Right now, I'm using %I.%I for table names in dynamic queries (EXECUTE format(...)). But PostgreSQL's regclass to string casts are safe, i.e. they automatically escape spaces and other unsafe characters. Therefore format()'s %s placeholder can be used.
The advantage of this (other than its readability) is that we won't need to resolve the schema and table names ourselves every single time.
Right now, I'm using
%I.%Ifor table names in dynamic queries (EXECUTE format(...)). But PostgreSQL'sregclassto string casts are safe, i.e. they automatically escape spaces and other unsafe characters. Thereforeformat()'s%splaceholder can be used.The advantage of this (other than its readability) is that we won't need to resolve the schema and table names ourselves every single time.