sql.glue when used with huge arrays performs slow. If the array crosses certain limit then we get stack overflow error.

Steps to reproduce: Copy below code in runkit (or run it locally with faker and @nearform/sql dependency)

const sql = require("@nearform/sql")
const faker = require("faker")

const ids = []
for (let i = 0; i < 100000; i++) ids.push(sql`${faker.random.uuid()}`)

const query = sql`SELECT * FROM tbl WHERE id in (`
query.append(sql.glue(ids, ', '))

I observed that below code runs much faster instead of glue

sql.append(SQL`${ids.map(id => `'${id}'`).join(',')}`, { unsafe: true })

I think I've found a bug in how glue handles a list of only parameters (like in a WHERE x IN (...) clause.

Doing something like

const sql = SQL`
  SELECT
    *
  FROM
    test
  WHERE
    test.id IN (
`
const sqlIds = listOfIds.map(id => SQL`${id}`)
sql.append(sql.glue(sqlIds, ' , '))
sql.append(SQL`
  )
`)

will not produce a list of ids in the IN clause because of the filter here.

In this scenario the sqlIds array of SqlStatement will be something like the following

[ 
  SqlStatement {
    strings: [ '', '' ],
    values: [ 'bde1bf79-ac0d-4dfc-aae2-a74cf18da945' ] 
  },
  SqlStatement {
    strings: [ '', '' ],
    values: [ 'a562808a-f4f8-4598-aee4-7af560759b18' ] 
  },
  ...
]

and the filter (linked above) will consider all those statement as empty.

As titled, this would be very useful also for mysql!

Pending commits since release v1.10.2

Based on the following commits, a patch release is recommended.

Unreleased commits have been found which are pending release, please publish the changes.

• 8e45b33 switch the org for github-action-notify-release (#151)
• b9f1537 switch the org and fix permissions for github-action-notify-release (#150)
• eb58153 ci: update check-linked-issues job permissions (#149)
• e4ef69c switch the org for optic-release-automation-action (#147)
• b88b1aa switch the org for github-action-check-linked-issues (#146)
• 635d6f5 build(deps-dev): bump tsd from 0.27.0 to 0.28.0 (#143)
• 366856b build(deps-dev): bump tsd from 0.26.1 to 0.27.0 (#141)

If you close the issue as Not Planned

• The notification will be snoozed for 7 days, starting when the issue is closed. After this period has passed, a new notification issue will be created the next time this action is run.

Issue generated by github-actions-notify-release.

It would be useful to be able to use a dynamic schema name as follows:

const sql = SQL`SELECT * FROM ${schema}.users WHERE user_id = ${userId}`

At the moment, this will fail (e.g. when used with node-postgres), as schema is turned in to a parameter in a prepared statement, and, from what I understand, postgres does not support variable schema names in prepared statements.

A workaround is to do this:

const sql = SQL`SELECT * FROM `
sql.append(SQL`${schema}.users `, { unsafe: true })
sql.append(SQL`WHERE user_id = ${userId}`)

Switching in and out of unsafe mode is not ideal.

If it can be achieved without risk of introducing SQL injection vulnerabilities, it would be good if this library could handle it and convert:

const schema = 'schema_name'
const userId = 1
const sql = SQL`SELECT * FROM ${schema}.users  WHERE user_id = ${userId}`

in to:

{
  text: 'SELECT * FROM "schema_name".users WHERE user_id = ${1}',
  values: [1]
}

(note that schema_name can be wrapped with double quotes in the text, which may help to ensure no SQL injection vulnerabilities)

Alternatively, perhaps there is another way to achieve this, in which case it would be good to document it.

Pending commits since release v1.10.2

Based on the following commits, a patch release is recommended.

Unreleased commits have been found which are pending release, please publish the changes.

• f94e55e ci: update notify-release action permissions (#154)
• 8e45b33 switch the org for github-action-notify-release (#151)
• b9f1537 switch the org and fix permissions for github-action-notify-release (#150)
• eb58153 ci: update check-linked-issues job permissions (#149)
• e4ef69c switch the org for optic-release-automation-action (#147)
• b88b1aa switch the org for github-action-check-linked-issues (#146)
• 635d6f5 build(deps-dev): bump tsd from 0.27.0 to 0.28.0 (#143)
• 366856b build(deps-dev): bump tsd from 0.26.1 to 0.27.0 (#141)

If you close the issue as Not Planned

• The notification will be snoozed for 7 days, starting when the issue is closed. After this period has passed, a new notification issue will be created the next time this action is run.

Issue generated by github-actions-notify-release.

Pending commits since release v1.10.0

Based on the following commits, a minor release is recommended.

Unreleased commits have been found which are pending release, please publish the changes.

• e7c9ddc feat: update notify-release config (#130)
• 5392cbc build(deps-dev): bump tsd from 0.24.1 to 0.25.0 (#129)
• 63a96fe fix: removing stale days deprecated (#128)
• ade0dc0 build(deps): bump nearform/optic-release-automation-action from 3 to 4 (#127)
• 7c48bdf chore: release trigger added to notify-release workflow (#123)

If you close the issue as Not Planned

• The notification will be snoozed for 7 days, starting when the issue is closed. After this period has passed, a new notification issue will be created the next time this action is run.

Issue generated by github-actions-notify-release.

Pending commits since release v1.10.1

Based on the following commits, a patch release is recommended.

Unreleased commits have been found which are pending release, please publish the changes.

• bd737d2 build(deps-dev): bump @fastify/postgres from 4.0.1 to 5.2.0 (#135)
• 77c7da8 Fix/131 update to python3 (#134)

If you close the issue as Not Planned

• The notification will be snoozed for 7 days, starting when the issue is closed. After this period has passed, a new notification issue will be created the next time this action is run.

Issue generated by github-actions-notify-release.

Starting from the following example, I would like to simplify the query2 code like the query is.

The query output leads to an "[object object]" string replacement, I think it would be good to support an "auto-glue" option to avoid the SQL.glue statement for these simple tasks.

const SQL = require('@nearform/sql')

const ids = [1, 2, 3]

const query = SQL`SELECT * FROM table WHERE id IN (${ids})`
console.log(query.sql)
console.log(query.values)
// SELECT * FROM table WHERE id IN (?)
// [ [ 1, 2, 3 ] ]

const query2 = SQL`SELECT * FROM table WHERE id IN (${SQL.glue(
  ids.map((id) => SQL`${id}`),
  ','
)})`
console.log(query2.sql)
console.log(query2.values)
// SELECT * FROM table WHERE id IN (?,?,?)
// [ 1, 2, 3 ]

Pending commits since release v1.10.0

Unreleased commits have been found which are pending release, please publish the changes.

• 5392cbc build(deps-dev): bump tsd from 0.24.1 to 0.25.0 (#129)
• 63a96fe fix: removing stale days deprecated (#128)
• ade0dc0 build(deps): bump nearform/optic-release-automation-action from 3 to 4 (#127)
• 7c48bdf chore: release trigger added to notify-release workflow (#123)

If you close the issue as Not Planned

• The notification will be snoozed for 7 days, starting when the issue is closed. After this period has passed, a new notification issue will be created the next time this action is run.

Issue generated by github-actions-notify-release.

const SQL = require("@nearform/sql");

const query1 = SQL`
            SELECT
              uuid,
              schedule_time
            FROM
              job
            WHERE 
              schedule_time 
                BETWEEN 
              current_date + integer '29'
                AND 
              current_date + integer '30'`;
      const response = await fastify.pg.query(query1);

The above query works, whereas the below one didn't work.

const n = 29;
const query2 = SQL`
            SELECT
              uuid,
              schedule_time
            FROM
              job
            WHERE 
              schedule_time 
                BETWEEN 
              current_date + integer ${n}
                AND 
              current_date + integer ${n+1}`;
      const response = await fastify.pg.query(query2);

Seems to be some issue with NearForm sql. I have to make it work with normal string.

inspire from our internal template

See https://github.com/nearform/sql/actions/runs/4065508490/jobs/7000302342

Pending commits since release v1.10.2

Based on the following commits, a patch release is recommended.

Unreleased commits have been found which are pending release, please publish the changes.

• f94e55e ci: update notify-release action permissions (#154)
• 8e45b33 switch the org for github-action-notify-release (#151)
• b9f1537 switch the org and fix permissions for github-action-notify-release (#150)
• eb58153 ci: update check-linked-issues job permissions (#149)
• e4ef69c switch the org for optic-release-automation-action (#147)
• b88b1aa switch the org for github-action-check-linked-issues (#146)
• 635d6f5 build(deps-dev): bump tsd from 0.27.0 to 0.28.0 (#143)
• 366856b build(deps-dev): bump tsd from 0.26.1 to 0.27.0 (#141)

If you close the issue as Not Planned

• The notification will be snoozed for 7 days, starting when the issue is closed. After this period has passed, a new notification issue will be created the next time this action is run.

Issue generated by github-actions-notify-release.

Pending commits since release v1.9.2

Unreleased commits have been found which are pending release, please publish the changes.

• edaf06f Update github-action-merge-dependabot back to master
• 3020742 Update github-action-merge-dependabot to pre release (#118)
• 397c0a8 build(deps-dev): bump tsd from 0.23.0 to 0.24.0 (#117)
• 30cc56a chore: removed optional github token (#116)
• d6c909e build(deps-dev): bump tsd from 0.22.0 to 0.23.0 (#115)
• f1b16a5 build(deps-dev): bump tsd from 0.21.0 to 0.22.0 (#114)
• ff2bde1 build(deps): bump nearform/optic-release-automation-action from 2 to 3 (#113)
• 19bb542 build(deps-dev): bump fastify from 3.29.0 to 4.0.1 (#111)
• 464905e build(deps-dev): bump tsd from 0.20.0 to 0.21.0 (#112)
• 8856098 build(deps-dev): bump standard from 16.0.4 to 17.0.0 (#109)
• 0699b27 build(deps-dev): bump tsd from 0.19.1 to 0.20.0 (#107)
• 55af6a1 feat: insert utility (#97)

Issue generated by github-actions-notify-release.

Pending commits since release v1.8.0

Unreleased commits have been found which are pending release, please publish the changes.

• a1cabb0 Bump actions/setup-node from 2.3.1 to 2.4.0 (#74)
• 98bc3b5 Bump fastify/github-action-merge-dependabot from 2.2.0 to 2.4.0 (#75)
• 7bb04a8 add link for vscode syntax higlighting extension (#76)
• 4e5566d Bump actions/setup-node from 2.2.0 to 2.3.1 (#72)
• 057f1e6 chore: add Node 16 to CI
• 1699a56 Bump fastify/github-action-merge-dependabot from 2.1.1 to 2.2.0 (#70)
• a642c14 Bump actions/setup-node from 2.1.5 to 2.2.0 (#69)
• 0e5c508 Bump nearform/github-action-notify-release from 1.2.6 to 1.2.7 (#68)
• 43e6374 Bump tsd from 0.16.0 to 0.17.0 (#67)
• ea7ecbf Bump nearform/github-action-notify-release from 1.2.5 to 1.2.6 (#66)
• ffc6a72 Bump tsd from 0.14.0 to 0.16.0 (#63)
• ce71ec6 Bump nearform/github-action-notify-release from 1.2.3 to 1.2.5 (#65)
• 0d113a0 Bump fastify/github-action-merge-dependabot from 2.1.0 to 2.1.1 (#64)
• 8c5a1ab Bump nearform/github-action-notify-release from 1.2.2 to 1.2.3 (#62)
• 28ae6bf Bump fastify/github-action-merge-dependabot from 2.0.0 to 2.1.0 (#61)
• fd2420d Bump nearform/github-action-notify-release from 1.2.1 to 1.2.2 (#60)
• d0bb78c chore: allow manual run of notify action

Issue generated by github-actions-notify-release.

It would be really useful a utility to generate an INSERT INTO statement.

It would be a PLUS adding an option to manage snake_case automagically

const insertData = {
  first_name: input.firstName,
  .... I have a use case within 122 fields 😄 
}

const query = SQL.insert('users', insertData)

const query2 = SQL.insert('users', input, { toSnakeCase: true } )



// a custom implementation:
function buildInsertSql(table, obj) {
  const builder = Object.entries(obj).reduce(
    (acc, [column, value]) => {
      if (value !== undefined) {
        acc.columns.push(column)
        acc.values.push(SQL`${value}`)
      }
      return acc
    },
    { columns: [], values: [] }
  )

  return SQL`INSERT INTO ${SQL.quoteIdent(table)}
            (${SQL.unsafe(builder.columns.join(', '))})
     VALUES (${SQL.glue(builder.values, ', ')})`
}

Pending commits since release v1.10.2

Based on the following commits, a patch release is recommended.

Unreleased commits have been found which are pending release, please publish the changes.

• f94e55e ci: update notify-release action permissions (#154)
• 8e45b33 switch the org for github-action-notify-release (#151)
• b9f1537 switch the org and fix permissions for github-action-notify-release (#150)
• eb58153 ci: update check-linked-issues job permissions (#149)
• e4ef69c switch the org for optic-release-automation-action (#147)
• b88b1aa switch the org for github-action-check-linked-issues (#146)
• 635d6f5 build(deps-dev): bump tsd from 0.27.0 to 0.28.0 (#143)
• 366856b build(deps-dev): bump tsd from 0.26.1 to 0.27.0 (#141)

If you close the issue as Not Planned

• The notification will be snoozed for 7 days, starting when the issue is closed. After this period has passed, a new notification issue will be created the next time this action is run.

Issue generated by github-actions-notify-release.

Pending commits since release v1.10.5

Based on the following commits, a patch release is recommended.

Unreleased commits have been found which are pending release, please publish the changes.

• e9dd3b6 build(deps): bump actions/checkout from 3 to 4 (#170)
• 2001b3b build(deps-dev): bump tsd from 0.28.1 to 0.29.0 (#169)

If you close the issue as Not Planned

• The notification will be snoozed for 7 days, starting when the issue is closed. After this period has passed, a new notification issue will be created the next time this action is run.

Issue generated by github-actions-notify-release.

Pending commits since release v1.10.2

Based on the following commits, a patch release is recommended.

Unreleased commits have been found which are pending release, please publish the changes.

• 366856b build(deps-dev): bump tsd from 0.26.1 to 0.27.0 (#141)

If you close the issue as Not Planned

• The notification will be snoozed for 7 days, starting when the issue is closed. After this period has passed, a new notification issue will be created the next time this action is run.

Issue generated by github-actions-notify-release.

Pending commits since release v1.10.0

Unreleased commits have been found which are pending release, please publish the changes.

• 7c48bdf chore: release trigger added to notify-release workflow (#123)

Issue generated by github-actions-notify-release.

As titled.

Pending commits since release v1.9.2

Unreleased commits have been found which are pending release, please publish the changes.

• 55af6a1 feat: insert utility (#97)

Issue generated by github-actions-notify-release.

Love the product, very useful. One issue I have run into: some queries can't be used with quoted string literals, for example:

const tCode = L5Kfad
let sessionQuery = SQL`ALTER TABLE sessions ADD COLUMN prod_${tCode} VARCHAR

Produces the query:

ALTER TABLE sessions ADD COLUMN prod_'L5Kfad' VARCHAR

But this particular query will not work with the column name in quotes. Is there an easy way to remove quotes from the inserted variable?

Direct concat works fine:

let sessionQuery = "ALTER TABLE sessions ADD COLUMN prod_" + tCode + " VARCHAR";

I hope I haven't missed something. Thanks

After/together with #33, add v14 (and maybe v15 too) to CI.

Given this example, it generates an invalid SQL query:

const SQL = require('@nearform/sql')

const ids = [1, 2, 3]
const name = 'foo'
const inIds = SQL.glue(
  ids.map((id) => SQL`${id}`),
  ' , '
)

const condition = SQL`tsd.id IN (${inIds})`

const filters = [
  condition,
  SQL`tsd.name = ${name}`, //
]

const query = SQL`
    SELECT tsd.*
      FROM data tsd
    WHERE ${SQL.glue(filters, ' AND ')}
  `

console.log(query.sql)
console.log(query.values)

The output is the following. Note the )?tsd.name section:

SELECT tsd.*
FROM data tsd
WHERE tsd.id IN (? , ? , ?)?tsd.name = ?
[ 1, 2, 3, 'foo' ]

The workaround I found is switching the filters's items produces the right SQL statement:

SELECT tsd.*
FROM data tsd
WHERE tsd.name = ? AND tsd.id IN (? , ? , ?)
[ 'foo', 1, 2, 3 ]

When multiple glue commands are executed, the SQL output is not a valid SQL statement

In this case, I have:

• input array data to be glued togheter
• a parent values array that glue every data item
• the final SQL statement

const SQL = require('@nearform/sql')

const data = ['a', 'b'].map((letter) => SQL`${letter}`)

const values = [
  SQL`(${SQL.glue(data, ', ')})`, //
  SQL`(${SQL.glue(data, ', ')})`, //
]

const insertMultiple = SQL`INSERT INTO "foo" (foo, baz) VALUES ${SQL.glue(values, ' , ')}`
console.log(insertMultiple.debug)
// INSERT INTO "foo" (foo, baz) VALUES ('a', 'b')'a', 'b'(undefined)

There's an issue with the security tests that isn't being caught by CI test runs.

See: https://circleci.com/gh/nearform/sql/337

stderr: /root/workspace/sqlmap/server.js:4
server.connection({
       ^

TypeError: server.connection is not a function

Also, PRs are not being tested by Circle CI.

This is a courtesy issue report - I'm fixing these problems at this moment.

As titled

Unfortunately errors produced by the assert library are not compatible with jest as the error instanceof Error would not work there.

Depends on #35 (rebase once that's merged)

Pending commits since release v1.10.2

Based on the following commits, a patch release is recommended.

Unreleased commits have been found which are pending release, please publish the changes.

• 635d6f5 build(deps-dev): bump tsd from 0.27.0 to 0.28.0 (#143)
• 366856b build(deps-dev): bump tsd from 0.26.1 to 0.27.0 (#141)

If you close the issue as Not Planned

• The notification will be snoozed for 7 days, starting when the issue is closed. After this period has passed, a new notification issue will be created the next time this action is run.

Issue generated by github-actions-notify-release.

Pending commits since release v1.10.1

Based on the following commits, a patch release is recommended.

Unreleased commits have been found which are pending release, please publish the changes.

• a473768 build(deps-dev): bump tsd from 0.25.0 to 0.26.0 (#138)
• bd737d2 build(deps-dev): bump @fastify/postgres from 4.0.1 to 5.2.0 (#135)
• 77c7da8 Fix/131 update to python3 (#134)

If you close the issue as Not Planned

• The notification will be snoozed for 7 days, starting when the issue is closed. After this period has passed, a new notification issue will be created the next time this action is run.

Issue generated by github-actions-notify-release.

Can you link it to https://www.npmjs.com/package/pg?

Pending commits since release v1.10.4

Based on the following commits, a patch release is recommended.

Unreleased commits have been found which are pending release, please publish the changes.

• 9e54b38 fix: add `map` to the ts definitions file (#166)
• 4d07023 chore: update dependabot config (#165)

If you close the issue as Not Planned

• The notification will be snoozed for 7 days, starting when the issue is closed. After this period has passed, a new notification issue will be created the next time this action is run.

Issue generated by github-actions-notify-release.

It would be great to have SQL syntax highlighting in VSCode, perhaps an existing extension already does this and could be added to the readme? Or else produce a VSCode extension specifically for this library?

This works

SQL`SELECT * FROM ${SQL.quoteIdent('tbl')}`

This doesn't

SQL.glue([
  SQL`SELECT * FROM ${SQL.quoteIdent('tbl')}`
], '\n')

Pending commits since release v1.10.1

Based on the following commits, a patch release is recommended.

Unreleased commits have been found which are pending release, please publish the changes.

• bd737d2 build(deps-dev): bump @fastify/postgres from 4.0.1 to 5.2.0 (#135)
• 77c7da8 Fix/131 update to python3 (#134)

If you close the issue as Not Planned

• The notification will be snoozed for 7 days, starting when the issue is closed. After this period has passed, a new notification issue will be created the next time this action is run.

Issue generated by github-actions-notify-release.

Pending commits since release v1.10.2

Based on the following commits, a patch release is recommended.

Unreleased commits have been found which are pending release, please publish the changes.

• e4ef69c switch the org for optic-release-automation-action (#147)
• b88b1aa switch the org for github-action-check-linked-issues (#146)
• 635d6f5 build(deps-dev): bump tsd from 0.27.0 to 0.28.0 (#143)
• 366856b build(deps-dev): bump tsd from 0.26.1 to 0.27.0 (#141)

If you close the issue as Not Planned

• The notification will be snoozed for 7 days, starting when the issue is closed. After this period has passed, a new notification issue will be created the next time this action is run.

Issue generated by github-actions-notify-release.

Would you be interested in adding Oracle support to this? The bind variables needs to begin with : so

SQL`INSERT INTO users (username, email, password) VALUES (${username},${email},${password}` will be

SQL`INSERT INTO users (username, email, password) VALUES (:username, :email, :password)`

we will need a third field in addition to sql.text and sql.sql though so I suggest using name of the database as the tag such as

pg`INSERT INTO users (username, email, password) VALUES (${username},${email},${password}`

What are your thoughts?

https://github.com/nearform/sql/blob/master/SQL.d.ts is missing SQL.map()

Integration with beta NPM Provenance integration when publishing new versions to NPM registry.

Pending commits since release v1.9.0

Unreleased commits have been found which are pending release, please publish the changes.

• 30bf963 Bump tap from 15.2.3 to 16.0.0 (#99)
• e2b4011 Bump actions/checkout from 2 to 3 (#95)
• cad9eae Bump actions/setup-node from 2 to 3 (#92)
• 991be9f chore: use major version of notify release action
• e292395 Bump nearform/github-action-notify-release from 1.2.7 to 1.2.8 (#91)
• fb77fc0 Bump fastify/github-action-merge-dependabot from 2.7.1 to 3.0.2 (#90)
• 8e9d00c Bump fastify/github-action-merge-dependabot from 2.7.0 to 2.7.1 (#89)
• dbf70cc Bump actions/checkout from 2.3.5 to 2.4.0 (#84)
• 6f8b6e0 Bump fastify/github-action-merge-dependabot from 2.6.0 to 2.7.0 (#87)
• cb82217 Bump actions/setup-node from 2.4.1 to 2.5.0 (#88)
• 3aa3de2 Bump tsd from 0.18.0 to 0.19.0 (#86)
• 1ff03ae Bump fastify/github-action-merge-dependabot from 2.5.0 to 2.6.0 (#85)
• e71f4b3 Bump actions/checkout from 2.3.4 to 2.3.5 (#83)
• 733d5e0 Bump tsd from 0.17.0 to 0.18.0 (#82)
• e9058aa Bump actions/setup-node from 2.4.0 to 2.4.1 (#80)
• 1ffd97e Bump fastify/github-action-merge-dependabot from 2.4.0 to 2.5.0 (#79)

Issue generated by github-actions-notify-release.

While using this package in a TypeScript project, we often have to declare the module in a definition file so that it is seen as any and offers no typings benefits.

declare module '@nearform/sql'

Also, when using this package as part of any other project in an editor that makes use of the TypeScript type inspection (for example, VSCode), the developer is not presented with any useful code hints.

I'd like to offer hand-written TypeScript definitions for this project so that we can help users of the package in TS-enabled environments to get started more quickly and benefit from code hints and type checking.

Through linting it is possible to prevent cases in which the SQL tag is forgotten to be added in front of template strings: https://github.com/gajus/eslint-plugin-sql#eslint-plugin-sql-rules-no-unsafe-query

Recommending in documentation to use a linter to prevent this would be useful.

The quoteIdent function is currently unsafe as it only wraps a literal value with double quotes. It should be made safe my mimicking the behavior of the native PG quote_ident function.

https://doxygen.postgresql.org/ruleutils_8c.html#a30a0e11b313ae9c277420959cd655ac2

Here's a simple example:

const SQL = require('@nearform/sql')

const ids = [1]
const idValues = ids.map(id => SQL`(${id})`)
const query = SQL`INSERT INTO users (id) VALUES`
query.append(query.glue(idValues, ', '))
console.log(query)
console.log(query.text)

Outputs:

SQL << INSERT INTO users (id) VALUES(1, )undefined >>
INSERT INTO users (id) VALUES($1, )$2

UX I think it would be nice to have glue (or join or something) on the module itself so the above could be:

const ids = [1]
const idValues = ids.map(id => SQL`(${id})`)
const query = SQL`INSERT INTO users (id) VALUES ${SQL.glue(idValues, ', ')}`
console.log(query)
console.log(query.text)

Looking at the glue code it seems it doesn't use any information from the instance anyway :)

In #17 there was a request to use SQL.glue statically from within a template literal as follows:

const query = SQL`INSERT INTO users (id) VALUES ${SQL.glue(idValues, ', ')}`

A PR (#20) was raised that references this request, but the readme does not explicitly show this being used within a template literal.

I am trying to use it as follows:

const idValues = ids.map(id => SQL`${id}`)
const sql = SQL`
  UPDATE my_table
  SET active = FALSE
  WHERE id IN (${SQL.glue(idValues, ',')})
`

This results in an 'invalid input syntax' error. I think this is because sql.values is [SqlStatement], but should be the array of ids.

• Is it currently possible to use SQL.glue from within the template literal? (I haven't found a way yet)
• If so, can it be documented in the readme?
• If not, can support be added? This would be a nice to have, to help produce easier to read code and would hopefully work better with a syntax highlighting solution.

Unreleased commits have been found which are pending release, please publish the changes.

Commits since the last release

Commit: Bump nearform/github-action-notify-release from 1.1.0 to 1.2.1 (#55)
Author: dependabot[bot]

Commit: Bump actions/checkout from 2 to 2.3.4 (#56)
Author: dependabot[bot]

Commit: Bump nearform/github-action-notify-release from v1.0.1 to v1.1.0 (#53)
Author: dependabot[bot]

Commit: Use a SqlStatement within template literal (#52)
Author: Alasdair McLeay

Looks like the output of this package is not fully supported by AWS Aurora. Investigate and fix it