From 32cf95a837cfd1e5b13eab8c55edbeaee32dc408 Mon Sep 17 00:00:00 2001
From: davidemazzocchi <davide.mazzocchi@gmail.com>
Date: Fri, 27 Feb 2026 16:37:39 +0100
Subject: [PATCH] chore: add a TODO reminder for possible SQL injection!

---
 01.workspace/heave/src/fun/sqlite_build_statement.rs | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/01.workspace/heave/src/fun/sqlite_build_statement.rs b/01.workspace/heave/src/fun/sqlite_build_statement.rs
index 6f6fb9b..6d0be76 100644
--- a/01.workspace/heave/src/fun/sqlite_build_statement.rs
+++ b/01.workspace/heave/src/fun/sqlite_build_statement.rs
@@ -1,5 +1,7 @@
 use crate::*;
 
+// TODO: possible sql injection for attribute_id!!!
+
 const BASE_SELECT: &str = r#"SELECT * FROM entity"#;
 const INNER_JOIN_FRAGMENT: &str = r#"
     INNER JOIN attribute as attribute_{index}