Fixes
- The logic for identifying queries from the
table_or_queryargument for DataSource constructors was previously incorrect. It would only expect a space after “SELECT” instead of any whitespace character. This has been fixed. - For security purposes, the SQL dialect used by the
x_sql_queryargument for dataset results (and thesql_queryargument for MCP tools) is changed from DuckDB SQL to Polars SQL. This is to ensure that the query is safe to execute and to prevent vulnerabilities like file access and extensions.
New features
Environment variables for dataset results- Added
SQRL_DATASETS__MAX_ROWS_OUTPUTto limit the number of rows returned by dataset endpoints (including MCP tools and SQL query results). - Added
SQRL_DATASETS__SQL_TIMEOUT_SECONDSto limit the execution time of SQL queries on dataset results.
- Simplified tool arguments: The
get_dataset_parameterstool now uses a singleselected_idsJSON object (as string) instead of separateparameter_name(string) andselected_ids(list of strings) fields. This change makes the arguments consistent with theparametersargument used in theget_dataset_resultstool. - Advanced result handling: Added support for the
mcp-full-dataset-v1feature flag. When enabled, clients can receive the full dataset in thestructuredContentfield while the AI agent receives a paginated preview in thecontentfield. - Tool annotations: All MCP tools now include the tool annotations
readOnlyHint=true,idempotentHint=true,destructiveHint=false, andopenWorldHint=false. These labels help AI clients understand that the tools are safe to use and can be called multiple times without side effects.
- A new predefined project variable
auth_typehas been added to thesquirrels.ymlfile. This variable controls the authentication enforcement for the project. It can be set tooptional(default) orrequired. - When
auth_typeis set torequired, datasets and dashboards default toprotectedscope (if not specified), andpublicscope is explicitly forbidden. The data catalog API also requires authentication.