The SQL component should only be implemented using the base interfaces for database connectivity. It should take into account SQL injection and make sure that if queries are not parameterised then they should be.
It is also entirely possible that the onus is on the user to ensure that any queries are not SQL injection prone by using the inbuilt functionality of the component.
Kyameru is not responsible for managing the connection context but should at least provide all the relevant interfaces to do so.
It should at a minimum support MSSQL, PostgreSQL, MySQL.
Thoughts
So whilst this is an essential component, we need to consider security and the part Kyameru plays in it. We should consider that using an ORM will greatly reduce the security concern but we also need to consider that and ORMs power is by mapping DB queries to objects.
Create a SQL component with FROM only.
The SQL component should only be implemented using the base interfaces for database connectivity. It should take into account SQL injection and make sure that if queries are not parameterised then they should be.
It is also entirely possible that the onus is on the user to ensure that any queries are not SQL injection prone by using the inbuilt functionality of the component.
Kyameru is not responsible for managing the connection context but should at least provide all the relevant interfaces to do so.
It should at a minimum support MSSQL, PostgreSQL, MySQL.
Thoughts
So whilst this is an essential component, we need to consider security and the part Kyameru plays in it. We should consider that using an ORM will greatly reduce the security concern but we also need to consider that and ORMs power is by mapping DB queries to objects.