New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@cli4ai/postgres

Package Overview
Dependencies
Maintainers
1
Versions
12
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@cli4ai/postgres - npm Package Compare versions

Comparing version
1.0.6
 to
1.0.7
+202
-19
cli4ai.json
{
"name": "postgres",
"version": "1.0.4",
"version": "1.0.7",
"description": "PostgreSQL read-only queries",

@@ -9,22 +9,202 @@ "author": "cliforai",

"runtime": "bun",
"keywords": ["postgres", "postgresql", "database", "sql"],
"keywords": [
"postgres",
"postgresql",
"database",
"sql"
],
"commands": {
"databases": { "description": "List databases", "args": [{ "name": "conn", "required": false }] },
"schemas": { "description": "List schemas", "args": [{ "name": "conn", "required": false }] },
"tables": { "description": "List tables", "args": [{ "name": "conn", "required": false }, { "name": "schema", "required": false }] },
"views": { "description": "List views", "args": [{ "name": "conn", "required": false }, { "name": "schema", "required": false }] },
"columns": { "description": "Column details", "args": [{ "name": "conn", "required": false }, { "name": "table", "required": true }] },
"indexes": { "description": "Show indexes", "args": [{ "name": "conn", "required": false }, { "name": "table", "required": true }] },
"constraints": { "description": "Show constraints", "args": [{ "name": "conn", "required": false }, { "name": "table", "required": true }] },
"fkeys": { "description": "Foreign keys", "args": [{ "name": "conn", "required": false }, { "name": "table", "required": true }] },
"sample": { "description": "Sample rows", "args": [{ "name": "conn", "required": false }, { "name": "table", "required": true }, { "name": "limit", "required": false }] },
"count": { "description": "Count rows", "args": [{ "name": "conn", "required": false }, { "name": "table", "required": true }] },
"query": { "description": "Run read-only SQL", "args": [{ "name": "conn", "required": false }, { "name": "sql", "required": true }] },
"stats": { "description": "Table statistics", "args": [{ "name": "conn", "required": false }, { "name": "table", "required": true }] },
"sizes": { "description": "Table sizes", "args": [{ "name": "conn", "required": false }, { "name": "schema", "required": false }] },
"search": { "description": "Search tables by name", "args": [{ "name": "conn", "required": false }, { "name": "pattern", "required": true }] },
"version": { "description": "PostgreSQL version", "args": [{ "name": "conn", "required": false }] }
"databases": {
"description": "List databases",
"args": [
{
"name": "conn",
"required": false
}
]
},
"schemas": {
"description": "List schemas",
"args": [
{
"name": "conn",
"required": false
}
]
},
"tables": {
"description": "List tables",
"args": [
{
"name": "conn",
"required": false
},
{
"name": "schema",
"required": false
}
]
},
"views": {
"description": "List views",
"args": [
{
"name": "conn",
"required": false
},
{
"name": "schema",
"required": false
}
]
},
"columns": {
"description": "Column details",
"args": [
{
"name": "conn",
"required": false
},
{
"name": "table",
"required": true
}
]
},
"indexes": {
"description": "Show indexes",
"args": [
{
"name": "conn",
"required": false
},
{
"name": "table",
"required": true
}
]
},
"constraints": {
"description": "Show constraints",
"args": [
{
"name": "conn",
"required": false
},
{
"name": "table",
"required": true
}
]
},
"fkeys": {
"description": "Foreign keys",
"args": [
{
"name": "conn",
"required": false
},
{
"name": "table",
"required": true
}
]
},
"sample": {
"description": "Sample rows",
"args": [
{
"name": "conn",
"required": false
},
{
"name": "table",
"required": true
},
{
"name": "limit",
"required": false
}
]
},
"count": {
"description": "Count rows",
"args": [
{
"name": "conn",
"required": false
},
{
"name": "table",
"required": true
}
]
},
"query": {
"description": "Run read-only SQL",
"args": [
{
"name": "conn",
"required": false
},
{
"name": "sql",
"required": true
}
]
},
"stats": {
"description": "Table statistics",
"args": [
{
"name": "conn",
"required": false
},
{
"name": "table",
"required": true
}
]
},
"sizes": {
"description": "Table sizes",
"args": [
{
"name": "conn",
"required": false
},
{
"name": "schema",
"required": false
}
]
},
"search": {
"description": "Search tables by name",
"args": [
{
"name": "conn",
"required": false
},
{
"name": "pattern",
"required": true
}
]
},
"version": {
"description": "PostgreSQL version",
"args": [
{
"name": "conn",
"required": false
}
]
}
},
"env": {
"POSTGRES_URL": { "required": false, "description": "Default connection URL" }
"POSTGRES_URL": {
"required": false,
"description": "Default connection URL"
}
},

@@ -35,3 +215,6 @@ "dependencies": {

},
"mcp": { "enabled": true, "transport": "stdio" }
"mcp": {
"enabled": true,
"transport": "stdio"
}
}
+1
-1
package.json
{
"name": "@cli4ai/postgres",
"version": "1.0.6",
"version": "1.0.7",
"description": "PostgreSQL read-only queries",

@@ -5,0 +5,0 @@ "author": "cliforai",

+18
-0
README.md

@@ -59,1 +59,19 @@ # @cli4ai/postgres

```
## Security
### Read-Only Enforcement
This tool blocks destructive SQL commands (INSERT, UPDATE, DELETE, DROP, etc.) at the application layer. However, this is defense-in-depth only.
**Best practice**: Use a read-only database user for maximum protection. PostgreSQL allows creating users with restricted privileges:
```sql
CREATE USER readonly_user WITH PASSWORD 'secure_password';
GRANT CONNECT ON DATABASE mydb TO readonly_user;
GRANT USAGE ON SCHEMA public TO readonly_user;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO readonly_user;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO readonly_user;
```
The application-layer filtering may have edge cases (e.g., stored procedures, unusual syntax). Database-level permissions are the authoritative security boundary.