Socket
Socket
Sign inDemoInstall

pg

Package Overview
Dependencies
Maintainers
1
Versions
224
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

pg - npm Package Compare versions

Comparing version 8.0.2 to 8.0.3

73

lib/client.js

@@ -40,3 +40,3 @@ 'use strict'

writable: true,
value: this.connectionParameters.password
value: this.connectionParameters.password,
})

@@ -56,9 +56,11 @@

this.connection = c.connection || new Connection({
stream: c.stream,
ssl: this.connectionParameters.ssl,
keepAlive: c.keepAlive || false,
keepAliveInitialDelayMillis: c.keepAliveInitialDelayMillis || 0,
encoding: this.connectionParameters.client_encoding || 'utf8'
})
this.connection =
c.connection ||
new Connection({
stream: c.stream,
ssl: this.connectionParameters.ssl,
keepAlive: c.keepAlive || false,
keepAliveInitialDelayMillis: c.keepAliveInitialDelayMillis || 0,
encoding: this.connectionParameters.client_encoding || 'utf8',
})
this.queryQueue = []

@@ -132,5 +134,6 @@ this.binary = c.binary || defaults.binary

if (typeof self.password === 'function') {
self._Promise.resolve()
self._Promise
.resolve()
.then(() => self.password())
.then(pass => {
.then((pass) => {
if (pass !== undefined) {

@@ -146,3 +149,4 @@ if (typeof pass !== 'string') {

cb(msg)
}).catch(err => {
})
.catch((err) => {
con.emit('error', err)

@@ -164,18 +168,27 @@ })

// password request handling
con.on('authenticationCleartextPassword', checkPgPass(function () {
con.password(self.password)
}))
con.on(
'authenticationCleartextPassword',
checkPgPass(function () {
con.password(self.password)
})
)
// password request handling
con.on('authenticationMD5Password', checkPgPass(function (msg) {
con.password(utils.postgresMd5PasswordHash(self.user, self.password, msg.salt))
}))
con.on(
'authenticationMD5Password',
checkPgPass(function (msg) {
con.password(utils.postgresMd5PasswordHash(self.user, self.password, msg.salt))
})
)
// password request handling (SASL)
var saslSession
con.on('authenticationSASL', checkPgPass(function (msg) {
saslSession = sasl.startSession(msg.mechanisms)
con.on(
'authenticationSASL',
checkPgPass(function (msg) {
saslSession = sasl.startSession(msg.mechanisms)
con.sendSASLInitialResponseMessage(saslSession.mechanism, saslSession.response)
}))
con.sendSASLInitialResponseMessage(saslSession.mechanism, saslSession.response)
})
)

@@ -267,5 +280,3 @@ // password request handling (SASL)

con.once('end', () => {
const error = this._ending
? new Error('Connection terminated')
: new Error('Connection terminated unexpectedly')
const error = this._ending ? new Error('Connection terminated') : new Error('Connection terminated unexpectedly')

@@ -376,3 +387,3 @@ clearTimeout(connectionTimeoutHandle)

user: params.user,
database: params.database
database: params.database,
}

@@ -432,7 +443,7 @@

var hasBackslash = false
var escaped = '\''
var escaped = "'"
for (var i = 0; i < str.length; i++) {
var c = str[i]
if (c === '\'') {
if (c === "'") {
escaped += c + c

@@ -447,3 +458,3 @@ } else if (c === '\\') {

escaped += '\''
escaped += "'"

@@ -500,3 +511,3 @@ if (hasBackslash === true) {

result = new this._Promise((resolve, reject) => {
query.callback = (err, res) => err ? reject(err) : resolve(res)
query.callback = (err, res) => (err ? reject(err) : resolve(res))
})

@@ -520,3 +531,3 @@ }

// just do nothing if query completes
query.callback = () => { }
query.callback = () => {}

@@ -569,3 +580,3 @@ // Remove from queue

// if we have never connected, then end is a noop, callback immediately
if (this.connection.stream.readyState === 'closed') {
if (!this.connection._connecting) {
if (cb) {

@@ -572,0 +583,0 @@ cb()

23

lib/connection-fast.js

@@ -45,9 +45,6 @@ 'use strict'

if (this.stream.readyState === 'closed') {
this.stream.connect(port, host)
} else if (this.stream.readyState === 'open') {
this.emit('connect')
}
this._connecting = true
this.stream.connect(port, host)
this.stream.on('connect', function () {
this.stream.once('connect', function () {
if (self._keepAlive) {

@@ -84,3 +81,4 @@ self.stream.setKeepAlive(true, self._keepAliveInitialDelayMillis)

return self.emit('error', new Error('The server does not support SSL connections'))
default: // Any other response byte, including 'E' (ErrorResponse) indicating a server error
default:
// Any other response byte, including 'E' (ErrorResponse) indicating a server error
self.stream.end()

@@ -90,5 +88,8 @@ return self.emit('error', new Error('There was an error establishing an SSL connection'))

var tls = require('tls')
const options = Object.assign({
socket: self.stream
}, self.ssl)
const options = Object.assign(
{
socket: self.stream,
},
self.ssl
)
if (net.isIP(host) === 0) {

@@ -189,3 +190,3 @@ options.servername = host

this._ending = true
if (!this.stream.writable) {
if (!this._connecting || !this.stream.writable) {
this.stream.end()

@@ -192,0 +193,0 @@ return

8

lib/connection-parameters.js

@@ -25,5 +25,3 @@ 'use strict'

return config[key] ||
envVar ||
defaults[key]
return config[key] || envVar || defaults[key]
}

@@ -70,3 +68,3 @@

writable: true,
value: val('password', config)
value: val('password', config),
})

@@ -79,3 +77,3 @@

// a domain socket begins with '/'
this.isDomainSocket = (!(this.host || '').indexOf('/'))
this.isDomainSocket = !(this.host || '').indexOf('/')

@@ -82,0 +80,0 @@ this.application_name = val('application_name', config, 'PGAPPNAME')

83

lib/connection.js

@@ -38,3 +38,3 @@ 'use strict'

headerSize: 1,
lengthPadding: -4
lengthPadding: -4,
})

@@ -54,9 +54,6 @@ var self = this

if (this.stream.readyState === 'closed') {
this.stream.connect(port, host)
} else if (this.stream.readyState === 'open') {
this.emit('connect')
}
this._connecting = true
this.stream.connect(port, host)
this.stream.on('connect', function () {
this.stream.once('connect', function () {
if (self._keepAlive) {

@@ -93,3 +90,4 @@ self.stream.setKeepAlive(true, self._keepAliveInitialDelayMillis)

return self.emit('error', new Error('The server does not support SSL connections'))
default: // Any other response byte, including 'E' (ErrorResponse) indicating a server error
default:
// Any other response byte, including 'E' (ErrorResponse) indicating a server error
self.stream.end()

@@ -99,5 +97,8 @@ return self.emit('error', new Error('There was an error establishing an SSL connection'))

var tls = require('tls')
const options = Object.assign({
socket: self.stream
}, self.ssl)
const options = Object.assign(
{
socket: self.stream,
},
self.ssl
)
if (net.isIP(host) === 0) {

@@ -134,12 +135,7 @@ options.servername = host

Connection.prototype.requestSsl = function () {
var bodyBuffer = this.writer
.addInt16(0x04D2)
.addInt16(0x162F).flush()
var bodyBuffer = this.writer.addInt16(0x04d2).addInt16(0x162f).flush()
var length = bodyBuffer.length + 4
var buffer = new Writer()
.addInt32(length)
.add(bodyBuffer)
.join()
var buffer = new Writer().addInt32(length).add(bodyBuffer).join()
this.stream.write(buffer)

@@ -149,5 +145,3 @@ }

Connection.prototype.startup = function (config) {
var writer = this.writer
.addInt16(3)
.addInt16(0)
var writer = this.writer.addInt16(3).addInt16(0)

@@ -166,6 +160,3 @@ Object.keys(config).forEach(function (key) {

var buffer = new Writer()
.addInt32(length)
.add(bodyBuffer)
.join()
var buffer = new Writer().addInt32(length).add(bodyBuffer).join()
this.stream.write(buffer)

@@ -175,15 +166,7 @@ }

Connection.prototype.cancel = function (processID, secretKey) {
var bodyBuffer = this.writer
.addInt16(1234)
.addInt16(5678)
.addInt32(processID)
.addInt32(secretKey)
.flush()
var bodyBuffer = this.writer.addInt16(1234).addInt16(5678).addInt32(processID).addInt32(secretKey).flush()
var length = bodyBuffer.length + 4
var buffer = new Writer()
.addInt32(length)
.add(bodyBuffer)
.join()
var buffer = new Writer().addInt32(length).add(bodyBuffer).join()
this.stream.write(buffer)

@@ -199,6 +182,3 @@ }

// 0x70 = 'p'
this.writer
.addCString(mechanism)
.addInt32(Buffer.byteLength(initialResponse))
.addString(initialResponse)
this.writer.addCString(mechanism).addInt32(Buffer.byteLength(initialResponse)).addString(initialResponse)

@@ -210,4 +190,3 @@ this._send(0x70)

// 0x70 = 'p'
this.writer
.addString(additionalData)
this.writer.addString(additionalData)

@@ -276,9 +255,13 @@ this._send(0x70)

var useBinary = false
for (var j = 0; j < len; j++) { useBinary |= values[j] instanceof Buffer }
var buffer = this.writer
.addCString(config.portal)
.addCString(config.statement)
if (!useBinary) { buffer.addInt16(0) } else {
for (var j = 0; j < len; j++) {
useBinary |= values[j] instanceof Buffer
}
var buffer = this.writer.addCString(config.portal).addCString(config.statement)
if (!useBinary) {
buffer.addInt16(0)
} else {
buffer.addInt16(len)
for (j = 0; j < len; j++) { buffer.addInt16(values[j] instanceof Buffer) }
for (j = 0; j < len; j++) {
buffer.addInt16(values[j] instanceof Buffer)
}
}

@@ -315,5 +298,3 @@ buffer.addInt16(len)

config.rows = config.rows || ''
this.writer
.addCString(config.portal)
.addInt32(config.rows)
this.writer.addCString(config.portal).addInt32(config.rows)

@@ -347,3 +328,3 @@ // 0x45 = 'E'

this._ending = true
if (!this.stream.writable) {
if (!this._connecting || !this.stream.writable) {
this.stream.end()

@@ -350,0 +331,0 @@ return

2

lib/defaults.js

@@ -73,3 +73,3 @@ 'use strict'

keepalives_idle: 0
keepalives_idle: 0,
}

@@ -76,0 +76,0 @@

6

lib/index.js

@@ -17,3 +17,3 @@ 'use strict'

return class BoundPool extends Pool {
constructor (options) {
constructor(options) {
super(options, Client)

@@ -58,8 +58,8 @@ }

Object.defineProperty(module.exports, 'native', {
value: native
value: native,
})
return native
}
},
})
}

16

lib/native/client.js

@@ -25,3 +25,3 @@ 'use strict'

var Client = module.exports = function (config) {
var Client = (module.exports = function (config) {
EventEmitter.call(this)

@@ -34,3 +34,3 @@ config = config || {}

this.native = new Native({
types: this._types
types: this._types,
})

@@ -46,3 +46,3 @@

// for the time being. TODO: deprecate all this jazz
var cp = this.connectionParameters = new ConnectionParameters(config)
var cp = (this.connectionParameters = new ConnectionParameters(config))
this.user = cp.user

@@ -56,3 +56,3 @@

writable: true,
value: cp.password
value: cp.password,
})

@@ -65,3 +65,3 @@ this.database = cp.database

this.namedQueries = {}
}
})

@@ -123,3 +123,3 @@ Client.Query = NativeQuery

channel: msg.relname,
payload: msg.extra
payload: msg.extra,
})

@@ -189,3 +189,3 @@ })

})
query.callback = (err, res) => err ? rejectOut(err) : resolveOut(res)
query.callback = (err, res) => (err ? rejectOut(err) : resolveOut(res))
}

@@ -258,3 +258,3 @@ }

result = new this._Promise(function (resolve, reject) {
cb = (err) => err ? reject(err) : resolve()
cb = (err) => (err ? reject(err) : resolve())
})

@@ -261,0 +261,0 @@ }

49

lib/native/query.js

@@ -14,3 +14,3 @@ 'use strict'

var NativeQuery = module.exports = function (config, values, callback) {
var NativeQuery = (module.exports = function (config, values, callback) {
EventEmitter.call(this)

@@ -31,6 +31,9 @@ config = utils.normalizeQueryConfig(config, values, callback)

this._emitRowEvents = false
this.on('newListener', function (event) {
if (event === 'row') this._emitRowEvents = true
}.bind(this))
}
this.on(
'newListener',
function (event) {
if (event === 'row') this._emitRowEvents = true
}.bind(this)
)
})

@@ -41,14 +44,14 @@ util.inherits(NativeQuery, EventEmitter)

/* eslint-disable quote-props */
'sqlState': 'code',
'statementPosition': 'position',
'messagePrimary': 'message',
'context': 'where',
'schemaName': 'schema',
'tableName': 'table',
'columnName': 'column',
'dataTypeName': 'dataType',
'constraintName': 'constraint',
'sourceFile': 'file',
'sourceLine': 'line',
'sourceFunction': 'routine'
sqlState: 'code',
statementPosition: 'position',
messagePrimary: 'message',
context: 'where',
schemaName: 'schema',
tableName: 'table',
columnName: 'column',
dataTypeName: 'dataType',
constraintName: 'constraint',
sourceFile: 'file',
sourceLine: 'line',
sourceFunction: 'routine',
}

@@ -83,6 +86,8 @@

if (this._promise) return this._promise
this._promise = new Promise(function (resolve, reject) {
this._once('end', resolve)
this._once('error', reject)
}.bind(this))
this._promise = new Promise(
function (resolve, reject) {
this._once('end', resolve)
this._once('error', reject)
}.bind(this)
)
return this._promise

@@ -112,3 +117,3 @@ }

rows.forEach((rowOfRows, i) => {
rowOfRows.forEach(row => {
rowOfRows.forEach((row) => {
self.emit('row', row, results[i])

@@ -115,0 +120,0 @@ })

66

lib/query.js

@@ -45,10 +45,18 @@ 'use strict'

// named queries must always be prepared
if (this.name) { return true }
if (this.name) {
return true
}
// always prepare if there are max number of rows expected per
// portal execution
if (this.rows) { return true }
if (this.rows) {
return true
}
// don't prepare empty text queries
if (!this.text) { return false }
if (!this.text) {
return false
}
// prepare if there are values
if (!this.values) { return false }
if (!this.values) {
return false
}
return this.values.length > 0

@@ -172,6 +180,9 @@ }

_getRows(connection, rows) {
connection.execute({
portal: this.portal,
rows: rows
}, true)
connection.execute(
{
portal: this.portal,
rows: rows,
},
true
)
connection.flush()

@@ -186,7 +197,10 @@ }

if (!this.hasBeenParsed(connection)) {
connection.parse({
text: this.text,
name: this.name,
types: this.types
}, true)
connection.parse(
{
text: this.text,
name: this.name,
types: this.types,
},
true
)
}

@@ -204,13 +218,19 @@

// http://developer.postgresql.org/pgdocs/postgres/protocol-flow.html#PROTOCOL-FLOW-EXT-QUERY
connection.bind({
portal: this.portal,
statement: this.name,
values: this.values,
binary: this.binary
}, true)
connection.bind(
{
portal: this.portal,
statement: this.name,
values: this.values,
binary: this.binary,
},
true
)
connection.describe({
type: 'P',
name: this.portal || ''
}, true)
connection.describe(
{
type: 'P',
name: this.portal || '',
},
true
)

@@ -217,0 +237,0 @@ this._getRows(connection, this.rows)

64

lib/sasl.js
'use strict'
const crypto = require('crypto')
function startSession (mechanisms) {
function startSession(mechanisms) {
if (mechanisms.indexOf('SCRAM-SHA-256') === -1) {

@@ -15,7 +15,7 @@ throw new Error('SASL: Only mechanism SCRAM-SHA-256 is currently supported')

response: 'n,,n=*,r=' + clientNonce,
message: 'SASLInitialResponse'
message: 'SASLInitialResponse',
}
}
function continueSession (session, password, serverData) {
function continueSession(session, password, serverData) {
if (session.message !== 'SASLInitialResponse') {

@@ -57,3 +57,3 @@ throw new Error('SASL: Last message was not SASLInitialResponse')

function finalizeSession (session, serverData) {
function finalizeSession(session, serverData) {
if (session.message !== 'SASLResponse') {

@@ -65,9 +65,11 @@ throw new Error('SASL: Last message was not SASLResponse')

String(serverData).split(',').forEach(function (part) {
switch (part[0]) {
case 'v':
serverSignature = part.substr(2)
break
}
})
String(serverData)
.split(',')
.forEach(function (part) {
switch (part[0]) {
case 'v':
serverSignature = part.substr(2)
break
}
})

@@ -79,18 +81,20 @@ if (serverSignature !== session.serverSignature) {

function extractVariablesFromFirstServerMessage (data) {
function extractVariablesFromFirstServerMessage(data) {
var nonce, salt, iteration
String(data).split(',').forEach(function (part) {
switch (part[0]) {
case 'r':
nonce = part.substr(2)
break
case 's':
salt = part.substr(2)
break
case 'i':
iteration = parseInt(part.substr(2), 10)
break
}
})
String(data)
.split(',')
.forEach(function (part) {
switch (part[0]) {
case 'r':
nonce = part.substr(2)
break
case 's':
salt = part.substr(2)
break
case 'i':
iteration = parseInt(part.substr(2), 10)
break
}
})

@@ -112,7 +116,7 @@ if (!nonce) {

salt,
iteration
iteration,
}
}
function xorBuffers (a, b) {
function xorBuffers(a, b) {
if (!Buffer.isBuffer(a)) a = Buffer.from(a)

@@ -133,7 +137,7 @@ if (!Buffer.isBuffer(b)) b = Buffer.from(b)

function createHMAC (key, msg) {
function createHMAC(key, msg) {
return crypto.createHmac('sha256', key).update(msg).digest()
}
function Hi (password, saltBytes, iterations) {
function Hi(password, saltBytes, iterations) {
var ui1 = createHMAC(password, Buffer.concat([saltBytes, Buffer.from([0, 0, 0, 1])]))

@@ -152,3 +156,3 @@ var ui = ui1

continueSession,
finalizeSession
finalizeSession,
}

11

lib/type-overrides.js

@@ -12,3 +12,3 @@ 'use strict'

function TypeOverrides (userTypes) {
function TypeOverrides(userTypes) {
this._types = userTypes || types

@@ -21,5 +21,8 @@ this.text = {}

switch (format) {
case 'text': return this.text
case 'binary': return this.binary
default: return {}
case 'text':
return this.text
case 'binary':
return this.binary
default:
return {}
}

@@ -26,0 +29,0 @@ }

70

lib/utils.js

@@ -14,6 +14,4 @@ 'use strict'

function escapeElement (elementRepresentation) {
var escaped = elementRepresentation
.replace(/\\/g, '\\\\')
.replace(/"/g, '\\"')
function escapeElement(elementRepresentation) {
var escaped = elementRepresentation.replace(/\\/g, '\\\\').replace(/"/g, '\\"')

@@ -26,3 +24,3 @@ return '"' + escaped + '"'

// a different array separator.
function arrayString (val) {
function arrayString(val) {
var result = '{'

@@ -81,3 +79,3 @@ for (var i = 0; i < val.length; i++) {

function prepareObject (val, seen) {
function prepareObject(val, seen) {
if (val && typeof val.toPostgres === 'function') {

@@ -95,9 +93,11 @@ seen = seen || []

function pad (number, digits) {
function pad(number, digits) {
number = '' + number
while (number.length < digits) { number = '0' + number }
while (number.length < digits) {
number = '0' + number
}
return number
}
function dateToString (date) {
function dateToString(date) {
var offset = -date.getTimezoneOffset()

@@ -109,8 +109,15 @@

var ret = pad(year, 4) + '-' +
pad(date.getMonth() + 1, 2) + '-' +
pad(date.getDate(), 2) + 'T' +
pad(date.getHours(), 2) + ':' +
pad(date.getMinutes(), 2) + ':' +
pad(date.getSeconds(), 2) + '.' +
var ret =
pad(year, 4) +
'-' +
pad(date.getMonth() + 1, 2) +
'-' +
pad(date.getDate(), 2) +
'T' +
pad(date.getHours(), 2) +
':' +
pad(date.getMinutes(), 2) +
':' +
pad(date.getSeconds(), 2) +
'.' +
pad(date.getMilliseconds(), 3)

@@ -121,3 +128,5 @@

offset *= -1
} else { ret += '+' }
} else {
ret += '+'
}

@@ -129,3 +138,3 @@ ret += pad(Math.floor(offset / 60), 2) + ':' + pad(offset % 60, 2)

function dateToStringUTC (date) {
function dateToStringUTC(date) {
var year = date.getUTCFullYear()

@@ -135,8 +144,15 @@ var isBCYear = year < 1

var ret = pad(year, 4) + '-' +
pad(date.getUTCMonth() + 1, 2) + '-' +
pad(date.getUTCDate(), 2) + 'T' +
pad(date.getUTCHours(), 2) + ':' +
pad(date.getUTCMinutes(), 2) + ':' +
pad(date.getUTCSeconds(), 2) + '.' +
var ret =
pad(year, 4) +
'-' +
pad(date.getUTCMonth() + 1, 2) +
'-' +
pad(date.getUTCDate(), 2) +
'T' +
pad(date.getUTCHours(), 2) +
':' +
pad(date.getUTCMinutes(), 2) +
':' +
pad(date.getUTCSeconds(), 2) +
'.' +
pad(date.getUTCMilliseconds(), 3)

@@ -149,5 +165,5 @@

function normalizeQueryConfig (config, values, callback) {
function normalizeQueryConfig(config, values, callback) {
// can take in strings or config objects
config = (typeof (config) === 'string') ? { text: config } : config
config = typeof config === 'string' ? { text: config } : config
if (values) {

@@ -178,3 +194,3 @@ if (typeof values === 'function') {

module.exports = {
prepareValue: function prepareValueWrapper (value) {
prepareValue: function prepareValueWrapper(value) {
// this ensures that extra arguments do not get passed into prepareValue

@@ -186,3 +202,3 @@ // by accident, eg: from calling values.map(utils.prepareValue)

postgresMd5PasswordHash,
md5
md5,
}

17

package.json
{
"name": "pg",
"version": "8.0.2",
"version": "8.0.3",
"description": "PostgreSQL client - pure javascript & libpq with the same API",

@@ -25,4 +25,4 @@ "keywords": [

"pg-connection-string": "0.1.3",
"pg-pool": "^3.1.0",
"pg-protocol": "^1.2.1",
"pg-pool": "^3.1.1",
"pg-protocol": "^1.2.2",
"pg-types": "^2.1.0",

@@ -36,8 +36,2 @@ "pgpass": "1.x",

"co": "4.6.0",
"eslint": "^6.0.1",
"eslint-config-standard": "^13.0.1",
"eslint-plugin-import": "^2.18.1",
"eslint-plugin-node": "^9.1.0",
"eslint-plugin-promise": "^4.2.1",
"eslint-plugin-standard": "^4.0.0",
"pg-copy-streams": "0.3.0"

@@ -47,4 +41,3 @@ },

"scripts": {
"test": "make test-all",
"lint": "make lint"
"test": "make test-all"
},

@@ -59,3 +52,3 @@ "files": [

},
"gitHead": "da03b3f9050c85a7722413a03c199cc3bdbcf5bf"
"gitHead": "35328807e3612cb267bee86dccb2551ad186624a"
}
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc