Add FromSql and ExecuteSql accepting FormattableString #28609
Labels
area-query
closed-fixed
The issue has been fixed and is/will be included in the release indicated by the issue milestone.
type-enhancement
Milestone
As discussed offline, we're going to add these, which are identical to FromSqlInterpolated/ExecuteSqlInterpolated. FormattableString is safe from SQL injection attacks, so we generally want to guide users towards doing raw SQL with it, and suffix-less "default" methods would likely be used more by new users etc..
We also considered renaming FromSqlRaw to FromSqlUnsafe to make it clearer that these methods should be used with care, and also removing FromSqlInterpolated/ExecuteSqlInterpolated (obsoleting first). We won't do this since the team decided that the breaking change isn't worth it.
The text was updated successfully, but these errors were encountered: