-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Christoph Herrmann edited this page Oct 18, 2019
·
14 revisions
Welcome to the sql-pg wiki!
- The project is focused to be a query builder and compatible to
pgas database driver- Because of security reasons an own
.query()is provided. It's only used to check if theclientis set and the query was built with the sql tag - For convenience the Manipulation and Selection Methods are provided doing more than only building the query by executing it and extract the relevant information from the response object
- Because of security reasons an own
- Write a query should be as near as possible to native SQL
- Security by design. Using the SQL Tag ensures all variables are given to the database separated from the query as values. The provided
.query()ensures SQL Tag is always used - Easy to automatically test, only if automatic tests are easy to write, a high coverage of the library and inside in the projects can be achieved
- Open for extensions. Own Tag Helpers can be written easily. That was a trade off, because that is also the only way to get issues with SQL Injections if added Tag Helpers aren't secure
Found a bug or missing a feature? -> Create a new Issue
Found a security issue? -> Look at the Security Policy
Having questions, want to give feedback or talk to me? -> E-Mail me [email protected]