I'm using waterline v0.11 (yes,very old) and postgresql 11, i heard that the parameterized query protect against sql injection in sails but i can not find any official document about this.
I've searched for a while and there is not much information about this topic, i've found so far: How to secure a Sails.JS API application against SQL and parameter injections? https://node-postgres.com/features/queries
So: 1/Is there any sails.js official document about this information? The second link is node-postgres library but i think waterline doesn't use it under the hood. 2/Does sql injection methods get updated everyday? Let say sail parameterized query does help protect against sql injection but my sails version is too old and there are more new sql injection methods out there nowaday, is my sails still reliable? 3/Is there any popular, easy to integrate library to help me sanitize the query input?
