You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Here, a custom template literal formatter "prql" is defined and then used.
Such template literal formatters are often seen in ORMs to handle automatically escaping variables, e.g.
letusername="this_will_be_escaped"sql`select * from users where username = ${username}`
the misguided use in the example was presumably picked up from such usecases and then implemented incorrectly.
A template literal formatter will get the raw strings as an array via the first argument, then the variables to insert as spread arguments, e.g.
constsql=(strings, ...variables)=>// escape variables and insert them between elements of strings array
The example implementation simply returns the first string element. This means that if, for example
prql`hello ${variable} world`
is called, only hello will be passed to prqljs.compile.
A template literal function has no purpose here in the first place, as template literals can just be passed to functions directly (where they will first get joined into a string):
compile(`noneof thatnonsense`)
this is not the same as the prql example above; here, the compile function will simply always be called with one string (the result of the template literal).
TLDR the template literal formatter function in the example is not only broken, but also useless and should be avoided due to the convention of template literal formatter functions preprocessing what is passed to them
PRQL input
-
SQL output
-
Expected SQL output
No response
MVCE confirmation
Minimal example
New issue
Anything else?
the error catching (example) of parsing json out of the error message is also pretty horrendous
The text was updated successfully, but these errors were encountered:
What happened?
In the prql-js bindings readme, one can find the following usage example:
Here, a custom template literal formatter "prql" is defined and then used.
Such template literal formatters are often seen in ORMs to handle automatically escaping variables, e.g.
the misguided use in the example was presumably picked up from such usecases and then implemented incorrectly.
A template literal formatter will get the raw strings as an array via the first argument, then the variables to insert as spread arguments, e.g.
The example implementation simply returns the first string element. This means that if, for example
is called, only
hello
will be passed toprqljs.compile
.A template literal function has no purpose here in the first place, as template literals can just be passed to functions directly (where they will first get joined into a string):
this is not the same as the
prql
example above; here, the compile function will simply always be called with one string (the result of the template literal).TLDR the template literal formatter function in the example is not only broken, but also useless and should be avoided due to the convention of template literal formatter functions preprocessing what is passed to them
PRQL input
-
SQL output
-
Expected SQL output
No response
MVCE confirmation
Anything else?
the error catching (example) of parsing json out of the error message is also pretty horrendous
The text was updated successfully, but these errors were encountered: