safe_sql

A seven-layer protection system for destructive database operations. Origin: watched someone run UPDATE without a WHERE clause on a shared staging database. The existing options ("be more careful" or "restore from backup") were both unsatisfying.

What It Does

For any UPDATE or DELETE before execution:

1. Query preview — constructs the equivalent SELECT, shows how many rows will be affected

2. Missing WHERE detection — refuses to proceed if WHERE is absent

3. Schema validation — checks that all referenced columns exist

4. Automatic backup — copies affected rows to a timestamped snapshot table

5. Transaction wrapping — wraps the operation for rollback

6. Result reporting — reports what actually changed

7. 5-second delay — enforced pause before execution

Design Philosophy

> "Friction as a feature."

The 5-second delay is protective, not annoying — same reasoning as requiring --force for git push --force. The guardrails are load-bearing. Mode-based access: read / write / admin.

Related Pages

• Projects
• Software Craftsmanship
• Verizon

Sources

• Website Source: blog / safe_sql_blog - wiki/sources/website/blog-safe-sql-blog.md

Evidence

Linked source: Website Source: blog / safe_sql_blog