SafeQLIntroduction
SafeQL is an ESLint plugin that helps you write SQL (PostgreSQL) queries safely by:
- Warn you when you've misspelled a query (could be a column, table, function, etc.)
client.query(sql`SELECT idd FROM comments`);
~~~ Error: column "idd" does not exist
- Warn you about type errors (e.g., trying to compare a string to an integer)
function getById(id: number) {
client.query(sql`SELECT * FROM comments WHERE body = ${id}`);
~
Error: operator does not exist: text = integer
}
- Warn you about missing/incorrect query TS types (and suggest fixes).
client.query(sql`SELECT id FROM comments`);
~~~~~~~~~~~~ Error: Query is missing type annotation
- Warn you about incorrect query TS types (and suggest fixes).
client.query<{ id: string }>(sql`SELECT id FROM comments`);
~~~~~~~~~~~~~~ Error: Query has incorrect type annotation
Why SafeQL?
There are many well known popular SQL libraries out there, such as Prisma, Sequelize, pg, postgres. So why should I even consider SafeQL?
It's a plugin, not an SQL library
SafeQL was never meant to replace your current SQL library. Instead, It's a plugin that you can use to add extra functionality to your existing SQL library. It means that you can use SafeQL with any SQL library that you want. You can even use SafeQL with multiple SQL libraries at the same time.
Why should I write raw queries in the first place?
While using our favorite SQL library, sometimes it fails to provide the extra functionality that we need. It can be due to a missing feature, performance issue, or a complex query that is hard to write using the library's API. In these cases, the library will point you to write a raw query, and here's the point where SafeQL comes in.