Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement
Sign In

pg

Package Overview
Dependencies
Maintainers
1
Versions
247
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

pg - npm Package Compare versions

Comparing version
7.18.2
 to
8.0.0
+19
-1
lib/client.js

@@ -33,3 +33,12 @@ 'use strict'

this.host = this.connectionParameters.host
this.password = this.connectionParameters.password
// "hiding" the password so it doesn't show up in stack traces
// or if the client is console.logged
Object.defineProperty(this, 'password', {
configurable: true,
enumerable: false,
writable: true,
value: this.connectionParameters.password
})
this.replication = this.connectionParameters.replication

@@ -549,2 +558,11 @@

// if we have never connected, then end is a noop, callback immediately
if (this.connection.stream.readyState === 'closed') {
if (cb) {
cb()
} else {
return this._Promise.resolve()
}
}
if (this.activeQuery || !this._queryable) {

@@ -551,0 +569,0 @@ // if we have an active query we need to force a disconnect

+3
-17
lib/connection-fast.js

@@ -18,4 +18,2 @@ 'use strict'

var warnDeprecation = require('./compat/warn-deprecation')
var TEXT_MODE = 0

@@ -99,17 +97,5 @@

var tls = require('tls')
const options = {
socket: self.stream,
checkServerIdentity: self.ssl.checkServerIdentity || tls.checkServerIdentity,
rejectUnauthorized: self.ssl.rejectUnauthorized,
ca: self.ssl.ca,
pfx: self.ssl.pfx,
key: self.ssl.key,
passphrase: self.ssl.passphrase,
cert: self.ssl.cert,
secureOptions: self.ssl.secureOptions,
NPNProtocols: self.ssl.NPNProtocols
}
if (typeof self.ssl.rejectUnauthorized !== 'boolean') {
warnDeprecation('Implicit disabling of certificate verification is deprecated and will be removed in pg 8. Specify `rejectUnauthorized: true` to require a valid CA or `rejectUnauthorized: false` to explicitly opt out of MITM protection.', 'PG-SSL-VERIFY')
}
const options = Object.assign({
socket: self.stream
}, self.ssl)
if (net.isIP(host) === 0) {

@@ -116,0 +102,0 @@ options.servername = host

+15
-1
lib/connection-parameters.js

@@ -55,5 +55,19 @@ 'use strict'

this.database = val('database', config)
if (this.database === undefined) {
this.database = this.user
}
this.port = parseInt(val('port', config), 10)
this.host = val('host', config)
this.password = val('password', config)
// "hiding" the password so it doesn't show up in stack traces
// or if the client is console.logged
Object.defineProperty(this, 'password', {
configurable: true,
enumerable: false,
writable: true,
value: val('password', config)
})
this.binary = val('binary', config)

@@ -60,0 +74,0 @@ this.ssl = typeof config.ssl === 'undefined' ? useSsl() : config.ssl

+7
-21
lib/connection.js

@@ -17,4 +17,2 @@ 'use strict'

var warnDeprecation = require('./compat/warn-deprecation')
var TEXT_MODE = 0

@@ -99,17 +97,5 @@ var BINARY_MODE = 1

var tls = require('tls')
const options = {
socket: self.stream,
checkServerIdentity: self.ssl.checkServerIdentity || tls.checkServerIdentity,
rejectUnauthorized: self.ssl.rejectUnauthorized,
ca: self.ssl.ca,
pfx: self.ssl.pfx,
key: self.ssl.key,
passphrase: self.ssl.passphrase,
cert: self.ssl.cert,
secureOptions: self.ssl.secureOptions,
NPNProtocols: self.ssl.NPNProtocols
}
if (typeof self.ssl.rejectUnauthorized !== 'boolean') {
warnDeprecation('Implicit disabling of certificate verification is deprecated and will be removed in pg 8. Specify `rejectUnauthorized: true` to require a valid CA or `rejectUnauthorized: false` to explicitly opt out of MITM protection.', 'PG-SSL-VERIFY')
}
const options = Object.assign({
socket: self.stream
}, self.ssl)
if (net.isIP(host) === 0) {

@@ -607,3 +593,3 @@ options.servername = host

// parses error
Connection.prototype.parseE = function (buffer, length) {
Connection.prototype.parseE = function (buffer, length, isNotice) {
var fields = {}

@@ -617,6 +603,6 @@ var fieldType = this.readString(buffer, 1)

// the msg is an Error instance
var msg = new Error(fields.M)
var msg = isNotice ? { message: fields.M } : new Error(fields.M)
// for compatibility with Message
msg.name = 'error'
msg.name = isNotice ? 'notice' : 'error'
msg.length = length

@@ -645,3 +631,3 @@

Connection.prototype.parseN = function (buffer, length) {
var msg = this.parseE(buffer, length)
var msg = this.parseE(buffer, length, true)
msg.name = 'notice'

@@ -648,0 +634,0 @@ return msg

+1
-1
lib/defaults.js

@@ -18,3 +18,3 @@ 'use strict'

// name of database to connect
database: process.platform === 'win32' ? process.env.USERNAME : process.env.USER,
database: undefined,

@@ -21,0 +21,0 @@ // database user's password

+25
-25
lib/index.js

@@ -10,3 +10,2 @@ 'use strict'

var util = require('util')
var Client = require('./client')

@@ -16,16 +15,9 @@ var defaults = require('./defaults')

var Pool = require('pg-pool')
const checkConstructor = require('./compat/check-constructor')
const poolFactory = (Client) => {
var BoundPool = function (options) {
// eslint-disable-next-line no-eval
checkConstructor('pg.Pool', 'PG-POOL-NEW', () => eval('new.target'))
var config = Object.assign({ Client: Client }, options)
return new Pool(config)
return class BoundPool extends Pool {
constructor (options) {
super(options, Client)
}
}
util.inherits(BoundPool, Pool)
return BoundPool
}

@@ -49,18 +41,26 @@

// lazy require native module...the native module may not have installed
module.exports.__defineGetter__('native', function () {
delete module.exports.native
var native = null
try {
native = new PG(require('./native'))
} catch (err) {
if (err.code !== 'MODULE_NOT_FOUND') {
throw err
Object.defineProperty(module.exports, 'native', {
configurable: true,
enumerable: false,
get() {
var native = null
try {
native = new PG(require('./native'))
} catch (err) {
if (err.code !== 'MODULE_NOT_FOUND') {
throw err
}
/* eslint-disable no-console */
console.error(err.message)
/* eslint-enable no-console */
}
/* eslint-disable no-console */
console.error(err.message)
/* eslint-enable no-console */
// overwrite module.exports.native so that getter is never called again
Object.defineProperty(module.exports, 'native', {
value: native
})
return native
}
module.exports.native = native
return native
})
}
+9
-1
lib/native/client.js

@@ -46,3 +46,11 @@ 'use strict'

this.user = cp.user
this.password = cp.password
// "hiding" the password so it doesn't show up in stack traces
// or if the client is console.logged
Object.defineProperty(this, 'password', {
configurable: true,
enumerable: false,
writable: true,
value: cp.password
})
this.database = cp.database

@@ -49,0 +57,0 @@ this.host = cp.host

+177
-183
lib/query.js

@@ -10,224 +10,218 @@ 'use strict'

var EventEmitter = require('events').EventEmitter
var util = require('util')
const checkConstructor = require('./compat/check-constructor')
const { EventEmitter } = require('events')
var Result = require('./result')
var utils = require('./utils')
const Result = require('./result')
const utils = require('./utils')
var Query = function (config, values, callback) {
// use of "new" optional in pg 7
// eslint-disable-next-line no-eval
checkConstructor('Query', 'PG-QUERY-NEW', () => eval('new.target'))
if (!(this instanceof Query)) { return new Query(config, values, callback) }
class Query extends EventEmitter {
constructor(config, values, callback) {
super()
config = utils.normalizeQueryConfig(config, values, callback)
config = utils.normalizeQueryConfig(config, values, callback)
this.text = config.text
this.values = config.values
this.rows = config.rows
this.types = config.types
this.name = config.name
this.binary = config.binary
// use unique portal name each time
this.portal = config.portal || ''
this.callback = config.callback
this._rowMode = config.rowMode
if (process.domain && config.callback) {
this.callback = process.domain.bind(config.callback)
this.text = config.text
this.values = config.values
this.rows = config.rows
this.types = config.types
this.name = config.name
this.binary = config.binary
// use unique portal name each time
this.portal = config.portal || ''
this.callback = config.callback
this._rowMode = config.rowMode
if (process.domain && config.callback) {
this.callback = process.domain.bind(config.callback)
}
this._result = new Result(this._rowMode, this.types)
// potential for multiple results
this._results = this._result
this.isPreparedStatement = false
this._canceledDueToError = false
this._promise = null
}
this._result = new Result(this._rowMode, this.types)
// potential for multiple results
this._results = this._result
this.isPreparedStatement = false
this._canceledDueToError = false
this._promise = null
EventEmitter.call(this)
}
requiresPreparation() {
// named queries must always be prepared
if (this.name) { return true }
// always prepare if there are max number of rows expected per
// portal execution
if (this.rows) { return true }
// don't prepare empty text queries
if (!this.text) { return false }
// prepare if there are values
if (!this.values) { return false }
return this.values.length > 0
}
util.inherits(Query, EventEmitter)
_checkForMultirow() {
// if we already have a result with a command property
// then we've already executed one query in a multi-statement simple query
// turn our results into an array of results
if (this._result.command) {
if (!Array.isArray(this._results)) {
this._results = [this._result]
}
this._result = new Result(this._rowMode, this.types)
this._results.push(this._result)
}
}
Query.prototype.requiresPreparation = function () {
// named queries must always be prepared
if (this.name) { return true }
// always prepare if there are max number of rows expected per
// portal execution
if (this.rows) { return true }
// don't prepare empty text queries
if (!this.text) { return false }
// prepare if there are values
if (!this.values) { return false }
return this.values.length > 0
}
// associates row metadata from the supplied
// message with this query object
// metadata used when parsing row results
handleRowDescription(msg) {
this._checkForMultirow()
this._result.addFields(msg.fields)
this._accumulateRows = this.callback || !this.listeners('row').length
}
Query.prototype._checkForMultirow = function () {
// if we already have a result with a command property
// then we've already executed one query in a multi-statement simple query
// turn our results into an array of results
if (this._result.command) {
if (!Array.isArray(this._results)) {
this._results = [this._result]
handleDataRow(msg) {
let row
if (this._canceledDueToError) {
return
}
this._result = new Result(this._rowMode, this.types)
this._results.push(this._result)
}
}
// associates row metadata from the supplied
// message with this query object
// metadata used when parsing row results
Query.prototype.handleRowDescription = function (msg) {
this._checkForMultirow()
this._result.addFields(msg.fields)
this._accumulateRows = this.callback || !this.listeners('row').length
}
try {
row = this._result.parseRow(msg.fields)
} catch (err) {
this._canceledDueToError = err
return
}
Query.prototype.handleDataRow = function (msg) {
var row
this.emit('row', row, this._result)
if (this._accumulateRows) {
this._result.addRow(row)
}
}
if (this._canceledDueToError) {
return
handleCommandComplete(msg, con) {
this._checkForMultirow()
this._result.addCommandComplete(msg)
// need to sync after each command complete of a prepared statement
if (this.isPreparedStatement) {
con.sync()
}
}
try {
row = this._result.parseRow(msg.fields)
} catch (err) {
this._canceledDueToError = err
return
// if a named prepared statement is created with empty query text
// the backend will send an emptyQuery message but *not* a command complete message
// execution on the connection will hang until the backend receives a sync message
handleEmptyQuery(con) {
if (this.isPreparedStatement) {
con.sync()
}
}
this.emit('row', row, this._result)
if (this._accumulateRows) {
this._result.addRow(row)
handleReadyForQuery(con) {
if (this._canceledDueToError) {
return this.handleError(this._canceledDueToError, con)
}
if (this.callback) {
this.callback(null, this._results)
}
this.emit('end', this._results)
}
}
Query.prototype.handleCommandComplete = function (msg, con) {
this._checkForMultirow()
this._result.addCommandComplete(msg)
// need to sync after each command complete of a prepared statement
if (this.isPreparedStatement) {
con.sync()
handleError(err, connection) {
// need to sync after error during a prepared statement
if (this.isPreparedStatement) {
connection.sync()
}
if (this._canceledDueToError) {
err = this._canceledDueToError
this._canceledDueToError = false
}
// if callback supplied do not emit error event as uncaught error
// events will bubble up to node process
if (this.callback) {
return this.callback(err)
}
this.emit('error', err)
}
}
// if a named prepared statement is created with empty query text
// the backend will send an emptyQuery message but *not* a command complete message
// execution on the connection will hang until the backend receives a sync message
Query.prototype.handleEmptyQuery = function (con) {
if (this.isPreparedStatement) {
con.sync()
submit(connection) {
if (typeof this.text !== 'string' && typeof this.name !== 'string') {
return new Error('A query must have either text or a name. Supplying neither is unsupported.')
}
const previous = connection.parsedStatements[this.name]
if (this.text && previous && this.text !== previous) {
return new Error(`Prepared statements must be unique - '${this.name}' was used for a different statement`)
}
if (this.values && !Array.isArray(this.values)) {
return new Error('Query values must be an array')
}
if (this.requiresPreparation()) {
this.prepare(connection)
} else {
connection.query(this.text)
}
return null
}
}
Query.prototype.handleReadyForQuery = function (con) {
if (this._canceledDueToError) {
return this.handleError(this._canceledDueToError, con)
hasBeenParsed(connection) {
return this.name && connection.parsedStatements[this.name]
}
if (this.callback) {
this.callback(null, this._results)
}
this.emit('end', this._results)
}
Query.prototype.handleError = function (err, connection) {
// need to sync after error during a prepared statement
if (this.isPreparedStatement) {
connection.sync()
handlePortalSuspended(connection) {
this._getRows(connection, this.rows)
}
if (this._canceledDueToError) {
err = this._canceledDueToError
this._canceledDueToError = false
}
// if callback supplied do not emit error event as uncaught error
// events will bubble up to node process
if (this.callback) {
return this.callback(err)
}
this.emit('error', err)
}
Query.prototype.submit = function (connection) {
if (typeof this.text !== 'string' && typeof this.name !== 'string') {
return new Error('A query must have either text or a name. Supplying neither is unsupported.')
_getRows(connection, rows) {
connection.execute({
portal: this.portal,
rows: rows
}, true)
connection.flush()
}
const previous = connection.parsedStatements[this.name]
if (this.text && previous && this.text !== previous) {
return new Error(`Prepared statements must be unique - '${this.name}' was used for a different statement`)
}
if (this.values && !Array.isArray(this.values)) {
return new Error('Query values must be an array')
}
if (this.requiresPreparation()) {
this.prepare(connection)
} else {
connection.query(this.text)
}
return null
}
Query.prototype.hasBeenParsed = function (connection) {
return this.name && connection.parsedStatements[this.name]
}
prepare(connection) {
// prepared statements need sync to be called after each command
// complete or when an error is encountered
this.isPreparedStatement = true
// TODO refactor this poor encapsulation
if (!this.hasBeenParsed(connection)) {
connection.parse({
text: this.text,
name: this.name,
types: this.types
}, true)
}
Query.prototype.handlePortalSuspended = function (connection) {
this._getRows(connection, this.rows)
}
if (this.values) {
try {
this.values = this.values.map(utils.prepareValue)
} catch (err) {
this.handleError(err, connection)
return
}
}
Query.prototype._getRows = function (connection, rows) {
connection.execute({
portal: this.portal,
rows: rows
}, true)
connection.flush()
}
// http://developer.postgresql.org/pgdocs/postgres/protocol-flow.html#PROTOCOL-FLOW-EXT-QUERY
connection.bind({
portal: this.portal,
statement: this.name,
values: this.values,
binary: this.binary
}, true)
Query.prototype.prepare = function (connection) {
var self = this
// prepared statements need sync to be called after each command
// complete or when an error is encountered
this.isPreparedStatement = true
// TODO refactor this poor encapsulation
if (!this.hasBeenParsed(connection)) {
connection.parse({
text: self.text,
name: self.name,
types: self.types
connection.describe({
type: 'P',
name: this.portal || ''
}, true)
this._getRows(connection, this.rows)
}
if (self.values) {
try {
self.values = self.values.map(utils.prepareValue)
} catch (err) {
this.handleError(err, connection)
return
}
handleCopyInResponse(connection) {
connection.sendCopyFail('No source stream defined')
}
// http://developer.postgresql.org/pgdocs/postgres/protocol-flow.html#PROTOCOL-FLOW-EXT-QUERY
connection.bind({
portal: self.portal,
statement: self.name,
values: self.values,
binary: self.binary
}, true)
connection.describe({
type: 'P',
name: self.portal || ''
}, true)
this._getRows(connection, this.rows)
// eslint-disable-next-line no-unused-vars
handleCopyData(msg, connection) {
// noop
}
}
Query.prototype.handleCopyInResponse = function (connection) {
connection.sendCopyFail('No source stream defined')
}
// eslint-disable-next-line no-unused-vars
Query.prototype.handleCopyData = function (msg, connection) {
// noop
}
module.exports = Query
+4
-4
package.json
{
"name": "pg",
"version": "7.18.2",
"version": "8.0.0",
"description": "PostgreSQL client - pure javascript & libpq with the same API",

@@ -26,3 +26,3 @@ "keywords": [

"pg-packet-stream": "^1.1.0",
"pg-pool": "^2.0.10",
"pg-pool": "^3.0.0",
"pg-types": "^2.1.0",

@@ -55,5 +55,5 @@ "pgpass": "1.x",

"engines": {
"node": ">= 4.5.0"
"node": ">= 8.0.0"
},
"gitHead": "29877530c6f7b5ebc0bf814e3a711b4b66e4d51a"
"gitHead": "a227d3e8d47e1eb53296a3a013f2e7514cd152c3"
}
-22
lib/compat/check-constructor.js
'use strict'
const warnDeprecation = require('./warn-deprecation')
// Node 4 doesn’t support new.target.
let hasNewTarget
try {
// eslint-disable-next-line no-eval
eval('(function () { new.target })')
hasNewTarget = true
} catch (error) {
hasNewTarget = false
}
const checkConstructor = (name, code, getNewTarget) => {
if (hasNewTarget && getNewTarget() === undefined) {
warnDeprecation(`Constructing a ${name} without new is deprecated and will stop working in pg 8.`, code)
}
}
module.exports = checkConstructor
-19
lib/compat/warn-deprecation.js
'use strict'
const util = require('util')
const dummyFunctions = new Map()
// Node 4 doesn’t support process.emitWarning(message, 'DeprecationWarning', code).
const warnDeprecation = (message, code) => {
let dummy = dummyFunctions.get(code)
if (dummy === undefined) {
dummy = util.deprecate(() => {}, message)
dummyFunctions.set(code, dummy)
}
dummy()
}
module.exports = warnDeprecation