Hi, Soni Interesting idea. Sure does appear to be low-hanging fruit.
But I'm not sure anybody who matters is still listening here. Either a merge request or posting on the relevant Discourse channel is more likely to attract interest. Steve Soni L. writes: > We would like to propose the following improvements to DB-API 2.0 that > would require bumping it up to DB-API 3.0: > > - Get rid of SQL strings > - Get rid of SQL strings > - Use package resources to store what would otherwise be SQL strings > > While we cannot prevent someone from going out of their way to define > package resources at runtime just so they can implement SQL injection, > ultimately the goal is to provide a small speed bump so they don't feel > so inclined to jump straight into SQL injection before trying to do > easier, more secure things. > _______________________________________________ > Python-ideas mailing list -- python-ideas@python.org > To unsubscribe send an email to python-ideas-le...@python.org > https://mail.python.org/mailman3/lists/python-ideas.python.org/ > Message archived at > https://mail.python.org/archives/list/python-ideas@python.org/message/STPNELT3ZP337ELTDTL7QR43N7BZOWXV/ > Code of Conduct: http://python.org/psf/codeofconduct/ _______________________________________________ Python-ideas mailing list -- python-ideas@python.org To unsubscribe send an email to python-ideas-le...@python.org https://mail.python.org/mailman3/lists/python-ideas.python.org/ Message archived at https://mail.python.org/archives/list/python-ideas@python.org/message/5RQ6TO2OBTYFDDUHISEDBRAGVUV2IIT6/ Code of Conduct: http://python.org/psf/codeofconduct/
