Sql Style Guide
Apply this checklist when writing or reviewing SQL.
Trigger Reference
- •Use
references/trigger-matrix.mdas the canonical trigger and co-activation matrix. - •Resolve skill activation from changed files with
python3 scripts/resolve_style_guides.py <changed-path>...when automation is available. - •Validate trigger matrix consistency with
python3 scripts/validate_trigger_matrix_sync.py.
Schema and naming conventions
Quality Gate Reference
- •Use
references/quality-gate-command-matrix.mdfor CI check-only vs local autofix command mapping.
- •Use consistent naming (
snake_case) for tables, columns, indexes, and constraints. - •Define clear primary keys and explicit foreign key constraints.
- •Use explicit column types; avoid ambiguous generic types where precision matters.
- •Replace unexplained literal values with named domain enums/tables when recurring.
Query structure and readability
- •Use explicit column lists; avoid
SELECT *in application-facing queries. - •Use CTEs for complex logic to improve readability and reviewability.
- •Keep joins explicit with clear predicates and aliases.
- •Comment only non-obvious business rules embedded in SQL.
Safety and correctness
- •Use parameterized statements; never concatenate untrusted input into SQL strings.
- •Scope
UPDATE/DELETEwith explicit predicates and safeguard large mutations. - •Use transactions intentionally and document isolation-level-sensitive flows.
- •Handle nullability and default behavior explicitly.
Migration discipline
- •Keep migrations atomic, reversible where possible, and deterministic.
- •Separate schema changes from data backfills when risk is high.
- •Backfill in batches for large tables to reduce lock contention.
- •Validate migration order and dependency assumptions in CI.
Performance and scalability
- •Validate query plans (
EXPLAIN/EXPLAIN ANALYZE) for critical queries. - •Add/adjust indexes based on observed access patterns, not guesswork.
- •Avoid N+1 query patterns at application boundaries.
- •Use pagination/limits for large result sets.
Security and compliance
- •Enforce least privilege per DB role.
- •Avoid exposing sensitive columns unless explicitly required.
- •Redact secrets/PII in logs and query traces.
- •Keep audit fields (
created_at,updated_at, actor IDs) where required.
Testing and verification
- •Add migration tests and rollback checks when rollback is supported.
- •Add query-level tests for business-critical logic.
- •Cover edge cases: null values, empty sets, timezone boundaries, duplicate keys.
- •Document manual verification steps for high-risk production migrations.
Observability and operations
- •Capture slow query metrics and alert thresholds.
- •Log query failures with stable error categorization.
- •Monitor lock wait times, deadlocks, and replication lag where applicable.
- •Ensure runbooks exist for migration rollback or remediation.
CI required quality gates (check-only)
- •Run SQL lint checks (
sqlfluff lint, or project equivalent check-only command). - •Run migration validation in CI/staging.
- •Verify critical query plans before merge.
- •Reject changes with unsafe mutation patterns or unbounded scans.
Optional autofix commands (local)
- •Run
sqlfluff fix(or project equivalent) and then re-run lint checks.