Morioh
Login
Karlee Will

Karlee Will

2 years ago

.NET Developers are perhaps familiar with libraries like Roslyn and CodeDOM, which allow in-depth analysis of code (amongst many other things). Java developers use tools like SpotBugs for code analysis. As a SQL developer, perhaps you might have wondered if there are any equivalent functionality for Azure SQL and SQL Server code? Well, wonder no more!

Over the years, I have leveraged the very useful TransactSql ScriptDom .NET library, to programmatically parse Transact-SQL (T-SQL) statements, expressions, and scripts. This library accurately produces an Abstract Syntax Tree (AST) representation of the T-SQL code. Once you have such an AST, you can “walk” the tree to analyze it for various code patterns. As an example, you can use it to detect in a robust way if you have any DML statement other than SELECT – which may be useful to detect some forms of SQL injection. You can even change the AST if needed and produce a modified T-SQL script with the re-written tree. The possibilities are endless!

#azure sql #devops #modernsql #t-sql #sql #dotnet

Programmatically parsing Transact SQL (T-SQL) with the ScriptDom parser

devblogs.microsoft.com

Programmatically parsing Transact SQL (T-SQL) with the ScriptDom parser

Programmatically parsing Transact SQL (T-SQL) with the ScriptDom parser. Over the years, I have leveraged the very useful TransactSql ScriptDom .NET library, to programmatically parse Transact-SQL (T-SQL) statements, expressions, and scripts.

1.60 GEEK