graph.query wont escape params

[avifatal]

Hi,
From my experience, query bindings capabilities escape the data before it is being saved to the database. for security reasons and data integrity reasons...

await graph.query("CREATE (n:Person { name: $name })", {name: 'test"abc'});

This will throw an error:

ReplyError: errMsg: Invalid input 'a': expected ';', a statement option, a query hint, a clause or a schema command line: 1, column: 1, offset: 0 errCtx: abc"  CREATE (n:Person { name: $name }) errCtxOffset: 0
    at parseError (/usr/src/app/node_modules/redis-parser/lib/parser.js:179:12)

I think it must be escaped by the framework...

Thanks

[DvirDukhan]

@avifatal
please verify so I can close this issue

[avifatal]

@DvirDukhan Thanks for the fast reply. I was a little bit off. will have a soon. thanks

[avifatal]

Verified

[avifatal]

@DvirDukhan Hi,
When are you going to release it here https://www.npmjs.com/package/redisgraph.js ?
Thanks

[DvirDukhan]

@avifatal
this week

[DvirDukhan]

@avifatal published

[avifatal]

Toda!

[DvirDukhan]

Bevakasha
I think you should wait for 2.2.1
#56
I missed an edge case