From 919bc2e9973bf57b2e2fe09ed0456fb0d07bdae9 Mon Sep 17 00:00:00 2001
From: Vika <vika@fireburn.ru>
Date: Mon, 25 Mar 2024 03:33:08 +0300
Subject: Prototype sanitizer for SQL

This might allow me to use SQL syntax in Kittybox's private search
interfaces, allowing for queries of incredible specificity while not
allowing to query private data or inject arbitrary SQL.
---
 Cargo.lock | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'Cargo.lock')

diff --git a/Cargo.lock b/Cargo.lock
index ef2030b..b0cf21b 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1646,6 +1646,7 @@ dependencies = [
  "serde_urlencoded",
  "serde_variant",
  "sha2",
+ "sqlparser",
  "sqlx",
  "tempfile",
  "thiserror",
@@ -3341,6 +3342,17 @@ dependencies = [
  "unicode_categories",
 ]
 
+[[package]]
+name = "sqlparser"
+version = "0.44.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "aaf9c7ff146298ffda83a200f8d5084f08dcee1edfc135fcc1d646a45d50ffd6"
+dependencies = [
+ "log",
+ "serde",
+ "serde_json",
+]
+
 [[package]]
 name = "sqlx"
 version = "0.7.0"
-- 
cgit 1.4.1