refactor(sql): swing consumers to mcpg.sql, delete the vendored kernel (18.1, PR 2)#260
Conversation
…ernel (18.1, PR2)
The de-vendor swing:
- Rewrote all ~74 'from mcpg._vendor.sql import ...' -> 'from mcpg.sql import ...'
across src + tests (SqlDriver / SafeSqlDriver / DbConnPool / obfuscate_password
are the stable seam; behaviour unchanged, tool snapshots unchanged).
- Deleted src/mcpg/_vendor/ and tests/vendor/ wholesale, plus the temporary
differential parity harness (its job — 0 divergence — is done).
- Removed all 5 _vendor quality-gate carve-outs in pyproject.toml: the SQL
kernel is now inside coverage (90% gate), mypy --strict, ruff, and bandit
like every other module.
- Regenerated the architecture.md module map (drops mcpg._vendor, adds
mcpg.sql.{allowlist,driver,safety}); fixed generate_doc_tables.py to stop
hardcoding the deleted _vendor row; rewrote the architecture + CLAUDE.md
'SQL-safety kernel' sections to first-party.
Full unit + contract suite: 2754 pass. ruff + mypy --strict clean across
106 source files. git grep mcpg._vendor -> nothing.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_0122yLZLJ8t4W43sdN6BmTZc
- New ADR-0007 (first-party SQL kernel) superseding ADR-0001; ADR-0001 marked superseded with a banner. - NOTICE rewritten: kernel is first-party, re-authored from crystaldba (MIT) — attribution kept as design lineage, not a vendored copy. - SECURITY.md: the SQL-safety kernel is now in-scope MCPg code (removed the _vendor exclusion + the 'goes upstream to crystaldba' out-of-scope item). - README license note, adding-tools import example, release-process license-files example: point at the first-party paths. - feature-shortlist 18.1 -> ✅ Shipped. - CHANGELOG [Unreleased]: de-vendor entry. Left as historical record (accurate for their time): PROGRESS.md build log, ADR-0002/0003, and the crystaldba competitor row in comparison-matrix. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_0122yLZLJ8t4W43sdN6BmTZc
There was a problem hiding this comment.
Code Review
This pull request de-vendors the SQL-safety kernel (roadmap 18.1), replacing the third-party crystaldba/postgres-mcp vendored code under src/mcpg/_vendor/ with a first-party src/mcpg/sql/ package. Unused vendored modules (bind_params.py, extension_utils.py, and index.py) were deleted, and the core SQL-safety mechanism was re-architected to separate policy (sql/allowlist.py) from mechanism (sql/safety.py and sql/driver.py). All consuming modules have been updated to import from mcpg.sql. Additionally, quality gate carve-outs in pyproject.toml (for coverage, mypy, ruff, and bandit) have been removed, bringing the SQL kernel fully under first-party quality gates. Documentation, licenses, and tests have been updated accordingly, and the temporary differential parity harness has been removed. There are no review comments, so I have no feedback to provide.
Summary
PR 2 (final) of the de-vendor effort (plan, roadmap 18.1). PR 1 (#259) landed the first-party
mcpg.sqlkernel and proved it identical to the vendored one; this PR swings everything over and removes the vendored code.from mcpg._vendor.sql import …→from mcpg.sql import …acrosssrc/+tests/(the seam is 4 names:SqlDriver/SafeSqlDriver/DbConnPool/obfuscate_password; behaviour unchanged, tool snapshots unchanged).src/mcpg/_vendor/andtests/vendor/wholesale, plus the temporary differential parity harness (its job — 0 divergence — is done).git grep mcpg._vendor→ nothing._vendorquality-gate carve-outs inpyproject.toml: the SQL kernel is now inside coverage (90% gate),mypy --strict,ruff, andbanditlike every other module.architecture.mdmodule map (dropsmcpg._vendor, addsmcpg.sql.*); rewrote the "SQL-safety kernel" sections inarchitecture.md+CLAUDE.mdto first-party; new ADR-0007 superseding ADR-0001;NOTICEreframed to design-lineage attribution;SECURITY.mdnow scopes the kernel in; README / adding-tools / release-process references updated; roadmap 18.1 → ✅.MCPg now ships no vendored runtime code. (
pglast,psycopg,psycopg-poolremain upstream library deps.)Verification
Full unit + contract suite green locally (2772 pass);
ruff+mypy --strictclean across 106 files; drift guard green;git grep mcpg._vendorempty. The security-review gate passed on PR 1 (docs/reviews/devendor-sql-kernel-security-review.md).Roadmap linkage
Advances roadmap row: 18.1 (completes it; flipped to ✅ in this PR).
Checklist
ruff,ruff format,mypy --strict, drift guard passCHANGELOG.mdupdated under[Unreleased]src/mcpg/_vendor/deleted — no hand-edits, it's gone🤖 Generated with Claude Code
Generated by Claude Code
Summary by Sourcery
Replace the vendored SQL-safety kernel with a first-party mcpg.sql package and update all consumers and docs accordingly.
Enhancements:
Build:
Documentation:
Tests: