You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

moz-sql-parser

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

moz-sql-parser

Extract Parse Tree from SQL

4.40.21126
PyPI
Maintainers
1

Moz SQL Parser

Let's make a SQL parser so we can provide a familiar interface to non-sql datastores!

BranchStatus
masterBuild Status
devBuild Status

Problem Statement

SQL is a familiar language used to access databases. Although, each database vendor has its quirky implementation, there is enough standardization that the average developer does not need to know of those quirks. This familiar core SQL (lowest common denominator, if you will) is useful enough to explore data in primitive ways. It is hoped that, once programmers have reviewed a datastore with basic SQL queries, and they see the value of that data, and they will be motivated to use the datastore's native query format.

Objectives

The primary objective of this library is to convert SQL queries to JSON-izable parse trees. This originally targeted MySQL, but has grown to include other database vendors. Please paste some SQL into a new issue if it does not work for you

Non-Objectives

  • No plans to provide update statements, like update or insert
  • No plans to provide data access tools

It is my sincere hope you can convert the JSON into queries for your particular backend datastore

Project Status

Jan 2021 -There are almost 500 tests. This parser is good enough for basic usage, including inner queries, with clauses, and window functions. There is still a lot missing to support BigQuery and Redshift queries.

Install

pip install moz-sql-parser

Parsing SQL

>>> from moz_sql_parser import parse
>>> import json
>>> json.dumps(parse("select count(1) from jobs"))
'{"select": {"value": {"count": 1}}, "from": "jobs"}'

Each SQL query is parsed to an object: Each clause is assigned to an object property of the same name.

>>> json.dumps(parse("select a as hello, b as world from jobs"))
'{"select": [{"value": "a", "name": "hello"}, {"value": "b", "name": "world"}], "from": "jobs"}'

The SELECT clause is an array of objects containing name and value properties.

Recursion Limit

Python's default recursion limit (1000) is not hit when parsing the test suite, but this may not be the case for large SQL. You can increase the recursion limit before you parse:

>>> from moz_sql_parser import parse
>>> sys.setrecursionlimit(3000)
>>> parse(complicated_sql)

Generating SQL

You may also generate SQL from the a given JSON document. This is done by the formatter, which is still incomplete (Jan2020).

>>> from moz_sql_parser import format
>>> format({"from":"test", "select":["a.b", "c"]})
'SELECT a.b, c FROM test'

Contributing

In the event that the parser is not working for you, you can help make this better but simply pasting your sql (or JSON) into a new issue. Extra points if you describe the problem. Even more points if you submit a PR with a test. If you also submit a fix, then you also have my gratitude.

Run Tests

See the tests directory for instructions running tests, or writing new ones.

More about implementation

SQL queries are translated to JSON objects: Each clause is assigned to an object property of the same name.

# SELECT * FROM dual WHERE a>b ORDER BY a+b
{
    "select": "*", 
    "from": "dual", 
    "where": {"gt": ["a", "b"]}, 
    "orderby": {"value": {"add": ["a", "b"]}}
}

Expressions are also objects, but with only one property: The name of the operation, and the value holding (an array of) parameters for that operation.

{op: parameters}

and you can see this pattern in the previous example:

{"gt": ["a","b"]}

Array Programming

The moz-sql-parser.scrub() method is used liberally throughout the code, and it "simplifies" the JSON. You may find this form a bit tedious to work with because the JSON property values can be values, lists of values, or missing. Please consider converting everything to arrays:

def listwrap(value):
    if value is None:
        return []
    elif isinstance(value, list)
        return value
    else:
        return [value]

then you may avoid all the is-it-a-list checks :

for select in listwrap(parsed_result.get('select')):
    do_something(select)

you may find it easier if all JSON expressions had a list of operands:

def normalize(expression)
    # ensure parameters are in a list
    return {
        op: params
        for op, param = expression.items()
        for params in [[normalize(p) for p in listwrap(param)]]
    }

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader

Research

/

Security News

Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader

North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.

By Kirill Boychenko  -  Jul 14, 2025