Validates that update_all queries are bounded.

This check is useful as a guard against accidentally updating every row in a table.

Examples

Bad:

from(Post, as: :post)
|> update(set: [archived: true])

Why this is bad:

An update_all query without a root predicate can update every row in the table.

Better:

from(Post, as: :post)
|> where([post: p], p.status == ^:draft)
|> where([post: p], p.updated_at < ^cutoff)
|> update(set: [archived: true])

Why this is better:

The root where clauses state the intended update scope.

Notes

This check only requires a non-true root predicate. It does not prove the predicate is selective or semantically correct.

The check only applies to the :update_all operation reported by Ecto.Repo.prepare_query/3. It requires every possible root where branch to include at least one non-true expression. It does not prove whether that predicate is selective. Checks that need specific predicates should use a more targeted rule such as Bylaw.Ecto.Query.Checks.MandatoryWhereKeys.

Options

• :validate - explicit false disables the check. Defaults to true.

Usage

Add this module to the explicit check list passed through Bylaw.Ecto.Query. See Bylaw.Ecto.Query for the full Ecto.Repo.prepare_query/3 setup.