{"library":"sqlstring","type":"library","category":null,"description":"Simple SQL escape and format utility for MySQL, commonly used as a dependency of mysqljs/mysql and mysql2. The current stable version is 2.3.3, with a stable release cadence (last updated 2020). It provides escape() and format() methods for safe SQL value interpolation, supporting custom toSqlString for raw SQL fragments. Unlike template-based libraries, it uses placeholder substitution (?), but does NOT protect against all injection vectors (e.g., NO_BACKSLASH_ESCAPES mode). Lightweight, no dependencies, and compatible with Node >= 0.6.","language":"javascript","status":"active","version":"2.3.3","tags":["javascript","sqlstring","sql","escape","sql escape"],"last_verified":"Fri Jun 05","install":[{"cmd":"npm install sqlstring","imports":["import SqlString from 'sqlstring'","import SqlString from 'sqlstring';\nSqlString.escape(value)","import SqlString from 'sqlstring';\nSqlString.format(sql, values)","import SqlString from 'sqlstring';\nconst raw = SqlString.raw('CURRENT_TIMESTAMP()');"]},{"cmd":"yarn add sqlstring","imports":[]},{"cmd":"pnpm add sqlstring","imports":[]}],"homepage":"https://github.com/mysqljs/sqlstring#readme","github":"https://github.com/mysqljs/sqlstring","docs":null,"changelog":null,"pypi":null,"npm":"sqlstring","openapi_spec":null,"status_page":null,"smithery":null,"compatibility":null}