pg - npm Package Compare versions

Comparing version 7.13.0 to 7.14.0

CHANGELOG.md

@@ -7,2 +7,6 @@ All major and minor releases are briefly explained below.
 
+### 7.14.0
+
+- Reverts 7.13.0 as it contained [an accidental breaking change](https://github.com/brianc/node-postgres/pull/2010) for self-signed SSL cert verification. 7.14.0 is identical to 7.12.1.
+
 ### 7.13.0
@@ -9,0 +13,0 @@

lib/connection.js

@@ -94,5 +94,14 @@ 'use strict'
     var tls = require('tls')
-    const options = Object.assign({
-      socket: self.stream
-    }, self.ssl)
+    const options = {
+      socket: self.stream,
+      checkServerIdentity: self.ssl.checkServerIdentity || tls.checkServerIdentity,
+      rejectUnauthorized: self.ssl.rejectUnauthorized,
+      ca: self.ssl.ca,
+      pfx: self.ssl.pfx,
+      key: self.ssl.key,
+      passphrase: self.ssl.passphrase,
+      cert: self.ssl.cert,
+      secureOptions: self.ssl.secureOptions,
+      NPNProtocols: self.ssl.NPNProtocols
+    }
     if (net.isIP(host) === 0) {
@@ -99,0 +108,0 @@ options.servername = host

package.json

 {
   "name": "pg",
-  "version": "7.13.0",
+  "version": "7.14.0",
   "description": "PostgreSQL client - pure javascript & libpq with the same API",
@@ -5,0 +5,0 @@ "keywords": [

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

96276

increased by0.56%

Lines of code

2305

increased by0.39%

No dependency changes