A partial answer is banning reflect in a callstack, but that's
heavy-handed. I could traverse up to a "safesql.ReflectOk on the stack
On Wednesday, February 7, 2018 at 2:54:13 PM UTC-8, Andy Jackson wrote:
>
> I realize that private functions of another package are not reachable by
> reflection,
I realize that private functions of another package are not reachable by
reflection, but I'm looking for a way to ensure a public
interface-or-struct's function can be fully back-traced statically.
An interface function like
Query(sql string, args ...interface{}) Result
is an SQL injecti
