From f8b2b5184f4f49926613af056b971cd583cea74e Mon Sep 17 00:00:00 2001
From: Anthony Lukach <anthonylukach@gmail.com>
Date: Thu, 30 Mar 2023 13:42:20 -0600
Subject: [PATCH 1/3] Avoid fstring in queries

---
 stac_fastapi/pgstac/stac_fastapi/pgstac/db.py | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/stac_fastapi/pgstac/stac_fastapi/pgstac/db.py b/stac_fastapi/pgstac/stac_fastapi/pgstac/db.py
index bc6cc96e6..02993cc95 100644
--- a/stac_fastapi/pgstac/stac_fastapi/pgstac/db.py
+++ b/stac_fastapi/pgstac/stac_fastapi/pgstac/db.py
@@ -7,7 +7,7 @@
 import attr
 import orjson
 from asyncpg import exceptions, pool
-from buildpg import asyncpg, render
+from buildpg import asyncpg, render, V
 from fastapi import FastAPI
 
 from stac_fastapi.types.errors import (
@@ -66,18 +66,20 @@ async def dbfunc(pool: pool, func: str, arg: Union[str, Dict]):
         if isinstance(arg, str):
             async with pool.acquire() as conn:
                 q, p = render(
-                    f"""
-                        SELECT * FROM {func}(:item::text);
-                        """,
+                    """
+                    SELECT * FROM :func(:item::text);
+                    """,
+                    func=V(func),
                     item=arg,
                 )
                 return await conn.fetchval(q, *p)
         else:
             async with pool.acquire() as conn:
                 q, p = render(
-                    f"""
-                        SELECT * FROM {func}(:item::text::jsonb);
-                        """,
+                    """
+                    SELECT * FROM :func(:item::text::jsonb);
+                    """,
+                    func=V(func),
                     item=json.dumps(arg),
                 )
                 return await conn.fetchval(q, *p)

From b42df3008637418db68f739a95aa6d3545e735b9 Mon Sep 17 00:00:00 2001
From: Anthony Lukach <anthonylukach@gmail.com>
Date: Thu, 30 Mar 2023 13:11:08 -0700
Subject: [PATCH 2/3] Reorder import

---
 stac_fastapi/pgstac/stac_fastapi/pgstac/db.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/stac_fastapi/pgstac/stac_fastapi/pgstac/db.py b/stac_fastapi/pgstac/stac_fastapi/pgstac/db.py
index 02993cc95..57c39c0ba 100644
--- a/stac_fastapi/pgstac/stac_fastapi/pgstac/db.py
+++ b/stac_fastapi/pgstac/stac_fastapi/pgstac/db.py
@@ -7,7 +7,7 @@
 import attr
 import orjson
 from asyncpg import exceptions, pool
-from buildpg import asyncpg, render, V
+from buildpg import V, asyncpg, render
 from fastapi import FastAPI
 
 from stac_fastapi.types.errors import (

From 42acaec8e4853286aaf85c3357c778f64f4f73b8 Mon Sep 17 00:00:00 2001
From: Pete Gadomski <pete.gadomski@gmail.com>
Date: Thu, 30 Mar 2023 14:47:17 -0600
Subject: [PATCH 3/3] chore: update changelog

---
 CHANGES.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGES.md b/CHANGES.md
index fd190a4eb..3ac5b2520 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -6,6 +6,10 @@
 
 * Default branch to **main** ([#544](https://github.com/stac-utils/stac-fastapi/pull/544))
 
+### Fixed
+
+* Use `V()` instead of f-strings for pgstac queries ([#554](https://github.com/stac-utils/stac-fastapi/pull/554))
+
 ## [2.4.4] - 2023-03-09
 
 ### Added