psycopg2 icon indicating copy to clipboard operation
psycopg2 copied to clipboard

Published 20 hours ago verified publisher icon psycopg

Literal `%` in queries should always be escaped.

Open dvarrazzo opened this issue 6 years ago • 1 comments

Currently in psycopg a lone % is accepted when the query has no parameters, but must be doubled into %% if the query takes parameters. This is confusing because changing a query from non-parametrised to parametrised gives weird errors. Plus, there is issues like #825, which we don't know how to solve.

Requiring to always escape the % is not backward compatible so it won't happen in psycopg2. However it can if we decide to break eggs, so remembering this issue for the mythical psycopg3.

dvarrazzo avatar Dec 07 '18 02:12 dvarrazzo

No, that's not going to happen.

dvarrazzo avatar Nov 19 '19 11:11 dvarrazzo