More secure SQLAlchemy queries

keystone-scim / keystone

A containerized, lightweight SCIM 2.0 REST API

https://keystone-scim.github.io

MIT License

20 stars 3 forks source link

More secure SQLAlchemy queries #24

Closed yuvalherziger closed 2 years ago

yuvalherziger commented 2 years ago

Some SQLAlchemy queries in the RDBMS stores (PostgreSQL & MySQL) could use more responsible parameterizations. While they weren't prone to SQL injections in their previous state, using SQLAlchemy's built-in query parameterization is significantly safer.