html_url,issue_url,id,node_id,user,user_label,created_at,updated_at,author_association,body,reactions,issue,issue_label,performed_via_github_app
https://github.com/simonw/datasette/issues/39#issuecomment-339406634,https://api.github.com/repos/simonw/datasette/issues/39,339406634,MDEyOklzc3VlQ29tbWVudDMzOTQwNjYzNA==,9599,simonw,2017-10-25T17:27:10Z,2017-10-25T17:27:10Z,OWNER,It certainly looks like some of the stuff in https://sqlite.org/pragma.html could be used to screw around with things. Example: `PRAGMA case_sensitive_like = 1` - would that affect future queries?,"{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",268469569,Protect against malicious SQL that causes damage even though our DB is immutable,
https://github.com/simonw/datasette/issues/39#issuecomment-339413825,https://api.github.com/repos/simonw/datasette/issues/39,339413825,MDEyOklzc3VlQ29tbWVudDMzOTQxMzgyNQ==,9599,simonw,2017-10-25T17:48:48Z,2017-10-25T17:48:48Z,OWNER,Could I use https://sqlparse.readthedocs.io/en/latest/ to parse incoming statements and ensure they are pure SELECTs? Would that prevent people from using a compound SELECT statement to trigger an evil PRAGMA of some sort?,"{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",268469569,Protect against malicious SQL that causes damage even though our DB is immutable,