One way to handle this particular case would be to do it as a variant of f-string that doesn't join its arguments, but passes the list to some other function. Just replace the final step BUILD_STRING step with BUILD_LIST, then call the function. There'd need to be some way to recognize which sections were in the literal and which came from interpolations (one option is to simply include empty strings where necessary such that it always starts with a literal and then alternates), but otherwise, the "sql" manager could do all the escaping it wants. However, this wouldn't be enough to truly parameterize a query; it would only do escaping into the string itself. Another option would be to have a single variant of f-string that, instead of creating a string, creates a "string with formatted values". That would then be a single object that can be passed around as normal, and if conn.execute() received such a string, it could do the proper parameterization.
See PEP 501: https://www.python.org/dev/peps/pep-0501/ Eric _______________________________________________ Python-ideas mailing list -- python-ideas@python.org To unsubscribe send an email to python-ideas-le...@python.org https://mail.python.org/mailman3/lists/python-ideas.python.org/ Message archived at https://mail.python.org/archives/list/python-ideas@python.org/message/JMYEWFPO7XVLAX5VD7TBPNQW53SM3ZPN/ Code of Conduct: http://python.org/psf/codeofconduct/
