🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

js-sql-parser

Package Overview
Dependencies
Maintainers
1
Versions
22
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

js-sql-parser

> parse / stringify sql (select grammar) in js.

latest
Source
npmnpm
Version
1.6.0
Version published
Weekly downloads
71K
35.04%
Maintainers
1
Weekly downloads
 
Created
Source

js-sql-parser

parse / stringify sql (select grammar) in js.

Build Status NPM Version NPM Downloads

sql grammar follows https://dev.mysql.com/doc/refman/5.7/en/select.html

news

  • Unicode extended char support for column name or alias & Function call in table_factor since v1.6.0
  • Support feature PlaceHolder like ${param} since v1.5.0 #43
  • Fix bug using ' & " for column alias? since v1.4.1 #40, #44
  • Fix bug tableFactor alias since v1.3.0 #34
  • Add support for "`" quoted alias since v1.2.2. #33
  • Fix bug stringify keyword having since v1.2.1. #29
  • Typo 'refrence' has been fixed to 'reference' since v1.2.0.

for more changes see CHANGELOG

commonjs usage

npm install --save js-sql-parser

const parser = require('js-sql-parser');
const ast = parser.parse('select * from dual');

console.log(JSON.stringify(ast, null, 2));

ast.value.selectItems.value[0].value = 'foo';
ast.value.from.value[0].value.value.value = 'bar';

console.log(parser.stringify(ast));
// SELECT foo FROM bar

// placeholder test
const parser = require('js-sql-parser');
const ast = parser.parse('select ${a} as a');

ast['value']['selectItems']['value'][0]['value'] = "'value'";
console.log(parser.stringify(ast));
// SELECT 'value' AS a

Note: PlaceHolder is an literal value but not an identifier. Table_name / column_name / function_name are identifier thus should NOT be placed with placeholder.

script tag

<script src="./dist/parser/sqlParser.js"><script/>

var sqlParser = window.sqlParser;
var ast = sqlParser.parse('select * from dual');
var sql = sqlParser.stringify(ast);

AMD supported

...

unsupported grammar currently

  • Hexadecimal Literals as x'01af' X'01af', but 0x01af is supported.
  • keyword COLLATE.
  • parammarker: keyword PREPARE / EXECUTE / DEALLOCATE
  • variable: keyword SET / CREATE PROCEDURE / CREATE FUNCTION
  • identifier expr: ODBC escape syntax
  • matchexpr: Full-Text Search Functions. // to support
  • intervalexpr: Date INTERVAL keyword. // to support
  • into outfile: INTO OUTFILE keyword. // to support

Build

  • Run npm run build to build the distributable.

LICENSE

MIT

Keywords

js
sql-parser

FAQs

Package last updated on 21 Mar 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain Risk

Security News

Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain Risk

Socket CEO Feross Aboukhadijeh joins Software Engineering Daily to discuss modern software supply chain attacks and rising AI-driven security risks.

By Sarah Gooding  -  Dec 11, 2025