I realize that private functions of another package are not reachable by
reflection, but I'm looking for a way to ensure a public
interface-or-struct's function can be fully back-traced statically.
An interface function like
Query(sql string, args ...interface{}) Result
is an SQL injection risk if it can be called via reflection. This includes
the sqlx library simply being part of a program.
My goal: to enhance SafeSQL to fully backtrace and know certainly that
there are no SQL injection risks.
Alternative: I can add a comment to the functions I write:
// Reflection Calls Disallowed
But compiler assurance of this would be nice.
--
You received this message because you are subscribed to the Google Groups
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
