Skip to content

Build SQL statements safely without string concatenation

License

Notifications You must be signed in to change notification settings

exasol/sql-statement-builder

Repository files navigation

SQL Statement Builder

Build Status Maven Central – Exasol SQL Statement Builder

Quality Gate Status

Security Rating Reliability Rating Maintainability Rating Technical Debt

Code Smells Coverage Duplicated Lines (%) Lines of Code

The Exasol SQL Statement Builder abstracts programmatic creation of SQL statements and is intended to replace ubiquitous string concatenation solutions which make the code hard to read and are prone to error and security risks.

Goals:

  1. Foster clean and readable code
  2. Allow for thorough validation of dynamic parts
  3. Detect as many errors as possible at compile time
  4. Don't repeat yourself (DRY)
  5. Allow extension for different SQL dialects

In a Nutshell

The following example gives you an idea about what you can do with the SQL Statement Builder. Check our user guide for more details.

Select select = StatementFactory.getInstance().select()
    .field("fieldA", "tableA.fieldB", "tableB.*");
select.from().table("schemaA.tableA");
select.limit(10);
StringRendererConfig config = StringRendererConfig.builder().quoteIdentifiers(true).build();
SelectRenderer renderer = new SelectRenderer(config);
select.accept(renderer);
String sql = renderer.render();

Table of Contents

Information for Users

"Users" from the perspective of the sql-statement-builder are developers integrating the module into their own software.

Information for Developers