sanitizeSQL()
function sanitizeSQL(strings, ...values): string
SQL string template function for TrackDiffOptions#when and CreateDiffTriggerOptions#when.
This function performs basic string interpolation for SQLite WHEN clauses.
String placeholders:
- All string values passed as placeholders are automatically wrapped in single quotes (
'). - Do not manually wrap placeholders in single quotes in your template string; the function will handle quoting and escaping for you.
- Any single quotes within the string value are escaped by doubling them (
''), as required by SQL syntax.
Other types:
nullandundefinedare converted to SQLNULL.- Objects are stringified using
JSON.stringify()and wrapped in single quotes, with any single quotes inside the stringified value escaped. - Numbers and other primitive types are inserted directly.
Usage example:
const myID = "O'Reilly";
const clause = sanitizeSQL`New.id = ${myID}`;
// Result: "New.id = 'O''Reilly'"
Avoid manually quoting placeholders:
// Incorrect:
sanitizeSQL`New.id = '${myID}'` // Produces double quotes: New.id = ''O''Reilly''
Parameters
| Parameter | Type |
|---|---|
strings | TemplateStringsArray |
...values | any[] |
Returns
string