SQL Scanning

Overview

SQL scanning tools help identify issues in custom SQL code before it reaches review. Custom SQL reviews are often lengthy processes, and automated scanning helps catch common problems early, reducing review cycles.

SQLFluff

SQLFluff is an open source SQL linter. The pipeline scan focuses on syntax issues that would prevent installation, rather than style enforcement.

Pipeline Configuration

The sqlfluff-scan job runs on merge requests with the following settings:

Dialect: T-SQL
Excludes .env and .cache directories
Produces sqlfluff-report.json artifact
Allowed to fail (does not block merge)

Excluded Rules

The following rules are excluded from the scan to focus on syntax issues rather than style:

CP01-CP05 - Capitalization rules
LT01-LT15 - Layout and whitespace rules
AL01-AL09 - Aliasing rules
RF06 - Reference rules

Review Buddy SQL Patterns

Review Buddy flags SQL file modifications for additional review scrutiny. Additional known bad patterns for SQL are planned to be added to Review Buddy scanning to further assist with custom SQL reviews.