Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
sql-formatter
Advanced tools
The sql-formatter npm package is a library for formatting SQL queries. It supports various SQL dialects and provides a clean and readable output for SQL statements.
Basic SQL Formatting
This feature allows you to format a basic SQL query into a more readable format.
const sqlFormatter = require('sql-formatter');
const formattedSQL = sqlFormatter.format('SELECT * FROM table WHERE column = value');
console.log(formattedSQL);
Dialect-Specific Formatting
This feature allows you to format SQL queries according to specific SQL dialects like MySQL, PostgreSQL, etc.
const sqlFormatter = require('sql-formatter');
const formattedSQL = sqlFormatter.format('SELECT * FROM table WHERE column = value', { language: 'mysql' });
console.log(formattedSQL);
Custom Indentation
This feature allows you to customize the indentation used in the formatted SQL output.
const sqlFormatter = require('sql-formatter');
const formattedSQL = sqlFormatter.format('SELECT * FROM table WHERE column = value', { indent: ' ' });
console.log(formattedSQL);
sql-formatter-plus is another SQL formatter that offers similar functionality to sql-formatter. It also supports multiple SQL dialects and provides options for customizing the output format. However, it may have different default formatting styles and additional configuration options.
prettier-plugin-sql is a plugin for the Prettier code formatter that adds support for formatting SQL queries. It integrates with Prettier's ecosystem, allowing you to format SQL queries alongside other code formats supported by Prettier. This can be useful if you are already using Prettier for other parts of your codebase.
SQL Formatter is a JavaScript library for pretty-printing SQL queries.
It started as a port of a PHP Library, but has since considerably diverged.
It supports various SQL dialects: GCP BigQuery, IBM DB2, Apache Hive, MariaDB, MySQL, TiDB, Couchbase N1QL, Oracle PL/SQL, PostgreSQL, Amazon Redshift, SingleStoreDB, Snowflake, Spark, SQL Server Transact-SQL, Trino (and Presto). See language option docs for more details.
It does not support:
;
.ā Try the demo.
Get the latest version from NPM:
npm install sql-formatter
Also available with yarn:
yarn add sql-formatter
import { format } from 'sql-formatter';
console.log(format('SELECT * FROM tbl', { language: 'mysql' }));
This will output:
SELECT
*
FROM
tbl
You can also pass in configuration options:
format('SELECT * FROM tbl', {
language: 'spark',
tabWidth: 2,
keywordCase: 'upper',
linesBetweenQueries: 2,
});
You can disable the formatter for a section of SQL by surrounding it with disable/enable comments:
/* sql-formatter-disable */
SELECT * FROM tbl1;
/* sql-formatter-enable */
SELECT * FROM tbl2;
which produces:
/* sql-formatter-disable */
SELECT * FROM tbl1;
/* sql-formatter-enable */
SELECT
*
FROM
tbl2;
The formatter doesn't even parse the code between these comments. So in case there's some SQL that happens to crash SQL Formatter, you can at comment the culprit out (at least until the issue gets fixed in SQL Formatter).
In addition to formatting, this library can also perform placeholder replacement in prepared SQL statements:
format('SELECT * FROM tbl WHERE foo = ?', {
params: ["'bar'"],
});
Results in:
SELECT
*
FROM
tbl
WHERE
foo = 'bar'
For more details see docs of params option.
The CLI tool will be installed under sql-formatter
and may be invoked via npx sql-formatter
:
sql-formatter -h
usage: sql-formatter [-h] [-o OUTPUT] \
[-l {bigquery,db2,db2i,hive,mariadb,mysql,n1ql,plsql,postgresql,redshift,singlestoredb,snowflake,spark,sql,sqlite,tidb,transactsql,trino,tsql}] [-c CONFIG] [--version] [FILE]
SQL Formatter
positional arguments:
FILE Input SQL file (defaults to stdin)
optional arguments:
-h, --help show this help message and exit
-o, --output OUTPUT
File to write SQL output (defaults to stdout)
--fix Update the file in-place
-l, --language {bigquery,db2,db2i,hive,mariadb,mysql,n1ql,plsql,postgresql,redshift,singlestoredb,snowflake,spark,sql,sqlite,tidb,trino,tsql}
SQL dialect (defaults to basic sql)
-c, --config CONFIG
Path to config JSON file or json string (will find a file named '.sql-formatter.json' or use default configs if unspecified)
--version show program's version number and exit
By default, the tool takes queries from stdin and processes them to stdout but
one can also name an input file name or use the --output
option.
echo 'select * from tbl where id = 3' | sql-formatter
select
*
from
tbl
where
id = 3
The tool also accepts a JSON config file named .sql-formatter.json in the current or any parent directory, or with the --config
option that takes this form:
{
"language": "spark",
"tabWidth": 2,
"keywordCase": "upper",
"linesBetweenQueries": 2
}
All fields are optional and all fields that are not specified will be filled with their default values.
language
the SQL dialect to use (when using format()
).dialect
the SQL dialect to use (when using formatDialect()
since version 12).tabWidth
amount of indentation to use.useTabs
to use tabs for indentation.keywordCase
uppercases or lowercases keywords.dataTypeCase
uppercases or lowercases data types.functionCase
uppercases or lowercases function names.identifierCase
uppercases or lowercases identifiers. (experimental!)indentStyle
defines overall indentation style. (deprecated!)logicalOperatorNewline
newline before or after boolean operator (AND, OR, XOR).expressionWidth
maximum number of characters in parenthesized expressions to be kept on single line.linesBetweenQueries
how many newlines to insert between queries.denseOperators
packs operators densely without spaces.newlineBeforeSemicolon
places semicolon on separate line.params
collection of values for placeholder replacement.paramTypes
specifies parameter placeholders types to support.If you don't use a module bundler, clone the repository, run npm install
and grab a file from /dist
directory to use inside a <script>
tag.
This makes SQL Formatter available as a global variable window.sqlFormatter
.
eslint-plugin-sql
by using the rule eslint-plugin-sql#format.The most common cause is that you haven't specified an SQL dialect. Instead of calling the library simply:
format('select [col] from tbl');
// Throws: Parse error: Unexpected "[col] from" at line 1 column 8
pick the proper dialect, like:
format('select [col] from tbl', { language: 'transactsql' });
Or when using the VSCode extension: Settings -> SQL-Formatter-VSCode: SQLFlavourOverride.
This typically happens when bundling an appication with Webpack.
The cause is that Babel (through babel-loader
) is not configured
to support class properties syntax:
| export default class ExpressionFormatter {
> inline = false;
This syntax is widely supported in all major browsers (except old IE)
and support for it is included to the default @babel/preset-env
.
Possible fixes:
@babel/preset-env
@babel/plugin-proposal-class-properties
The Prettier SQL VSCode extension is no more maintained by its author.
Please use the official SQL Formatter VSCode extension to get the latest fixes from SQL Formatter library.
For example, you might have an SQL like:
SELECT {col1}, {col2} FROM {tablename}
While templating is not directly supported by SQL Formatter, the workaround is to use paramTypes config option to treat these occurances of templating constructs as prepared-statement parameter-placeholders:
format('SELECT {col1}, {col2} FROM {tablename};', {
paramTypes: { custom: [{ regex: String.raw`\{\w+\}` }] },
});
This won't work for all possible templating constructs, but should solve the most common use cases.
The development of this formatter is currently in maintenance mode. Bugs will get fixed if feasible, but new features will likely not be added.
I have started a new SQL formatting tool: prettier-plugin-sql-cst.
Give it a try if you'd like to take your SQL auto-formatting to the next level.
Please see CONTRIBUTING.md
FAQs
Format whitespace in a SQL query to make it more readable
The npm package sql-formatter receives a total of 433,689 weekly downloads. As such, sql-formatter popularity was classified as popular.
We found that sql-formatter demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago.Ā It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.