The DB-API doesn't support sets directly, so you wind up having to manually expand them:
>>> curs.execute("select count(*) from sometable where somecol in ?", >>> ({4126,11638},)) Traceback (most recent call last): File "<stdin>", line 1, in <module> sqlite3.OperationalError: near "?": syntax error >>> curs.execute("select count(*) from sometable where somecol in (?)", >>> ({4126,11638},)) Traceback (most recent call last): File "<stdin>", line 1, in <module> sqlite3.InterfaceError: Error binding parameter 0 - probably unsupported type. >>> curs.execute("select count(*) from sometable where somecol in (11638, >>> 4126)") <sqlite3.Cursor object at 0x7f8ef5f6c570> In the example above, I'm able to skip input validation because the element values in the set are ints, but programmers being the lazy sort that they are, when such values are strings there's probably also the tendency to skip argument escaping. A quick check on bugs.python.org as well as Google yielded no obvious earlier discussion. Is it simply that underlying database drivers are unable to support this or was DB-API 2.0 frozen (no pun intended) before sets were available or in wide use in Python? Set support and the SQL "in" operator would seem to be handy, both as a convenience and as a barrier to SQL injection errors. Skip _______________________________________________ Python-ideas mailing list Python-ideas@python.org https://mail.python.org/mailman/listinfo/python-ideas Code of Conduct: http://python.org/psf/codeofconduct/