Thanks to visit codestin.com
Credit goes to lib.rs

Lib.rs

Database interfacesdbmcp
#sql #pagination #mysql #postgresql #dbmcp #maria-db #mcp-server #load-file #read-only

dbmcp-sql

SQL validation and identifier utilities for dbmcp

Owned by Andreas Penz.

13 releases (5 breaking)

Uses new Rust 2024

new 0.12.1 May 22, 2026
0.12.0 May 21, 2026
0.11.1 May 17, 2026
0.10.4 May 11, 2026
0.7.0 Apr 23, 2026

#2783 in Database interfaces


Used in 4 crates

MIT license

68KB
1K SLoC

dbmcp-sql

Crates.io Docs.rs CI License: MIT

SQL validation, identifier quoting, pagination, and timeout helpers powering dbmcp — the single-binary MCP server for MySQL, MariaDB, PostgreSQL, and SQLite.

What you get

  • Read-only enforcement: only SELECT, SHOW, DESC, DESCRIBE, USE allowed
  • AST-based validation via sqlparser (comments + string contents stripped first)
  • Blocks file-exfiltration patterns (LOAD_FILE, SELECT INTO OUTFILE/DUMPFILE)
  • Identifier validation + per-backend quoting — no string interpolation
  • Server-controlled LIMIT / OFFSET rewriting for paginated SELECTs
  • Query-level timeout wrapper shared across backends

See the main crate: dbmcp · Website · Docs

Dependencies

~45–61MB
~1M SLoC