{"id":22096497,"url":"https://github.com/uphold/eslint-plugin-sql-template","last_synced_at":"2025-07-24T22:32:04.379Z","repository":{"id":57230225,"uuid":"69663979","full_name":"uphold/eslint-plugin-sql-template","owner":"uphold","description":"An ESLint plugin to enforce safe SQL template literals.","archived":false,"fork":false,"pushed_at":"2024-11-12T02:18:53.000Z","size":70,"stargazers_count":8,"open_issues_count":1,"forks_count":1,"subscribers_count":42,"default_branch":"master","last_synced_at":"2024-11-12T02:35:33.565Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/uphold.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-09-30T12:14:10.000Z","updated_at":"2024-10-16T14:14:05.000Z","dependencies_parsed_at":"2024-06-18T21:33:52.325Z","dependency_job_id":"f8d76cf2-756b-48f8-bb92-5ff1802b15e9","html_url":"https://github.com/uphold/eslint-plugin-sql-template","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/uphold%2Feslint-plugin-sql-template","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/uphold%2Feslint-plugin-sql-template/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/uphold%2Feslint-plugin-sql-template/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/uphold%2Feslint-plugin-sql-template/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/uphold","download_url":"https://codeload.github.com/uphold/eslint-plugin-sql-template/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":227482485,"owners_count":17779968,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-01T04:11:15.642Z","updated_at":"2024-12-01T04:11:16.227Z","avatar_url":"https://github.com/uphold.png","language":"JavaScript","readme":"# eslint-plugin-sql-template\n\nESLint plugin with rules for using the `sql` template tag from a library such as [sql-tag](https://github.com/ruimarinho/sql-tag) on raw SQL queries.\n\nThat library escapes data provided to an SQL query statement via interpolation. This prevents, for instance, potential SQL injection attacks.\n\nThis ESLint plugin helps teams enforce the usage of that tag, to avoid overlooked vulnerabilities from creeping into their codebases.\n\n## Status\n\n[![npm version][npm-image]][npm-url]\n[![build status][ci-image]][ci-url]\n\n## Installation\n\n```sh\nnpm install eslint eslint-plugin-sql-template --save-dev\n```\n\n## Usage\n\nAdd `sql-template` to both the `plugins` and `rules` sections of your `ESLint` configuration file. Example:\n\n```js\n// eslint.config.js\nimport sqlTemplate from 'eslint-plugin-sql-template';\n\nmodule.exports = [\n  {\n    plugins: {\n      'sql-template': sqlTemplate\n    },\n    rules: {\n      'sql-template/no-unsafe-query': 'error'\n    }\n  }\n];\n```\n\n## Rules\n\nThis plugin includes the following list of rules.\n\n### `no-unsafe-query`\n\nDisallows the usage of raw SQL templates with interpolation when not protected with the `sql` tag. Use this rule when you want to enforce protection against SQL injection attacks on all queries.\n\n#### Example\n\nExamples of **incorrect** code for this rule:\n\n```js\n/*eslint sql-template/no-unsafe-query: \"error\"*/\n\nconst value = 42;\nconst query = `SELECT * FROM users WHERE id = ${value}`;\ndb.query(query);\n\nconst columns = 'id, name';\nUsers.query(`SELECT ${columns} FROM users`);\n```\n\nExamples of **correct** code for this rule:\n\n```js\n/*eslint sql-template/no-unsafe-query: \"error\"*/\n\nconst value = 42;\nconst query = sql`SELECT * FROM users WHERE id = ${value}`;\ndb.query(query);\n\nUsers.query(`SELECT id, name FROM users`);\n\nconst punctuation = '!';\nfoo.bar(`Not SQL${punctuation}`);\n```\n\n## License\n\n[MIT](https://opensource.org/licenses/MIT)\n\n## Contributing\n\n### Development\n\nInstall dependencies:\n\n```sh\nnpm i\n```\n\nRun tests:\n\n```sh\nnpm run test\n```\n\n### Cutting a release\n\nThe release process is automated via the [release](https://github.com/uphold/eslint-plugin-sql-template/actions/workflows/release.yaml) GitHub workflow. Run it by clicking the \"Run workflow\" button.\n\n[npm-image]: https://img.shields.io/npm/v/eslint-plugin-sql-template.svg\n[npm-url]: https://www.npmjs.com/package/eslint-plugin-sql-template\n[ci-image]: https://github.com/uphold/eslint-plugin-sql-template/actions/workflows/ci.yaml/badge.svg?branch=master\n[ci-url]: https://github.com/uphold/eslint-plugin-sql-template/actions/workflows/ci.yaml\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fuphold%2Feslint-plugin-sql-template","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fuphold%2Feslint-plugin-sql-template","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fuphold%2Feslint-plugin-sql-template/lists"}