TiDB Schema Change Audit for Safer DDL

DeltaScope is an offline-first TiDB schema change audit tool that analyzes DDL statements before they reach your TiDB cluster. It catches destructive ALTER TABLE operations, missing defaults, incompatible type changes, and dozens of other risky patterns in CI pipelines, developer workflows, and AI agent sessions.

How it works

Pass one or more DDL statements to DeltaScope with --dialect tidb. It parses the SQL using TiDB-compatible syntax, evaluates every applicable rule, and returns a verdict with blockers, warnings, and notices. No database connection is needed for offline audit.

$ deltascope audit --dialect tidb --sql "ALTER TABLE users DROP COLUMN email;"

Verdict: reject
Statements: 1
Blockers:   1
Warnings:   0
Notices:    0

Statement 1: ALTER TABLE
- [blocker] ddl.alter.drop.column: dropping column "email" is a destructive change

Common TiDB DDL checks

blocker Dropping columns or tables
blocker Changing column types incompatibly
warning Missing column defaults
warning Missing column comments
notice Redundant index additions

TiDB schema change review with metadata

Connect to a live TiDB instance to enrich findings with table statistics:

deltascope audit \
  --dialect tidb \
  --sql "alter table users add column email varchar(255)" \
  --host 127.0.0.1 --port 4000 --user root --ask-password --schema app \
  --metadata-connect-timeout 5s

Use in CI

# GitHub Actions example
- name: Audit TiDB schema changes
  run: |
    deltascope audit \
      --dialect tidb \
      --file ./migrations/tidb_schema_change.sql \
      --format github-actions \
      --fail-on blocker

DeltaScope also supports --format sarif for GitHub Code Scanning and --format gitlab-codequality for GitLab CI.

Multiple integration paths

Use the same audit engine from the CLI, in CI, via HTTP service, or through the MCP server for AI agents. Every path uses the same rules and the same policy configuration.

MySQL DDL Audit Tool → PostgreSQL DDL Audit Tool → SQL Audit MCP Server → SQL Migration Risk Checker →

What DeltaScope is not

Not a TiDB management or monitoring tool.
Not a schema diff tool that compares two database states.
Not a migration execution engine. It reviews SQL text before execution, not after.

Frequently asked questions

Does DeltaScope support TiDB-specific syntax?

Yes. Use --dialect tidb to enable TiDB-compatible parsing. The same rules and integration paths work for MySQL and TiDB.

Does it need to connect to my TiDB cluster?

No. The default mode is offline-first. It parses SQL text without any network connection. An optional metadata-aware mode can read table statistics from a live instance.

Can I customize the rules?

Yes. Every rule has a configurable severity (blocker, warning, notice) and optional parameters. Override via a YAML config file with --config.

How is this different from TiDB DM or TiCDC?

Those tools handle data migration and change data capture. DeltaScope does not execute or replicate any SQL. It reviews the SQL text for risk patterns before execution.