sleepy/odysseus
1
0
Fork
You've already forked odysseus
 0
Code Issues 9 Pull requests 10 Projects Releases Packages Wiki Activity Actions

[chat] builtin_actions.py uses raw SQLite while project uses SQLAlchemy ORM #732

New issue
Closed
opened 2026-06-03 00:09:28 +02:00 by sleepy · 0 comments
sleepy commented 2026-06-03 00:09:28 +02:00
Owner
Copy link

Problem

src/builtin_actions.py uses raw sqlite3 connections and SQL strings in multiple places:

  • Line 787-791: sqlite3.connect(SCHEDULED_DB) with raw SELECT message_id FROM email_boundaries
  • Line 899-907: Raw INSERT OR REPLACE INTO email_boundaries via c.execute()
  • Line 997-999: Raw SELECT from_address, last_built_at FROM sender_signatures
  • Line 1108: Raw SQL execution
  • Lines 1946-1976: Raw SQLite operations

The project uses SQLAlchemy ORM throughout (core/database.py defines all models). The SCHEDULED_DB is a separate SQLite database, but even so, using raw SQL when the project has an ORM pattern is a violation.

AGENTS.md violations

  • No raw SQL when project uses an ORM

Suggested fix

  1. Define SQLAlchemy models for email_boundaries and sender_signatures tables
  2. Use the standard SessionLocal() pattern for database access
  3. If SCHEDULED_DB must remain separate, at minimum use parameterized queries consistently and wrap in a repository pattern
## Problem `src/builtin_actions.py` uses raw `sqlite3` connections and SQL strings in multiple places: - Line 787-791: `sqlite3.connect(SCHEDULED_DB)` with raw `SELECT message_id FROM email_boundaries` - Line 899-907: Raw `INSERT OR REPLACE INTO email_boundaries` via `c.execute()` - Line 997-999: Raw `SELECT from_address, last_built_at FROM sender_signatures` - Line 1108: Raw SQL execution - Lines 1946-1976: Raw SQLite operations The project uses SQLAlchemy ORM throughout (`core/database.py` defines all models). The `SCHEDULED_DB` is a separate SQLite database, but even so, using raw SQL when the project has an ORM pattern is a violation. ## AGENTS.md violations - **No raw SQL when project uses an ORM** ## Suggested fix 1. Define SQLAlchemy models for `email_boundaries` and `sender_signatures` tables 2. Use the standard `SessionLocal()` pattern for database access 3. If `SCHEDULED_DB` must remain separate, at minimum use parameterized queries consistently and wrap in a repository pattern
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
dev
fix/effective-mode-undefined
fix/async-generator-500
refactor/split-small-routes-779
refactor/split-session-routes-778
refactor/split-llm-core-700
refactor/split-chat-routes-724
refactor/split-model-routes-701
refactor/split-skills-routes-777
refactor/split-document-routes-769
refactor/split-ai-interaction-722
refactor/split-cookbook-routes-775
refactor/split-builtin-actions-723
refactor/split-task-scheduler-774
refactor/tool-execution-split-667
fix/rag-health-coordinator-756
fix/agent-core-missing-round-loop
fix/rag-health-check-756
fix/missing-readmes-782
fix/search-files-split-772
fix/dedup-search-impl-771
fix/mcp-integrations-split-781
fix/cookbook-helpers-split-785
fix/search-cross-feature-776
fix/graceful-llm-degradation-770
fix/dedup-research-handler-773
fix/cross-route-coupling-780
fix/skills-typed-request-762
fix/chat-stream-pydantic-731
fix/chat-handler-imports-737
fix/public-llm-exports-730
fix/dedup-search-content-784
fix/dedup-stream-parse-735
fix/stream-error-boundary-734
fix/typed-event-names-786
fix/dedup-js-utilities-792
fix/skills-index-lookup-761
fix/xss-charname-innerhtml-788
fix/coderunner-document-write-789
fix/ai-interaction-thread-safety-729
fix/client-side-api-key-regex-793
fix/dead-loadingtext-796
fix/active-streams-eviction-736
fix/builtin-actions-sqlite-orm-732
fix/llm-core-thread-safety-709
fix/singleton-thread-safety-768
fix/video-upload-multimodal-826
fix/mic-button-audio-825
fix/multimodal-capabilities-827
fix/dedup-system-msg-717
fix/service-dead-calls-750
fix/db-session-context-manager-757
fix/dedup-llmconfig-710
fix/keyword-lists-764-v2
fix/keyword-lists-764
fix/llm-cache-ttl-708
fix/validate-config-711
fix/totp-constant-time-689
fix/admin-tools-constant-681
fix/dedup-truncate-670
fix/threadsafe-extractions-audit-754
fix/dedup-json-io-767
fix/695-deduplicate-admin-check
fix/upload-auth-dedup-765
fix/705-deduplicate-network-constants
fix/deduplicate-chunking-749
fix/760-deduplicate-embed
fix/dedup-validation-759
fix/748-deduplicate-tokenization
fix/add-readmes-728-742-782
fix/key-file-permissions-706
fix/embedding-retry-766
fix/deterministic-doc-ids-753
fix/search-facade-783
fix/remove-dead-memory-746
fix/remove-rag-manager-747
fix/dead-docstring-763
refactor/split-tool-schemas-666
refactor/split-agent-loop-664
refactor/split-tool-implementations-665
fix/mark-stopped-500-663
fix/streamingtts-scope-662
fix/code-block-tool-parsing-661
No results found.
Labels
Clear labels   
area:chat

   
area:core

   
area:llm

   
area:routes

   
area:tools

   
bug
Something isn't working

  
documentation
Improvements or additions to documentation

  
duplicate
This issue or pull request already exists

  
enhancement
New feature or request

  
good first issue
Good for newcomers

  
help wanted
Extra attention is needed

  
invalid
This doesn't seem right

  
question
Further information is requested

  
refactor

   
wontfix
This will not be worked on

No labels
area:chat
area:core
area:llm
area:routes
area:tools
bug
documentation
duplicate
enhancement
good first issue
help wanted
invalid
question
refactor
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
sleepy/odysseus#732
No description provided.