turbaszek commented on a change in pull request #9246:
URL: https://github.com/apache/airflow/pull/9246#discussion_r487686322
##########
File path: airflow/providers/amazon/aws/transfers/s3_to_redshift.py
##########
@@ -112,6 +119,17 @@ def execute(self, context):
copy_options=copy_options,
)
+ if self.truncate_table:
+ truncate_statement = f'TRUNCATE TABLE {self.schema}.{self.table};'
Review comment:
> How about: https://www.psycopg.org/docs/sql.html ? This way it will be
first validated and then executed.
I think this sounds good, any escape checking will help.
> @turbaszek How do you prevent that in case of BigQuery for example?
In case of BQ everywhere where query is executed, it has to be provided by
users. As far as I know (and I screened the code now) we do not construct
queries anywhere.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
