serverless-pg icon indicating copy to clipboard operation
serverless-pg copied to clipboard

Published 20 hours ago verified publisher icon MatteoGioioso

SQL Injection

Open jamesmart77 opened this issue 3 years ago • 1 comments

Sorry, but more of a question here since there wasn't a "general" forum. Since this library depends on pg, does it protect against sql injection? If so, would that be formatted the same way it is in that library for parameterized queries?

jamesmart77 avatar Oct 03 '22 17:10 jamesmart77

Hello, yes, the .query method behave almost the same as in node-pg: https://github.com/MatteoGioioso/serverless-pg/blob/4cc2007bfb8aed78280e703e4cc34e9e47236faa/src/index.js#L436

MatteoGioioso avatar Oct 04 '22 04:10 MatteoGioioso