-
-
Notifications
You must be signed in to change notification settings - Fork 496
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Escaping values in migrations #799
Comments
In |
Thanks for the super quick reply. It is my understanding that the Knex instance can not be used until the next RC (as mentioned here) - is that correct? When playing around with this Thanks a lot for your work, looking forward to using it! |
That is only if you want to execute a query, not if you use it to build a query for |
How do I do that? As far as I know Knex' |
You could use |
Maybe I just need some more coffee, but I don't think this is how Knex works:
just returns |
|
But we could easily allow to pass the knex qb instance to So I would definitely not suggest to do this. Personally I would just write the SQL myself, it's easier and you have absolute control over everything. |
I'm fine with that, if that's the "official" way to do this. Thanks for the feedback! |
This adds a `Migration.getKnex()` shortcut as well as allows using knex in `Migration.addSql()` and `Migration.execute()`. Related: #799
|
Fantastic! Do you have an ETA for rc.5 by any chance? |
Is your feature request related to a problem? Please describe.
When writing migrations, it is not clear how the queries can be constructed safely. While a migration obviously does not contain user input and escaping might not be strictly necessary, it is arguably good form to do so anyway.
Describe the solution you'd like
Provide a built-in solution to escape values. Ideally the
knex
instance could be used but it is my understanding that this is not feasible due to its lack of support for MongoDB.Describe alternatives you've considered
Currently I am using pg-format which works well enough, but that means tying my migrations to a specific database, which is not ideal.
Additional context
I've read this issue which asks a related question.
The text was updated successfully, but these errors were encountered: