Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

pg-sql2

Package Overview
Dependencies
Maintainers
1
Versions
59
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

pg-sql2 - npm Package Compare versions

Comparing version 2.0.0 to 2.1.0

2

lib/index.js

@@ -228,3 +228,3 @@ "use strict";

function literal(val /*: mixed */) /*: SQLNode */{
if (typeof val === "string" && val.match(/^[a-zA-Z0-9_-]*$/)) {
if (typeof val === "string" && val.match(/^[-a-zA-Z0-9_@! ]*$/)) {
return raw(`'${val}'`);

@@ -231,0 +231,0 @@ } else if (typeof val === "number" && Number.isFinite(val)) {

{
"name": "pg-sql2",
"version": "2.0.0",
"version": "2.1.0",
"description": "Generate safe Postgres-compliant SQL with tagged template literals",

@@ -13,3 +13,3 @@ "main": "lib/index.js",

"test:docs": "markdown-doctest",
"prepublish": "babel --out-dir lib src"
"prepack": "babel --out-dir lib src"
},

@@ -16,0 +16,0 @@ "repository": {

@@ -6,2 +6,5 @@ # pg-sql2

A key aim of this library is to be very fast, if you think you can improve
performance further please open a PR!
```js

@@ -86,4 +89,6 @@ const sql = require("pg-sql2");

As `sql.value`, but in the case of very simple values may write them directly
to the SQL statement. Should only be used with trusted data, e.g. for the key
arguments to `json_build_object(key, val, key, val, ...)`
to the SQL statement rather than using a placeholder. Should only be used with
data that is not sensitive and is trusted (not user-provided data), e.g. for
the key arguments to `json_build_object(key, val, key, val, ...)` which you
have produced.

@@ -90,0 +95,0 @@ ### `sql.join(arrayOfFragments, delimeter)`

@@ -250,3 +250,3 @@ "use strict";

function literal(val /*: mixed */) /*: SQLNode */ {
if (typeof val === "string" && val.match(/^[a-zA-Z0-9_-]*$/)) {
if (typeof val === "string" && val.match(/^[-a-zA-Z0-9_@! ]*$/)) {
return raw(`'${val}'`);

@@ -253,0 +253,0 @@ } else if (typeof val === "number" && Number.isFinite(val)) {

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc