NL2SQL represents failures as structured PipelineError objects and propagates them through state. Retries are managed at the subgraph level, and circuit breakers provide fast-fail safety for external dependencies.
PipelineError includes:
node, message, severity, error_codeis_retryable derived from severity and error codeCommon error codes include MISSING_SQL, EXECUTION_FAILED, PIPELINE_TIMEOUT, SECURITY_VIOLATION.
create_breaker() configures pybreaker.CircuitBreaker instances with observability hooks:
LLM_BREAKERVECTOR_BREAKERDB_BREAKERRetrieval calls in VectorStore are wrapped with VECTOR_BREAKER. Other breakers are available but not uniformly wired across all execution paths.
flowchart TD
Node[Pipeline Node] --> Error[PipelineError]
Error --> State[GraphState.errors]
State --> Retry{is_retryable?}
Retry -->|yes| Refine[RefinerNode / retry loop]
Retry -->|no| Stop[Terminate branch]
See ../architecture/failure_recovery.md for failure domains, retry scope, and recovery limitations.
run_with_graph() enforces a global timeout (Settings.global_timeout_sec).nl2sql.common.cancellation checks.packages/core/src/nl2sql/common/errors.pypackages/core/src/nl2sql/common/resilience.pypackages/core/src/nl2sql/pipeline/subgraphs/sql_agent.py