Skip to content

Commit 1bb7974

Browse files
hansotthansott
committed
Add test case
1 parent 66ca4f3 commit 1bb7974

File tree

1 file changed

+7
-0
lines changed

1 file changed

+7
-0
lines changed

library/vulnerabilities/sql-injection/detectSQLInjection.test.ts

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -211,6 +211,13 @@ t.test("It does not flag key keyword as SQL injection", async () => {
211211
isNotSqlInjection(query, "UPDATE");
212212
isNotSqlInjection(query, "INSERT");
213213
isNotSqlInjection(query, "INTO");
214+
isNotSqlInjection(
215+
`
216+
SELECT * FROM users u
217+
WHERE u.status NOT IN ('active', 'pending')
218+
`,
219+
"not in"
220+
);
214221
});
215222

216223
t.test("It flags function calls as SQL injections", async () => {

0 commit comments

Comments
 (0)