Use new Discord markdown support for bot messages (#2726)

* feat: use new markdown feature in new help channel message

* feat(tags): update bullet points to dashes in tags

* feat(tags): add dashes to async libraries list

* feat: update markdown in patreon command

* feat: update markdown in otname command

* feat: update markdown in filter command

* feat: update markdown in voiceverify command

* feat: update markdown in docs command

* feat: update markdown in bigbrother command

* feat: update markdown in talentpool command

Don't use f-strings (f"") or other forms of "string interpolation" (%, +, .format) to inject data into a SQL query. It is an endless source of bugs and syntax errors. Additionally, in user-facing applications, it presents a major security risk via SQL injection.

Your database library should support "query parameters". A query parameter is a placeholder that you put in the SQL query. When the query is executed, you provide data to the database library, and the library inserts the data into the query for you, safely.

For example, the sqlite3 package supports using ? as a placeholder:

query = "SELECT * FROM stocks WHERE symbol = ?;"
params = ("RHAT",)
db.execute(query, params)

Note: Different database libraries support different placeholder styles, e.g. %s and $1. Consult your library's documentation for details.

See Also - Python sqlite3 docs - How to use placeholders to bind values in SQL queries - PEP-249 - A specification of how database libraries in Python should work