SwiftSQLite: sandboxed sqlite3 command for SwiftBash (M0–M6)#1
Open
ronaldmannak wants to merge 39 commits into
Open
SwiftSQLite: sandboxed sqlite3 command for SwiftBash (M0–M6)#1ronaldmannak wants to merge 39 commits into
sqlite3 command for SwiftBash (M0–M6)#1ronaldmannak wants to merge 39 commits into
Conversation
Loading
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Implements
PLAN.md(rev. 2) — a sandboxedsqlite3command for SwiftBash, backed by a vendored, compile-time-hardenedlibsqlite3. Milestones M0–M6 (M7, the optional shim VFS, deferred per §13).Layers
CSQLite— vendored SQLite amalgamation with §6 hardening flags (OMIT_LOAD_EXTENSION,DQS=0,USE_URI=0, …) + a committed C shim for the variadicsqlite3_db_config. The amalgamation is not committed:scripts/fetch-sqlite.shdownloads + SHA3-256-verifies it (pinned inSources/CSQLite/VERSION), mirroring SwiftBash'sfetch-bun-webkit.sh.SwiftSQLiteKit(SwiftBash-agnostic) — theSQLiteConnectionactor: gated open (NOFOLLOW, no URI), authorizer policy (denyATTACH/all userPRAGMA/schema + reserved_audit*writes, default-deny), runtime hardening, row cap, timeout + interrupt-on-cancel, and a two-tier audit (attempted via the authorizer; committed via the update/commit/rollback hooks) flushed outside the DB.SwiftSQLiteBash—SqliteCommand(argv/options/stdin, 5 output modes, safe dot-commands viasqlite_schema, disabled ones error), the §4 native-file contract guard, andShell.registerSQLiteCommands(at:).Tests (§12)
Engine CRUD/value/error mapping, row-cap truncation, timeout interrupt, open-gate rejection; every authorizer denial; audit semantics (committed in both streams, a rolled-back
DELETEonly in attempted, the file trail survivingDROP TABLE); the contract-guard matrix and SQL escape hatches end-to-end.download.swift.orgwas network-blocked), so it is grounded in SwiftBash's actual public APIs read from source, but not compiler-verified by me. This PR's CI run is the first real compile/test — I'm watching it and will push fixes for whatever it flags.swift:6.2-noble). Toolchain pins may need adjusting to your runners; Swift ≥ 6.2 is required because SwiftBash's manifest declares tools-version 6.2.See
PLAN.mdfor the full design andREADME.mdfor build/usage.https://claude.ai/code/session_01AdvNtQ7wCMVy8etacVQbjg
Generated by Claude Code