How to make sql.placeholder() type safe

I have the following prepared statement:

export const listDeployments = db
  .select()
  .from(deployments)
  .where(eq(deployments.organizationId, sql.placeholder("orgId")))
  .prepare("listDeployments");

export const listDeployments = db
  .select()
  .from(deployments)
  .where(eq(deployments.organizationId, sql.placeholder("orgId")))
  .prepare("listDeployments");

However, when I use this like below: const response = await listDeployments.execute({ orgId: input }); The orgId is not type safe, I can enter whatever string I want, and there is no way to protect this call from receiving something other than orgId Is there a way to make it such that the caller must pass in orgId? Thank you!

2 Replies

Angelelz•14mo ago

I'm looking at the source code and it looks like the execute method is not generic over the placeholder value. Can you take a look at the issues and see if there isn't somethig for this and submit an issue if that's the case?

NicolasOP•14mo ago

Looks like this is the issue for this? https://github.com/drizzle-team/drizzle-orm/issues/519

GitHub

Add user-defined generic to .prepare() with placeholders shape · ...

Nice to have - allows to type the .execute() calls with proper placeholder values.

Gaming

Programming

How to make sql.placeholder() type safe