eslint-plugin-sql-injection
ESLint plugin that checks for string concatenation in SQL queries. By default it looks for any function calls where the function name is query
, or you can override that with the options. See the examples directory for valid and invalid samples for the rule.
Installation
npm install eslint-plugin-sql-injection
Rules
no-sql-injection
- Prevent using string concatenation in SQL queries
Options
queryFunctionNames
controls what function names to inspect
Configuration
Add a plugins
section and specify sql-injection
as a plugin:
Enable the rule:
Or with options:
License
eslint-plugin-sql-injection is licensed under the MIT License.