search

evidence-dev / evidence

Business intelligence as code: build fast, interactive data visualizations in pure SQL and markdown
https://evidence.dev
MIT License
4.14k stars 196 forks source link

[Bug]: Dollar sign ("$") in regex causes incorrect compiled SQL in chained query #2455

Open julius383 opened 3 weeks ago

julius383 commented 3 weeks ago

Describe the bug

When you have a query containing a regular expression ending with $ then reference this query as part of another query, the $ character and closing quotation are removed resulting in incorrect SQL code.

Steps to Reproduce

Say you have the query all_companies

SELECT * FROM companies WHERE name SIMILAR TO 'evi.+e$'

When you reference this query in another one say some_companies , the compiled SQL is not correct

SELECT * from ${all_companies}

results in the compiled SQL

SELECT * FROM (
    SELECT * FROM companies WHERE name SIMILAR TO 'evi.+e
)

which fails with the error Parser Error: unterminated quoted string at or near "'^evi_.+ ...

Logs

No response

System Info

No response

Severity

serious, but I can work around it

Additional Information, or Workarounds

Rewriting the regular expression to omit $ prevents this problem

archiewood commented 1 week ago

I think this bug is caused by the interpolating of SQL where evidence expects variables of the format ${variable}

I am not sure what the ideal solution is here, but perhaps we could look for the full pattern ${...} rather than just $ when substituting inside a chained query