This repository has been archived by the owner on Sep 21, 2021. It is now read-only.
safesql errors out for dynamic query #21
Comments
KrishKayc
changed the title
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hi,
We have a requirement to create dynamic query along with the parameters. The query is still parameterized though.
But safesql errors out complaining the below
"Please ensure that all SQL queries you use are compile-time constants.
You should always use parameterized queries or prepared statements
instead of building queries from strings"
Code is like below:
// Dynamic query to insert all
query, params := getInsertAllQuery()
result, err := db.ExecContext(ctx, query, params...) // safesql throws error in this line.
Please let know whether this is false positive
The text was updated successfully, but these errors were encountered: