backport #1782 to 3.x

[mitsos1os]

Backport #1782 to 3.x branch

Checklist

👉 Read and sign the CLA (Contributor License Agreement) 👈

• npm test passes on your machine
• New tests added or existing tests modified to cover all changes
• Code conforms with the style guide
• Commit messages are following our guidelines

[dhmlau]

Changes are the same as 4.x. Let's wait for CI to run.

[dhmlau]

@slnode test please

[emonddr]

@slnode test please

[dhmlau]

@strongloop/loopback-maintainers , could you please review this PR?

• downstream failure seems to be random. It was loopback-connector-mysql this time but it was loopback-connector-dashdb in the previous run
• not sure why CI against Node.js 6 was being run because of https://github.com/strongloop/loopback-datasource-juggler/blob/3.x/package.json#L18-L20.

[dhmlau]

@raymondfeng @jannyHou, do you think it's ok to force merge this PR? See my above comment.

[dhmlau]

Confirmed with @jannyHou, it's ok to force merge.

[dhmlau]

[email protected] has been released.

[FedericoMassaioli]

Hi, unfortunately this back-port broke like, nlike, ilike and nilike operators for SQL DBs (PostgreSQL in my case) as the usual query strings using %, like those in LB 3.x documentation are deemed invalid and 'sanitized', causing empty results in some queries.

[dhmlau]

@FedericoMassaioli, sorry to hear that. Could you please open a new issue to discuss? Thanks.

[dhmlau]

@mitsos1os, I wonder how it can slip through CI (looking at the tests in CI, they seemed to be passing as well). Could you please take a look? Thanks.

[FedericoMassaioli]

@dhmlau I opened #1869 per your request.
The very presence of () parentheses or other characters deemed invalid by the escaping function cause a modification of the string and the query to fail.
Maybe sanitization should be connector specific.

[mitsos1os]

@dhmlau I am not sure how it slipped through... Yes I will take a look and let you know under issue #1869

[FedericoMassaioli]

@dhmlau the case of an SQL like query containing characters that trigger escapeRegEx() is not covered in the tests in b925e8c.

It also looks like LB3.x unit tests only exercise memory, mock, and test connectors, no SQL connector. The SQLite 3 connector configured to use memory could be good enough to these purposes.