Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Feature] Support SQL string composition #168

Open
jaidisido opened this issue Jun 22, 2023 · 1 comment
Open

[Feature] Support SQL string composition #168

jaidisido opened this issue Jun 22, 2023 · 1 comment
Labels
enhancement New feature or request

Comments

@jaidisido
Copy link

jaidisido commented Jun 22, 2023

The redshift connector currently supports parameterised queries (aka bind variables) which is great.

However some of our use cases require other parts of a Redshift SQL query to be dynamically created. These include components such as the table name, the schema... and are commonly referred to as Identifiers. For example f"SELECT * FROM {schema}.{table}"

Other libraries such as pg8000 and psycopg have developed modules to escape these variables via identifiers.

Beyond usability, the main advantage of this approach is that it helps with SQL injection attacks.

@Brooke-white
Copy link
Contributor

Hi @jaidisido , thank you for raising this issue. I took a look at pg8000's readme for this feature and agree this looks like a nice usability improvement. I will discuss adding this feature to our team's roadmap in our upcoming roadmap meeting next week. I'll update here with next steps.

@Brooke-white Brooke-white added the enhancement New feature or request label Jul 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

2 participants