pg-connection-string - npm Package Compare versions

Comparing version 2.0.0 to 2.1.0

index.d.ts

@@ -5,11 +5,11 @@ export function parse(connectionString: string): ConnectionOptions;
   host: string | null;
-  password: string | null;
-  user: string | null;
-  port: number | null;
-  database: string | null;
-  client_encoding: string | null;
-  ssl: boolean | null;
+  password?: string;
+  user?: string;
+  port?: string | null;
+  database: string | null | undefined;
+  client_encoding?: string;
+  ssl?: boolean | string;
 
-  application_name: string | null;
-  fallback_application_name: string | null;
+  application_name?: string;
+  fallback_application_name?: string;
 }

index.js

 'use strict';
 
 var url = require('url');
+var fs = require('fs');
 
@@ -26,2 +27,6 @@ //Parse method copied from https://github.com/brianc/node-postgres
 
+  var auth = (result.auth || ':').split(':');
+  config.user = auth[0];
+  config.password = auth.splice(1).join(':');
+
   config.port = result.port;
@@ -44,6 +49,2 @@ if(result.protocol == 'socket:') {
 
-  var auth = (result.auth || ':').split(':');
-  config.user = auth[0];
-  config.password = auth.splice(1).join(':');
-
   if (config.ssl === 'true' || config.ssl === '1') {
@@ -53,2 +54,22 @@ config.ssl = true;
 
+  if (config.ssl === '0') {
+    config.ssl = false;
+  }
+
+  if (config.sslcert || config.sslkey || config.sslrootcert) {
+    config.ssl = {};
+  }
+
+  if (config.sslcert) {
+    config.ssl.cert = fs.readFileSync(config.sslcert).toString();
+  }
+
+  if (config.sslkey) {
+    config.ssl.key = fs.readFileSync(config.sslkey).toString();
+  }
+
+  if (config.sslrootcert) {
+    config.ssl.ca = fs.readFileSync(config.sslrootcert).toString();
+  }
+
   return config;
@@ -55,0 +76,0 @@ }

package.json

 {
   "name": "pg-connection-string",
-  "version": "2.0.0",
+  "version": "2.1.0",
   "description": "Functions for dealing with a PostgresSQL connection string",
@@ -33,3 +33,7 @@ "main": "./index.js",
     "mocha": "^3.5.0"
-  }
+  },
+  "files": [
+    "index.js",
+    "index.d.ts"
+  ]
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Number of medium supply chain risk alerts

1

decreased by-50%

Worsened metrics

Total package byte prevSize

5343

decreased by-55.88%

Number of package files

5

decreased by-44.44%

Lines of code

73

decreased by-65.07%

Number of low supply chain risk alerts

1

increased byInfinity%

No dependency changes