more buttons to private snippets
* working pagination
* fix some types
* always show snippet counts
* support new api parameters
* favorite snippets
* progress
* searching
* paginate root folder
* fix renaming snippets
* fix ts
* removed unused prop
* Shift sharing/unsharing query logic outside of valtio to leverage on RQ only
* Fix invalidation on an unsaved snippet
* Clean up
* Fix
* Clean up
* Update API type
* Update API
* fix duplicate snippets error after moving a snippet
* add currently selected snippet
* Fix unsharing a snippet that has yet to be opened
* i'm dumb
* fix sharing a snippet
* fix sharing and unsharing
* show favorite or shared snippet in list even if it's in another page
* Fix wrong import for debounce
* Fix false positive toast error when creating custom report
* Update API type
* Change create new snippet CTA to link back to /new with skip flag
* Fix saving logs explorer query
* Bump page number
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
* start
* added panels
* remove stuff
* fixes and refinements
* clean up
* remove old assistant panel
* resizable assistant kinda
* use icon
* Add missing package
* remove canvas
* add suggestions
* updated empty state if no tables exist
* fix table condition
* Implement diffing if using assistant in sql editor
* Reinstate old assistant in SQL editor if feature preview is off
* pane size adjustment
* assistant button corners
* Add SQL snippet content to assistant if opening assistant in sql editor
* Add the necessary checks for opt in and hipaa
* revert adding snippet to assistant when opening assistant in sql editor
* Add cmd i shortcut
* Add admonitions for when disablePrompt is toggled on, and if no api key is set. Add footer note RE rate limitation
* Bump ai package in packages
* some fixes for backwards compability depending on feature preview toggled
* Rename feature preview property for new assistant
* Smol fix
* Prevent SQL snippet from running until message is finished
* only loading last message
* fix z-index
* save chat state to global state
* add debug to failed ai queries
* Add basic contextual invalidation
* Add explain code action to SQL editor
* Add link to abort ongoing queries from SqlSnippet
* Update feature preview content
* Fix
* Fix
* Fix
* Te4st
* Fix tests
* ONly show ai button within a project
* Fix PH tracking
* Beef up a bit more event tracking
* Rough fix to padding when assistant is open
* A bit more telemetry stuff
* Update prompts
* fix rls editing via assistant
* Update generate-v3.ts
prompt to get auth schema too
* Add policy satement to assistant when editing
* Address all comments
* fixc
* Fix SqlSnippet not taking full width on larger viewports
* Adjust max width
---------
Co-authored-by: Saxon Fletcher <saxonafletcher@gmail.com>
* temp
* Add copy
* Move hovercard back to parent
* Fix a type error.
* Make name optional
* remove duplicate hovercard
* remove name prop
* Cleanup
* Invalidate snippet list when upserting a snippet
---------
Co-authored-by: Ivan Vasilov <vasilov.ivan@gmail.com>
* Add validation for same folder name
* Add validation in move query modal for folder name
* Add validation in move query modal for folder name min length 1
* Handle rename folder failed due to duplicate folder name
* Fix renaming folder to a name that already exists
* Update the design of the sonner toasts. Add the close button by default.
* Migrate studio and www apps to use the SonnerToaster.
* Migrate all toasts from studio.
* Migrate all leftover toasts in studio.
* Add a new toast component with progress. Use it in studio.
* Migrate the design-system app.
* Refactor the consent toast to use sonner.
* Switch docs to use the new sonner toasts.
* Remove toast examples from the design-system app.
* Remove all toast-related components and old code.
* Fix the progress bar in the toast progress component. Also make the bottom components vertically centered.
* Fix the width of the toast progress.
* Use text-foreground-lighter instead of muted for ToastProgress text
* Rename ToastProgress to SonnerProgress.
* Shorten the text in sonner progress.
* Use the correct classes for the close button. Add a const var for the default toast duration. Remove the custom width class from sonner.
* Set the position for all progress toasts to bottom right. Set the duration for all toasts to the default (when reusing a toast id from loading/progress toast, the duration is set to infinity).
* Fix the playwright tests.
* Refactor imports to use ui instead of @ui.
* Change all imports of react-hot-toast with sonner. These components were merged since the last commit to this branch.
* Remove react-hot-toast lib.
---------
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
Co-authored-by: Jonathan Summers-Muir <MildTomato@users.noreply.github.com>
* Show correct number of private snippets for SQL folders
* Ensure that private snippet count is updated when sharing / unsharing queries
* Fix snippets caching issuie
* Fix move query modal showing more than just the project's folders
* Init changes for sql fodlers
* Added upsert logic in sql-editor-v2 valtio, hooked up with templates and quickstarts
* Do up logic for creating new snippets by typing in /new or by clicking new query button
* Do up logic for updating and deleting snippets
* Do up logic for favourites and shared snippets
* Do up logic for favourites and shared snippets
* Fix
* Fix saving indicator, add empty states for favorites and shared snippets
* Implement sorting
* Some minor QOL improvements
* Minor fix on empty state for private snippets
* Add delete folder mutation
* Implement create and update folder
* Fix reinstate with AI renaming for new snippets under folder
* Support controlled multi select behaviour in private snippets
* Undo changes to tree-view-multi-select
* Support bulk deletes
* Support moving queries + rendering queries in folders
* Support deleting folders and creating a new folder when moving a query
* Fix bug where renaming query removes content
* Add initial loading state in sql editor nav + handle fallback if cannot retrieve content by id
* Fix some spelling
* Fix TS issue in sql folders mutation keys
* Fix toggling favorite
* Lint
* Revert fallback behaviour in ]id] for now
* Fix favorites and shared snippets not showing
* Fix moving currently opened snippet leads to loading
* Support bulk moving
* Improve multi select logic a little
* Nit lint
* Reinstate AI retitling for untitled snippets when running query
* Remove hardcode in useAFlag
* Support creating new snippet in a folder directly
* Fix sharing snippets that are within a folder
* Fix sharing snippets within a folder
* Fix favorite
* Add loading state when fetching folder contents
* Fix favoriting snippets in folders
