Hello,
we have some issue with the rule S2857 in our project. We are using the ORM Dapper for our database which is using plain sql. Here is an example code:
return transaction.QueryFirstOrDefaultAsync<Entity>(
$"SELECT * FROM Entities WHERE {nameof(Entity.EntityId)} = @{nameof(entityId)}",
new { entityId},
transaction,
commandTimeout);
SELECT * FROM Entities WHERE EntityId = @entityId
The sonarcloud shows now an error like ‘Bug: Add a space before ‘entityId’.’
That goes away if you put a whitespace between the @ and the {nameof(entityId)} which is not correct, because its not valid sql anymore.
return transaction.QueryFirstOrDefaultAsync<Entity>(
$"SELECT * FROM Entities WHERE {nameof(Entity.EntityId)} = @[whitespace]{nameof(entityId)}",
new { entityId},
transaction,
commandTimeout);
SELECT * FROM Entities WHERE EntityId = @[whitespace]entityId
How can we fix that?
Thank you