Ignore ${} and #{} inside string literals in getStatement unconverted parameter check #41
Description
📌 Problem Summary
The getStatement() function currently throws an error when ${} or #{} placeholders are not found in the params object and thus remain unconverted in the SQL string.
However, even when these placeholders appear inside string literals, where they are not meant to be interpolated, the function still raises an error.
Example:
SELECT '/data/${yyyymmdd}/log' AS path, id FROM my_table;In this case, ${yyyymmdd} is just part of a string literal and not intended for parameter substitution, but the current implementation incorrectly flags it as an unconverted parameter.
✅ Proposed Solution
We suggest modifying the unconverted parameter check logic to ignore ${} and #{} tokens that appear inside quoted string literals.
Here’s the proposed logic:
function stripQuoted(text) {
return text.replace(/(["'])(?:\\.|[^\\])*?\1/g, '');
}const bodyForCheck = stripQuoted(statement);
['#\\{\\S+?\\}', '\\$\\{\\S+?\\}'].forEach((pattern) => {
const re = new RegExp(pattern, 'g');
const leftovers = bodyForCheck.match(re);
if (leftovers && leftovers.length) {
throw new Error(`Parameter ${leftovers.join(',')} is not converted.`);
}
});This approach strips all quoted segments from the SQL string before performing the match, ensuring that only truly unconverted placeholders are detected.
🔧 Expected Benefits
Prevents false-positive errors when placeholders are used in string literals
Maintains accurate validation for genuinely unconverted parameters
Fully backward compatible with existing behavior