Fixing SQL in queries

[mike12345567]

Description

Fixing issue #4978 - fixing an issue with using the keyword 'in' as part of an SQL query.

The fix for this has to make some changes to the SQL query itself, switching to a where id in ($1, $2, $3) syntax, this utilises some of the work that was put in place around string concatenation to find instances that need swapped. Currently this will look for the keyword in (any casing) before a binding, if found it will switch it to use this syntax. This is also dependent on the inserted value being a string of comma separated values that were to be used as in parameters, however this should always be true as that is the format that would have been used if the bindings were directly interpolated into the SQL query itself.

I've tested this with multiple in queries as well, as well as using in for a single string value (no comma separation). If there are no commas it will just generate a syntax like in ($1) where the string value is the only one used.

I've also added a SQL_MAX_ROWS env variable, so that self hosters can set the max number of rows returned by SQL queries (greater than 5000) if they desire to export large SQL tables.

[codecov-commenter]

Codecov Report

Merging #4991 (114c9cf) into master (a555659) will decrease coverage by 0.32%.
The diff coverage is 25.00%.

@@            Coverage Diff             @@
##           master    #4991      +/-   ##
==========================================
- Coverage   69.09%   68.77%   -0.33%     
==========================================
  Files         145      146       +1     
  Lines        5019     5054      +35     
  Branches      769      773       +4     
==========================================
+ Hits         3468     3476       +8     
- Misses       1096     1120      +24     
- Partials      455      458       +3     

Impacted Files	Coverage Δ
packages/server/src/threads/query.js	63.88% <0.00%> (-6.35%)	⬇️
...ackages/server/src/api/controllers/row/external.js	16.36% <22.22%> (+0.67%)	⬆️
...ackages/server/src/api/controllers/row/internal.js	77.61% <25.00%> (-1.70%)	⬇️
packages/server/src/middleware/publicApi.js	70.00% <70.00%> (ø)
packages/server/src/automations/utils.js	72.72% <0.00%> (-0.96%)	⬇️
packages/server/src/threads/automation.js	82.19% <0.00%> (+0.37%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a9154e1...114c9cf. Read the comment docs.

[shogunpurple]

LGTM - great job getting this sorted so quickly.