Column escaping is broken when using MySQL version 8.0.21

[dovidgef]

It appears that the issue I posted in the mysql2 repo really points to an issue related to code within this library.

mysql2 Issue #1283

Would it make sense to update the escapeId method to skip quoting columns named * perhaps?
Or at least add a flag that would optionally tell escapeId to skip quoting *?

[dougwilson]

Hi @dovidgef that is interesting. Not escaping * wouldn't make sense, as it seems like that could legitimately be an actual column name, so skipping it would make there be no way to actually select a column with that name.

You can always provide raw SQL to any ? or ?? sequence in this module using SqlString.raw(). You can find more information in the README under the various sections.

[dougwilson]

Sorry, I know I said ?? above, but no, the raw SQL does not actually work with ??, only ?. This is because the ?? sequence does not perform any type coercion and instead only accepts strings. I think this can be improved to add support for raw input, which would address your use case. Sorry for that first response!

Basically, we can add the above and then the following would work as expected:

SqlString.format('SELECT ?? FROM ??', [[SqlString.raw('*')], 'testTable']) // => SELECT * FROM `testTable`

(you can always declare const SQL_WILDCARD_COL = SqlString.raw('*') to make queries more readable as well)

[dovidgef]

I went ahead and created a PR to add this feature.