Show HN: SQL-tString a t-string SQL builder in Python

SQL-tString allows for t-string based construction of sql queries without allowing for SQL injection. The basic usage is as follows, from sql_tstring import sql a = 1 query , values = sql ( t """SELECT a, b, c FROM tbl WHERE a = {a}""" , ) The query is a str and values a list[Any] , both are then typically passed to a DB connection. Note the parameters can only be identifiers that identify variables (in the above example in the locals()) e.g. {a - 1} is not valid. SQL-tString will convert parameters to SQL placeholders where appropriate. In other locations SQL-tString will allow pre defined column or table names to be used, from sql_tstring import sql , sql_context col = "a" table = "tbl" with sql_context ( columns = { "a" }, tables = { "tbl" }): query , values = sql ( t "SELECT {col} FROM {table}" , ) If the value of col or table does not match the valid values given to the sql_context function an error will be raised. Rewriting values SQL-tString will also remove parameters if ... Read full article.