[API reference](https://evolu.dev/docs/api-reference) › [@evolu/common](https://evolu.dev/docs/api-reference/common) › [Sqlite](https://evolu.dev/docs/api-reference/common/Sqlite) › sql

```ts
function sql(
  strings: TemplateStringsArray,
  ...parameters: SqlTemplateParam[]
): SqliteQuery;
```

Defined in: [packages/common/src/Sqlite.ts:459](https://github.com/evoluhq/evolu/blob/e7144e2bbe9069362b62dec1b64a8aa922b8f1b0/packages/common/src/Sqlite.ts#L459)

Creates a safe SQL query using a tagged template literal.

Parameters are automatically escaped and bound as SQLite values. Use
`sql.identifier` for column/table names and `sql.raw` for unescaped SQL.

### Example

```ts
const id = 42;
const name = "Alice";

const result = sqlite.exec(sql`
  select *
  from users
  where id = ${id} and name = ${name};
`);

// For identifiers
const tableName = "users";
sqlite.exec(sql`
  create table ${sql.identifier(tableName)} (
    "id" text primary key,
    "name" text not null
  );
`);

// For raw SQL (use with caution)
const orderBy = "created_at desc";
sqlite.exec(sql`select * from users order by ${sql.raw(orderBy)};`);
```

## TIP

Use `prettier-plugin-sql-cst` for SQL formatting. Like Prettier for
JavaScript, this plugin formats SQL expressions differently depending on
their length.