3 Replies
I think you should be using the sql`` operator:
https://orm.drizzle.team/docs/sql
Magical sql operator 🪄 - DrizzleORM
Drizzle ORM | %s
Thank you, yes I'll try it, but I still wonder whether or not simply using the operator like this leaves the code vulnerable
The sql operator protects from sql inyections