hussein-awala opened a new issue, #34252: URL: https://github.com/apache/airflow/issues/34252
### Body Some of our queries are string based, and they are passed directly to sqlalchemy `session.execute()`. To avoid SQL injection, we can profit from sqlalchemy by rewriting the queries [bind parameters syntax](https://docs.sqlalchemy.org/en/14/core/sqlelement.html#sqlalchemy.sql.expression.text) or the select API. - [ ] Airflow Core - migration - [ ] Airflow Core - utils - [ ] Airflow Providers - Amazon - [ ] Airflow Providers - Apache.Cassandra - [ ] Airflow Providers - Apache.Hive - [ ] Airflow Providers - common.sql - [ ] Airflow Providers - Databricks - [ ] Airflow Providers - Google - [ ] Airflow Providers - MySQL - [ ] Airflow Providers - Oracle - [ ] Airflow Providers - Postgres - [ ] Airflow Providers - SalesForce ### Committer - [X] I acknowledge that I am a maintainer/committer of the Apache Airflow project. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
