SQL Select Bifrost

The SQL Select Bifrost produces a trusted SQL Select statement. It uses the following components:

• SQLPromptEnvelope

• SQLConstraintValidator

• Grammar

class Bifrost(*, llm: LLMIntegration, prompt_envelope: heimdallm.bifrosts.sql.envelope.PromptEnvelope, constraint_validators: Sequence[heimdallm.bifrosts.sql.validator.ConstraintValidator])

A Bifrost for SQLite SELECT queries

Parameters:

• llm (LLMIntegration) – The LLM integration to use.

• prompt_envelope (heimdallm.bifrosts.sql.envelope.PromptEnvelope) – The prompt envelope used to wrap the untrusted human input and unwrap the untrusted LLM output.

• constraint_validators (Sequence[heimdallm.bifrosts.sql.validator.ConstraintValidator]) – A sequence of constraint validators that will be used to validate the parse tree returned by the tree_producer. Only one validator needs to succeed for validation to pass.

static build_grammar() → Lark

Returns a limited SELECT grammar

noteworthy:

• no outer joins

Outer joins are unsafe because the join constraint is not applied to the rows that would be considered “outer.”

Return type:

Lark

post_transform(trusted_llm_output: str, tree: Tree[Token]) → str

A hook for subclasses to perform post-transformations on the trusted output. This is useful for making adjustments that cannot be made during 🧩 Reconstruction because they would produce an output that is incompatible with the grammar.

For example, replacing the generic :placeholder with the SQL-specific placeholder fields (e.g. %(placeholder)s) cannot be done in reconstruction because it would conflict with the grammar. It needs to be done in a separate step, after the input has been reconstruction and the constraint validators have been satisfied.

Parameters:

• trusted_llm_output (str) –

• tree (Tree[Token]) –

Return type:

str

traverse(untrusted_human_input: str, autofix: bool = True) → str

Run the full chain of the Bifrost, from untrusted input to trusted input. Traversing the Bifrost means successfully returning a value from this function, which is only possible if every step succeeds.

This is the main entry point for the Bifrost API.

Parameters:

• untrusted_human_input (str) – The untrusted input from the user.

• autofix (bool) – Whether or not to attempt to reconstruct the input to satisfy the constraint validator.

Returns:

The trusted LLM output.

Return type:

str

classmethod validation_only(constraint_validators: heimdallm.bifrosts.sql.validator.ConstraintValidator | Sequence[heimdallm.bifrosts.sql.validator.ConstraintValidator])

A convenience method for doing just static analysis. This creates a Bifrost that assumes its untrusted input is a SQL query already, so it does not need to communicate with the LLM, only parse and validate it.

Parameters:

constraint_validators (heimdallm.bifrosts.sql.validator.ConstraintValidator | Sequence[heimdallm.bifrosts.sql.validator.ConstraintValidator]) – A constraint validator or sequence of constraint validators to run on the untrusted input.