Skip to content

Skip query sanitization for prepared statements under stable semconv flag #15855

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
trask wants to merge 11 commits into
base: main
Choose a base branch
from
Open

Skip query sanitization for prepared statements under stable semconv flag #15855

trask wants to merge 11 commits into from
+182 −69

Conversation

@trask
Copy link
Member

@trask trask commented Jan 12, 2026
edited
Loading

@github-actions github-actions bot added the test native This label can be applied to PRs to trigger them to run native tests label Jan 12, 2026
@trask trask changed the title Prepared statement no sanitization Skip query sanitization for prepared statements Jan 12, 2026
@trask trask changed the title Skip query sanitization for prepared statements Skip query sanitization for prepared statements under stable semconv flag Jan 12, 2026
@trask trask force-pushed the prepared-statement-no-sanitization branch 2 times, most recently from 5c413eb to 52c940f Compare January 12, 2026 23:14
@trask trask mentioned this pull request Jan 13, 2026
Open
28 tasks
@trask trask force-pushed the prepared-statement-no-sanitization branch from d5b4e5d to de6b197 Compare January 13, 2026 01:00
trask added 3 commits January 12, 2026 17:02
@trask
Skip query sanitization for JDBC prepareStatement calls
e14a2c7 
PreparedStatement queries use placeholders and are already parameterized,
so they don't need sanitization. This change adds an isPreparedStatement
flag to DbRequest and SqlClientAttributesGetter to skip sanitization for
prepared statements while still sanitizing regular Statement queries.
@trask
Cassandra, R2DBC, Vertx SQL
3660c90
@trask
Slick test
02947ae
@trask trask force-pushed the prepared-statement-no-sanitization branch from de6b197 to 02947ae Compare January 13, 2026 01:03
@trask trask force-pushed the prepared-statement-no-sanitization branch from e173f44 to 09a4532 Compare January 13, 2026 02:12
@trask trask force-pushed the prepared-statement-no-sanitization branch from 09a4532 to aca641d Compare January 13, 2026 02:26
@trask trask marked this pull request as ready for review January 13, 2026 04:44
@trask trask requested a review from a team as a code owner January 13, 2026 04:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

test native This label can be applied to PRs to trigger them to run native tests

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@trask