ArchPilotExecutable architecture guardrails

Search docs

Docs search

Validation rule

Back to Rule Catalog
AP-DQR-007Data / Query Risk

Missing projection/select for partial entity use

Flags queries that load full entities when only a small subset of fields is used.

warningviolationNo auto-fix

How to fix

  1. Add select/projection for required fields.
  2. Keep sensitive fields out of read paths by default.
  3. Update response mapping tests after narrowing the shape.

What it means

A query appears to retrieve more columns than the workflow consumes.

Why it matters

Explicit projection reduces data exposure, payload size, and coupling to schema changes.

Common causes

  • ORM defaults return full records.
  • A response mapper uses only a few fields.
  • Sensitive columns are included accidentally.

Example bad pattern

Load full user records to render only name and email.

Example good pattern

select: { id: true, name: true, email: true }.

Related files/config

  • apps/api/src
  • packages/db/prisma/schema.prisma

Related CLI commands

  • archpilot validate
  • archpilot validate --ci

Related docs

Rule CatalogData / Query RiskAPI Design
AP-DQR-007 - Missing projection/select for partial entity use | ArchPilot Docs