Open pq opened 4 years ago
I am a bit skeptical about this living in the linter itself.
We want library specific lints but I believe these should live in the library itself. The library owner would want some level of control over these lints.
I agree that such a lint would be best bundled with the package with which it is associated.
Unfortunately, there's more friction involved when choosing that path. Enough so that we usually end up not implementing such lints. (I'm happy to have discuss the reasons with you if you're interested.)
However, being extremely pragmatic, we could define the rule in the linter and then work with the package author move it to the package at some future point.
Ensure that SQL query strings are always constant, or use whitelisted string-interpolation methods.
Specifically guard against unsafe use of package:sqflite.
(Placeholder. Details to follow.)