Hi, Soni

Interesting idea.  Sure does appear to be low-hanging fruit.

But I'm not sure anybody who matters is still listening here.  Either
a merge request or posting on the relevant Discourse channel is more
likely to attract interest.

Steve

Soni L. writes:
 > We would like to propose the following improvements to DB-API 2.0 that 
 > would require bumping it up to DB-API 3.0:
 > 
 > - Get rid of SQL strings
 > - Get rid of SQL strings
 > - Use package resources to store what would otherwise be SQL strings
 > 
 > While we cannot prevent someone from going out of their way to define 
 > package resources at runtime just so they can implement SQL injection, 
 > ultimately the goal is to provide a small speed bump so they don't feel 
 > so inclined to jump straight into SQL injection before trying to do 
 > easier, more secure things.
 > _______________________________________________
 > Python-ideas mailing list -- python-ideas@python.org
 > To unsubscribe send an email to python-ideas-le...@python.org
 > https://mail.python.org/mailman3/lists/python-ideas.python.org/
 > Message archived at 
 > https://mail.python.org/archives/list/python-ideas@python.org/message/STPNELT3ZP337ELTDTL7QR43N7BZOWXV/
 > Code of Conduct: http://python.org/psf/codeofconduct/
_______________________________________________
Python-ideas mailing list -- python-ideas@python.org
To unsubscribe send an email to python-ideas-le...@python.org
https://mail.python.org/mailman3/lists/python-ideas.python.org/
Message archived at 
https://mail.python.org/archives/list/python-ideas@python.org/message/5RQ6TO2OBTYFDDUHISEDBRAGVUV2IIT6/
Code of Conduct: http://python.org/psf/codeofconduct/

Reply via email to