feat(pg-connection-string): warn if non-standard ssl options are used (#3473)

* feat(pg-connection-string): warn if non-standard ssl options are used In preparation for v3.0.0, we start warning users to be explicit about the sslmode they want. * Update index.js
2025-12-08 20:16:25 +00:00 · 2025-07-07 18:33:22 -04:00 · 2025-07-07 18:33:22 -04:00 · c8fb1e9261
commit c8fb1e9261
parent 54e0424991
1 changed files with 19 additions and 0 deletions
--- a/packages/pg-connection-string/index.js
+++ b/packages/pg-connection-string/index.js
@ -1,5 +1,7 @@
 'use strict'

+const { emitWarning } = require('node:process')
+
 //Parse method copied from https://github.com/brianc/node-postgres
 //Copyright (c) 2010-2014 Brian Carlson (brian.m.carlson@gmail.com)
 //MIT License
@ -138,6 +140,9 @@ function parse(str, options = {}) {
      case 'require':
      case 'verify-ca':
      case 'verify-full': {
+        if (config.sslmode !== 'verify-full') {
+          deprecatedSslModeWarning(config.sslmode)
+        }
        break
      }
      case 'no-verify': {
@ -206,6 +211,20 @@ function parseIntoClientConfig(str) {
  return toClientConfig(parse(str))
 }

+function deprecatedSslModeWarning(sslmode) {
+  if (!deprecatedSslModeWarning.warned) {
+    deprecatedSslModeWarning.warned = true
+    emitWarning(`SECURITY WARNING: The SSL modes 'prefer', 'require', and 'verify-ca' are treated as aliases for 'verify-full'.
+In the next major version (pg-connection-string v3.0.0 and pg v9.0.0), these modes will adopt standard libpq semantics, which have weaker security guarantees.
+
+To prepare for this change:
+- If you want the current behavior, explicitly use 'sslmode=verify-full'
+- If you want libpq compatibility now, use 'uselibpqcompat=true&sslmode=${sslmode}'
+
+See https://www.postgresql.org/docs/current/libpq-ssl.html for libpq SSL mode definitions.`)
+  }
+}
+
 module.exports = parse

 parse.parse = parse