escape-sql-string

A minimal SQL string escaping library to prevent SQL injection attacks. Current stable version is 1.2.2, with infrequent releases and no breaking changes expected. It provides a single function to escape single quotes and optionally backslashes, supporting both standard SQL (backslash not supported) and engines that do support backslash escapes. Ships TypeScript types. Key differentiator: simplicity and zero dependencies.