Avoid BigQuery SQL Injection in Go With saferbq

BigQuery's Go SDK lacks built-in protection against SQL injection when dynamically building queries with user-provided table or dataset names. While the SDK supports parameterized queries for data values, it forces developers to use unsafe string concatenation for identifiers. The saferbq package solves this by introducing $identifier syntax that validates identifier characters against BigQuery's naming rules before safely wrapping them in backticks.