Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

SQL library code

See original GitHub issue

Hi @calebmer - I can’t keep track of a discussion in a large commit, so if you want to discuss it, let’s talk here.

Regarding the source of the code, the initial version is loosely based on the pg-sql implementation. I’d be happy to provide some sort of attribution if you’d like? I put this implementation into this code base for a few reasons though:

I wanted to use TypeScript for it natively, to match the rest of the code base
I wanted to also support generating slightly different output for different SQL dialects (not all of them support the explicit $1 style placeholder syntax)
The various db libraries here are very tightly integrated with that package, so I need to be able to manage version updates carefully.
I felt it was important that sql.raw had a value that was more obviously dangerous.

Regarding the symbols in pg-sql2, this library uses instanceof, which is equivalently secure - you can’t create an instance of SQLQuery via JSON.parse.

Let me know if you have any other concerns/if you want specific attribution.

Issue Analytics

State:
Created 4 years ago
Comments:7 (3 by maintainers)

Top GitHub Comments

2reactions

ForbesLindesaycommented, Jun 7, 2019

I’ve got a primitive SQL parser just about working: #20

Next steps:

create a proper AST for it
write something to generate types from the AST + a database schema
use the resulting utility to generate and print out types from sql template literals.

2reactions

ForbesLindesaycommented, May 30, 2019

I think I’ll go down the path of being able to generate types for some growing subset of sql statements. I think falling back to un-typed SQL from typed SQL is friendlier than falling back to un-typed SQL from our own DSL style API.

I think a library that understood/validated/added types for basic INSERT, UPDATE, DELETE and simple SELECT ... FROM ... style queries would be hugely useful, even if more complex queries were just typed as unknown. I think a very minimal SQL parser could get something like 60% of the queries in my current code base to be typed. Unfortunately that’s still going to be a lot of work to build, so I don’t know when I’ll get time.

Top Results From Across the Web

SQL Library - Know the Code

This technical library provides you with practical, hands-on SQL and database projects, insights, ... SQL and Database Libraries | Know the Code.

Code Library - Oracle Live SQL

This tutorial provides an introduction to the Structured Query Language (SQL), learn how to create t... create table, create, select, insert, update, delete, ......

Connection libraries for Microsoft SQL Database - SQL Server

Provides download links for modules, which enable connection to Microsoft SQL Server and Azure SQL Database, from a variety of client ...

SQL Tutorial => Library Database

In this example database for a library, we have Authors, Books and BooksAuthors tables. Live example: SQL fiddle. Authors and Books are known...

A database for a fictional library system, with SQL scripts that ...

This is a database system for a fictional library. I have written scripts to create the database and tables, insert data, and make...