[jira] [Comment Edited] (GROOVY-5436) add Sql.inList for collection expansion in SQL IN clauses

Sat, 18 Apr 2026 16:32:32 -0700 


    [ 
https://issues.apache.org/jira/browse/GROOVY-5436?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18074602#comment-18074602
 ] 

Paul King edited comment on GROOVY-5436 at 4/18/26 11:30 PM:
-------------------------------------------------------------

There is a pull request (referenced in an earlier comment) with a potential 
improvement. I think the breaking behavior thoughts make auto detecting very 
difficult. This just basically makes the workaround cleaner:

{code:groovy}
def picks = ['Dierk', 'Guillaume']
def authors = sql.rows "SELECT lastname FROM Author WHERE firstname IN 
(${Sql.inList(picks)})"
assert authors*.lastname.sort() == ['Koenig', 'Laforge']
{code}

Giving you the SQL injection protected approach with fail early for an empty 
list. I'd be keen on any thoughts.


was (Author: paulk):
There is a pull request (referenced in an earlier comment) with a potential 
improvement. I think the breaking behavior thoughts make auto detecting very 
difficult. This just basically makes the workaround cleaner:

{code:groovy}
def picks = ['Dierk', 'Guillaume']
def authors = sql.rows "SELECT lastname FROM Author WHERE firstname IN 
(${Sql.inList(picks)})"
assert authors*.lastname.sort() == ['Koenig', 'Laforge']
{code}

Giving you the SQL injection protected approach with fail early for an empty 
list.

> add Sql.inList for collection expansion in SQL IN clauses
> ---------------------------------------------------------
>
>                 Key: GROOVY-5436
>                 URL: https://issues.apache.org/jira/browse/GROOVY-5436
>             Project: Groovy
>          Issue Type: Improvement
>          Components: SQL processing
>    Affects Versions: 1.8.6
>            Reporter: Gerhard Stuhlpfarrer
>            Priority: Major
>
> Groovy SQL (groovy.sql.Sql) provides methods to bind an Array of parameters 
> to sql (e.g. rows, eachRow, execute, executeUpdate, ...).
> But you have a problem if you need to pass parameter lists to your sql 
> statement which has a IN clause.
> There exists a workaround for this problem, but this is not very groovy.
> see discussions here:
> http://groovy.329449.n5.nabble.com/In-operator-in-Groovy-SQL-td4768856.html
> http://stackoverflow.com/questions/2861230/what-is-the-best-approach-using-jdbc-for-parameterizing-an-in-clause



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to