GitHub

SQL Server Grammar for .whereIn / parameterization

Probably not a good default, but a useful workaround for the 2,100 parameter limit in SQL Server 2016+ from Zac Spitzer: ...
GitHub

Docs for SQL parameterization are a security risk

This is open to SQL Injection, which remains one of the biggest attack vectors across the industry. Parameterization is standardised in the DB API with the various token options here. If you want to ...