mssql-value-serializer

Crates.iomssql-value-serializer
lib.rsmssql-value-serializer
version0.1.3
created_at2025-11-04 13:24:18.979587+00
updated_at2025-11-23 03:40:35.335157+00
descriptionConvert Rust values into SQL Server-compatible literal expressions, enabling dynamic SQL generation without parameter count limitations.
homepagehttps://magiclen.org/mssql-value-serializer
repositoryhttps://github.com/magiclen/mssql-value-serializer
max_upload_size
id1916253
size82,339
Magic Len (Ron Li) (magiclen)

documentation

README

mssql-value-serializer

CI

Convert Rust values into SQL Server-compatible literal expressions, enabling dynamic SQL generation without parameter count limitations.

Prepared statements are commonly used to improve performance and security. By separating the SQL command from the data values, the database can cache execution plans and protect against SQL injection. Each variable passed to the query becomes a parameter, allowing safe reuse of the same statement with different values. However, because SQL Server enforces a strict 2100-parameter limit, queries that bind large collections of parameters—such as long IN lists or bulk inserts—can easily exceed this cap and trigger the too many parameters error.

Usage

use mssql_value_serializer::{SqlServerLiteralWrapper, SqlServerLiteralDynWrapper, SqlServerLiteralForValueListWrapper};

let sql = format!("
    SELECT
        *
    FROM
        [table]
    WHERE
        [name] = {name}
", name = SqlServerLiteralWrapper::new("David"));

assert_eq!("
    SELECT
        *
    FROM
        [table]
    WHERE
        [name] = N'David'
", sql);

let sql = format!("
    SELECT
        *
    FROM
        [table]
    WHERE
        [name] = {name}
", name = SqlServerCharWrapper::new("David")); // use `SqlServerCharWrapper` to format a value into a non-Unicode character string

assert_eq!("
    SELECT
        *
    FROM
        [table]
    WHERE
        [name] = 'David'
", sql);

let sql = format!("
    INSERT INTO [table]([id], [name], [disabled])
        VALUES
            ({values})
", values = SqlServerLiteralForValueListWrapper::new(vec![SqlServerLiteralDynWrapper::from(2u32), SqlServerLiteralDynWrapper::from("David"), SqlServerLiteralDynWrapper::from(false)]));

assert_eq!("
    INSERT INTO [table]([id], [name], [disabled])
        VALUES
            (2, N'David', 0)
", sql);

Optional Features

  • serde: Implements serde::Serialize for wrapper types, enabling SQL Server literal serialization behavior.
  • chrono or time: Adds support for SQL Server date and time types.
    • chrono and stable-local: If your local timezone does not observe daylight saving time (DST), enable this feature to use a fixed offset for DateTime<Local>, improving formatting performance.
  • rust_decimal or bigdecimal: Adds support for SQL Server decimal/numeric types.
  • num-bigint: Adds support for SQL Server decimal/numeric types (only integers).
  • uuid: Adds support for SQL Server UNIQUEIDENTIFIER type.

Crates.io

https://crates.io/crates/mssql-value-serializer

Documentation

https://docs.rs/mssql-value-serializer

License

MIT

Commit count: 0

cargo fmt