tedious - npm Package Compare versions

Comparing version 11.1.0 to 11.1.1

lib/bulk-load.js

@@ -151,2 +151,16 @@ "use strict";
 /**
+ * Escape an identifier according to SQL Server identifier naming rules.
+ *
+ * Does not perform validation of the identifier, only escapes the characters so it can safely be embedded into a
+ * T-SQL statement.
+ *
+ * @param identifier a table name, column name, etc.
+ * @returns the escaped identifier
+ */
+
+
+function escapeIdentifier(identifier) {
+  return `"${identifier.replace(/"/g, '""')}"`;
+}
+/**
  * A BulkLoad instance is used to perform a bulk insert.
@@ -493,3 +507,3 @@ *
   getBulkInsertSql() {
-    let sql = 'insert bulk ' + this.table + '(';
+    let sql = 'insert bulk ' + escapeIdentifier(this.table) + ' (';
 
@@ -503,3 +517,3 @@ for (let i = 0, len = this.columns.length; i < len; i++) {
 
-      sql += '[' + c.name + '] ' + c.type.declaration(c);
+      sql += escapeIdentifier(c.name) + ' ' + c.type.declaration(c);
     }
@@ -525,3 +539,3 @@
   getTableCreationSql() {
-    let sql = 'CREATE TABLE ' + this.table + '(\n';
+    let sql = 'CREATE TABLE ' + escapeIdentifier(this.table) + ' (\n';
 
@@ -535,3 +549,3 @@ for (let i = 0, len = this.columns.length; i < len; i++) {
 
-      sql += '[' + c.name + '] ' + c.type.declaration(c);
+      sql += escapeIdentifier(c.name) + ' ' + c.type.declaration(c);
 
@@ -538,0 +552,0 @@ if (c.nullable !== undefined) {

package.json

@@ -30,3 +30,3 @@ {
   "license": "MIT",
-  "version": "11.1.0",
+  "version": "11.1.1",
   "main": "./lib/tedious.js",
@@ -33,0 +33,0 @@ "repository": {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

472049

increased by0.1%

Lines of code

13003

increased by0.09%

No dependency changes