* Update docs - start
* Add logo & discord
* Start updating docs for esm style imports
* Update docs with logo & info on pooling
* Update more import statements
---------
Co-authored-by: Brian Carlson <brian.carlson@getcruise.com>
This reverts commit dcb4257898d1d8d37110a4364922206dad33f9fe.
The change doesn’t fix the bug it claims to (`finally` always runs) and introduces a resource leak if the `ROLLBACK` query fails. The related bug that a broken client can be returned to the pool remains unaffected either way.
* Added support for SCRAM-SHA-256-PLUS i.e. channel binding
* Requested tweaks to channel binding
* Additional tweaks to channel binding
* Fixed lint complaints
* Update packages/pg/lib/crypto/sasl.js
Co-authored-by: Charmander <~@charmander.me>
* Update packages/pg/lib/crypto/sasl.js
Co-authored-by: Charmander <~@charmander.me>
* Update packages/pg/lib/client.js
Co-authored-by: Charmander <~@charmander.me>
* Tweaks to channel binding
* Now using homegrown certificate signature algorithm identification
* Update ssl.mdx with channel binding changes
* Allow for config object being undefined when assigning enableChannelBinding
* Fixed a test failing on an updated error message
* Removed - from hash names like SHA-256 for legacy crypto (Node 14 and below)
* Removed packageManager key from package.json
* Added some SASL/channel binding unit tests
* Added a unit test for continueSession to check expected SASL session data
* Modify tests: don't require channel binding (which cannot then work) if not using SSL
---------
Co-authored-by: Charmander <~@charmander.me>
This feature can be used as follows:
```
client.query({ text: 'SELECT 1', queryMode: 'extended' })
```
This will force the query to be sent with parse/bind/execute even when it has no parameters and disallows multiple statements being executed. This can be useful in scenarios where you want to enforce more security & help prevent sql injection attacks...particularly by library authors.
---------
Co-authored-by: alxndrsn <alxndrsn>
Co-authored-by: Brian Carlson <brian.m.carlson@gmail.com>
* Document client.escapeIdentifier and client.escapeLiteral
Per #1978 it seems that these client APIs are undocumented. Added documentation for these functions along with some examples and relevant links.
* Fix typos in new docs
* Migrate escapeIdentifier and escapeLiteral from Client to PG
These are standalone utility functions, they do not need a client instance to function.
Changes made:
- Refactored escapeIdentifer and escapeLiteral from client class to functions in utils
- Update PG to export escapeIdentifier and escapeLiteral
- Migrated tests for Client.escapeIdentifier and Client.escapeLiteral to tests for utils
- Updated documentation, added a "utilities" page where these helpers are discussed
**note** this is a breaking change. Users who used these functions (previously undocumented) on instances of Client, or via Client.prototype.
* Export escapeIdentifier and escapeLiteral from PG
These are standalone utility functions, they should not depend on a client instance.
Changes made:
- Refactored escapeIdentifer and escapeLiteral from client class to functions in utils
- Re-exported functions on client for backwards compatibility
- Update PG to export escapeIdentifier and escapeLiteral
- Updated tests to validate the newly exported functions from both entry points
- Updated documentation, added a "utilities" page where these helpers are discussed
* Ensure escape functions work via Client.prototype
Updated changes such that escapeIdentifier and escapeLiteral are usable via the client prototype
Updated tests to check for both entry points in client
`result.rowCount` is initialized to `null`, but only set to an `int`-value if the returned command tag consists of more than one word, which is not the case in general.
For example, the `LOCK` command will return a command tag of simply the form `LOCK`, and thus `result.rowCount` will stay `null`.
