mirror of
https://github.com/nushell/nushell.git
synced 2024-12-24 16:09:11 +01:00
d1a8992590
# Description This PR adds a `--params` param to `query db`. This closes #11643. You can't combine both named and positional parameters, I think this might be a limitation with rusqlite itself. I tried using named parameters with indices like `{ ':named': 123, '1': "positional" }` but that always failed with a rusqlite error. On the flip side, the other way around works: for something like `VALUES (:named, ?)`, you can treat both as positional: `-p [hello 123]`. This PR introduces some very gnarly code repetition in `prepared_statement_to_nu_list`. I tried, I swear; the compiler wasn't having any of it, it kept telling me to box my closures and then it said that the reference lifetimes were incompatible in the match arms. I gave up and put the mapping code in the match itself, but I'm still not happy. Another thing I'm unhappy about: I don't like how you have to put the `:colon` in named parameters. I think nushell should insert it if it's [missing](https://www.sqlite.org/lang_expr.html#parameters). But this is the way [rusqlite works](https://docs.rs/rusqlite/latest/rusqlite/trait.Params.html#example-named), so for now, I'll let it be consistent. Just know that it's not really a blocker, and it isn't a compatibility change to later make `{ colon: 123 }` work, without the quotes and `:`. This would require allocating and turning our pretty little `&str` into a `String`, though # User-Facing Changes Less incentive to leave yourself open to SQL injection with statements like `query db $"INSERT INTO x VALUES \($unsafe_user_input)"`. Additionally, the `$""` syntax being annoying with parentheses plays in our favor, making users even more likely to use ? with `--params`. # Tests + Formatting Hehe |
||
---|---|---|
.. | ||
into_sqlite.rs | ||
mod.rs | ||
query_db.rs |