docs: comprehensive documentation refresh for v1.5.1+ features

Ajit Pratap Singh · claude · Ajit Pratap Singh · commit 3c8b9ecac613 · 2025-11-26T00:37:35.000+05:30
- USAGE_GUIDE.md: Add Simple API section, v1.5.1 features (GROUPING SETS, ROLLUP, CUBE, MERGE, Materialized Views, Expression Operators), SQL Injection Detection section with examples - CLEAN_ARCHITECTURE.md: Add security package, gosqlx high-level API, update AST types with new statement/expression types, version info - PRODUCTION_GUIDE.md: Add SQL Injection Detection section with code examples for production security scanning, version header - SECURITY.md (root): Add cross-reference note to docs/SECURITY.md - docs/SECURITY.md: Add cross-reference note to root SECURITY.md - Removed empty /docs/getting-started/ directory 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
diff --git a/SECURITY.md b/SECURITY.md
@@ -1,5 +1,7 @@
 # Security Policy
 
+> **Note**: This file covers security policies and vulnerability reporting. For comprehensive security analysis, threat modeling, and the SQL injection detection API, see [docs/SECURITY.md](docs/SECURITY.md).
+
 ## Supported Versions
 
 We release patches for security vulnerabilities. Currently supported versions:
diff --git a/docs/CLEAN_ARCHITECTURE.md b/docs/CLEAN_ARCHITECTURE.md
@@ -1,5 +1,7 @@
 # GoSQLX Clean Architecture Guide
 
+**Version**: v1.5.1+ | **Last Updated**: November 2025
+
 This document outlines the architectural principles and structure of the GoSQLX codebase after comprehensive cleanup and optimization.
 
 ## 📁 Directory Structure
@@ -28,12 +30,15 @@ GoSQLX/
 │   │
 │   ├── sql/                    # SQL processing components
 │   │   ├── tokenizer/          # Lexical analysis
-│   │   ├── parser/             # Syntax analysis
+│   │   ├── parser/             # Syntax analysis (11 modular files)
 │   │   ├── ast/                # Abstract syntax trees
 │   │   ├── keywords/           # SQL keyword definitions
 │   │   ├── token/              # Token management
+│   │   ├── security/           # SQL injection detection (v1.4+)
 │   │   └── monitor/            # Performance monitoring
 │   │
+│   ├── gosqlx/                 # Simple high-level API (v1.4+)
+│   │
 │   └── metrics/                # Performance metrics
 │
 ├── testdata/                   # Test data and fixtures
@@ -128,13 +133,42 @@ CLI Commands → Business Logic → Core Library → Models
 - Node manipulation and transformation
 - Memory management with object pooling
 
+**Statement Types** (v1.5.1+):
+- `SelectStatement`, `InsertStatement`, `UpdateStatement`, `DeleteStatement`
+- `CreateStatement`, `AlterStatement`, `DropStatement`
+- `MergeStatement` (SQL:2003 F312)
+- `MaterializedViewStatement` (CREATE/DROP/REFRESH)
+- `WithStatement` (CTEs, recursive CTEs)
+
+**Expression Types** (v1.5.1+):
+- `BetweenExpression`, `InExpression`, `LikeExpression`, `IsNullExpression`
+- `SubqueryExpression` (scalar, table, correlated, EXISTS)
+- `WindowExpression` (OVER clause with PARTITION BY, ORDER BY, frames)
+- `GroupingExpression` (GROUPING SETS, ROLLUP, CUBE)
+
 ### `pkg/sql/keywords/`
 **Purpose**: SQL keyword recognition and categorization
 - Multi-dialect keyword support
 - Keyword classification and context
 - Reserved word identification
 - Dialect-specific variations
 
+### `pkg/sql/security/` (v1.4+)
+**Purpose**: SQL injection detection and security analysis
+- Pattern-based injection detection
+- Tautology recognition (`1=1`, `'a'='a'`)
+- UNION-based injection detection
+- Time-based blind injection detection
+- Comment bypass detection
+- Severity classification (Critical, High, Medium, Low)
+
+### `pkg/gosqlx/` (v1.4+)
+**Purpose**: Simple high-level API for common use cases
+- One-line parsing: `gosqlx.Parse(sql)`
+- Validation: `gosqlx.Validate(sql)`
+- Batch processing: `gosqlx.ParseMultiple(queries)`
+- Timeout support: `gosqlx.ParseWithTimeout(sql, timeout)`
+
 ## 🔄 Development Workflow
 
 ### 1. **Adding New Features**
diff --git a/docs/PRODUCTION_GUIDE.md b/docs/PRODUCTION_GUIDE.md
@@ -1,5 +1,7 @@
 # GoSQLX Production Deployment Guide
 
+**Version**: v1.5.1+ | **Last Updated**: November 2025
+
 Comprehensive guide for deploying GoSQLX in production environments.
 
 ## Executive Summary
@@ -317,20 +319,65 @@ func (p *SQLProcessor) ProcessWithSecurity(sql []byte) ([]interface{}, error) {
     // Acquire resource
     p.semaphore <- struct{}{}
     defer func() { <-p.semaphore }()
-    
+
     // Validate input
     if err := validateSQLInput(sql); err != nil {
         return nil, fmt.Errorf("input validation failed: %w", err)
     }
-    
+
     // Process with timeout
     ctx, cancel := context.WithTimeout(context.Background(), p.timeout)
     defer cancel()
-    
+
     return p.processWithContext(ctx, sql)
 }
 ```
 
+### 4. SQL Injection Detection (v1.4+)
+
+GoSQLX includes a built-in security scanner for detecting SQL injection patterns:
+
+```go
+import "github.com/ajitpratap0/GoSQLX/pkg/sql/security"
+
+func (p *SQLProcessor) ScanForInjection(sql []byte) error {
+    // Parse SQL first
+    tkz := tokenizer.GetTokenizer()
+    defer tokenizer.PutTokenizer(tkz)
+
+    tokens, err := tkz.Tokenize(sql)
+    if err != nil {
+        return err
+    }
+
+    // Parse to AST
+    parser := parser.NewParser()
+    defer parser.Release()
+    ast, err := parser.Parse(tokens)
+    if err != nil {
+        return err
+    }
+
+    // Scan for injection patterns
+    scanner := security.NewScanner()
+    result := scanner.Scan(ast)
+
+    if result.HasCritical() || result.HasHigh() {
+        return fmt.Errorf("potential SQL injection detected: %d issues",
+            result.CriticalCount + result.HighCount)
+    }
+
+    return nil
+}
+```
+
+**Detected Patterns:**
+- Tautology attacks (`1=1`, `'a'='a'`)
+- UNION-based injection
+- Time-based blind injection (`SLEEP`, `WAITFOR DELAY`)
+- Comment bypass (`--`, `/**/`)
+- Dangerous functions (`xp_cmdshell`, `LOAD_FILE`)
+
 ## Monitoring & Observability
 
 ### 1. Performance Metrics
diff --git a/docs/SECURITY.md b/docs/SECURITY.md
@@ -1,5 +1,7 @@
 # GoSQLX Security Analysis Report
 
+> **Note**: This document provides comprehensive security analysis and the SQL injection detection API. For security policies and vulnerability reporting, see [SECURITY.md](../SECURITY.md) in the project root.
+
 ## 🛡️ Comprehensive Security Assessment
 
 **Analysis Date**: November 2025
diff --git a/docs/USAGE_GUIDE.md b/docs/USAGE_GUIDE.md
@@ -1,8 +1,13 @@
 # GoSQLX Usage Guide
 
+**Version**: v1.5.1+ | **Last Updated**: November 2025
+
 ## Table of Contents
 - [Getting Started](#getting-started)
+- [Simple API (Recommended)](#simple-api-recommended)
 - [Basic Usage](#basic-usage)
+- [Advanced SQL Features (v1.4+)](#advanced-sql-features-v14)
+- [SQL Injection Detection](#sql-injection-detection)
 - [Advanced Patterns](#advanced-patterns)
 - [Real-World Examples](#real-world-examples)
 - [SQL Dialect Support](#sql-dialect-support)
@@ -31,6 +36,55 @@ import (
 )
 ```
 
+## Simple API (Recommended)
+
+The simplest way to use GoSQLX is through the high-level API that handles all complexity for you:
+
+```go
+package main
+
+import (
+    "fmt"
+    "log"
+
+    "github.com/ajitpratap0/GoSQLX/pkg/gosqlx"
+)
+
+func main() {
+    // Parse SQL in one line - that's it!
+    ast, err := gosqlx.Parse("SELECT * FROM users WHERE active = true")
+    if err != nil {
+        log.Fatal(err)
+    }
+
+    fmt.Printf("Successfully parsed %d statement(s)\n", len(ast.Statements))
+}
+```
+
+### More Simple API Examples
+
+```go
+// Validate SQL without full parsing
+if err := gosqlx.Validate("SELECT * FROM users"); err != nil {
+    fmt.Println("Invalid SQL:", err)
+}
+
+// Parse multiple queries efficiently
+queries := []string{
+    "SELECT * FROM users",
+    "SELECT * FROM orders",
+}
+asts, err := gosqlx.ParseMultiple(queries)
+
+// Parse with timeout for long queries
+ast, err := gosqlx.ParseWithTimeout(sql, 5*time.Second)
+
+// Parse from byte slice (zero-copy)
+ast, err := gosqlx.ParseBytes([]byte("SELECT * FROM users"))
+```
+
+> **Note:** The simple API has < 1% performance overhead compared to the low-level API. Use the simple API unless you need fine-grained control.
+
 ## Basic Usage
 
 ### Simple Tokenization
@@ -214,6 +268,166 @@ func HandleTokenizerError(sql string) {
 }
 ```
 
+## Advanced SQL Features (v1.4+)
+
+### GROUPING SETS, ROLLUP, CUBE (SQL-99 T431)
+
+```go
+// GROUPING SETS - explicit grouping combinations
+sql := `SELECT region, product, SUM(sales)
+        FROM orders
+        GROUP BY GROUPING SETS ((region), (product), (region, product), ())`
+ast, err := gosqlx.Parse(sql)
+
+// ROLLUP - hierarchical subtotals
+sql := `SELECT year, quarter, month, SUM(revenue)
+        FROM sales
+        GROUP BY ROLLUP (year, quarter, month)`
+ast, err := gosqlx.Parse(sql)
+
+// CUBE - all possible combinations
+sql := `SELECT region, product, SUM(amount)
+        FROM sales
+        GROUP BY CUBE (region, product)`
+ast, err := gosqlx.Parse(sql)
+```
+
+### MERGE Statements (SQL:2003 F312)
+
+```go
+sql := `
+    MERGE INTO target_table t
+    USING source_table s ON t.id = s.id
+    WHEN MATCHED THEN
+        UPDATE SET t.name = s.name, t.value = s.value
+    WHEN NOT MATCHED THEN
+        INSERT (id, name, value) VALUES (s.id, s.name, s.value)
+`
+ast, err := gosqlx.Parse(sql)
+```
+
+### Materialized Views
+
+```go
+// Create materialized view
+sql := `CREATE MATERIALIZED VIEW sales_summary AS
+        SELECT region, SUM(amount) as total
+        FROM sales GROUP BY region`
+ast, err := gosqlx.Parse(sql)
+
+// Refresh materialized view
+sql := `REFRESH MATERIALIZED VIEW CONCURRENTLY sales_summary`
+ast, err := gosqlx.Parse(sql)
+
+// Drop materialized view
+sql := `DROP MATERIALIZED VIEW IF EXISTS sales_summary`
+ast, err := gosqlx.Parse(sql)
+```
+
+### Expression Operators (BETWEEN, IN, LIKE, IS NULL)
+
+```go
+// BETWEEN with expressions
+sql := `SELECT * FROM orders WHERE amount BETWEEN 100 AND 500`
+
+// IN with subquery
+sql := `SELECT * FROM users WHERE id IN (SELECT user_id FROM admins)`
+
+// LIKE with pattern matching
+sql := `SELECT * FROM products WHERE name LIKE '%widget%'`
+
+// IS NULL / IS NOT NULL
+sql := `SELECT * FROM users WHERE deleted_at IS NULL`
+
+// NULLS FIRST/LAST ordering (SQL-99 F851)
+sql := `SELECT * FROM users ORDER BY last_login DESC NULLS LAST`
+```
+
+### Subqueries
+
+```go
+// Scalar subquery
+sql := `SELECT name, (SELECT MAX(salary) FROM employees) as max_sal FROM users`
+
+// EXISTS subquery
+sql := `SELECT * FROM orders o
+        WHERE EXISTS (SELECT 1 FROM customers c WHERE c.id = o.customer_id)`
+
+// Correlated subquery
+sql := `SELECT * FROM employees e
+        WHERE salary > (SELECT AVG(salary) FROM employees WHERE dept = e.dept)`
+```
+
+## SQL Injection Detection
+
+GoSQLX includes a built-in security scanner (`pkg/sql/security`) for detecting SQL injection patterns:
+
+```go
+import (
+    "github.com/ajitpratap0/GoSQLX/pkg/gosqlx"
+    "github.com/ajitpratap0/GoSQLX/pkg/sql/security"
+)
+
+func CheckForInjection(sql string) {
+    // Parse the SQL first
+    ast, err := gosqlx.Parse(sql)
+    if err != nil {
+        fmt.Println("Parse error:", err)
+        return
+    }
+
+    // Create scanner and scan for injection patterns
+    scanner := security.NewScanner()
+    result := scanner.Scan(ast)
+
+    // Check results
+    if result.HasCritical() {
+        fmt.Printf("CRITICAL: Found %d critical security issues!\n", result.CriticalCount)
+    }
+    if result.HasHigh() {
+        fmt.Printf("HIGH: Found %d high-severity issues\n", result.HighCount)
+    }
+
+    // Print all findings
+    for _, finding := range result.Findings {
+        fmt.Printf("[%s] %s: %s\n",
+            finding.Severity,
+            finding.Pattern,
+            finding.Description)
+    }
+}
+```
+
+### Detected Injection Patterns
+
+The security scanner detects:
+- **Tautology patterns**: `1=1`, `'a'='a'`, always-true conditions
+- **UNION-based injection**: Unauthorized UNION statements
+- **Time-based blind injection**: `SLEEP()`, `WAITFOR DELAY`
+- **Comment bypass**: `--`, `/**/` comment abuse
+- **Stacked queries**: Multiple statement injection
+- **Dangerous functions**: `xp_cmdshell`, `LOAD_FILE`, `INTO OUTFILE`
+
+```go
+// Example: Check user input for injection
+func ValidateUserQuery(userInput string) error {
+    ast, err := gosqlx.Parse(userInput)
+    if err != nil {
+        return fmt.Errorf("invalid SQL syntax: %w", err)
+    }
+
+    scanner := security.NewScanner()
+    result := scanner.Scan(ast)
+
+    if result.HasCritical() || result.HasHigh() {
+        return fmt.Errorf("potential SQL injection detected: %d issues found",
+            result.CriticalCount + result.HighCount)
+    }
+
+    return nil
+}
+```
+
 ## Real-World Examples
 
 ### SQL Validator
