A TypeScript library for writing SQL queries using template strings with automatic parameterization and nested statement support.
sql2A TypeScript library for writing SQL queries using template strings with automatic parameterization and nested statement support.
npm install sql2
First, extend the Statement class to add a query method that executes the SQL:
import { Statement, type Interpolable } from "sql2";
class QueryableStatement extends Statement {
async query() {
return client.query(this.compile(), this.values);
}
}
const sql = (strings: TemplateStringsArray, ...values: Interpolable[]) =>
new QueryableStatement(strings, values);
// Simple query without values
const result1 = await sql`select 1`.query();
console.log(result1.rows); // [{ "?column?": 1 }]
// Query with parameterized values
const result2 = await sql`select ${1} as value`.query();
console.log(result2.rows); // [{ value: 1 }]
You can embed SQL statements within other statements:
const result =
await sql`select exists (${sql`select * from table where id = ${"abc"}`}) and ${true}`.query();
console.log(result.rows);
// The nested statement is automatically flattened and parameterized
Add helper methods to your SQL function for common patterns:
import { Statement, type Interpolable } from "sql2";
class ExtendedStatement extends Statement {
async query() {
return client.query(this.compile(), this.values);
}
}
const sql = Object.assign(
(strings: TemplateStringsArray, ...values: Interpolable[]) =>
new ExtendedStatement(strings, values),
{
// Quote identifiers
ref(value: string) {
return new ExtendedStatement([`"${value.replace(/"/g, '""')}"`], []);
},
// Insert literal values (not parameterized)
literal(value: any) {
return new ExtendedStatement(["", ""], [value]);
},
// Create comma-separated values
csv(values: Interpolable[]) {
return new ExtendedStatement(
[
"",
...values.map((_, i, { length }) => (i + 1 === length ? "" : ",")),
],
values
);
},
}
);
const result =
await sql`select ${sql.ref("abc")} and ${sql.literal({ a: 1 })} and col in (${sql.csv([1, 2, 3])})`.query();
// Executes: select "abc" and $1 and col in ($2,$3,$4)
StatementThe main class for building SQL statements.
new Statement(strings: ReadonlyArray<string>, values: Interpolable[])
compile(): Returns the compiled SQL string with parameterized placeholdersparameterize(index: number): Override this method to customize parameter format (default: $1, $2, etc.)To execute queries, extend Statement and add a query() method:
import { Statement } from "sql2";
class QueryableStatement extends Statement {
async query() {
return client.query(this.compile(), this.values);
}
}
strings: Array of string parts and placeholdersvalues: Array of interpolated valuesInterpolableType for values that can be interpolated into SQL statements:
type Interpolable = Statement | number | string | boolean | null;
CC0-1.0
FAQs
A TypeScript library for writing SQL queries using template strings with automatic parameterization and nested statement support.
We found that sql2 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.
Security News
Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.
Security News
Node.js has paused its bug bounty program after funding ended, removing payouts for vulnerability reports but keeping its security process unchanged.