Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add FromSql and ExecuteSql accepting FormattableString #28609

Closed
roji opened this issue Aug 6, 2022 · 0 comments · Fixed by #28677
Closed

Add FromSql and ExecuteSql accepting FormattableString #28609

roji opened this issue Aug 6, 2022 · 0 comments · Fixed by #28677
Assignees
@smitpatel
Labels
area-query closed-fixed The issue has been fixed and is/will be included in the release indicated by the issue milestone. type-enhancement
Milestone
7.0.0

Comments

@roji
Copy link
Member

roji commented Aug 6, 2022

As discussed offline, we're going to add these, which are identical to FromSqlInterpolated/ExecuteSqlInterpolated. FormattableString is safe from SQL injection attacks, so we generally want to guide users towards doing raw SQL with it, and suffix-less "default" methods would likely be used more by new users etc..

We also considered renaming FromSqlRaw to FromSqlUnsafe to make it clearer that these methods should be used with care, and also removing FromSqlInterpolated/ExecuteSqlInterpolated (obsoleting first). We won't do this since the team decided that the breaking change isn't worth it.
@ajcvickers ajcvickers added this to the 7.0.0 milestone Aug 10, 2022
@smitpatel smitpatel added the closed-fixed The issue has been fixed and is/will be included in the release indicated by the issue milestone. label Aug 11, 2022
smitpatel added a commit that referenced this issue Aug 11, 2022
@smitpatel
Add FromSql/ExecuteSql/ExecuteSqlAsync
423ba05 
Resolves #28609
@smitpatel smitpatel mentioned this issue Aug 11, 2022
Merged
smitpatel added a commit that referenced this issue Aug 11, 2022
@smitpatel
Add FromSql/ExecuteSql/ExecuteSqlAsync
13e8c81 
Resolves #28609
@ghost ghost closed this as completed in #28677 Aug 11, 2022
ghost pushed a commit that referenced this issue Aug 11, 2022
@smitpatel
Add FromSql/ExecuteSql/ExecuteSqlAsync (#28677)
5b27554 
Resolves #28609
@ajcvickers ajcvickers modified the milestones: 7.0.0, 7.0.0-rc1 Aug 12, 2022
@roji roji mentioned this issue Sep 19, 2022
Closed
@ajcvickers ajcvickers modified the milestones: 7.0.0-rc1, 7.0.0 Nov 5, 2022
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@smitpatel smitpatel

Labels
area-query closed-fixed The issue has been fixed and is/will be included in the release indicated by the issue milestone. type-enhancement
Projects
None yet
Milestone
7.0.0
Development

Successfully merging a pull request may close this issue.

Add FromSql/ExecuteSql/ExecuteSqlAsync dotnet/efcore
3 participants
@ajcvickers @smitpatel @roji