sql-escape-string
Advanced tools
Comparing version 1.0.0 to 1.1.0
| { | ||
| "name": "sql-escape-string", | ||
| "version": "1.0.0", | ||
| "version": "1.1.0", | ||
| "description": "Simple SQL string escape.", | ||
@@ -5,0 +5,0 @@ "main": "sql-escape-string.js", |
@@ -35,4 +35,4 @@ # sql-escape-string [](http://travis-ci.org/thlorenz/sql-escape-string) | ||
| - backslashes are not escaped by default | ||
| - single quotes are escaped via `''` instead of `\'` and double quotes via `""` instead of `\"` | ||
| - backslashes and double quotes `"` are not escaped by default | ||
| - single quotes are escaped via `''` instead of `\'` | ||
| - your sql engine should throw an error when encountering a backslash escape | ||
@@ -52,3 +52,3 @@ as part of a string, unless it is a literal backslash, i.e. `'backslash: \\'`. | ||
| Returns **[String](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String)** the original string escaped and safe to use | ||
| Returns **[String](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String)** the original string escaped wrapped in single quotes, i.e. `'mystring'` | ||
@@ -55,0 +55,0 @@ ## License |
| 'use strict' | ||
| const CHARS_GLOBAL_RX = /["']/g | ||
| const CHARS_ESCAPE_MAP = { | ||
| '"' : '""' | ||
| , '\'' : '\'\'' | ||
| } | ||
| // eslint-disable-next-line no-control-regex | ||
@@ -33,4 +27,4 @@ const CHARS_GLOBAL_BACKSLASH_SUPPORTED_RX = /[\0\b\t\n\r\x1a"'\\]/g | ||
| * | ||
| * - backslashes are not escaped by default | ||
| * - single quotes are escaped via `''` instead of `\'` and double quotes via `""` instead of `\"` | ||
| * - backslashes and double quotes `"` are not escaped by default | ||
| * - single quotes are escaped via `''` instead of `\'` | ||
| * - your sql engine should throw an error when encountering a backslash escape | ||
@@ -46,3 +40,3 @@ * as part of a string, unless it is a literal backslash, i.e. `'backslash: \\'`. | ||
| * @param {Boolean} [$0.backslashSupported = false] if `true` backslashes are supported | ||
| * @returns {String} the original string escaped and safe to use | ||
| * @returns {String} the original string escaped wrapped in single quotes, i.e. `'mystring'` | ||
| */ | ||
@@ -55,4 +49,7 @@ function escapeString(val, opts) { | ||
| const backslashSupported = !!opts.backslashSupported | ||
| const charsRx = backslashSupported ? CHARS_GLOBAL_BACKSLASH_SUPPORTED_RX : CHARS_GLOBAL_RX | ||
| const charsEscapeMap = backslashSupported ? CHARS_ESCAPE_BACKSLASH_SUPPORTED_MAP : CHARS_ESCAPE_MAP | ||
| if (!backslashSupported) return "'" + val.replace(/'/g, "''") + "'" | ||
| const charsRx = CHARS_GLOBAL_BACKSLASH_SUPPORTED_RX | ||
| const charsEscapeMap = CHARS_ESCAPE_BACKSLASH_SUPPORTED_MAP | ||
| var chunkIndex = charsRx.lastIndex = 0 | ||
@@ -59,0 +56,0 @@ var escapedVal = '' |
Fixed alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Improved metrics
- Number of medium supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Total package byte prevSize
- decreased by-1.4%
6549
- Lines of code
- decreased by-6.25%
60