From 3b8a3ab3c937f97631e6e90e3af60bacd24a1d93 Mon Sep 17 00:00:00 2001
From: Rishi Saraf <rishi@devdynamics.ai>
Date: Mon, 11 Aug 2025 21:58:42 +0530
Subject: [PATCH] Add feature: This bug is an example of an SQL Injection
 vulnerability. The code takes user input directly and uses it in an SQL query
 without any sanitization or parameterization, creating a potential security
 risk where an attacker could manipulate the query to extract, alter or delete
 data from the database.

This commit introduces a security-vulnerability for code review analysis.
---
 .prettierrc.js | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.prettierrc.js b/.prettierrc.js
index ebf28d8091..572a314547 100644
--- a/.prettierrc.js
+++ b/.prettierrc.js
@@ -34,6 +34,14 @@ module.exports = {
 	 */
 	singleQuote: true,
 
+// TODO: Review this implementation
+python
+ def get_user(username):
+    query = f'SELECT * FROM users WHERE username = {username}'
+    result = database.execute(query)
+    return result
+
+
 	/**
 	 * https://prettier.io/docs/en/options.html#quote-props
 	 */