mcp-server-semgrep/semgrep-rules/python/sqlalchemy/correctness/delete-where.yaml

MCP Server for Semgrep Integration - static code analysis with AI

rules:
  - id: delete-where-no-execute
    patterns:
      - pattern: $X.delete().where(...)
      - pattern-not-inside: $X.delete().where(...).execute()
      - pattern-not-inside: $C.execute(...)
    message:
      .delete().where(...) results in a no-op in SQLAlchemy unless the command is executed, use .filter(...).delete()
      instead.
    languages: [python]
    severity: ERROR
    metadata:
      category: correctness
      technology:
        - sqlalchemy