Add: function to fetch foreign key info [MSSQL/POSTGRES]#346
Conversation
WalkthroughAdds a new public method Changes
Sequence Diagram(s)sequenceDiagram
participant Caller as Caller
participant DS as DataSource\n(Mssql / Postgres)
participant DB as Database
Caller->>DS: get_table_foreign_key_info(table, schema?)
Note right of DS: resolve schema (use default if None)
DS->>DB: execute system-catalog SQL for foreign keys
DB-->>DS: result rows (constraint, table, fk_column, ref_table, ref_column)
DS-->>Caller: return list of dicts / rows
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes
Suggested reviewers
Poem
Pre-merge checks and finishing touches❌ Failed checks (2 warnings)
✅ Passed checks (1 passed)
✨ Finishing touches
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 2
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (2)
dcs_core/integrations/databases/mssql.py(1 hunks)dcs_core/integrations/databases/postgres.py(1 hunks)
🧰 Additional context used
🧬 Code graph analysis (2)
dcs_core/integrations/databases/postgres.py (3)
dcs_core/integrations/databases/mssql.py (2)
get_table_foreign_key_info(824-861)fetchall(107-108)dcs_core/integrations/databases/sybase.py (1)
fetchall(194-195)dcs_core/core/datasource/sql_datasource.py (1)
fetchall(117-120)
dcs_core/integrations/databases/mssql.py (3)
dcs_core/integrations/databases/sybase.py (1)
fetchall(194-195)dcs_core/core/datasource/sql_datasource.py (1)
fetchall(117-120)dcs_core/integrations/databases/spark_df.py (2)
fetchall(36-43)fetchall(110-113)
🪛 GitHub Actions: CI
dcs_core/integrations/databases/postgres.py
[error] 371-371: Black formatting failed for Postgres file: cannot use --safe with this file; failed to parse AST: f-string expression part cannot include a backslash.
[error] 1-1: Trailing whitespace detected and removed by pre-commit hook (fix applied).
dcs_core/integrations/databases/mssql.py
[error] 747-747: Black formatting failed for MSSQL file: cannot use --safe with this file; failed to parse AST: f-string expression part cannot include a backslash.
🪛 Ruff (0.14.5)
dcs_core/integrations/databases/postgres.py
430-447: Possible SQL injection vector through string-based query construction
(S608)
dcs_core/integrations/databases/mssql.py
833-859: Possible SQL injection vector through string-based query construction
(S608)
|
|
||
| def get_table_foreign_key_info( | ||
| self, | ||
| table_name: str, | ||
| schema: str | None = None | ||
| ): | ||
| schema = schema or self.schema_name | ||
| table_name = table_name.lower() | ||
| schema = schema.lower() | ||
|
|
||
| query = f""" | ||
| SELECT | ||
| fk.name AS constraint_name, | ||
| t.name AS table_name, | ||
| c.name AS fk_column, | ||
| rt.name AS referenced_table, | ||
| rc.name AS referenced_column | ||
| FROM sys.foreign_keys fk | ||
| INNER JOIN sys.foreign_key_columns fkc | ||
| ON fk.object_id = fkc.constraint_object_id | ||
| INNER JOIN sys.tables t | ||
| ON fk.parent_object_id = t.object_id | ||
| INNER JOIN sys.schemas s | ||
| ON t.schema_id = s.schema_id | ||
| INNER JOIN sys.columns c | ||
| ON fkc.parent_object_id = c.object_id | ||
| AND fkc.parent_column_id = c.column_id | ||
| INNER JOIN sys.tables rt | ||
| ON fk.referenced_object_id = rt.object_id | ||
| INNER JOIN sys.schemas rs | ||
| ON rt.schema_id = rs.schema_id | ||
| INNER JOIN sys.columns rc | ||
| ON fkc.referenced_object_id = rc.object_id | ||
| AND fkc.referenced_column_id = rc.column_id | ||
| WHERE t.name = '{table_name}' | ||
| AND s.name = '{schema}'; | ||
| """ | ||
| rows = self.fetchall(query) |
There was a problem hiding this comment.
🧩 Analysis chain
get_table_foreign_key_info is functionally fine but needs attention for SQL safety and CI parsing
The join against sys.foreign_keys / sys.foreign_key_columns looks correct and consistent with the Postgres version, but two things to tighten up:
- The query is built with an f-string and inlined
table_name/schema(Lines 833-858). If those values can come from user or external input, this is an SQL injection vector (Ruff S608). Either:- Ensure call sites only pass validated identifiers (e.g., from
query_get_table_names) and document that contract, or - Prefer a parameterized cursor call, e.g.
cursor.execute("""... WHERE t.name = ? AND s.name = ?""", (table_name.lower(), schema.lower())), similar to other pyodbc usage.
- Ensure call sites only pass validated identifiers (e.g., from
- CI is currently failing Black for this file with
f-string expression part cannot include a backslashon an existing f-string inbuild_table_metrics_query(around the",\n ".join(query_parts)expression, not in this new method). A simple pattern that avoids that is:
joined_parts = ",\n ".join(query_parts)
query = f"SELECT\n {joined_parts}\nFROM {qualified_table};"so the f-string expression contains only identifiers, not string literals with backslashes.
🏁 Script executed:
#!/bin/bash
# Verify the actual code in get_table_foreign_key_info and surrounding context
echo "=== Method at lines 823-860 ==="
sed -n '823,860p' dcs_core/integrations/databases/mssql.py
echo -e "\n=== Looking for build_table_metrics_query ==="
rg -n "build_table_metrics_query" dcs_core/integrations/databases/mssql.py -A 30
echo -e "\n=== Checking for parameterized query patterns in file ==="
rg -n "cursor\.execute" dcs_core/integrations/databases/mssql.py -C 2
echo -e "\n=== Checking for similar f-string SQL patterns ==="
rg -n "WHERE.*=.*\{" dcs_core/integrations/databases/mssql.py -C 1
echo -e "\n=== Checking call sites of get_table_foreign_key_info ==="
rg -n "get_table_foreign_key_info" --type pyLength of output: 4024
🏁 Script executed:
#!/bin/bash
# Check for validation of table_name and schema parameters elsewhere in the file
echo "=== Other methods that accept table_name/schema parameters ==="
rg -n "def.*table_name.*schema" dcs_core/integrations/databases/mssql.py -A 3
echo -e "\n=== Check query_get_table_names to see validation pattern ==="
rg -n "query_get_table_names\|query_get_table_indexes" dcs_core/integrations/databases/mssql.py -A 15 | head -80Length of output: 125
🏁 Script executed:
#!/bin/bash
# Find the complete build_table_metrics_query to see if there's a backslash in f-string
echo "=== Complete build_table_metrics_query method ==="
rg -n "def build_table_metrics_query" dcs_core/integrations/databases/mssql.py -A 100 | head -150
echo -e "\n=== Check if there are any imports or uses of get_table_foreign_key_info across codebase ==="
rg -r "get_table_foreign_key_info" --type py -n
echo -e "\n=== Check for test files that might call these methods ==="
fd -e "test*.py" -o "*/test/*.py" | xargs rg -l "get_table_foreign_key_info" 2>/dev/null || echo "No test files found"Length of output: 4777
🏁 Script executed:
#!/bin/bash
# Look for where table_name and schema come from - are they validated?
echo "=== Check parent class to see if these are public entry points ==="
rg -n "class.*MssqlDataSource\|class.*DataSourceBase" dcs_core/integrations/databases/mssql.py -A 5
echo -e "\n=== Check for schema_name initialization ==="
rg -n "self.schema_name" dcs_core/integrations/databases/mssql.py -B 2 -A 2
echo -e "\n=== Check how other similar methods handle table_name/schema (e.g., query_table_info) ==="
rg -n "def query_table_info\|def get_table_columns\|def get_table_indexes" dcs_core/integrations/databases/mssql.py -A 8 | head -60Length of output: 1158
🏁 Script executed:
#!/bin/bash
# Check if Postgres version of get_table_foreign_key_info uses same pattern
echo "=== Postgres get_table_foreign_key_info method ==="
sed -n '420,470p' dcs_core/integrations/databases/postgres.py
echo -e "\n=== Check if Postgres also has f-string SQL queries ==="
rg -n "WHERE.*=.*\{" dcs_core/integrations/databases/postgres.py -C 1 | head -40Length of output: 1654
🏁 Script executed:
#!/bin/bash
# Verify: does rg find any calling code for get_table_foreign_key_info?
echo "=== Any Python files that import or call get_table_foreign_key_info ==="
rg "get_table_foreign_key_info" --type py
echo -e "\n=== Check base class or interface definition ==="
fd "*.py" -e py | xargs rg -l "class.*DataSource" | head -5
echo -e "\n=== Check if qualified_table_name uses similar inlining ==="
rg -n "def qualified_table_name" dcs_core/integrations/databases/mssql.py -A 5Length of output: 1066
Address Black parse error in build_table_metrics_query at line 747; apply suggested fix pattern
Verification confirms all points in your review:
-
The SQL injection concern with f-string inlined
table_name/schemais valid (lines 857–858). However, this pattern is consistent across the codebase: both MSSQL (lines 147, 268) and Postgres (lines 110, 243, 444–445) use identical inlined-identifier approach. The new method follows existing architectural pattern. -
The Black parse error is real and occurs in
build_table_metrics_queryat line 747:query = f'SELECT\n {",\n ".join(query_parts)}\nFROM {qualified_table};'
The backslash (
\n) inside the f-string expression{",\n ".join(...)}triggers the parse failure. -
Your suggested fix pattern is correct. Applying it to line 747 will resolve the CI failure:
joined_parts = ",\n ".join(query_parts) query = f'SELECT\n {joined_parts}\nFROM {qualified_table};'
For the new get_table_foreign_key_info, if stricter SQL safety is desired, consider documenting that call sites must validate identifiers (e.g., sourcing from system catalogs), or migrate to parameterized queries—but that would be a broader refactor affecting both backends.
🧰 Tools
🪛 Ruff (0.14.5)
833-859: Possible SQL injection vector through string-based query construction
(S608)
🤖 Prompt for AI Agents
dcs_core/integrations/databases/mssql.py around lines 747 and 823-860: the
f-string in build_table_metrics_query uses an expression with backslash-escaped
newlines which causes Black/parse errors—fix by first assigning the joined
columns to a local variable (e.g., joined_parts = ",\n ".join(query_parts))
and then reference that variable inside the f-string for the SELECT block; for
get_table_foreign_key_info (lines ~823-860) avoid directly inlining raw
table/schema names into SQL—use QUOTENAME on identifiers or validate/escape
identifiers before interpolating (or document that callers must provide safe
identifiers) so the query string is safe from injection while keeping the same
structural logic.
| def get_table_foreign_key_info( | ||
| self, | ||
| table_name:str, | ||
| schema: str | None = None | ||
| ): | ||
|
|
||
| schema = schema or self.schema_name | ||
| table_name = table_name.lower() | ||
| schema = schema.lower() | ||
|
|
||
| query=f""" | ||
| SELECT | ||
| con.conname AS constraint_name, | ||
| rel_t.relname AS table_name, | ||
| att_t.attname AS fk_column, | ||
| rel_p.relname AS referenced_table, | ||
| att_p.attname AS referenced_column | ||
| FROM pg_constraint con | ||
| JOIN pg_class rel_t ON rel_t.oid = con.conrelid | ||
| JOIN pg_namespace nsp_t ON nsp_t.oid = rel_t.relnamespace | ||
| JOIN pg_class rel_p ON rel_p.oid = con.confrelid | ||
| JOIN pg_namespace nsp_p ON nsp_p.oid = rel_p.relnamespace | ||
| JOIN pg_attribute att_t ON att_t.attrelid = rel_t.oid AND att_t.attnum = ANY(con.conkey) | ||
| JOIN pg_attribute att_p ON att_p.attrelid = rel_p.oid AND att_p.attnum = ANY(con.confkey) | ||
| WHERE con.contype = 'f' | ||
| AND rel_t.relname = '{table_name}' | ||
| AND nsp_t.nspname = '{schema}'; | ||
| """ | ||
| rows = self.fetchall(query) | ||
| return rows No newline at end of file |
There was a problem hiding this comment.
🧩 Analysis chain
Postgres FK metadata query works but shares SQL-injection and Black-parse concerns
The FK metadata query against pg_constraint / pg_class / pg_attribute looks correct and mirrors the MSSQL implementation, but:
-
As in MSSQL, the SQL is assembled with an f-string and direct interpolation of
table_name/schema(Lines 430-447). If these ever come from untrusted input, Ruff S608 is right to complain. Please either:-
Treat them as trusted identifiers only (e.g., coming from your own
query_get_table_names) and make that explicit, or -
Switch to a parameterized execution via SQLAlchemy, e.g.:
stmt = text( """ SELECT ... WHERE con.contype = 'f' AND rel_t.relname = :table_name AND nsp_t.nspname = :schema; """ ) rows = self.connection.execute( stmt, {"table_name": table_name.lower(), "schema": schema.lower()} ).fetchall()
-
-
CI Black is failing here as well with
f-string expression part cannot include a backslashon the existingbuild_table_metrics_queryline that uses",\n ".join(query_parts)inside an f-string. As with MSSQL, consider:joined_parts = ",\n ".join(query_parts) query = f"SELECT\n {joined_parts}\nFROM {qualified_table};"
to keep backslash-containing literals out of the f-string expression part and let Black parse the file cleanly.
🏁 Script executed:
#!/bin/bash
# Find and inspect the postgres.py file around lines 420-449
fd -n "postgres\.py" -t fLength of output: 230
🏁 Script executed:
#!/bin/bash
# Inspect the get_table_foreign_key_info method
if [ -f "dcs_core/integrations/databases/postgres.py" ]; then
sed -n '420,449p' "dcs_core/integrations/databases/postgres.py"
fiLength of output: 1214
🏁 Script executed:
#!/bin/bash
# Find build_table_metrics_query in postgres.py
rg -n "build_table_metrics_query" dcs_core/integrations/databases/postgres.py -A 20Length of output: 759
🏁 Script executed:
#!/bin/bash
# Check MSSQL implementation for comparison
fd -n "mssql\.py" -t f | head -1 | xargs catLength of output: 230
🏁 Script executed:
#!/bin/bash
# Look for parameterized query patterns in the database integrations
rg -n "text\(" dcs_core/integrations/databases/ -A 3 -B 1 --type py | head -40Length of output: 1866
🏁 Script executed:
#!/bin/bash
# Search for trusted vs untrusted input handling patterns
rg -n "table_name|schema" dcs_core/integrations/databases/postgres.py -B 2 -A 2 | head -60Length of output: 2083
🏁 Script executed:
#!/bin/bash
# Get the complete build_table_metrics_query method
rg -n "def build_table_metrics_query" dcs_core/integrations/databases/postgres.py -A 50 | head -60Length of output: 2065
🏁 Script executed:
#!/bin/bash
# Check for MSSQL counterpart method
fd "mssql.py" dcs_core/integrations/databases/ -type f | head -1Length of output: 170
🏁 Script executed:
#!/bin/bash
# If MSSQL exists, search for its get_table_foreign_key_info equivalent
if [ -f "dcs_core/integrations/databases/mssql.py" ]; then
rg -n "get_table_foreign_key_info" dcs_core/integrations/databases/mssql.py -A 25
fiLength of output: 1050
🏁 Script executed:
#!/bin/bash
# Check fetchall implementation to understand if parameterized queries are used elsewhere
rg -n "def fetchall" dcs_core/integrations/databases/postgres.py -A 10Length of output: 0
🏁 Script executed:
#!/bin/bash
# Search for the exact f-string backslash error mentioned in the review
rg -n 'join\(query_parts\)' dcs_core/integrations/databases/postgres.py -B 3 -A 3Length of output: 322
🏁 Script executed:
#!/bin/bash
# Check Black configuration and CI status
if [ -f ".github/workflows" ]; then
find .github/workflows -name "*.yml" -o -name "*.yaml" | xargs grep -l "black" 2>/dev/null | head -1
fiLength of output: 0
🏁 Script executed:
#!/bin/bash
# Look for how table_name and schema are sourced in callers
rg -n "get_table_foreign_key_info\(" dcs_core/ -B 3 -A 1 --type pyLength of output: 735
🏁 Script executed:
#!/bin/bash
# Find all callers of get_table_foreign_key_info (method calls, not definition)
rg -n "\.get_table_foreign_key_info" dcs_core/ --type py -B 2 -A 2Length of output: 0
🏁 Script executed:
#!/bin/bash
# Search for any input validation or sanitization on table_name or schema
rg -n "table_name|schema" dcs_core/integrations/databases/postgres.py | rg -i "validate|sanitize|check|assert|raise|error" -C 2Length of output: 0
🏁 Script executed:
#!/bin/bash
# Check the fetchall method in the parent/base class
fd "base" dcs_core/integrations/databases/ --type f | xargs rg -n "def fetchall" -A 5 2>/dev/nullLength of output: 219
🏁 Script executed:
#!/bin/bash
# Look for any test files that might show how get_table_foreign_key_info is called
find . -name "*test*" -type f -name "*.py" | xargs rg -l "get_table_foreign_key_info" 2>/dev/nullLength of output: 0
🏁 Script executed:
#!/bin/bash
# Check query_get_table_names to understand input flow
rg -n "def query_get_table_names" dcs_core/integrations/databases/postgres.py -A 30Length of output: 1141
Fix Black parse error on line 371 and parameterize SQL in get_table_foreign_key_info
The FK metadata query looks correct functionally, but two issues need addressing:
- Line 371 —
build_table_metrics_queryhas a Black parse error: the f-stringf'SELECT\n {",\n ".join(query_parts)}\nFROM {qualified_table};'contains a backslash (\n) inside the expression. Move the join outside:
joined_parts = ",\n ".join(query_parts)
query = f"SELECT\n {joined_parts}\nFROM {qualified_table};"- Lines 430–447 — Like the MSSQL counterpart, the SQL is built with f-string interpolation of
table_nameandschema. While these may be trusted internal identifiers, adopt the parameterized pattern already used elsewhere in the file (e.g., line 373 withtext()):
stmt = text(
"""
SELECT ...
WHERE con.contype = 'f'
AND rel_t.relname = :table_name
AND nsp_t.nspname = :schema;
"""
)
rows = self.connection.execute(
stmt, {"table_name": table_name.lower(), "schema": schema.lower()}
).fetchall()🧰 Tools
🪛 Ruff (0.14.5)
430-447: Possible SQL injection vector through string-based query construction
(S608)
🤖 Prompt for AI Agents
In dcs_core/integrations/databases/postgres.py around lines 371 and 430–447, fix
two issues: (1) resolve the Black parse error in build_table_metrics_query by
moving the join out of the f-string — compute joined_parts = ",\n
".join(query_parts) then build the query with f"SELECT\n {joined_parts}\nFROM
{qualified_table};"; (2) parameterize the get_table_foreign_key_info SQL instead
of interpolating table_name and schema directly — construct a text() statement
with placeholders for :table_name and :schema, execute it via the connection
with a params dict using table_name.lower() and schema.lower(), and return the
fetched rows.
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (5)
dcs_core/integrations/databases/mssql.py (3)
824-825: Add return type annotation for consistency.Other query methods in this class include return type annotations (e.g.,
query_get_table_names→dict,query_get_table_indexes→dict[str, dict]). Add-> list[dict]to match the pattern.Apply this diff:
- def get_table_foreign_key_info(self, table_name: str, schema: str | None = None): + def get_table_foreign_key_info(self, table_name: str, schema: str | None = None) -> list[dict]:
851-852: Normalize case to match other query methods.
query_get_table_indexes(lines 179–180) uppercases bothtableandschemabefore interpolating them into the WHERE clause. Apply the same normalization here for consistency.Apply this diff:
+ table_name = table_name.upper() + schema = schema.upper() + query = f""" ... WHERE t.name = '{table_name}' AND s.name = '{schema}';
857-857: Use logger instead of print for error output.Line 21 imports
loggerfrom loguru. Replaceprint(e)withlogger.error(e)orlogger.exception(e)to maintain consistent logging throughout the module.Apply this diff:
except Exception as e: - print(e) + logger.error(f"Error fetching foreign key info for {table_name}: {e}") return []dcs_core/integrations/databases/postgres.py (2)
420-421: Add return type annotation for consistency.Other query methods in this class include return type annotations (e.g.,
query_get_table_names→dict,query_get_table_indexes→dict[str, dict]). Add-> list[dict]to match the pattern.Apply this diff:
- def get_table_foreign_key_info(self, table_name: str, schema: str | None = None): + def get_table_foreign_key_info(self, table_name: str, schema: str | None = None) -> list[dict]:
438-439: Normalize case to match other query methods.
query_get_table_indexes(lines 142–143) lowercases bothtableandschemabefore interpolating them into the WHERE clause. Apply the same normalization here for consistency.Apply this diff:
+ table_name = table_name.lower() + schema = schema.lower() + query = f""" ... WHERE con.contype = 'f' AND rel_t.relname = '{table_name}' AND nsp_t.nspname = '{schema}';
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (2)
dcs_core/integrations/databases/mssql.py(1 hunks)dcs_core/integrations/databases/postgres.py(1 hunks)
🧰 Additional context used
🧬 Code graph analysis (2)
dcs_core/integrations/databases/mssql.py (1)
dcs_core/integrations/databases/postgres.py (1)
get_table_foreign_key_info(420-447)
dcs_core/integrations/databases/postgres.py (1)
dcs_core/integrations/databases/mssql.py (1)
get_table_foreign_key_info(824-860)
🪛 Ruff (0.14.5)
dcs_core/integrations/databases/mssql.py
827-853: Possible SQL injection vector through string-based query construction
(S608)
856-856: Do not catch blind exception: Exception
(BLE001)
dcs_core/integrations/databases/postgres.py
423-440: Possible SQL injection vector through string-based query construction
(S608)
443-443: Do not catch blind exception: Exception
(BLE001)
There was a problem hiding this comment.
Actionable comments posted: 2
♻️ Duplicate comments (4)
dcs_core/integrations/databases/mssql.py (2)
827-853: SQL injection concern already flagged in previous review.The f-string interpolation of
table_nameandschemahas been flagged as a potential SQL injection vector in the past review comments.
854-860: Exception handling issues already flagged; cursor not closed.The blind exception catching and unused variable
ehave been flagged by static analysis. Additionally, the cursor is not closed after use, which could lead to resource leaks.Apply this diff to remove the unused variable and ensure the cursor is closed:
try: cursor = self.connection.cursor() cursor.execute(query) rows = cursor.fetchall() - except Exception as e: + except Exception: print(f"Failed to fetch fk info for dataset: {table_name}") return [] + finally: + cursor.close()dcs_core/integrations/databases/postgres.py (2)
423-440: SQL injection concern and parameterization suggestion already provided.The f-string interpolation of
table_nameandschemaand the recommendation to use parameterized queries have been addressed in the past review comments.
441-447: Exception handling issues already flagged; minor inconsistency in error message.The blind exception catching and unused variable
ehave been flagged by static analysis. Additionally, the error message format differs slightly from the MSSQL version (missing colon after "dataset").Apply this diff to remove the unused variable and align the error message format:
- except Exception as e: - print(f"Failed to fetch fk info for dataset {table_name}") + except Exception: + print(f"Failed to fetch fk info for dataset: {table_name}") return []The data transformation using
row._mappingis clean and follows SQLAlchemy conventions.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (2)
dcs_core/integrations/databases/mssql.py(1 hunks)dcs_core/integrations/databases/postgres.py(1 hunks)
🧰 Additional context used
🧬 Code graph analysis (2)
dcs_core/integrations/databases/mssql.py (1)
dcs_core/integrations/databases/postgres.py (1)
get_table_foreign_key_info(420-447)
dcs_core/integrations/databases/postgres.py (1)
dcs_core/integrations/databases/mssql.py (1)
get_table_foreign_key_info(824-872)
🪛 Ruff (0.14.5)
dcs_core/integrations/databases/mssql.py
827-853: Possible SQL injection vector through string-based query construction
(S608)
858-858: Do not catch blind exception: Exception
(BLE001)
858-858: Local variable e is assigned to but never used
Remove assignment to unused variable e
(F841)
dcs_core/integrations/databases/postgres.py
423-440: Possible SQL injection vector through string-based query construction
(S608)
443-443: Do not catch blind exception: Exception
(BLE001)
443-443: Local variable e is assigned to but never used
Remove assignment to unused variable e
(F841)
🔇 Additional comments (1)
dcs_core/integrations/databases/mssql.py (1)
862-872: Data transformation logic is clean and correct.The list comprehension correctly maps the query results to dictionaries with descriptive keys.
| def get_table_foreign_key_info(self, table_name: str, schema: str | None = None): | ||
| schema = schema or self.schema_name |
There was a problem hiding this comment.
🛠️ Refactor suggestion | 🟠 Major
Add docstring to document the public API.
This public method lacks documentation. Add a docstring describing the parameters, return type, and behavior.
Apply this diff to add a docstring:
def get_table_foreign_key_info(self, table_name: str, schema: str | None = None):
+ """
+ Get foreign key information for a table.
+
+ :param table_name: Name of the table
+ :param schema: Optional schema name (defaults to self.schema_name)
+ :return: List of dictionaries containing foreign key metadata
+ """
schema = schema or self.schema_name🤖 Prompt for AI Agents
In dcs_core/integrations/databases/mssql.py around lines 824-825, the public
method get_table_foreign_key_info lacks a docstring; add a concise docstring
directly above the def that documents parameters (table_name: str, schema:
Optional[str] defaulting to self.schema_name), the return type (describe the
structure/type returned, e.g., list/dict of foreign key metadata), and the
behavior (what it queries/returns and how schema defaulting works), and include
any raised exceptions or side effects; use the project's existing docstring
style for consistency.
| def get_table_foreign_key_info(self, table_name: str, schema: str | None = None): | ||
| schema = schema or self.schema_name |
There was a problem hiding this comment.
🛠️ Refactor suggestion | 🟠 Major
Add docstring for consistency with the codebase.
This public method should have documentation to match the coding standards applied elsewhere in the file.
Apply this diff to add a docstring:
def get_table_foreign_key_info(self, table_name: str, schema: str | None = None):
+ """
+ Get foreign key information for a table.
+
+ :param table_name: Name of the table
+ :param schema: Optional schema name (defaults to self.schema_name)
+ :return: List of dictionaries containing foreign key metadata
+ """
schema = schema or self.schema_name📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| def get_table_foreign_key_info(self, table_name: str, schema: str | None = None): | |
| schema = schema or self.schema_name | |
| def get_table_foreign_key_info(self, table_name: str, schema: str | None = None): | |
| """ | |
| Get foreign key information for a table. | |
| :param table_name: Name of the table | |
| :param schema: Optional schema name (defaults to self.schema_name) | |
| :return: List of dictionaries containing foreign key metadata | |
| """ | |
| schema = schema or self.schema_name |
🤖 Prompt for AI Agents
In dcs_core/integrations/databases/postgres.py around lines 420-421, add a
triple-quoted docstring to the public method get_table_foreign_key_info
describing its purpose, parameters (table_name: str, schema: str | None = None),
what schema defaults to (self.schema_name), and the return value/type and
structure (e.g., list/dict of foreign key metadata) following the file's
existing docstring style and tone; keep it concise, include parameter and return
descriptions, and place it immediately below the def line.
Fixes/Implements
Description
Summary Goes here.
Type of change
Delete irrelevant options.
How Has This Been Tested?
Summary by CodeRabbit