Socket
Socket
Sign inDemoInstall

mssql

Package Overview
Dependencies
134
Maintainers
4
Versions
166
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 10.0.0 to 10.0.1

2

lib/base/connection-pool.js
'use strict'
const { EventEmitter } = require('events')
const { EventEmitter } = require('node:events')
const debug = require('debug')('mssql:base')

@@ -5,0 +5,0 @@ const { parseSqlConnectionString } = require('@tediousjs/connection-string')

6

lib/base/prepared-statement.js
'use strict'
const debug = require('debug')('mssql:base')
const { EventEmitter } = require('events')
const { EventEmitter } = require('node:events')
const { IDS, objectHasProperty } = require('../utils')

@@ -94,3 +94,3 @@ const globalConnection = require('../global-connection')

input (name, type) {
if ((/(--| |\/\*|\*\/|')/).test(name)) {
if (/--| |\/\*|\*\/|'/.test(name)) {
throw new PreparedStatementError(`SQL injection warning for param '${name}'`, 'EINJECT')

@@ -148,3 +148,3 @@ }

output (name, type) {
if (/(--| |\/\*|\*\/|')/.test(name)) {
if (/--| |\/\*|\*\/|'/.test(name)) {
throw new PreparedStatementError(`SQL injection warning for param '${name}'`, 'EINJECT')

@@ -151,0 +151,0 @@ }

8

lib/base/request.js
'use strict'
const debug = require('debug')('mssql:base')
const { EventEmitter } = require('events')
const { Readable } = require('stream')
const { EventEmitter } = require('node:events')
const { Readable } = require('node:stream')
const { IDS, objectHasProperty } = require('../utils')

@@ -110,3 +110,3 @@ const globalConnection = require('../global-connection')

input (name, type, value) {
if ((/(--| |\/\*|\*\/|')/).test(name)) {
if (/--| |\/\*|\*\/|'/.test(name)) {
throw new RequestError(`SQL injection warning for param '${name}'`, 'EINJECT')

@@ -174,3 +174,3 @@ }

if ((/(--| |\/\*|\*\/|')/).test(name)) {
if (/--| |\/\*|\*\/|'/.test(name)) {
throw new RequestError(`SQL injection warning for param '${name}'`, 'EINJECT')

@@ -177,0 +177,0 @@ }

2

lib/base/transaction.js
'use strict'
const debug = require('debug')('mssql:base')
const { EventEmitter } = require('events')
const { EventEmitter } = require('node:events')
const { IDS } = require('../utils')

@@ -6,0 +6,0 @@ const globalConnection = require('../global-connection')

2

lib/msnodesqlv8/connection-pool.js

@@ -9,3 +9,3 @@ 'use strict'

const ConnectionError = require('../error/connection-error')
const { platform } = require('os')
const { platform } = require('node:os')
const { buildConnectionString } = require('@tediousjs/connection-string')

@@ -12,0 +12,0 @@

4

package.json

@@ -24,3 +24,3 @@ {

],
"version": "10.0.0",
"version": "10.0.1",
"main": "index.js",

@@ -49,3 +49,3 @@ "repository": "github:tediousjs/node-mssql",

"engines": {
"node": ">=10"
"node": ">=14"
},

@@ -52,0 +52,0 @@ "files": [

bin/mssql

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc