On 10/24/16 12:00 PM, Davis, Daniel (NIH/NLM) [C] wrote:
>
> Kingsley,
>
>
>
> I’m not sure exactly how this helps me. Let me be clearer on the
> problem. Because this application runs within a federal government
> site, I’m required to submit my source code to static analysis.
> Although
);
PreparedStatement stmt = connection.prepareStatement(query);
stmt.setString(1, "http://id.nlm.nih.gov/mesh/"+id);
So far, this general approach of using a prepared statement is not working for
me. I may struggle through it, but is there anyway for me to preserve the
convenien
On 10/21/16 5:36 PM, Davis, Daniel (NIH/NLM) [C] wrote:
>
> So, I must run my application through a source code scanner, and it is
> reasonably complaining that I am using String.format() and
> stmt.executeQuery(query) with the Virtuoso JDBC connection.
>
>
>
> Yet, this is SPARQL. I see some
So, I must run my application through a source code scanner, and it is
reasonably complaining that I am using String.format() and
stmt.executeQuery(query) with the Virtuoso JDBC connection.
Yet, this is SPARQL. I see some discussion of prepared statements on this
list in the past. What I
