lywsvip/supabase
1
0
Fork 0
mirror of https://github.com/supabase/supabase.git synced 2026-06-10 13:01:16 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
create-pull-request/patch
supabase/apps/studio/data/sql/execute-sql-query.ts
Charis 12869fcd9f studio: flip executeSql signature to SafeSqlFragment (7/7) (#46007) 
## Summary

Final PR in the SafeSql migration stack. Stacked on top of #46006.

Tightens `executeSql`'s `sql` parameter from `string` to
`SafeSqlFragment`. Any future raw-string caller is now a compile error —
the SafeSql safety property becomes structural rather than
convention-based.

Also adapts the AI `execute_sql` tool to promote AI-generated SQL via
`acceptUntrustedSql(untrustedSql(sql))` inside the `execute` callback.
The tool's existing \`needsApproval: true\` gate ensures `execute` only
runs after the user has explicitly approved — that approval is the
gesture that promotes untrusted to safe.

## Test plan

- [x] `pnpm typecheck` passes
- [x] Grep for any remaining raw-string `executeSql` calls in
`apps/studio` returns nothing
- [x] Dev-server smoke: AI tool approval flow executes SQL
2026-05-15 20:07:54 +00:00

7.0 KiB
Raw Permalink Blame History

View Raw
Reference in New Issue View Git Blame Copy Permalink