eslint-plugin-sql-injection

1.0.2 • Public • Published

eslint-plugin-sql-injection

ESLint plugin that checks for string concatenation in SQL queries. By default it looks for any function calls where the function name is query, or you can override that with the options. See the examples directory for valid and invalid samples for the rule.

Installation

npm install eslint-plugin-sql-injection

Rules

  • no-sql-injection - Prevent using string concatenation in SQL queries

Options

  • queryFunctionNames controls what function names to inspect

Configuration

Add a plugins section and specify sql-injection as a plugin:

{
  "plugins": [
    "sql-injection"
  ]
}

Enable the rule:

{
  "rules": {
    "sql-injection/no-sql-injection": "error"
  }
}

Or with options:

{
  "rules": {
    "sql-injection/no-sql-injection": [ "error", { "queryFunctionNames": [ "q" ] } ]
  }
}

License

eslint-plugin-sql-injection is licensed under the MIT License.

Readme

Keywords

none

Package Sidebar

Install

npm i eslint-plugin-sql-injection

Weekly Downloads

234

Version

1.0.2

License

none

Unpacked Size

11.6 kB

Total Files

14

Last publish

Collaborators

  • gavinaiken