feat(integrations): add ClickHouse block and expand Dagster + Tinybird tools#4883
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub. |
PR SummaryMedium Risk Overview Dagster gains five asset-focused tools (list/get, materialize, external materialization report, destructive wipe), richer run metadata on get-run, and list runs filters plus cursor pagination. Tinybird grows from two to six operations: published pipe endpoints, append-from-URL, truncate, and conditional row delete, with matching block UI and docs. Docs and the integrations landing page are updated for all three; a ClickHouse icon is wired through shared icon mappings. Reviewed by Cursor Bugbot for commit dd3c37d. Configure here. |
![cursor[bot]](https://github.com/_gh/avatars/in/1210556?s=60&v=4){kind=small}
parsePipeParameters previously returned {} on any JSON parse error, so a
mistyped 'parameters' input produced a successful pipe call with the dynamic
filters silently dropped. Throw a clear error for non-empty, non-object input
instead; an omitted/empty value still means 'no parameters'.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
…ation Address PR review: - Route all block numeric coercions (list_runs limit/createdAfter/createdBefore, get_run_logs logsLimit, list_assets assetsLimit) through a toFiniteNumber() guard so invalid/wand-generated text becomes undefined instead of NaN. - list_assets now applies a default page size (100) when no limit is given, so paging stays bounded and hasMore is meaningful even when limit is omitted. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
@greptile |
|
@cursor review |
Address PR review (hasMore true on exact page): request one extra row (pageSize + 1), use its presence as the authoritative hasMore, slice it off, and derive the returned cursor from the last RETURNED asset's key path (JSON-serialized; Dagster normalizes JS/Python whitespace on the way in). This removes the false-positive hasMore when the final page is exactly full. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Greptile SummaryThis PR adds a full ClickHouse integration (26 tools + API routes + UI block), expands Dagster with asset operations (get, list, materialize, report, wipe), and adds four new Tinybird datasource/pipe tools. Credential visibility follows
Confidence Score: 5/5This PR is safe to merge. All credential fields use user-only visibility, auth checks are applied on every new API route, and the ClickHouse HTTP client includes identifier sanitization, WHERE-clause filtering, and a read-only enforcement layer. The integration is well-structured with consistent patterns across all 26 ClickHouse tools. The two observations are minor usability and robustness improvements that do not affect correctness of the happy path. No files require special attention for merge readiness. apps/sim/app/api/tools/clickhouse/utils.ts has the identifier-regex limitation worth addressing before users with hyphenated table names hit it. Important Files Changed
Sequence DiagramsequenceDiagram
participant UI as Sim UI Block
participant Route as Next.js API Route
participant Utils as clickhouse/utils.ts
participant CH as ClickHouse HTTP Interface
UI->>Route: "POST /api/tools/clickhouse/<op>"
Route->>Route: checkInternalAuth()
Route->>Route: parseToolRequest Zod validation
Route->>Utils: "executeClickHouse*()"
Utils->>Utils: validateDatabaseHost()
Utils->>Utils: sanitizeIdentifier / validateWhereClause / enforceReadOnly
Utils->>CH: POST with X-ClickHouse-User and SQL body
CH-->>Utils: JSON body + X-ClickHouse-Summary header
Utils-->>Route: rows and rowCount
Route-->>UI: message rows rowCount
Reviews (9): Last reviewed commit: "fix(clickhouse): balance-check ORDER BY/..." | Re-trigger Greptile |
|
@greptile |
![greptile-apps[bot]](https://github.com/_gh/avatars/in/867647?s=60&v=4){kind=small}
|
@cursor review |
Address PR review (list runs false hasMore): request one extra row (pageSize + 1), use its presence as the authoritative hasMore, and slice it off before mapping. Removes the false-positive hasMore (and misleading cursor) when the final page is exactly `limit` runs long. Mirrors the list_assets fix. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
@greptile |
|
@cursor review |
…when detecting chained statements
|
@greptile |
|
@cursor review |
…raversal A user-or-llm datasource/pipe name interpolated raw into the URL path (e.g. 'real_ds/../../other') is normalized by the WHATWG URL parser and can target a different endpoint. Wrap the path segment with encodeURIComponent in the truncate, delete, and query_pipe URLs. Events/append pass the name via URLSearchParams, which already encodes, so they were unaffected. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
@greptile |
|
@cursor review |
…MAT around SETTINGS
|
@greptile |
|
@cursor review |
There was a problem hiding this comment.
✅ Bugbot reviewed your changes and found no new issues!
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit 9a8fc9c. Configure here.
|
@greptile |
|
@cursor review |
… comments in read-only guard
|
@greptile |
|
@cursor review |
There was a problem hiding this comment.
✅ Bugbot reviewed your changes and found no new issues!
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit dd3c37d. Configure here.
1 participant
Summary
Type of Change
Testing
Tested manually; type-check, lint, and API-contract audit pass for the included changes
Checklist