Danny Milosavljevic eb01f46987 database: Use 'sqlite-bind' to avoid SQL injection. ... * src/cuirass/database.scm (%sqlite-exec): Remove. (sqlite-exec): Turn back into a procedure. Use 'sqlite-bind'. Add 'normalize' procedure and use it. (db-add-specification, db-add-derivation, db-get-derivation) (db-add-evaluation, db-add-build, db-update-build-status!) (db-get-build, db-get-stamp, db-add-stamp): Use question marks in SQL queries. * src/cuirass/base.scm (build-packages)[register]: Make #:log non-false. * tests/database.scm (make-dummy-job): Add #:job-name, #:system, #:nix-name, and #:eval-id. This is necessary because 'sqlite-bind' would now translate #f to a real NULL (before it would translate to the string "#f"...), and would thus report violations of the non-NULL constraint. Co-authored-by: Ludovic Courtès <ludo@gnu.org>		2018-02-08 14:18:27 +01:00
..
cuirass	database: Use 'sqlite-bind' to avoid SQL injection.	2018-02-08 14:18:27 +01:00
web/server	http: Log incoming connections and requests.	2018-01-26 11:23:07 +01:00
cuirass.scm	cuirass: Stop λ/lambda mixing.	2017-07-06 10:03:16 +02:00
schema.sql	cuirass: Store new information in database to prepare new HTTP API	2017-09-08 21:00:57 +02:00