@capriza/eslint-plugin-safe-sql
v1.2.0
Published
ESLint plugin with rule for using the `SQL` template tag on raw SQL queries
Downloads
4
Maintainers
Keywords
Readme
eslint-plugin-safe-sql
ESLint plugin to enforce the use of the SQL
template tag from the library https://github.com/capriza/safe-sql.
The SQL
template tag from safe-sql
transforms the sql query in a template to a safe sql query with bound parameters for use with Sequelize.
Installation
$ npm install --save-dev @capriza/eslint-plugin-safe-sql
Usage
Add the following to your .eslint.json
file:
"plugins": ["@capriza/safe-sql"],
"rules": {"@capriza/safe-sql/no-unsafe-sql": "error"}
no-unsafe-sql
rule
Forbids the use of raw SQL in string literals or untagged templates, requiring the use of the SQL
template tag.
Examples
const SQL = require("safe-sql");
const table = "users";
var query = "SELECT * FROM " + table; // this will generate eslint error
sequelize.query(`SELECT * FROM ${table}`); // this will generate eslint error
sequelize.query(SQL`SELECT * FROM ${table}`); // this will NOT generate eslint error