Support bind variables

[mirek26]

Any plans to support bind variables? https://docs.snowflake.com/en/sql-reference/bind-variables

For example, you can do this in Python:

con.cursor().execute(
    "SELECT * FROM your_table WHERE id = ? AND name = ?",
    (10, 'Henry')  # Parameters
)

Which prevents SQL injection in case the parameters are user-provided. Not supporting this requires different mechanisms to prevent SQL inejction.

[kenkoooo]

We don’t have a concrete plan to support variable binding at the moment, but I completely agree that this feature should be implemented in our library. I’d be happy to review and merge pull requests for it.