I am working on a NodeJS backend server and it will communicate with a MySQL database. What is the best practice to make SQL queries from NodeJS code? I would like to avoid the hard coded SQL strings.
Other question: is it a good idea to store the connection data (db name, password, host etc) in environment variable? Is it the appropriate way regarding to safety?