Backup_Repos/beets
1
0
Fork 0
mirror of https://github.com/beetbox/beets.git synced 2025-12-08 01:23:09 +01:00
Code Issues Projects Releases Wiki Activity

Add a note about SQL injection

Browse source
This commit is contained in:
Šarūnas Nejus 2025-08-07 16:46:14 +01:00
parent 3bc653b989
commit a0ae664ae0
No known key found for this signature in database
GPG key ID: DD28F6704DBE3435
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
CONTRIBUTING.rst
View file

@ -242,12 +242,12 @@ There are a few coding conventions we use in beets:
To fetch Item objects from the database, use lib.items(…) and supply a query To fetch Item objects from the database, use lib.items(…) and supply a query
as an argument. Resist the urge to write raw SQL for your query. If you must as an argument. Resist the urge to write raw SQL for your query. If you must
use lower-level queries into the database, do this: use lower-level queries into the database, do this, for example:
.. code-block:: python .. code-block:: python
with lib.transaction() as tx: with lib.transaction() as tx:
rows = tx.query("SELECT …") rows = tx.query("SELECT path FROM items WHERE album_id = ?", (album_id,))
Transaction objects help control concurrent access to the database and assist Transaction objects help control concurrent access to the database and assist
in debugging conflicting accesses. in debugging conflicting accesses.