This repository was archived by the owner on Sep 21, 2021. It is now read-only.
This repository was archived by the owner on Sep 21, 2021. It is now read-only.
safesql errors out for dynamic query #21
Description
Hi,
We have a requirement to create dynamic query along with the parameters. The query is still parameterized though.
But safesql errors out complaining the below
"Please ensure that all SQL queries you use are compile-time constants.
You should always use parameterized queries or prepared statements
instead of building queries from strings"
Code is like below:
// Dynamic query to insert all
query, params := getInsertAllQuery()
result, err := db.ExecContext(ctx, query, params...) // safesql throws error in this line.
Please let know whether this is false positive