A secure SQL query builder for Python using Rust and pyo3. Supports dynamic templates with safety checks against SQL injection.

These details have not been verified by PyPI

Project links

Project description

Query Builder

一个安全的SQL查询构建器，使用Rust + PyO3开发，为Python提供高性能的SQL模板渲染功能。

🚀 特性

高性能: 使用Rust开发，提供原生级别的性能
安全第一: 内置SQL注入防护和危险关键词检测
模板引擎: 基于Tera模板引擎，支持条件语句、循环等高级功能
易于使用: 简单的Python API，无缝集成到现有项目
跨平台: 支持macOS、Windows、Linux多平台

🔒 安全特性

仅支持 SELECT 查询 - 严格限制只能构造查询语句
SQL 注入防护 - 检测和阻止常见的 SQL 注入攻击模式
危险关键词过滤 - 阻止 DROP、UPDATE、DELETE 等危险操作
模式匹配检测 - 识别注释注入、UNION 注入等攻击

� 安装

pip install query-builder

�🚀 快速开始

1. 创建SQL模板文件

创建一个YAML文件来存储你的SQL模板（例如：queries.yaml）：

get_users: |
  SELECT id, name, email, created_at 
  FROM users 
  WHERE status = "{{ status }}"
  {% if limit %}LIMIT {{ limit }}{% endif %};

get_user_by_id: |
  SELECT * FROM users WHERE id = {{ user_id }};

search_users: |
  SELECT id, name, email 
  FROM users 
  WHERE name LIKE "%{{ keyword }}%" 
  AND status = "{{ status }}"
  ORDER BY created_at DESC
  {% if limit %}LIMIT {{ limit }}{% endif %};

2. 基本用法

import query_builder

# 创建查询构建器
qb = query_builder.PyQueryBuilder()

# 设置SQL模板文件夹的绝对路径
qb.sql_path = "/path/to/your/sql/templates"

# 构造简单查询
sql = qb.build("queries.get_user_by_id", {"user_id": 123})
print(sql)  # SELECT * FROM users WHERE id = 123;

# 构造带条件的查询
sql = qb.build("queries.get_users", {
    "status": "active",
    "limit": 10
})
print(sql)

# 构造搜索查询
sql = qb.build("queries.search_users", {
    "keyword": "john",
    "status": "active",
    "limit": 20
})
print(sql)

� 模板语法

Query Builder使用Tera模板引擎，支持以下语法：

变量替换

SELECT * FROM users WHERE id = {{ user_id }};

条件语句

SELECT * FROM products 
WHERE category = "{{ category }}"
{% if min_price %}AND price >= {{ min_price }}{% endif %}
{% if max_price %}AND price <= {{ max_price }}{% endif %};

循环

SELECT * FROM users 
WHERE id IN ({% for id in user_ids %}{{ id }}{% if not loop.last %},{% endif %}{% endfor %});

字符串处理

SELECT * FROM users 
WHERE name LIKE "%{{ keyword | lower }}%";

�🛡️ 安全检查

以下类型的 SQL 会被自动阻止：

非 SELECT 语句（UPDATE、DELETE、INSERT 等）
包含危险关键词（DROP、TRUNCATE、EXEC 等）
SQL 注入攻击模式（注释注入、UNION 注入等）
脚本注入攻击（JavaScript、VBScript 等）

🔒 安全示例

Query Builder会自动阻止危险的SQL操作：

# ❌ 这些操作会被阻止
qb.build('malicious', {'query': 'DROP TABLE users;'})  # 抛出安全异常
qb.build('dangerous', {'action': 'DELETE FROM users'})  # 抛出安全异常

# ✅ 只允许安全的SELECT查询
qb.build('safe_query', {'user_id': 123})  # 正常工作

🛠️ 开发

本地构建

# 克隆仓库
git clone https://github.com/miaokela/query-builder.git
cd query-builder

# 安装依赖
pip install maturin pyyaml

# 开发模式构建
maturin develop

# 运行测试
python test_local.py

测试

# 运行本地功能测试
python test_local.py

# 测试输出示例
python -c "
import query_builder
qb = query_builder.PyQueryBuilder()
print('Query Builder 正常工作！')
"

📋 API参考

PyQueryBuilder 类

属性

sql_path: 设置SQL模板文件的目录路径

方法

build(key: str, kwargs: dict) -> str: 构建SQL查询
- key: 模板键名（格式：文件名.模板名）
- kwargs: 模板变量字典
- 返回: 渲染后的SQL字符串

🏗️ 项目架构

query-builder/
├── src/
│   └── lib.rs              # Rust核心代码
├── sql/                    # SQL模板示例
│   └── queries.yaml
├── .github/
│   └── workflows/
│       └── build.yml       # CI/CD配置
├── Cargo.toml              # Rust依赖配置
├── pyproject.toml          # Python包配置
├── test_local.py           # 本地测试脚本
├── BUILD_FIX_SUMMARY.md    # 构建修复文档
└── README.md

🚦 CI/CD状态

✅ 自动化构建支持macOS（x86_64 + ARM64）、Windows x64、Linux x64
✅ 支持Python 3.8-3.12
✅ 自动发布到PyPI
✅ 全面的安全测试

📄 许可证

MIT License - 详见 LICENSE 文件。

🤝 贡献

欢迎提交Issue和Pull Request！请确保：

所有测试通过
遵循安全编码规范
更新相关文档

📞 联系

作者: 缪克拉
邮箱: 2972799448@qq.com
GitHub: https://github.com/miaokela/query-builder

🙏 致谢

PyO3 - 优秀的Rust-Python绑定库
Tera - 强大的模板引擎
maturin - Python包构建工具

Project details

These details have not been verified by PyPI

Project links

Release history Release notifications | RSS feed

0.2.1

Sep 15, 2025

0.2.0

Sep 15, 2025

0.1.16

Sep 15, 2025

This version

0.1.15

Sep 15, 2025

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

The dropdown lists show the available interpreters, ABIs, and platforms. Enable javascript to be able to filter the list of wheel files.

query_builder_tool-0.1.15-cp38-abi3-win_amd64.whl (1.7 MB view details)

Uploaded Sep 15, 2025 CPython 3.8+Windows x86-64

query_builder_tool-0.1.15-cp38-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (2.1 MB view details)

Uploaded Sep 15, 2025 CPython 3.8+manylinux: glibc 2.17+ x86-64

query_builder_tool-0.1.15-cp38-abi3-macosx_11_0_arm64.whl (1.8 MB view details)

Uploaded Sep 15, 2025 CPython 3.8+macOS 11.0+ ARM64

File details

Details for the file query_builder_tool-0.1.15-cp38-abi3-win_amd64.whl.

File metadata

Download URL: query_builder_tool-0.1.15-cp38-abi3-win_amd64.whl
Upload date: Sep 15, 2025
Size: 1.7 MB
Tags: CPython 3.8+, Windows x86-64
Uploaded using Trusted Publishing? No
Uploaded via: maturin/1.9.4

File hashes

Hashes for query_builder_tool-0.1.15-cp38-abi3-win_amd64.whl
Algorithm	Hash digest
SHA256	`b0ea7a0f310399c4855014368130a5dca2f0e1e6f3866406423e4ef68772a8e0`
MD5	`df5001ae2aef925d3d83ce7570effd8b`
BLAKE2b-256	`48ad1e211b62b43c38abe010f860da3dbb975ca53aa2491f81d8afc0bd2a5ce2`

See more details on using hashes here.

File details

Details for the file query_builder_tool-0.1.15-cp38-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

Download URL: query_builder_tool-0.1.15-cp38-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Upload date: Sep 15, 2025
Size: 2.1 MB
Tags: CPython 3.8+, manylinux: glibc 2.17+ x86-64
Uploaded using Trusted Publishing? No
Uploaded via: maturin/1.9.4

File hashes

Hashes for query_builder_tool-0.1.15-cp38-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm	Hash digest
SHA256	`9f12af32e068ea97cab55056964bd7813bd9b8ce744c62bf9da8f097bf2c9d3a`
MD5	`83fa0c05730b9beccec9748140bf5c5c`
BLAKE2b-256	`8b4be3131e61644b1b7d97d3f0c93192370312cd74a7c1ed64616e571ef7cde0`

See more details on using hashes here.

File details

Details for the file query_builder_tool-0.1.15-cp38-abi3-macosx_11_0_arm64.whl.

File metadata

Download URL: query_builder_tool-0.1.15-cp38-abi3-macosx_11_0_arm64.whl
Upload date: Sep 15, 2025
Size: 1.8 MB
Tags: CPython 3.8+, macOS 11.0+ ARM64
Uploaded using Trusted Publishing? No
Uploaded via: maturin/1.9.4

File hashes

Hashes for query_builder_tool-0.1.15-cp38-abi3-macosx_11_0_arm64.whl
Algorithm	Hash digest
SHA256	`2641f61404481c6678ea76e78874189f1446d0c6888b9fd05b472f092c7a355c`
MD5	`f827addc6a34365f1fc21a5fab34cd00`
BLAKE2b-256	`7e0a63fdebe3df466d2c64bedeffaba000b187425a0160cf690f6467f5bbfe60`

See more details on using hashes here.

query-builder-tool 0.1.15

Navigation

Verified details

Maintainers

Unverified details

Project links

Meta

Classifiers

Project description

Query Builder

🚀 特性

🔒 安全特性

� 安装

�🚀 快速开始

1. 创建SQL模板文件

2. 基本用法

� 模板语法

变量替换

条件语句

循环

字符串处理

�🛡️ 安全检查

🔒 安全示例

🛠️ 开发

本地构建

测试

📋 API参考

PyQueryBuilder 类

属性

方法

🏗️ 项目架构

🚦 CI/CD状态

📄 许可证

🤝 贡献

📞 联系

🙏 致谢

Project details

Verified details

Maintainers

Unverified details

Project links

Meta

Classifiers

Release history Release notifications | RSS feed

Download files

Source Distributions

Built Distributions

File details

File metadata

File hashes

File details

File metadata

File hashes

File details

File metadata

File hashes