Merging hazard for adjacent placeholders in format

[mikesamuel]

This might be a corner case that's not worth addressing.

require('sqlstring').format('SELECT FROM ????', ['a', 'b']) === 'SELECT FROM `a``b`'

That 2 escaped arguments merge into a single token seems like a violation of an unspoken invariant, but probably only in code that has larger problems.

---

One liner to replicate:

$ npm install --no-save sqlstring && node -e 'console.log(require("sqlstring").format("SELECT FROM ????", ["a", "b"]))'
npm WARN enoent ENOENT: no such file or directory, open '/private/tmp/package.json'
npm WARN tmp No description
npm WARN tmp No repository field.
npm WARN tmp No README data
npm WARN tmp No license field.

+ sqlstring@2.3.0
removed 1 package and updated 1 package in 0.898s
SELECT `a``b`

[dougwilson]

Ah, yea, I doubt anyone would run into this in the real world, because as soon as they put more than two ?? the SQL they put together wouldn't work as they expected and would fix it up. This is an easy fix I'm pushing now 👍