I'm having the same issue (same versions of python and twitter-to-sqlite). It's the user-timeline command. Other commands are working.

@mroswell That is a very nice solution. I wonder if custom classes, like col-columnName-value could be automatically added to cells when facets on such column are enabled, to allow custom styling without having to modify templates or add custom JavaScript code.

sqlite-utils transform does not allow setting the column type to boolean:

Error: Invalid value for '--type': 'bool' is not one of 'INTEGER', 'TEXT', 'FLOAT', 'BLOB'.

Sure, I am sorry if my message hasn't been clear enough. I am also a new user :)

At the beginning, I just call sqlite-utils insert "$db" "$table" "$jsonfile" to create the database. sqlite-utils convert JSON values into TEXT, when it tries to determine the schema automatically. I then try to transform the table to set JSON as type:

sqlite-utils transform species.sqlite species --type criteria json
Usage: sqlite-utils transform [OPTIONS] PATH TABLE
Try 'sqlite-utils transform --help' for help.

Error: Invalid value for '--type': 'json' is not one of 'INTEGER', 'TEXT', 'FLOAT', 'BLOB'.

Can you expand on what you'd like to change here? The library and CLI tool already allow JSON data to be stored in columns:

• https://sqlite-utils.datasette.io/en/stable/cli.html#nested-json-values
• https://sqlite-utils.datasette.io/en/stable/python-api.html#storing-json

true and false json values are cast to integer, which is not optimal.

From the prototype:

% sqlite-utils schema 24ways.db
CREATE TABLE [articles] (
               [title] TEXT  ,
   [contents] TEXT  ,
   [year] TEXT  ,
   [author] TEXT  ,
   [author_slug] TEXT  ,
   [published] TEXT  ,
   [url] TEXT  ,
   [topic] TEXT  
        );
CREATE VIRTUAL TABLE "articles_fts" USING FTS5 (
                title, author, contents,
                content="articles"
            );
CREATE TABLE 'articles_fts_data'(id INTEGER PRIMARY KEY, block BLOB);
CREATE TABLE 'articles_fts_idx'(segid, term, pgno, PRIMARY KEY(segid, term)) WITHOUT ROWID;
CREATE TABLE 'articles_fts_docsize'(id INTEGER PRIMARY KEY, sz BLOB);
CREATE TABLE 'articles_fts_config'(k PRIMARY KEY, v) WITHOUT ROWID;
% sqlite-utils schema 24ways.db | sqlite3 /tmp/boo.db
Error: near line 15: table 'articles_fts_data' already exists
Error: near line 16: table 'articles_fts_idx' already exists
Error: near line 17: table 'articles_fts_docsize' already exists
Error: near line 18: table 'articles_fts_config' already exists

The problem here is that the CREATE VIRTUAL TABLE "articles_fts"... line causes those next four tables to be created - but that means that piping the output of this command into sqlite3 in order to re-create those tables throws errors.

I don't think this matters. I see this tool as more for introspection than for recreating table structures.

You can currently see the sql on the CLI using:

% sqlite-utils rows fixtures.db sqlite_master -c name -c sql
name                                                            sql
--------------------------------------------------------------  ----------------------------------------------------------------------------------------------------------------------------------------------------------------
simple_primary_key                                              CREATE TABLE simple_primary_key (
                                                                  id varchar(30) primary key,
                                                                  content text
                                                                )
sqlite_autoindex_simple_primary_key_1
primary_key_multiple_columns                                    CREATE TABLE primary_key_multiple_columns (
                                                                  id varchar(30) primary key,
                                                                  content text,
                                                                  content2 text
                                                                )
sqlite_autoindex_primary_key_multiple_columns_1
primary_key_multiple_columns_explicit_label                     CREATE TABLE primary_key_multiple_columns_explicit_label (
                                                                  id varchar(30) primary key,
                                                                  content text,
                                                                  content2 text
                                                                )
sqlite_autoindex_primary_key_multiple_columns_explicit_label_1
compound_primary_key                                            CREATE TABLE compound_primary_key (
                                                                  pk1 varchar(30),
                                                                  pk2 varchar(30),
                                                                  content text,
                                                                  PRIMARY KEY (pk1, pk2)
                                                                )
sqlite_autoindex_compound_primary_key_1
compound_three_primary_keys                                     CREATE TABLE compound_three_primary_keys (
                                                                  pk1 varchar(30),
                                                                  pk2 varchar(30),
                                                                  pk3 varchar(30),
                                                                  content text,
                                                                  PRIMARY KEY (pk1, pk2, pk3)
                                                                )
sqlite_autoindex_compound_three_primary_keys_1
foreign_key_references                                          CREATE TABLE foreign_key_references (
                                                                  pk varchar(30) primary key,
                                                                  foreign_key_with_label varchar(30),
                                                                  foreign_key_with_no_label varchar(30),
                                                                  FOREIGN KEY (foreign_key_with_label) REFERENCES simple_primary_key(id),
                                                                  FOREIGN KEY (foreign_key_with_no_label) REFERENCES primary_key_multiple_columns(id)
                                                                )
sqlite_autoindex_foreign_key_references_1
sortable                                                        CREATE TABLE sortable (
                                                                  pk1 varchar(30),
                                                                  pk2 varchar(30),
                                                                  content text,
                                                                  sortable integer,
                                                                  sortable_with_nulls real,
                                                                  sortable_with_nulls_2 real,
                                                                  text text,
                                                                  PRIMARY KEY (pk1, pk2)
                                                                )
sqlite_autoindex_sortable_1
no_primary_key                                                  CREATE TABLE no_primary_key (
                                                                  content text,
                                                                  a text,
                                                                  b text,
                                                                  c text
                                                                )
123_starts_with_digits                                          CREATE TABLE [123_starts_with_digits] (
                                                                  content text
                                                                )
paginated_view                                                  CREATE VIEW paginated_view AS
                                                                    SELECT
                                                                        content,
                                                                        '- ' || content || ' -' AS content_extra
                                                                    FROM no_primary_key
Table With Space In Name                                        CREATE TABLE "Table With Space In Name" (
                                                                  pk varchar(30) primary key,
                                                                  content text
                                                                )
sqlite_autoindex_Table With Space In Name_1
table/with/slashes.csv                                          CREATE TABLE "table/with/slashes.csv" (
                                                                  pk varchar(30) primary key,
                                                                  content text
                                                                )
sqlite_autoindex_table/with/slashes.csv_1
complex_foreign_keys                                            CREATE TABLE "complex_foreign_keys" (
                                                                  pk varchar(30) primary key,
                                                                  f1 text,
                                                                  f2 text,
                                                                  f3 text,
                                                                  FOREIGN KEY ("f1") REFERENCES [simple_primary_key](id),
                                                                  FOREIGN KEY ("f2") REFERENCES [simple_primary_key](id),
                                                                  FOREIGN KEY ("f3") REFERENCES [simple_primary_key](id)
                                                                )
sqlite_autoindex_complex_foreign_keys_1
custom_foreign_key_label                                        CREATE TABLE "custom_foreign_key_label" (
                                                                  pk varchar(30) primary key,
                                                                  foreign_key_with_custom_label text,
                                                                  FOREIGN KEY ("foreign_key_with_custom_label") REFERENCES [primary_key_multiple_columns_explicit_label](id)
                                                                )
sqlite_autoindex_custom_foreign_key_label_1
units                                                           CREATE TABLE units (
                                                                  pk integer primary key,
                                                                  distance int,
                                                                  frequency int
                                                                )
searchable                                                      CREATE TABLE searchable (
                                                                  pk integer primary key,
                                                                  text1 text,
                                                                  text2 text,
                                                                  [name with . and spaces] text
                                                                )
searchable_fts                                                  CREATE VIRTUAL TABLE "searchable_fts"
                                                                    USING FTS3 (text1, text2, [name with . and spaces], content="searchable")
searchable_fts_content                                          CREATE TABLE 'searchable_fts_content'(docid INTEGER PRIMARY KEY, 'c0text1', 'c1text2', 'c2name with . and spaces', 'c3content')
searchable_fts_segments                                         CREATE TABLE 'searchable_fts_segments'(blockid INTEGER PRIMARY KEY, block BLOB)
searchable_fts_segdir                                           CREATE TABLE 'searchable_fts_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx))
sqlite_autoindex_searchable_fts_segdir_1
select                                                          CREATE TABLE [select] (
                                                                  [group] text,
                                                                  [having] text,
                                                                  [and] text
                                                                )
facet_cities                                                    CREATE TABLE facet_cities (
                                                                    id integer primary key,
                                                                    name text
                                                                )
simple_view                                                     CREATE VIEW simple_view AS
                                                                    SELECT content, upper(content) AS upper_content FROM simple_primary_key

Out of interest, here are the rows from that table where sql is null: https://latest.datasette.io/fixtures?sql=select%0D%0A++*%0D%0Afrom%0D%0A++sqlite_master%0D%0Awhere%0D%0A++sql+is+null

type,name,tbl_name,rootpage,sql
index,sqlite_autoindex_simple_primary_key_1,simple_primary_key,3,
index,sqlite_autoindex_primary_key_multiple_columns_1,primary_key_multiple_columns,5,
index,sqlite_autoindex_primary_key_multiple_columns_explicit_label_1,primary_key_multiple_columns_explicit_label,7,
index,sqlite_autoindex_compound_primary_key_1,compound_primary_key,9,
index,sqlite_autoindex_compound_three_primary_keys_1,compound_three_primary_keys,11,
index,sqlite_autoindex_foreign_key_references_1,foreign_key_references,14,
index,sqlite_autoindex_sortable_1,sortable,16,
index,sqlite_autoindex_Table With Space In Name_1,Table With Space In Name,20,
index,sqlite_autoindex_table/with/slashes.csv_1,table/with/slashes.csv,22,
index,sqlite_autoindex_complex_foreign_keys_1,complex_foreign_keys,24,
index,sqlite_autoindex_custom_foreign_key_label_1,custom_foreign_key_label,26,
index,sqlite_autoindex_tags_1,tags,31,
index,sqlite_autoindex_searchable_tags_1,searchable_tags,34,
index,sqlite_autoindex_searchable_fts_segdir_1,searchable_fts_segdir,37,

sqlite-utils schema data.db could output the same thing to the console.

Codecov Report

Merging #1374 (0ef0dd5) into main (cd7678f) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main    #1374   +/-   ##
=======================================
  Coverage   91.68%   91.68%           
=======================================
  Files          34       34           
  Lines        4340     4340           
=======================================
  Hits         3979     3979           
  Misses        361      361           

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update cd7678f...0ef0dd5. Read the comment docs.

any fixes for that recursive issue with temp file? I get it using both heroku and cloudrun, although it seems to still publish and deploy fine

shell=True is added to line 56 (I guess it used to be 54) of heroku.py as detailed in the original issue. (for posterity)

I'll release these as an alpha straight away - it makes sense to have plugin hook changes available for people to test as alpha dependencies ASAP.

Codecov Report

Merging #1373 (d117ba7) into main (a3faf37) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main    #1373   +/-   ##
=======================================
  Coverage   91.68%   91.68%           
=======================================
  Files          34       34           
  Lines        4340     4340           
=======================================
  Hits         3979     3979           
  Misses        361      361           

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a3faf37...d117ba7. Read the comment docs.

I'm happy to grab some or all of these in this PR, if you want.

We can remove a bunch of unnecessary str(path) calls too - this search finds a bunch of possible candidates: https://ripgrep.datasette.io/-/ripgrep?pattern=str%5C%28.*%28db%7Cpath%29&glob=datasette%2F**%2F*.py

Note that if we went with a "update_metadata" hook, the hook signature would look something like this (it would return nothing):

update_metadata(
  datasette=self, metadata=metadata, key=key, database=database, table=table,
  fallback=fallback
)

The Datasette function _metadata_recursive_update(self, orig, updated) would disappear into the plugins. Doing this, though, we'd lose the easy ability to make the local metadata.yaml immutable (since we'd no longer have the recursive update).

https://github.com/python/cpython/blob/2ab27c4af4ddf7528e1375e77c787c7fbb09b5e6/Lib/typing.py#L2173-L2195

In Python 3.6 or higher can do this:

class Employee(NamedTuple):
    name: str
    id: int

I've hit this one too. I agree, fixing this in Datasette itself is better than fixing it in the tests across multiple other projects.

No point in showing the IDs twice if the blue label doesn't differ from the gray ID

Here's why: https://github.com/simonw/datasette/blob/03ec71193b9545536898a4bc7493274fec48bdd7/datasette/static/app.css#L455-L458

Here's an example of a test that uses it. It's necessary because sometimes fixtures that create temporary directories break in unexpected ways:

https://github.com/simonw/datasette/blob/0a7621f96f8ad14da17e7172e8a7bce24ef78966/tests/test_plugins.py#L658-L666

The hack in question is this fixture, which I've been using in an ad-hoc manner to work around errors while running the tests: https://github.com/simonw/datasette/blob/030deb4b25cda842ff7129ab7c18550c44dd8379/tests/conftest.py#L62-L75

I don't understand the underlying issue well enough to know how to get rid of it.

Looks like this is the way to do this:

Point = typing.NamedTuple(
    "Point", [('x', int), ('y', int)]
)

I guess I can offer a disable_csp setting so that people with complex custom templates aren't completely blocked from using them with Datasette, but maybe it would be better not to offer that? Or to offer it as a datasette-insecure-csp plugin instead?

I like the idea of very actively encouraging CSP across all Datasette projects, but I'm nervous about making the software unusable for certain edge cases.

Maybe require CSP and wait for someone to complain?

Twitter conversation: https://twitter.com/simonw/status/1401565566045806594

@dracos provided some really useful code examples there:

We generate it here: https://github.com/mysociety/fixmystreet/blob/e9fec4e567e7148ed128816e5770c2963be51af6/perllib/FixMyStreet/Cobrand/Default.pm#L89-L90
And use it e.g. https://github.com/mysociety/fixmystreet/blob/ba6788cd25d8f471a4e3308403607627b4d2f4f6/templates/web/base/common_header_tags.html or https://github.com/mysociety/fixmystreet/blob/cb4f2b96364d151988b5c664888468b25cc62240/templates/web/fixmystreet.com/header/css.html

No, because Vary header is about request headers that cause the response to vary, not response headers.

Hah, of course! Thanks for the correction. So the nonce mechanism would actually be pretty great here, especially for the extra_body_script() hook.

Presumably this would also require adding Content-Security-Policy to the Vary header though, which will have a nasty effect on Cloudflare and Fastly and such like.

No, because Vary header is about request headers that cause the response to vary, not response headers.

Mind you, since that plugin hook looks like this:

@hookimpl
def extra_body_script():
    return {
        "module": True,
        "script": "console.log('Your JavaScript goes here...')"
    }

Having it calculate a sha256 hash wouldn't be difficult.

This is from the current base.html template: https://github.com/simonw/datasette/blob/030deb4b25cda842ff7129ab7c18550c44dd8379/datasette/templates/base.html#L62-L66

Which includes this: https://github.com/simonw/datasette/blob/030deb4b25cda842ff7129ab7c18550c44dd8379/datasette/templates/_close_open_menus.html#L1-L16

The body_scripts bit is for this extra_body_script plugin hook, which is the thing that will be the most affected by implementing CSP: https://docs.datasette.io/en/stable/plugin_hooks.html#extra-body-script-template-database-table-columns-view-name-request-datasette

The reason Datasette uses small inline scripts right now is to avoid the overhead of an extra HTTP request for a JavaScript file - but these are both inherently cachable and perform much better under HTTP/2 so that's likely a false optimization.

The other option for inline scripts is the CSP nonce:

Content-Security-Policy: script-src 'nonce-2726c7f26c'

Then:

<script nonce="2726c7f26c">
  var inline = 1;
</script>

Since an attacker can't guess what the nonce will be it prevents them from injecting their own script block - this seems easier to make available to plugins than a full hashing mechanism, just make {{ csp_nonce() }} available to the template.

That template function can then be smart enough to set a flag which Datasette uses to decide if the script-src 'nonce-2726c7f26c' policy should be sent or not.

Presumably this would also require adding Content-Security-Policy to the Vary header though, which will have a nasty effect on Cloudflare and Fastly and such like.

Another consideration: testing that this works correctly could require adoption of a real browser test environment (probably Cypress or maybe Playwright) to execute tests that will fail if CSP is violated.

I think the best way to answer these questions is with some prototyping - of both Datasette and some of the existing JavaScript plugins.

I can start with a datasette-experimental-csp plugin that sets the header (and could even run an optional report URI mechanism).

The security benefit of forcing all JavaScript plugins to be written as CSP-friendly external scripts is very compelling though.

Other plugin-heavy ecosystems such as WordPress have suffered greatly from insecurely written plugins - could this be a huge security win for the Datasette ecosystem generally?

The easiest way to apply CSP is to remove all inline <script> blocks (Datasette has a few) and instead serve JavaScript as separate linked files.

It's possible to keep inline script blocks by calculating a hash of their content and adding a Content-Security-Policy: script-src 'sha256-B2yPHKaXnvFWtRChIbabYmUBFZdVfKKXHbWtWidDVF8=' to the policy. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src

This could be achieved with some Django template tricks, but it feels very risky - and done carelessly could end up calculating a hash of a reflected XSS attack!

The biggest challenge I see around here involves plugins and custom templates. Adopting CSP would require plugins to avoid using any inline scripts, instead keeping their entire implementations in .js files.

That's maybe not a bad thing, but it represents a big commitment. It would need to be adopted before Datasette 1.0.

One note on using this pragma I got an error on starting datasette no such table: pragma_database_list.

I diagnosed this to an older version of sqlite3 (3.14.2) and upgrading to a newer version (3.34.2) fixed the issue.

That issue is fixed in #1276.

That seems to have fixed it. I'd love to get rid of this restore_working_directory hack entirely.

That broke things. Here's how pytest-cov fixed a similar issue: https://github.com/pytest-dev/pytest-cov/commit/7ccb1783bf8290447df58deeb41eae74296a6d9b

See also https://github.com/nedbat/coveragepy/issues/881 and https://github.com/pytest-dev/pytest-cov/issues/306 and https://github.com/nedbat/coveragepy/issues/824

I'm going to try removing that restore_working_directory fixture entirely.

Stack Overflow: https://stackoverflow.com/a/49367679/6083

The answer was that os.chdir() had been set to the deleted directory by accident. The directory was missing, but the error happened (it seems) at the attempt to get it with os.getcwd().

Worth noting that I found this issue myself, and to my knowledge it has not been uncovered by anyone else prior to the patch being released.

I've released fixes in both 0.56.1 and 0.57.

Release notes are in, pushing the release now.

See #1360 for the security fix.

There's also a security fix I need to make, so I'm not going to block this on wrapping up the work on the new Docker image testing from #1344 before putting out this release.

This is great, thank you.

Codecov Report

Merging #1291 (8789157) into main (0a7621f) will not change coverage.
The diff coverage is n/a.

:exclamation: Current head 8789157 differs from pull request most recent head 9bf089f. Consider uploading reports for the commit 9bf089f to get more accurate results

@@           Coverage Diff           @@
##             main    #1291   +/-   ##
=======================================
  Coverage   91.51%   91.51%           
=======================================
  Files          34       34           
  Lines        4255     4255           
=======================================
  Hits         3894     3894           
  Misses        361      361           

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 0a7621f...9bf089f. Read the comment docs.

Yeah that's a good point. I avoided making them sub-commands because datasette serve already supports the multitude of other arguments they also need... but actually that was just me being lazy - I can easily share arguments between multiple functions like I do in sqlite-utils itself: https://github.com/simonw/sqlite-utils/blob/d1a372b3006e6cf7d2017b3ddc484bf5c033e45d/sqlite_utils/cli.py#L46

Codecov Report

Merging #1357 (1b27643) into main (6e9b07b) will increase coverage by 0.00%.
The diff coverage is 100.00%.

@@           Coverage Diff           @@
##             main    #1357   +/-   ##
=======================================
  Coverage   91.71%   91.72%           
=======================================
  Files          34       34           
  Lines        4333     4336    +3     
=======================================
+ Hits         3974     3977    +3     
  Misses        359      359           

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6e9b07b...1b27643. Read the comment docs.

Alternative idea: populate request.scope with a new route_path which is the base-url-stripped version, which we then use for other routing operations.

Got the test to pass by ensuring the tests don't accidentally double-rewrite the path.

Ran into a new problem:

    @pytest.mark.asyncio
    @pytest.mark.parametrize(
        "prefix,expected_path", [(None, "/asgi-scope"), ("/prefix/", "/prefix/asgi-scope")]
    )
    async def test_client_path(datasette, prefix, expected_path):
        original_base_url = datasette._settings["base_url"]
        try:
            if prefix is not None:
                datasette._settings["base_url"] = prefix
            response = await datasette.client.get("/asgi-scope")
            path = response.json()["path"]
>           assert path == expected_path
E           AssertionError: assert '/asgi-scope' == '/prefix/asgi-scope'
E             - /prefix/asgi-scope
E             ? -------
E             + /asgi-scope

That test confirms that messing around with the base_url doesn't modify the ASGI scope... but the fix I'm using for this issue DOES modify the ASGI scope.

The question raised here is: should the ASGI scope stay unmodified when base_url is used?

I think it should. It doesn't make sense to obscure the "real" path just to get custom pages to work properly.

Applying this fix worked when I manually tested it:

         base_url = self.ds.setting("base_url")
         if base_url != "/" and path.startswith(base_url):
             path = "/" + path[len(base_url) :]
+            scope = dict(scope, path=path, raw_path=path.encode("utf-8"))
         request = Request(scope, receive)

But... the test I wrote still failed. My hunch is that this is because deep within the test framework requests go through ds.client which may be applying its own changes relevant to base_url:

https://github.com/simonw/datasette/blob/6e9b07be92905011211d8df7a872fb7c1f2737b2/datasette/utils/testing.py#L139

This looks like the cause: https://github.com/simonw/datasette/blob/6e9b07be92905011211d8df7a872fb7c1f2737b2/datasette/app.py#L1087-L1092

Note how path is modified... but then we create a new Request() that uses the old scope, which has unmodified scope["path"] - and then the code later on looks at request.scope["path"] when deciding if the request matches:

https://github.com/simonw/datasette/blob/afed51b1e36cf275c39e71c7cb262d6c5bdbaa31/datasette/app.py#L1154-L1155

(Putting thoughts here to keep the conversation in one place.)

I think using datasette for this use-case is the right approach. I usually have both datasette and sqlite-utils installed in the same project, and that's where I'm trying out queries, so it probably makes the most sense to have datasette also manage the output (and maybe the input, too).

It seems like both --get and --query could work better as subcommands, rather than options, if you're looking at building out a full CLI experience in datasette. It would give a cleaner separation in what you're trying to do and let each have its own dedicated options. So something like this:

# run an arbitrary query
datasette query covid.db "select * from ny_times_us_counties limit 1" --format yaml

# run a canned query
datasette get covid.db some-canned-query --format yaml

I think this is more likely to happen in Datasette than in sqlite-utils - see https://github.com/simonw/datasette/issues/1356 for thoughts on this.

Another potential way to implement this would be to hold the SQLite connection open and execute the full query there.

I've avoided this in the past due to concerns of resource exhaustion - if multiple requests attempt this at the same time all of the connections in the pool will become tied up and the site will be unable to respond to further requests.

But... now that Datasette has authentication there's the possibility of making this feature only available to specific authenticated users - the --root user for example. Which avoids the danger while unlocking a super-useful feature.

Not to mention people who are running Datasette privately on their own laptop, or the proposed --query CLI feature in #1356.

Also relevant: CSV streaming for canned queries in #526 - even better if we could stream ANY SQL query.

Implementing this would make #1356 a whole lot more interesting.

A problem with this is that if you're using --query you likely want ALL of the results - at the moment the only Datasette output type that can stream everything is .csv and plugin formats can't handle full streams, see #1062 and #1177.

So there's not much point implementing this unless we first make plugins able to add custom streaming formats.

It's weird that --get is documented on this page right now: https://docs.datasette.io/en/stable/getting_started.html#datasette-get

If I implement this I should build a new "Datasette on the command-line" documentation page to cover both --get and --query.

This is also interesting when used in conjunction with the proposed datasette insert command from #1163 - Datasette would become a plugin-driven CLI tool for both ingesting and outputting data, as a side-effect of its web features.

I should implement #1355 for more efficient --csv streaming as part of this.

This feels like a relatively simple feature to implement that unlocks a whole new set of possible uses for Datasette - as described by @eyeseast in https://github.com/simonw/sqlite-utils/issues/264#issue-907642546.

What happens if you pass multiple databases? The --query would be executed against the first one. And if you pass --crossdb it would be executed against the /_memory database and would support cross-database joins.

Key thing here is that output plugins are supported (also plugins that add new SQL functions), making many Datasette plugins usable from the command-line.

This inspired me to re-examine how --get works, hence this issue: https://github.com/simonw/datasette/issues/1355

It's using TestClient at the moment which is a wrapper around httpx (as of ) that uses the @async_to_sync decorator to hide the async nature.

https://github.com/simonw/datasette/blob/f78ebdc04537a6102316d6dbbf6c887565806078/datasette/utils/testing.py#L102-L156

Maybe the fix here is to switch the --get implementation to using httpx directly with https://www.python-httpx.org/async/#streaming-responses

This is a really interesting thought. I've so far resisted the temptation to add plugins to sqlite-utils, partly to avoid overlap with Datasette - but I'm open to discussing it.

There's actually a way for you to do what you're describing using datasette on the command-line, though it's a little obscure - also Datasette doesn't yet have a GeoJSON output extension, though it really should have one.

Here's an example using datasette-yaml:

datasette /tmp/covid.db --get='/covid/ny_times_us_counties.yaml'
- rowid: 1
  date: '2020-01-21'
  county: Snohomish
  state: Washington
  fips: 53061
  cases: 1
  deaths: 0
- rowid: 2
  date: '2020-01-22'
  county: Snohomish
  state: Washington
  fips: 53061
  cases: 1
  deaths: 0

It even works with arbitrary SQL queries, though you might have to apply URL encoding to the --get string (this seems to work though):

datasette /tmp/covid.db --get='/covid.yaml?sql=select * from ny_times_us_counties limit 2' 
- date: '2020-01-21'
  county: Snohomish
  state: Washington
  fips: 53061
  cases: 1
  deaths: 0
- date: '2020-01-22'
  county: Snohomish
  state: Washington
  fips: 53061
  cases: 1
  deaths: 0

Here's the documentation for --get: https://docs.datasette.io/en/latest/getting_started.html#datasette-get

Documentation: https://sqlite-utils.datasette.io/en/latest/cli.html#listing-indexes

Needs to show the table each index applies to.

This looks good:

% sqlite-utils indexes /tmp/covid.db -t      
index_name                                                seqno    cid  name                 desc  coll      key
------------------------------------------------------  -------  -----  -----------------  ------  ------  -----
idx_johns_hopkins_csse_daily_reports_combined_key             0     12  combined_key            0  BINARY      1
idx_johns_hopkins_csse_daily_reports_country_or_region        0      1  country_or_region       0  BINARY      1
idx_johns_hopkins_csse_daily_reports_province_or_state        0      2  province_or_state       0  BINARY      1
idx_johns_hopkins_csse_daily_reports_day                      0      0  day                     0  BINARY      1
idx_ny_times_us_counties_date                                 0      0  date                    1  BINARY      1
idx_ny_times_us_counties_fips                                 0      3  fips                    0  BINARY      1
idx_ny_times_us_counties_county                               0      1  county                  0  BINARY      1
idx_ny_times_us_counties_state                                0      2  state                   0  BINARY      1

% sqlite-utils indexes /tmp/covid.db -t --aux
index_name                                                seqno    cid  name                 desc  coll      key
------------------------------------------------------  -------  -----  -----------------  ------  ------  -----
idx_johns_hopkins_csse_daily_reports_combined_key             0     12  combined_key            0  BINARY      1
idx_johns_hopkins_csse_daily_reports_combined_key             1     -1                          0  BINARY      0
idx_johns_hopkins_csse_daily_reports_country_or_region        0      1  country_or_region       0  BINARY      1
idx_johns_hopkins_csse_daily_reports_country_or_region        1     -1                          0  BINARY      0
idx_johns_hopkins_csse_daily_reports_province_or_state        0      2  province_or_state       0  BINARY      1
idx_johns_hopkins_csse_daily_reports_province_or_state        1     -1                          0  BINARY      0
idx_johns_hopkins_csse_daily_reports_day                      0      0  day                     0  BINARY      1
idx_johns_hopkins_csse_daily_reports_day                      1     -1                          0  BINARY      0
idx_ny_times_us_counties_date                                 0      0  date                    1  BINARY      1
idx_ny_times_us_counties_date                                 1     -1                          0  BINARY      0
idx_ny_times_us_counties_fips                                 0      3  fips                    0  BINARY      1
idx_ny_times_us_counties_fips                                 1     -1                          0  BINARY      0
idx_ny_times_us_counties_county                               0      1  county                  0  BINARY      1
idx_ny_times_us_counties_county                               1     -1                          0  BINARY      0
idx_ny_times_us_counties_state                                0      2  state                   0  BINARY      1
idx_ny_times_us_counties_state                                1     -1                          0  BINARY      0

By default I won't return auxiliary columns, but I'll offer a --aux option to return them.

Figuring out the right queries:

https://covid-19.datasettes.com/covid?sql=select+sqlite_master.name%2C+i.*+from+sqlite_master%0D%0Ajoin+pragma_index_list%28sqlite_master.name%29+i%0D%0Awhere+type+%3D+%27table%27

This query shows all columns across all indexes across all tables:

select i.name as index_name, xinfo.* from sqlite_master
join pragma_index_list(sqlite_master.name) i
join pragma_index_xinfo(index_name) xinfo
where sqlite_master.type = 'table'

https://covid-19.datasettes.com/covid?sql=select+i.name+as+index_name%2C+xinfo.*+from+sqlite_master%0D%0Ajoin+pragma_index_list%28sqlite_master.name%29+i%0D%0Ajoin+pragma_index_xinfo%28index_name%29+xinfo%0D%0Awhere+sqlite_master.type+%3D+%27table%27

Here's how sqlite-utils triggers works: https://github.com/simonw/sqlite-utils/blob/9c67cb925253cd5ef54a1fe0496e0ff9caeacfd6/sqlite_utils/cli.py#L1266-L1277

Running it from a SQL query makes it easy to support modifiers like --csv and -t.

Documentation: https://sqlite-utils.datasette.io/en/latest/python-api.html#xindexes

New design:

def test_xindexes(fresh_db):
    fresh_db.executescript(
        """
        create table Gosh (c1 text, c2 text, c3 text);
        create index Gosh_c1 on Gosh(c1);
        create index Gosh_c2c3 on Gosh(c2, c3 desc);
    """
    )
    assert fresh_db["Gosh"].xindexes == [
        XIndex(
            name="Gosh_c2c3",
            columns=[
                XIndexColumn(seqno=0, cid=1, name="c2", desc=0, coll="BINARY", key=1),
                XIndexColumn(seqno=1, cid=2, name="c3", desc=1, coll="BINARY", key=1),
                XIndexColumn(seqno=2, cid=-1, name=None, desc=0, coll="BINARY", key=0),
            ],
        ),
        XIndex(
            name="Gosh_c1",
            columns=[
                XIndexColumn(seqno=0, cid=0, name="c1", desc=0, coll="BINARY", key=1),
                XIndexColumn(seqno=1, cid=-1, name=None, desc=0, coll="BINARY", key=0),
            ],
        ),
    ]

I'm going to return XIndex(name, columns) - where columns is a list of XIndexColumn.

In prototyping this out I realize that I actually want to get back the name of each index, then for each of them the detailed list of index columns. Here's the test from my initial prototype:

def test_xindexes(fresh_db):
    fresh_db.executescript(
        """
        create table Gosh (c1 text, c2 text, c3 text);
        create index Gosh_c1 on Gosh(c1);
        create index Gosh_c2c3 on Gosh(c2, c3 desc);
    """
    )
    assert fresh_db["Gosh"].xindexes == [
        (
            "Gosh_c2c3",
            [
                XIndex(seqno=0, cid=1, name="c2", desc=0, coll="BINARY", key=1),
                XIndex(seqno=1, cid=2, name="c3", desc=1, coll="BINARY", key=1),
                XIndex(seqno=2, cid=-1, name=None, desc=0, coll="BINARY", key=0),
            ],
        ),
        (
            "Gosh_c1",
            [
                XIndex(seqno=0, cid=0, name="c1", desc=0, coll="BINARY", key=1),
                XIndex(seqno=1, cid=-1, name=None, desc=0, coll="BINARY", key=0),
            ],
        ),
    ]

This would be a breaking change - and the fact that it returns auxiliary columns isn't particularly useful for most cases - "Auxiliary columns are additional columns needed to locate the table entry that corresponds to each index entry".

Instead, I'm going to add a new property table.xindexes which exposes this.

I think I fixed this a while ago, though I can't find the commit now. Please re-open if the bug still happens!

This became resizable in #1236.

I have a test - I'll merge this and then add that test.

https://github.com/simonw/datasette/blob/115332ce76c0e867d9936406aaf4bcee6b1ef3cb/datasette/views/index.py#L77 helps here - looks like we can pass ?_sort=relationships to trigger the bug.

We need to add a test that illustrates the bug in #1305 so we can prove that this definitely fixes it.

https://user-images.githubusercontent.com/9599/120423073-8a338700-c31e-11eb-8c8f-affc24708b32.png">

A SQL error now looks like this: https://latest.datasette.io/fixtures?sql=select%0D%0A++*%0D%0Afrom%0D%0A++%5Bfoo%5D

https://user-images.githubusercontent.com/9599/120422579-691e6680-c31d-11eb-99ea-655bdc2a401d.png">

I'm going to get rid of that "0 results" message if an error is shown.

Codecov Report

Merging #1346 (3bffc35) into main (7b106e1) will increase coverage by 0.14%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##             main    #1346      +/-   ##
==========================================
+ Coverage   91.56%   91.71%   +0.14%     
==========================================
  Files          34       34              
  Lines        4282     4332      +50     
==========================================
+ Hits         3921     3973      +52     
+ Misses        361      359       -2     

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7b106e1...3bffc35. Read the comment docs.

I tried and failed to get this fix working for tables with double quotes in their name - I couldn't figure out what the double-quote-in-a-table-name version of this code would look like: https://github.com/simonw/datasette/blob/807de378d08752a0f05bb1b980a0a62620a70520/datasette/utils/__init__.py#L538-L548

Created a test database like this:

% sqlite-utils create-table quote-in-name.db "this'hasquoteinname" id integer name text --pk id
% datasette quote-in-name.db -p 8025 --pdb
INFO:     Started server process [86046]
INFO:     Waiting for application startup.
INFO:     Application startup complete.
INFO:     Uvicorn running on http://127.0.0.1:8025 (Press CTRL+C to quit)
> /Users/simon/Dropbox/Development/datasette/datasette/utils/__init__.py(530)detect_fts()
-> rows = conn.execute(detect_fts_sql(table)).fetchall()
(Pdb) c
Traceback (most recent call last):
  File "/Users/simon/Dropbox/Development/datasette/datasette/app.py", line 1124, in route_path
    response = await view(request, send)
  File "/Users/simon/Dropbox/Development/datasette/datasette/views/base.py", line 147, in view
    return await self.dispatch_request(
  File "/Users/simon/Dropbox/Development/datasette/datasette/views/base.py", line 122, in dispatch_request
    return await handler(request, *args, **kwargs)
  File "/Users/simon/Dropbox/Development/datasette/datasette/views/index.py", line 72, in get
    "fts_table": await db.fts_table(table),
  File "/Users/simon/Dropbox/Development/datasette/datasette/database.py", line 279, in fts_table
    return await self.execute_fn(lambda conn: detect_fts(conn, table))
  File "/Users/simon/Dropbox/Development/datasette/datasette/database.py", line 155, in execute_fn
    return await asyncio.get_event_loop().run_in_executor(
  File "/Users/simon/.pyenv/versions/3.8.2/lib/python3.8/concurrent/futures/thread.py", line 57, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/Users/simon/Dropbox/Development/datasette/datasette/database.py", line 153, in in_thread
    return fn(conn)
  File "/Users/simon/Dropbox/Development/datasette/datasette/database.py", line 279, in <lambda>
    return await self.execute_fn(lambda conn: detect_fts(conn, table))
  File "/Users/simon/Dropbox/Development/datasette/datasette/utils/__init__.py", line 530, in detect_fts
    rows = conn.execute(detect_fts_sql(table)).fetchall()
sqlite3.OperationalError: near "hasquoteinname": syntax error

@dependabot recreate

This is a lot easier to implement now that we have a ?_nofacet=1 option from #1350.

I renamed this to ?_nofacet=1 in #1353.

Documented here: https://docs.datasette.io/en/latest/json_api.html#special-table-arguments

Running python update-docs-help.py helps fix this.

I'm going to rename ?_nofacets=1 to ?_nofacet=1 to keep it consistent with the new ?_nocount=1 option (and because I don't like ?_nocounts=1).

Fixed in https://github.com/simonw/datasette/commit/d1d06ace49606da790a765689b4fbffa4c6deecb

I very much want to make:
https://disinfectants.SaferOrToxic.org/disinfectants/listN
have this URL:
https://disinfectants.SaferOrToxic.org/

I'm using only one table page on the site, with no pagination. I'm not using the home page, though when I tried to move my table to the home page as mentioned above, I failed to figure out how.

I am using cloudflare, but I haven't figured out a forwarding or HTML re-write method of doing this, either.

Is there any way I can get a prettier list URL? I'm on Vercel.

(I have a wordpress site on the main domain on a separate host.)

Since traces only work with text/html and JSON at the moment, the easiest way to do this will be to wrap generated CSV in a HTML page in a textarea if the user specified ?_trace=1:

https://github.com/simonw/datasette/blob/c5ae1197a208e1b034c88882e3ac865813a40980/datasette/tracer.py#L125-L134

I think it's worth getting ?_trace=1 to work with streaming CSV - this would have helped me spot this issue a long time ago.