🚀 Socket Launch Week 🚀 Day 1: Introducing .NET Support in Socket.Learn More
Socket
Sign inDemoInstall
Socket

eslint-plugin-sql-injection

Package Overview
Dependencies
Maintainers
1
Versions
2
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

eslint-plugin-sql-injection

ESLint plugin that checks for string concatenation in SQL queries

1.0.2
latest
Source
npm
Version published
Maintainers
1
Created
Source

eslint-plugin-sql-injection

ESLint plugin that checks for string concatenation in SQL queries. By default it looks for any function calls where the function name is query, or you can override that with the options. See the examples directory for valid and invalid samples for the rule.

Installation

npm install eslint-plugin-sql-injection

Rules

  • no-sql-injection - Prevent using string concatenation in SQL queries

Options

  • queryFunctionNames controls what function names to inspect

Configuration

Add a plugins section and specify sql-injection as a plugin:

{
  "plugins": [
    "sql-injection"
  ]
}

Enable the rule:

{
  "rules": {
    "sql-injection/no-sql-injection": "error"
  }
}

Or with options:

{
  "rules": {
    "sql-injection/no-sql-injection": [ "error", { "queryFunctionNames": [ "q" ] } ]
  }
}

License

eslint-plugin-sql-injection is licensed under the MIT License.

FAQs

Package last updated on 04 Dec 2018

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts