Inline SQL

Also available in Open VSX Registry

Highlight and lint inline SQL strings. Supported languages are Python, Go, JavaScript, TypeScript, Ruby, Java, C#, Rust, PHP, Lua.

Syntax highlighting works for strings starting with --sql or any of the SELECT, INSERT, INTO, DELETE, UPDATE, CREATE TABLE.

Also works with ES6 Template Strings:

const query = sql`
    select * from book;
`;

Linting and diagnostics powered entirely by awesome joereynolds/sql-lint and works for multiline strings that start with either `--sql (backtick followed by --sql), "--sql or """--sql.

Contributors

jwhitaker-swiftnav

Connor Bren

Ferenc Tamás

Gunnar Sv Sigurbjörnsson

Jon Wolfe

Titouan CREACH

Safety

The proper way to sanitize data for insertion into your database is to use placeholders for all variables to be inserted into your SQL strings. In other words, NEVER do this (Python example):

query = f"INSERT INTO foo (bar, baz) VALUES ( {variable1}, {variable2} )";

Instead, use $ placeholders (or ? in some databases):

query = "INSERT INTO foo (bar, baz) VALUES ( $1, $2  )";

And then pass the variables to be replaced when you execute the query. For example with pgx (Go example):

err = conn.QueryRow(
    context.Background(),
    "select name, weight from widgets where id=$1",
    42,
).Scan(&name, &weight)

Integration with real database

Integration with real database is available and controlled through VSCode options:

{
    "inlineSQL.enableDBIntegration": true,
    "inlineSQL.dbDriver": "postgres",
    "inlineSQL.dbHost": "localhost",
    "inlineSQL.dbPort": 5432,
    "inlineSQL.dbUser": "postgres",
    "inlineSQL.dbPassword": "postgres"
}

Examples

Python

JavaScript/TypeScript

Go

Python	JavaScript/TypeScript

Ruby	Java

Limitations

Semantic highlighting

Highlighting does not work with semantic token highlighting enabled (feature provided by some LSP servers).

Currently gopls semantic token highlighting (option gopls.ui.semanticTokens - off by default) overrides extension's syntax.

gopls

{
    "gopls.ui.semanticTokens": false
}

rust-analyzer

{
    "rust-analyzer.highlighting.strings": false
}

C#

{
    "csharp.semanticHighlighting.enabled": false
}

Motivation

This small extension is meant to help those who don't use ORM and don't like SQL builders like squirrel, but still want inline sql in their code to be something more than magic strings, helping to avoid small bugs and typos almost instantly.

Related

• joereynolds/sql-lint - Used for linting.
• joe-re/sql-language-server - SQL Language Server, consider it if you use separate files for sql.
• cmoog/vscode-sql-notebook - Open SQL files as VSCode Notebooks.
• pushqrdx/vscode-inline-html - ES6 Template Strings inline HTML.