pg-mem icon indicating copy to clipboard operation
pg-mem copied to clipboard
verified publisher icon oguimbal

Support parameterized statements

Open AnnikaCodes opened this issue 4 years ago • 1 comments

Parameterized statements are a good way to guard against SQL injection attacks. Many projects use them, and the fact that pg-mem doesn't support them makes these projects less likely to use pg-mem for their unit tests. Something like this would be great:

import {newDb} from 'pg-mem';

const db = newDb();
db.public.none(`INSERT INTO mytable (a, b, c, d) VALUES ($1, $2, $3, $2)`, [42, 'hi', false]);

AnnikaCodes avatar Apr 22 '21 01:04 AnnikaCodes

Hi !

It's on my roadmap 👍

FYI: Currently, query args passed by adapters are handled like this

Thanks :)

oguimbal avatar Apr 22 '21 06:04 oguimbal