eslint-plugin-sql

SQL linting rules for ESLint.
In its current form, the plugin has been designed and tested to work with Postgres codebase.
Installation
- Install ESLint.
- Install
eslint-plugin-sql
plugin.
npm install eslint --save-dev
npm install eslint-plugin-sql --save-dev
Configuration
- Add
plugins
section and specify eslint-plugin-sql
as a plugin. - Enable rules.
{
"plugins": [
"sql"
],
"rules": {
"sql/format": [
2,
{
"ignoreExpressions": false,
"ignoreInline": true,
"ignoreTagless": true
}
],
"sql/no-unsafe-query": [
2,
{
"allowLiteral": false
}
]
}
}
Settings
placeholderRule
A regex used to ignore placeholders or other fragments of the query that'd make it invalid SQL query, e.g.
If you are using ?
placeholders in your queries, you must ignore \?
pattern as otherwise the string is not going to be recognized as a valid SQL query.
This configuration is relevant for sql/no-unsafe-query
to match queries containing placeholders as well as for sql/format
when used with {ignoreTagless: false}
configuration.
Rules
format
The --fix
option on the command line automatically fixes problems reported by this rule.
Matches queries in template literals. Warns when query formatting does not match the configured format (see Options).
This rule is used to format the queries using sql-formatter.
Options
The first option is an object with the following configuration.
configuration | format | default | description |
---|
ignoreExpressions | boolean | false | Does not format template literals that contain expressions. |
ignoreInline | boolean | true | Does not format queries that are written on a single line. |
ignoreStartWithNewLine | boolean | true | Does not remove \n at the beginning of queries. |
ignoreTagless | boolean | true | Does not format queries that are written without using sql tag. |
retainBaseIndent | boolean | true | Uses the first line of the query as the base indent. |
sqlTag | string | sql | Template tag name for SQL. |
The second option is an object with the sql-formatter
configuration.
configuration | default | description |
---|
useTabs | false | Use tabs for indentation. |
tabSize | 2 | Number of spaces per indentation. |
language | sql | Language of the query. |
keywordCase | preserve | Determines the case of keywords (preserve , upper , lower ). |
dataTypeCase | preserve | Determines the case of data types (preserve , upper , lower ). |
denseOperators | false | Decides whitespace around operators. |
identifierCase | preserve | Determines the case of identifiers (preserve , upper , lower ). |
functionCase | preserve | Determines the case of functions (preserve , upper , lower ). |
The following patterns are considered problems:
sql.fragment`
SELECT
m1.ID
FROM
message m1
WHERE
m1.ID = ${message.id}
`
sql.fragment`
SELECT id::NUMERIC
`
sql.fragment`
SELECT
COUNT(*)
FROM
message
WHERE
id = ${message.id}
`
sql.fragment`
select
COUNT(*)
from
message
where
id = ${message.id}
`
sql.fragment`
${null}
UPDATE message
SET
messages = ${sql.jsonb(messages as unknown as SerializableValue[])}
WHERE id = ${message.id}
`;
await pool.query(sql.typeAlias('void')`
UPDATE message
SET
messages = ${sql.jsonb(messages as unknown as SerializableValue[])}
WHERE id = ${message.id}
`);
sql`
SELECT
1
`
sql.type({ id: z.number() })`
SELECT
1
`
sql.typeAlias('void')`
SELECT
1
`
`SELECT 1`
`SELECT 2`
sql.unsafe`SELECT 3`
sql.type()`SELECT 3`
`SELECT ${'foo'} FROM ${'bar'}`
const code = sql`
SELECT
foo
FROM
bar
`
SQL`SELECT 1`
The following patterns are not considered problems:
`
# A
## B
### C
`
sql`SELECT 1`
`SELECT 2`
const code = sql`
SELECT
${'foo'}
FROM
${'bar'}
`
const code = sql`
SELECT
${'foo'}
FROM
${'bar'}
`
const code = sql`
DROP TABLE foo
`
const code = sql`
DROP TABLE foo;
DROP TABLE foo;
`
no-unsafe-query
Disallows use of SQL inside of template literals without the sql
tag.
The sql
tag can be anything, e.g.
Options
The first option is an object with the following configuration.
configuration | format | default | description |
---|
allowLiteral | boolean | false | Controls whether sql tag is required for template literals containing literal queries, i.e. template literals without expressions. |
sqlTag | string | sql | Template tag name for SQL. |
The following patterns are considered problems:
`SELECT 1`
`SELECT ${'foo'}`
foo`SELECT ${'bar'}`
`SELECT ?`
foo`SELECT ${'bar'}`
The following patterns are not considered problems:
sql.unsafe`SELECT 3`
`SELECT 1`
sql`SELECT 1`
sql`SELECT ${'foo'}`
SQL`SELECT ${'bar'}`