Write better (safer) functions to prevent SQLi
It is generally considered bad practice to write SQL statements as such without preparing them first (See: this)
https://github.com/nexB/scancode-analyzer/blob/813732ace5f0cb9647fe1c8ff504a4d30a1c67ac/etc/load_scan_into_dataframe/postgres.py#L59
Maybe, the Queries can be written using placeholders so that the database can fill in the data values properly and safely.
Write better (safer) functions to prevent SQLi
It is generally considered bad practice to write SQL statements as such without preparing them first (See: this)
https://github.com/nexB/scancode-analyzer/blob/813732ace5f0cb9647fe1c8ff504a4d30a1c67ac/etc/load_scan_into_dataframe/postgres.py#L59
Maybe, the Queries can be written using placeholders so that the database can fill in the data values properly and safely.