Skip to content
/ atdatabases Public
forked from ForbesLindesay/atdatabases

TypeScript clients for databases that prevent SQL Injection

www.atdatabases.org/

License

MIT license
0 stars 46 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

addnab/atdatabases

BranchesTags
 
 

Repository files navigation

Safe From HTML Injection

Using tagged template literals for queries, e.g.

db.query(sql`SELECT * FROM users WHERE id=${userID}`);

makes it virtually impossible for SQL Injection attacks to slip in un-noticed. All the @databases libraries enforce the use of the sql tagged template literals, so you can't accidentally miss them.

The query is then passed to your database engine as a separate string and values:

{text: 'SELECT * FROM users WHERE id=?', values: [userID]}

Promises

All the @databases APIs are designed with promises in mind from the get go.

TypeScript

Written in TypeScript, so every module has type safety and type definitions built in.

Modular

Each database driver is published to npm as a separate module, so you don't need to install the ones you don't need.

Check out the website to learn more: https://www.atdatabases.org/

About

TypeScript clients for databases that prevent SQL Injection

www.atdatabases.org/

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

24 tags

Packages

No packages published

Languages

  • TypeScript 89.3%
  • JavaScript 10.5%
  • CSS 0.2%