Hacker News new | past | comments | ask | show | jobs | submit login

It can be used for escaping values for example

var query = sql`select * from user where id=${id}`

Similar for html, preventing injection. You just need to implement the corresponding functions.

For example https://github.com/felixfbecker/node-sql-template-strings

I don't see how this is better than

var query = sql(`select * from user where id=${id}`);

In this case the sql function can not escape the id. If you were to use a tagged template, it could.

In your example, you get the concatenated string. If you use the tags, you can access the parts.

Yes that's something the author does not explain well. sql is not a normal function but a special template "handler" with fixed parameters.

It's just a tiny language feature, removing the parenthesis is not the point of the template literal. FWIW, I like the way it looks for styled-components:

  const NameTag = styled.div`
    font-size: 12pt;
    margin: 3px;

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact