Add support for query parameters

A common attack vector for sql databases is ["injection"](https://xkcd.com/327/) where a string argument is directly injected into an sql query without sanitization. Several dbapis have controls for this, but in its current state this plugin takes advantage of none of them.

Example of a query with parameters:
```py
quant = conn.query('SELECT quantity FROM inventory WHERE name = $1', input.item_name)
```

This issue is resolved when a parameters map or tuple can be passed to `Channel.fromQuery`

Example of what that might look like:
```groovy
ch = channel.fromQuery('SELECT quantity FROM inventory WHERE name = $1', parameters: [val_item_name])
ch2 = Channel.fromQuery('SELECT quantity FROM inventory WHERE name = $nam'", parameters: [name: val_item_name])
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Add support for query parameters #22

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Add support for query parameters #22

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions