Escaping when output format is set as SQL

[ckho]

Currently, when the data is output as SQL, the SQL statement is not escaped properly, like the quotation mark ' and comment -- in the string.

Example:

INSERT INTO DUMMY_DATA_10000 (email,name,animal,address_state,username,occupation,noun,city,phone,industry,adjectives) VALUES ('dhilipsiva@example.xn--node','Waylon Padilla','platypus','Delaware','mrmartineau','cosmetologist','servitude','Chesterfield','+6929226895233','Mining & Metals','evergreen');

INSERT INTO DUMMY_DATA_10000 (email,name,animal,address_state,username,occupation,noun,city,phone,industry,adjectives) VALUES ('samihah@example.gl','Rolland Medina','wildcat','North Dakota','jesseddy','administrative assistant','ma'am','Alameda','+2256640101810','Environmental Services','walk-on');

[lucapette]

ah! Thank you for reporting this! I'm not sure how to approach this because:

• I have some notes about "fakedata 2.0" (not public yet) and I'm inclined to remove the sql formatter (as far as I understand not many people use it)
• it's somewhat a can of worms as there's no "official" interface for quoting in the stdlib (relevant conversation here)

Having said that, it may be reasonable to cover the two cases you just mentioned. I can take care of it myself or happy to provide some direction if you'd like to contribute?