PublicArchive/sqlalchemy
2
0
Fork 0
mirror of https://github.com/sqlalchemy/sqlalchemy.git synced 2026-05-11 19:29:52 -04:00
Code Issues Packages Projects Releases Wiki Activity

Mention that extract.field is used as sql string

Browse Source 
Change-Id: Ieb32e298e8a1df3a31bf3a6e26b1aca381ef7a4f
This commit is contained in:
Federico Caselli
2024-09-10 18:42:58 +02:00
parent 2363b2f37c
commit e79517d571
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/sqlalchemy/sql/_elements_constructors.py
+3
View File
@@ -1159,6 +1159,9 @@ def extract(field: str, expr: _ColumnExpressionArgument[Any]) -> Extract:
:param field: The field to extract.
.. warning:: This field is used as a literal SQL string.
**DO NOT PASS UNTRUSTED INPUT TO THIS STRING**.
:param expr: A column or Python scalar expression serving as the
right side of the ``EXTRACT`` expression.