Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@benjie/pg-connection-string
Advanced tools
Functions for dealing with a PostgresSQL connection string
Functions for dealing with a PostgresSQL connection string
parse
method taken from node-postgres
Copyright (c) 2010-2014 Brian Carlson (brian.m.carlson@gmail.com)
MIT License
var parse = require('pg-connection-string').parse;
var config = parse('postgres://someuser:somepassword@somehost:381/somedatabase')
The resulting config contains a subset of the following properties:
host
- Postgres server hostname or, for UNIX doamain sockets, the socket filenameport
- port on which to connectuser
- User with which to authenticate to the serverpassword
- Corresponding passworddatabase
- Database name within the serverclient_encoding
- string encoding the client will usessl
, either a boolean or an object with properties
cert
key
ca
application_name
) are preserved intact.The short summary of acceptable URLs is:
socket:<path>?<query>
- UNIX domain socketpostgres://<user>:<password>@<host>:<port>/<database>?<query>
- TCP connectionBut see below for more details.
When user and password are not given, the socket path follows socket:
, as in socket:/var/run/pgsql
.
This form can be shortened to just a path: /var/run/pgsql
.
When user and password are given, they are included in the typical URL positions, with an empty host
, as in socket://user:pass@/var/run/pgsql
.
Query parameters follow a ?
character, including the following special query parameters:
db=<database>
- sets the database name (urlencoded)encoding=<encoding>
- sets the client_encoding
propertyTCP connections to the Postgres server are indicated with pg:
or postgres:
schemes (in fact, any scheme but socket:
is accepted).
If username and password are included, they should be urlencoded.
The database name, however, should not be urlencoded.
Query parameters follow a ?
character, including the following special query parameters:
host=<host>
- sets host
property, overriding the URL's hostencoding=<encoding>
- sets the client_encoding
propertyssl=1
, ssl=true
, ssl=0
, ssl=false
- sets ssl
to true or false, accordinglysslcert=<filename>
- reads data from the given file and includes the result as ssl.cert
sslkey=<filename>
- reads data from the given file and includes the result as ssl.key
sslrootcert=<filename>
- reads data from the given file and includes the result as ssl.ca
A bare relative URL, such as salesdata
, will indicate a database name while leaving other properties empty.
FAQs
Functions for dealing with a PostgresSQL connection string
We found that @benjie/pg-connection-string demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.