🎩 You're Invited:Meet the Socket team at Black Hat in Las Vegas, August 3-6.RSVP
Sign In

@deepnote/blocks

Package Overview
Dependencies
Maintainers
4
Versions
20
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@deepnote/blocks - npm Package Compare versions

Comparing version
4.5.1
to
4.6.0
+130
-72
dist/index.cjs

@@ -24,2 +24,4 @@ //#region rolldown:runtime

//#endregion
let ts_dedent = require("ts-dedent");
ts_dedent = __toESM(ts_dedent);
let zod = require("zod");

@@ -29,4 +31,2 @@ zod = __toESM(zod);

yaml = __toESM(yaml);
let ts_dedent = require("ts-dedent");
ts_dedent = __toESM(ts_dedent);

@@ -102,2 +102,26 @@ //#region src/errors.ts

//#endregion
//#region src/blocks/python-utils.ts
function escapePythonString(value) {
return `'${value.replaceAll("\\", "\\\\").replaceAll("'", "\\'").replaceAll("\n", "\\n").replaceAll("\r", "\\r").replaceAll("\0", "\\x00")}'`;
}
function sanitizePythonVariableName(name, options = {}) {
let sanitizedVariableName = name.replace(/\s+/g, "_").replace(/[^0-9a-zA-Z_]/g, "").replace(/^[^a-zA-Z_]+/g, "");
if (sanitizedVariableName === "" && !options.disableEmptyFallback) sanitizedVariableName = "input_1";
return sanitizedVariableName;
}
//#endregion
//#region src/blocks/data-frame.ts
function createDataFrameConfig(block) {
const tableState = block.metadata?.deepnote_table_state ?? {};
const tableStateAsJson = JSON.stringify(tableState);
return ts_dedent.dedent`
if '_dntk' in globals():
_dntk.dataframe_utils.configure_dataframe_formatter(${escapePythonString(tableStateAsJson)})
else:
_deepnote_current_table_attrs = ${escapePythonString(tableStateAsJson)}
`;
}
//#endregion
//#region src/blocks/executable-blocks.ts

@@ -144,12 +168,4 @@ /**

//#endregion
//#region src/blocks/sql-utils.ts
function convertToEnvironmentVariableName(str) {
return (/^\d/.test(str) ? `_${str}` : str).toUpperCase().replace(/[^\w]/g, "_");
}
function getSqlEnvVarName(integrationId) {
return `SQL_${integrationId}`;
}
//#endregion
//#region src/deepnote-file/deepnote-file-schema.ts
const SQL_CELL_VARIABLE_TYPES = ["dataframe", "query_preview"];
/** Preprocesses any content value to empty string for blocks that don't use content */

@@ -299,3 +315,3 @@ const emptyContent = () => zod.z.preprocess(() => "", zod.z.literal("").optional());

deepnote_variable_name: zod.z.string().optional(),
deepnote_return_variable_type: zod.z.enum(["dataframe", "query_preview"]).optional(),
deepnote_return_variable_type: zod.z.enum(SQL_CELL_VARIABLE_TYPES).optional(),
sql_integration_id: zod.z.string().optional(),

@@ -577,2 +593,100 @@ is_compiled_sql_query_visible: zod.z.boolean().optional(),

//#endregion
//#region src/blocks/sql-utils.ts
function convertToEnvironmentVariableName(str) {
return (/^\d/.test(str) ? `_${str}` : str).toUpperCase().replace(/[^\w]/g, "_");
}
function getSqlEnvVarName(integrationId) {
return `SQL_${integrationId}`;
}
//#endregion
//#region src/blocks/sql-blocks.ts
const SQL_CACHE_MODES = [
"cache_disabled",
"always_write",
"read_or_write"
];
const sqlCacheModeSchema = zod.z.enum(SQL_CACHE_MODES);
const sqlCellVariableTypeSchema = zod.z.enum(SQL_CELL_VARIABLE_TYPES);
function createPythonCodeForSqlBlock(block) {
const query = block.content ?? "";
const returnVariableType = assertSqlCellVariableType(block.metadata?.deepnote_return_variable_type ?? "dataframe");
const integrationId = block.metadata?.sql_integration_id;
const connectionEnvVarName = integrationId ? convertToEnvironmentVariableName(getSqlEnvVarName(integrationId)) : "SQL_ALCHEMY_JSON_ENV_VAR";
return wrapSqlExecution(block, ts_dedent.dedent`
_dntk.execute_sql(
${escapePythonString(query)},
'${connectionEnvVarName}',
audit_sql_comment='',
sql_cache_mode='cache_disabled',
return_variable_type='${returnVariableType}'
)
`);
}
/**
* Generates Python for a SQL block that connects via an inline connection-JSON
* literal instead of an env-var reference (the sibling of `createPythonCodeForSqlBlock`).
*
* Value sourcing is intentionally split:
* - `connectionJson`, `auditComment`, and `sqlCacheMode` come from `options` — they are
* supplied by the caller / execution context and are not persisted on the block.
* - `returnVariableType` is read from `block.metadata.deepnote_return_variable_type`,
* because it is part of the saved block definition.
*
* The query, `connectionJson`, and `auditComment` are escaped into single-quoted Python
* string literals. `sqlCacheMode` and `returnVariableType` are interpolated into
* single-quoted literals without escaping; instead they are validated against fixed
* allowlists, so the only possible values are known-safe identifiers that cannot break
* out of the surrounding quotes.
*/
function createPythonCodeForSqlBlockWithConnectionJson(block, options) {
const query = block.content ?? "";
const returnVariableType = assertSqlCellVariableType(block.metadata?.deepnote_return_variable_type ?? "dataframe");
return wrapSqlExecution(block, ts_dedent.dedent`
_dntk.execute_sql_with_connection_json(
${escapePythonString(query)},
${escapePythonString(options.connectionJson)},
audit_sql_comment=${escapePythonString(options.auditComment ?? "")},
sql_cache_mode='${assertSqlCacheMode(options.sqlCacheMode ?? "cache_disabled")}',
return_variable_type='${returnVariableType}'
)
`);
}
/**
* Wraps a generated `_dntk.execute_sql*` call with the shared dataframe-formatter
* prelude and, when the block defines a result variable name, an assignment plus a
* trailing echo of that variable. Both SQL helpers share this logic, including the
* `input_1` fallback applied to the result variable name.
*/
function wrapSqlExecution(block, executeSqlFunctionCall) {
const pythonVariableName = block.metadata?.deepnote_variable_name;
const sanitizedPythonVariableName = pythonVariableName !== void 0 ? sanitizePythonVariableName(pythonVariableName) || "input_1" : void 0;
const dataFrameConfig = createDataFrameConfig(block);
if (sanitizedPythonVariableName === void 0) return ts_dedent.dedent`
${dataFrameConfig}
${executeSqlFunctionCall}
`;
return ts_dedent.dedent`
${dataFrameConfig}
${sanitizedPythonVariableName} = ${executeSqlFunctionCall}
${sanitizedPythonVariableName}
`;
}
function isSqlBlock(block) {
return block.type === "sql";
}
function assertSqlCacheMode(value) {
const result = sqlCacheModeSchema.safeParse(value);
if (!result.success) throw new InvalidValueError(`Invalid sqlCacheMode: expected one of ${SQL_CACHE_MODES.join(", ")}`, { value });
return result.data;
}
function assertSqlCellVariableType(value) {
const result = sqlCellVariableTypeSchema.safeParse(value);
if (!result.success) throw new InvalidValueError(`Invalid deepnote_return_variable_type: expected one of ${SQL_CELL_VARIABLE_TYPES.join(", ")}`, { value });
return result.data;
}
//#endregion
//#region src/deepnote-file/parse-yaml.ts

@@ -850,13 +964,2 @@ /**

//#endregion
//#region src/blocks/python-utils.ts
function escapePythonString(value) {
return `'${value.replaceAll("\\", "\\\\").replaceAll("'", "\\'").replaceAll("\n", "\\n")}'`;
}
function sanitizePythonVariableName(name, options = {}) {
let sanitizedVariableName = name.replace(/\s+/g, "_").replace(/[^0-9a-zA-Z_]/g, "").replace(/^[^a-zA-Z_]+/g, "");
if (sanitizedVariableName === "" && !options.disableEmptyFallback) sanitizedVariableName = "input_1";
return sanitizedVariableName;
}
//#endregion
//#region src/python-snippets.ts

@@ -1018,15 +1121,2 @@ const pythonCode = {

//#endregion
//#region src/blocks/data-frame.ts
function createDataFrameConfig(block) {
const tableState = block.metadata?.deepnote_table_state ?? {};
const tableStateAsJson = JSON.stringify(tableState);
return ts_dedent.dedent`
if '_dntk' in globals():
_dntk.dataframe_utils.configure_dataframe_formatter(${escapePythonString(tableStateAsJson)})
else:
_deepnote_current_table_attrs = ${escapePythonString(tableStateAsJson)}
`;
}
//#endregion
//#region src/blocks/code-blocks.ts

@@ -1218,38 +1308,2 @@ function createPythonCodeForCodeBlock(block) {

//#endregion
//#region src/blocks/sql-blocks.ts
function createPythonCodeForSqlBlock(block) {
const query = block.content ?? "";
const pythonVariableName = block.metadata?.deepnote_variable_name;
const sanitizedPythonVariableName = pythonVariableName !== void 0 ? sanitizePythonVariableName(pythonVariableName) || "input_1" : void 0;
const returnVariableType = block.metadata?.deepnote_return_variable_type ?? "dataframe";
const integrationId = block.metadata?.sql_integration_id;
const connectionEnvVarName = integrationId ? convertToEnvironmentVariableName(getSqlEnvVarName(integrationId)) : "SQL_ALCHEMY_JSON_ENV_VAR";
const escapedQuery = escapePythonString(query);
const dataFrameConfig = createDataFrameConfig(block);
const executeSqlFunctionCall = ts_dedent.dedent`
_dntk.execute_sql(
${escapedQuery},
'${connectionEnvVarName}',
audit_sql_comment='',
sql_cache_mode='cache_disabled',
return_variable_type='${returnVariableType}'
)
`;
if (sanitizedPythonVariableName === void 0) return ts_dedent.dedent`
${dataFrameConfig}
${executeSqlFunctionCall}
`;
return ts_dedent.dedent`
${dataFrameConfig}
${sanitizedPythonVariableName} = ${executeSqlFunctionCall}
${sanitizedPythonVariableName}
`;
}
function isSqlBlock(block) {
return block.type === "sql";
}
//#endregion
//#region src/blocks/visualization-blocks.ts

@@ -1300,4 +1354,6 @@ function createPythonCodeForVisualizationBlock(block) {

exports.convertToEnvironmentVariableName = convertToEnvironmentVariableName;
exports.createDataFrameConfig = createDataFrameConfig;
exports.createMarkdown = createMarkdown;
exports.createPythonCode = createPythonCode;
exports.createPythonCodeForSqlBlockWithConnectionJson = createPythonCodeForSqlBlockWithConnectionJson;
exports.decodeUtf8NoBom = decodeUtf8NoBom;

@@ -1309,2 +1365,3 @@ exports.deepnoteBlockSchema = deepnoteBlockSchema;

exports.environmentSchema = environmentSchema;
exports.escapePythonString = escapePythonString;
exports.executionErrorSchema = executionErrorSchema;

@@ -1322,4 +1379,5 @@ exports.executionSchema = executionSchema;

exports.parseYaml = parseYaml;
exports.sanitizePythonVariableName = sanitizePythonVariableName;
exports.serializeDeepnoteFile = serializeDeepnoteFile;
exports.serializeDeepnoteSnapshot = serializeDeepnoteSnapshot;
exports.stripMarkdown = stripMarkdown;

@@ -0,4 +1,4 @@

import { dedent } from "ts-dedent";
import { z } from "zod";
import { parseDocument, stringify } from "yaml";
import { dedent } from "ts-dedent";

@@ -74,2 +74,26 @@ //#region src/errors.ts

//#endregion
//#region src/blocks/python-utils.ts
function escapePythonString(value) {
return `'${value.replaceAll("\\", "\\\\").replaceAll("'", "\\'").replaceAll("\n", "\\n").replaceAll("\r", "\\r").replaceAll("\0", "\\x00")}'`;
}
function sanitizePythonVariableName(name, options = {}) {
let sanitizedVariableName = name.replace(/\s+/g, "_").replace(/[^0-9a-zA-Z_]/g, "").replace(/^[^a-zA-Z_]+/g, "");
if (sanitizedVariableName === "" && !options.disableEmptyFallback) sanitizedVariableName = "input_1";
return sanitizedVariableName;
}
//#endregion
//#region src/blocks/data-frame.ts
function createDataFrameConfig(block) {
const tableState = block.metadata?.deepnote_table_state ?? {};
const tableStateAsJson = JSON.stringify(tableState);
return dedent`
if '_dntk' in globals():
_dntk.dataframe_utils.configure_dataframe_formatter(${escapePythonString(tableStateAsJson)})
else:
_deepnote_current_table_attrs = ${escapePythonString(tableStateAsJson)}
`;
}
//#endregion
//#region src/blocks/executable-blocks.ts

@@ -116,12 +140,4 @@ /**

//#endregion
//#region src/blocks/sql-utils.ts
function convertToEnvironmentVariableName(str) {
return (/^\d/.test(str) ? `_${str}` : str).toUpperCase().replace(/[^\w]/g, "_");
}
function getSqlEnvVarName(integrationId) {
return `SQL_${integrationId}`;
}
//#endregion
//#region src/deepnote-file/deepnote-file-schema.ts
const SQL_CELL_VARIABLE_TYPES = ["dataframe", "query_preview"];
/** Preprocesses any content value to empty string for blocks that don't use content */

@@ -271,3 +287,3 @@ const emptyContent = () => z.preprocess(() => "", z.literal("").optional());

deepnote_variable_name: z.string().optional(),
deepnote_return_variable_type: z.enum(["dataframe", "query_preview"]).optional(),
deepnote_return_variable_type: z.enum(SQL_CELL_VARIABLE_TYPES).optional(),
sql_integration_id: z.string().optional(),

@@ -549,2 +565,100 @@ is_compiled_sql_query_visible: z.boolean().optional(),

//#endregion
//#region src/blocks/sql-utils.ts
function convertToEnvironmentVariableName(str) {
return (/^\d/.test(str) ? `_${str}` : str).toUpperCase().replace(/[^\w]/g, "_");
}
function getSqlEnvVarName(integrationId) {
return `SQL_${integrationId}`;
}
//#endregion
//#region src/blocks/sql-blocks.ts
const SQL_CACHE_MODES = [
"cache_disabled",
"always_write",
"read_or_write"
];
const sqlCacheModeSchema = z.enum(SQL_CACHE_MODES);
const sqlCellVariableTypeSchema = z.enum(SQL_CELL_VARIABLE_TYPES);
function createPythonCodeForSqlBlock(block) {
const query = block.content ?? "";
const returnVariableType = assertSqlCellVariableType(block.metadata?.deepnote_return_variable_type ?? "dataframe");
const integrationId = block.metadata?.sql_integration_id;
const connectionEnvVarName = integrationId ? convertToEnvironmentVariableName(getSqlEnvVarName(integrationId)) : "SQL_ALCHEMY_JSON_ENV_VAR";
return wrapSqlExecution(block, dedent`
_dntk.execute_sql(
${escapePythonString(query)},
'${connectionEnvVarName}',
audit_sql_comment='',
sql_cache_mode='cache_disabled',
return_variable_type='${returnVariableType}'
)
`);
}
/**
* Generates Python for a SQL block that connects via an inline connection-JSON
* literal instead of an env-var reference (the sibling of `createPythonCodeForSqlBlock`).
*
* Value sourcing is intentionally split:
* - `connectionJson`, `auditComment`, and `sqlCacheMode` come from `options` — they are
* supplied by the caller / execution context and are not persisted on the block.
* - `returnVariableType` is read from `block.metadata.deepnote_return_variable_type`,
* because it is part of the saved block definition.
*
* The query, `connectionJson`, and `auditComment` are escaped into single-quoted Python
* string literals. `sqlCacheMode` and `returnVariableType` are interpolated into
* single-quoted literals without escaping; instead they are validated against fixed
* allowlists, so the only possible values are known-safe identifiers that cannot break
* out of the surrounding quotes.
*/
function createPythonCodeForSqlBlockWithConnectionJson(block, options) {
const query = block.content ?? "";
const returnVariableType = assertSqlCellVariableType(block.metadata?.deepnote_return_variable_type ?? "dataframe");
return wrapSqlExecution(block, dedent`
_dntk.execute_sql_with_connection_json(
${escapePythonString(query)},
${escapePythonString(options.connectionJson)},
audit_sql_comment=${escapePythonString(options.auditComment ?? "")},
sql_cache_mode='${assertSqlCacheMode(options.sqlCacheMode ?? "cache_disabled")}',
return_variable_type='${returnVariableType}'
)
`);
}
/**
* Wraps a generated `_dntk.execute_sql*` call with the shared dataframe-formatter
* prelude and, when the block defines a result variable name, an assignment plus a
* trailing echo of that variable. Both SQL helpers share this logic, including the
* `input_1` fallback applied to the result variable name.
*/
function wrapSqlExecution(block, executeSqlFunctionCall) {
const pythonVariableName = block.metadata?.deepnote_variable_name;
const sanitizedPythonVariableName = pythonVariableName !== void 0 ? sanitizePythonVariableName(pythonVariableName) || "input_1" : void 0;
const dataFrameConfig = createDataFrameConfig(block);
if (sanitizedPythonVariableName === void 0) return dedent`
${dataFrameConfig}
${executeSqlFunctionCall}
`;
return dedent`
${dataFrameConfig}
${sanitizedPythonVariableName} = ${executeSqlFunctionCall}
${sanitizedPythonVariableName}
`;
}
function isSqlBlock(block) {
return block.type === "sql";
}
function assertSqlCacheMode(value) {
const result = sqlCacheModeSchema.safeParse(value);
if (!result.success) throw new InvalidValueError(`Invalid sqlCacheMode: expected one of ${SQL_CACHE_MODES.join(", ")}`, { value });
return result.data;
}
function assertSqlCellVariableType(value) {
const result = sqlCellVariableTypeSchema.safeParse(value);
if (!result.success) throw new InvalidValueError(`Invalid deepnote_return_variable_type: expected one of ${SQL_CELL_VARIABLE_TYPES.join(", ")}`, { value });
return result.data;
}
//#endregion
//#region src/deepnote-file/parse-yaml.ts

@@ -822,13 +936,2 @@ /**

//#endregion
//#region src/blocks/python-utils.ts
function escapePythonString(value) {
return `'${value.replaceAll("\\", "\\\\").replaceAll("'", "\\'").replaceAll("\n", "\\n")}'`;
}
function sanitizePythonVariableName(name, options = {}) {
let sanitizedVariableName = name.replace(/\s+/g, "_").replace(/[^0-9a-zA-Z_]/g, "").replace(/^[^a-zA-Z_]+/g, "");
if (sanitizedVariableName === "" && !options.disableEmptyFallback) sanitizedVariableName = "input_1";
return sanitizedVariableName;
}
//#endregion
//#region src/python-snippets.ts

@@ -990,15 +1093,2 @@ const pythonCode = {

//#endregion
//#region src/blocks/data-frame.ts
function createDataFrameConfig(block) {
const tableState = block.metadata?.deepnote_table_state ?? {};
const tableStateAsJson = JSON.stringify(tableState);
return dedent`
if '_dntk' in globals():
_dntk.dataframe_utils.configure_dataframe_formatter(${escapePythonString(tableStateAsJson)})
else:
_deepnote_current_table_attrs = ${escapePythonString(tableStateAsJson)}
`;
}
//#endregion
//#region src/blocks/code-blocks.ts

@@ -1190,38 +1280,2 @@ function createPythonCodeForCodeBlock(block) {

//#endregion
//#region src/blocks/sql-blocks.ts
function createPythonCodeForSqlBlock(block) {
const query = block.content ?? "";
const pythonVariableName = block.metadata?.deepnote_variable_name;
const sanitizedPythonVariableName = pythonVariableName !== void 0 ? sanitizePythonVariableName(pythonVariableName) || "input_1" : void 0;
const returnVariableType = block.metadata?.deepnote_return_variable_type ?? "dataframe";
const integrationId = block.metadata?.sql_integration_id;
const connectionEnvVarName = integrationId ? convertToEnvironmentVariableName(getSqlEnvVarName(integrationId)) : "SQL_ALCHEMY_JSON_ENV_VAR";
const escapedQuery = escapePythonString(query);
const dataFrameConfig = createDataFrameConfig(block);
const executeSqlFunctionCall = dedent`
_dntk.execute_sql(
${escapedQuery},
'${connectionEnvVarName}',
audit_sql_comment='',
sql_cache_mode='cache_disabled',
return_variable_type='${returnVariableType}'
)
`;
if (sanitizedPythonVariableName === void 0) return dedent`
${dataFrameConfig}
${executeSqlFunctionCall}
`;
return dedent`
${dataFrameConfig}
${sanitizedPythonVariableName} = ${executeSqlFunctionCall}
${sanitizedPythonVariableName}
`;
}
function isSqlBlock(block) {
return block.type === "sql";
}
//#endregion
//#region src/blocks/visualization-blocks.ts

@@ -1262,2 +1316,2 @@ function createPythonCodeForVisualizationBlock(block) {

//#endregion
export { DeepnoteError, EncodingError, INPUT_BLOCK_TYPES, InvalidValueError, ParseError, ProhibitedYamlFeatureError, SchemaValidationError, UnsupportedBlockTypeError, YamlParseError, convertToEnvironmentVariableName, createMarkdown, createPythonCode, decodeUtf8NoBom, deepnoteBlockSchema, deepnoteFileSchema, deepnoteSnapshotSchema, deserializeDeepnoteFile, environmentSchema, executionErrorSchema, executionSchema, executionSummarySchema, extractOutputText, extractOutputsText, generateSortingKey, getSqlEnvVarName, isAgentBlock, isExecutableBlock, isExecutableBlockType, mcpServerSchema, parseYaml, serializeDeepnoteFile, serializeDeepnoteSnapshot, stripMarkdown };
export { DeepnoteError, EncodingError, INPUT_BLOCK_TYPES, InvalidValueError, ParseError, ProhibitedYamlFeatureError, SchemaValidationError, UnsupportedBlockTypeError, YamlParseError, convertToEnvironmentVariableName, createDataFrameConfig, createMarkdown, createPythonCode, createPythonCodeForSqlBlockWithConnectionJson, decodeUtf8NoBom, deepnoteBlockSchema, deepnoteFileSchema, deepnoteSnapshotSchema, deserializeDeepnoteFile, environmentSchema, escapePythonString, executionErrorSchema, executionSchema, executionSummarySchema, extractOutputText, extractOutputsText, generateSortingKey, getSqlEnvVarName, isAgentBlock, isExecutableBlock, isExecutableBlockType, mcpServerSchema, parseYaml, sanitizePythonVariableName, serializeDeepnoteFile, serializeDeepnoteSnapshot, stripMarkdown };
{
"name": "@deepnote/blocks",
"version": "4.5.1",
"version": "4.6.0",
"description": "",

@@ -5,0 +5,0 @@ "keywords": [],

Sorry, the diff of this file is too big to display

Sorry, the diff of this file is too big to display