vanna icon indicating copy to clipboard operation
vanna copied to clipboard

Published 20 hours ago ā€¢ verified publisher icon vanna-ai

Query security

Open amoffat opened this issue 1 year ago ā€¢ 2 comments

Any interest in integrating a SQL static analysis tool to make queries secure? https://github.com/amoffat/HeimdaLLM

amoffat avatar Jan 14 '24 19:01 amoffat

Very interesting! It looks like it could be a good fit but Iā€™m a little concerned about the license conflict. We are MIT-licensed whereas yours is AGPL.

zainhoda avatar Jan 15 '24 02:01 zainhoda

I see you have optional dependencies in your pyproject.toml. If HeimdaLLM is listed the same way, and it's up to the end user to explicitly install AGPL software as an optional dependency (and Vanna can function without it), then the AGPL software is not bundled with your MIT software, and the copyleft provisions don't apply to you, but to the end user. Meaning the end user cannot provide Vanna + HeimdaLLM without complying with AGPL. There is also a flexible commercial license we could discuss, since it looks like you are offering a commercial service as well.

amoffat avatar Jan 15 '24 07:01 amoffat