Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update dependency pg to v8.13.1 #46

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Mar 28, 2023

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
pg (source) 8.0.3 -> 8.13.1 age adoption passing confidence

Release Notes

brianc/node-postgres (pg)

v8.13.1

Compare Source

v8.13.0

Compare Source

v8.12.0

Compare Source

v8.11.6

Compare Source

v8.11.5

Compare Source

v8.11.4

Compare Source

v8.11.3

Compare Source

v8.11.2

Compare Source

v8.11.1

Compare Source

v8.11.0

Compare Source

v8.10.0

Compare Source

  • Emit release event when client is returned to the pool.

v8.9.0

Compare Source

v8.8.0

Compare Source

[email protected]
[email protected]
  • Add optional config to pool to allow process to exit if pool is idle.
[email protected]
[email protected]
[email protected]
  • Library has been converted to Typescript. The behavior is identical, but there could be subtle breaking changes due to class names changing or other small inconsistencies introduced by the conversion.
[email protected]
[email protected]
  • Switch to optional peer dependencies & remove semver package which has been a small thorn in the side of a few users.
  • Export DatabaseError from pg-protocol.
  • Add support for sslmode in the connection string.
[email protected]
[email protected]
  • Switch internal protocol parser & serializer to pg-protocol. The change is backwards compatible but results in a significant performance improvement across the board, with some queries as much as 50% faster. This is the first work to land in an on-going performance improvment initiative I'm working on. Stay tuned as things are set to get much faster still! 🚀
[email protected]
  • Switch internal protocol parser & serializer to pg-protocol. The change is backwards compatible but results in a significant performance improvement across the board, with some queries as much as 50% faster.
[email protected]
  • Switch internal protocol parser & serializer to pg-protocol. The change is backwards compatible but results in a significant performance improvement across the board, with some queries as much as 50% faster.
[email protected]
  • Switch to using monorepo version of pg-connection-string. This includes better support for SSL argument parsing from connection strings and ensures continuity of support.
  • Add &ssl=no-verify option to connection string and PGSSLMODE=no-verify environment variable support for the pure JS driver. This is equivalent of passing { ssl: { rejectUnauthorized: false } } to the client/pool constructor. The advantage of having support in connection strings and environment variables is it can be "externally" configured via environment variables and CLI arguments much more easily, and should remove the need to directly edit any application code for the SSL default changes in 8.0. This should make using [email protected] significantly less difficult on environments like Heroku for example.
[email protected]
  • Same changes to pg impact pg-pool as they both use the same connection parameter and connection string parsing code for configuring SSL.
[email protected]
[email protected]
note: for detailed release notes please check here
  • Remove versions of node older than 6 lts from the test matrix. pg>=8.0 may still work on older versions but it is no longer officially supported.
  • Change default behavior when not specifying rejectUnauthorized with the SSL connection parameters. Previously we defaulted to rejectUnauthorized: false when it was not specifically included. We now default to rejectUnauthorized: true. Manually specify { ssl: { rejectUnauthorized: false } } for old behavior.
  • Change default database when not specified to use the user config option if available. Previously process.env.USER was used.
  • Change pg.Pool and pg.Query to be an es6 class.
  • Make pg.native non enumerable.
  • notice messages are no longer instances of Error.
  • Passwords no longer show up when instances of clients or pools are logged.
[email protected]
  • This will likely be the last minor release before [email protected].
  • This version contains a few bug fixes and adds a deprecation warning for a pending change in 8.0 which will flip the default behavior over SSL from rejectUnauthorized from false to true making things more secure in the general use case.
[email protected]
  • Rewrote stream internals to better conform to node stream semantics. This should make pg-query-stream much better at respecting highWaterMark and getting rid of some edge case bugs when using pg-query-stream as an async iterator. Due to the size and nature of this change (effectively a full re-write) it's safest to bump the semver major here, though almost all tests remain untouched and still passing, which brings us to a breaking change to the API....
  • Changed stream.close to stream.destroy which is the official way to terminate a readable stream. This is a breaking change if you rely on the stream.close method on pg-query-stream...though should be just a find/replace type operation to upgrade as the semantics remain very similar (not exactly the same, since internals are rewritten, but more in line with how streams are "supposed" to behave).
  • Unified the config.batchSize and config.highWaterMark to both do the same thing: control how many rows are buffered in memory. The ReadableStream will manage exactly how many rows are requested from the cursor at a time. This should give better out of the box performance and help with efficient async iteration.
[email protected]
  • Add support for idle_in_transaction_session_timeout option.
7.16.0
  • Add optional, opt-in behavior to test new, faster query pipeline. This is experimental, and not documented yet. The pipeline changes will grow significantly after the 8.0 release.
7.15.0
7.14.0
7.13.0
7.12.0
7.11.0
7.10.0
7.9.0
7.8.0
7.7.0
7.6.0
7.5.0
7.4.0
7.3.0
7.2.0
  • Pinned pg-pool and pg-types to a tighter semver range. This is likely not a noticeable change for you unless you were specifically installing older versions of those libraries for some reason, but making it a minor bump here just in case it could cause any confusion.
7.1.0
Enhancements
7.0.0
Breaking Changes
  • Drop support for node < 4.x.
  • Remove pg.connect pg.end and pg.cancel singleton methods.
  • Client#connect(callback) now returns undefined. It used to return an event emitter.
  • Upgrade pg-pool to 2.x.
  • Upgrade pg-native to 2.x.
  • Standardize error message fields between JS and native driver. The only breaking changes were in the native driver as its field names were brought into alignment with the existing JS driver field names.
  • Result from multi-statement text queries such as SELECT 1; SELECT 2; are now returned as an array of results instead of a single result with 1 array containing rows from both queries.

Please see here for a migration guide

Enhancements
  • Overhauled documentation: https://node-postgres.com.
  • Add Client#connect() => Promise<void> and Client#end() => Promise<void> calls. Promises are now returned from all async methods on clients if and only if no callback was supplied to the method.
  • Add connectionTimeoutMillis to pg-pool.
v6.2.0
v6.1.0
  • Add optional callback parameter to the pure JavaScript client.end method. The native client already supported this.
v6.0.0
Breaking Changes
  • Remove pg.pools. There is still a reference kept to the pools created & tracked by pg.connect but it has been renamed, is considered private, and should not be used. Accessing this API directly was uncommon and was supposed to be private but was incorrectly documented on the wiki. Therefore, it is a breaking change of an (unintentionally) public interface to remove it by renaming it & making it private. Eventually pg.connect itself will be deprecated in favor of instantiating pools directly via new pg.Pool() so this property should become completely moot at some point. In the mean time...check out the new features...
New features
  • Replace internal pooling code with pg-pool. This is the first step in eventually deprecating and removing the singleton pg.connect. The pg-pool constructor is exported from node-postgres at require('pg').Pool. It provides a backwards compatible interface with pg.connect as well as a promise based interface & additional niceties.

You can now create an instance of a pool and don't have to rely on the pg singleton for anything:

var pg = require('pg')

var pool = new pg.Pool()

// your friendly neighborhood pool interface, without the singleton
pool.connect(function(err, client, done) {
  // ...
})

Promise support & other goodness lives now in pg-pool.

Please read the readme at pg-pool for the full api.

  • Included support for tcp keep alive. Enable it as follows:
var client = new Client({ keepAlive: true })

This should help with backends incorrectly considering idle clients to be dead and prematurely disconnecting them.

v5.1.0
  • Make the query object returned from client.query implement the promise interface. This is the first step towards promisifying more of the node-postgres api.

Example:

var client = new Client()
client.connect()
client.query('SELECT $1::text as name', ['brianc']).then(function (res) {
  console.log('hello from', res.rows[0])
  client.end()
})
v5.0.0
Breaking Changes
  • require('pg').native now returns null if the native bindings cannot be found; previously, this threw an exception.
New Features
  • better error message when passing undefined as a query parameter
  • support for defaults.connectionString
  • support for returnToHead being passed to generic pool
v4.5.0
  • Add option to parse JS date objects in query parameters as UTC
v4.4.0
  • Warn to stderr if a named query exceeds 63 characters which is the max length supported by postgres.
v4.3.0
v4.2.0
  • Support for additional error fields in postgres >= 9.3 if available.
v4.1.0
v4.0.0
  • Make native bindings an optional install with npm install pg-native
  • No longer surround query result callback with try/catch block.
  • Remove built in COPY IN / COPY OUT support - better implementations provided by pg-copy-streams and pg-native
v3.6.0
v3.5.0
  • Include support for parsing boolean arrays
v3.4.0
v3.2.0
v3.1.0
v3.0.0
Breaking changes

After some discussion it was decided node-postgres was non-compliant in how it was handling DATE results. They were being converted to UTC, but the PostgreSQL documentation specifies they should be returned in the client timezone. This is a breaking change, and if you use the date type you might want to examine your code and make sure nothing is impacted.

[email protected] included changes to not convert large integers into their JavaScript number representation because of possibility for numeric precision loss. The same types in arrays were not taken into account. This fix applies the same type of type-coercion rules to arrays of those types, so there will be no more possible numeric loss on an array of very large int8s for example. This is a breaking change because now a return type from a query of int8[] will contain string representations
of the integers. Use your favorite JavaScript bignum module to represent them without precision loss, or punch over the type converter to return the old style arrays again.

Single date parameters were properly sent to the PostgreSQL server properly in local time, but an input array of dates was being changed into utc dates. This is a violation of what PostgreSQL expects. Small breaking change, but none-the-less something you should check out if you are inserting an array of dates.

This is a small change to bring the semantics of query more in line with other EventEmitters. The tests all passed after this change, but I suppose it could still be a breaking change in certain use cases. If you are doing clever things with the end and error events of a query object you might want to check to make sure its still behaving normally, though it is most likely not an issue.

New features

The long & short of it is now any object you supply in the list of query values will be inspected for a .toPostgres method. If the method is present it will be called and its result used as the raw text value sent to PostgreSQL for that value. This allows the same type of custom type coercion on query parameters as was previously afforded to query result values.

If domains are active node-postgres will honor them and do everything it can to ensure all callbacks are properly fired in the active domain. If you have tried to use domains with node-postgres (or many other modules which pool long lived event emitters) you may have run into an issue where the active domain changes before and after a callback. This has been a longstanding footgun within node-postgres and I am happy to get it fixed.

Avoids a scenario where your pool could fill up with disconnected & unusable clients.

To provide better documentation and a clearer explanation of how to override the query result parsing system we broke the type converters into their own module. There is still work around removing the 'global-ness' of the type converters so each query or connection can return types differently, but this is a good first step and allow a lot more obvious way to return int8 results as JavaScript numbers, for example

v2.11.0
v2.10.0
v2.9.0
v2.8.0
  • Add support for parsing JSON[] and UUID[] result types
v2.7.0
  • Use single row mode in native bindings when available [@​rpedela]
    • reduces memory consumption when handling row values in 'row' event
  • Automatically bind buffer type parameters as binary [@​eugeneware]
v2.6.0
  • Respect PGSSLMODE environment variable
v2.5.0
  • Ability to opt-in to int8 parsing via pg.defaults.parseInt8 = true
v2.4.0
  • Use eval in the result set parser to increase performance
v2.3.0
  • Remove built-in support for binary Int64 parsing.
    Due to the low usage & required compiled dependency this will be pushed into a 3rd party add-on
v2.2.0
v2.1.0
v2.0.0
  • Properly handle various PostgreSQL to JavaScript type conversions to avoid data loss:
PostgreSQL | [email protected] JavaScript | [email protected] JavaScript
--------------------------------|----------------
float4     | number (float)     | string
float8     | number (float)     | string
int8       | string             | number (int)
numeric    | string             | number (float)
decimal    | string             | number (float)

For more information see https://github.com/brianc/node-postgres/pull/353
If you are unhappy with these changes you can always override the built in type parsing fairly easily.

v1.3.0
  • Make client_encoding configurable and optional
v1.2.0
  • return field metadata on result object: access via result.fields[i].name/dataTypeID
v1.1.0
  • built in support for JSON data type for PostgreSQL Server @​ v9.2.0 or greater
v1.0.0
  • remove deprecated functionality
    • Callback function passed to pg.connect now requires 3 arguments
    • Client#pauseDrain() / Client#resumeDrain removed
    • numeric, decimal, and float data types no longer parsed into float before being returned. Will be returned from query results as String
v0.15.0
  • client now emits end when disconnected from back-end server
  • if client is disconnected in the middle of a query, query receives an error
v0.14.0
  • add deprecation warnings in prep for v1.0
  • fix read/write failures in native module under node v0.9.x

v8.7.3

Compare Source

v8.7.1

Compare Source

v8.7.0

Compare Source

  • Add optional config to pool to allow process to exit if pool is idle.

v8.6.0

Compare Source

v8.5.1

Compare Source

v8.5.0

Compare Source

v8.4.2

Compare Source

v8.4.1

Compare Source

v8.4.0

Compare Source

  • Switch to optional peer dependencies & remove semver package which has been a small thorn in the side of a few users.
  • Export DatabaseError from pg-protocol.
  • Add support for sslmode in the connection string.

v8.3.3

Compare Source

v8.3.2

Compare Source

v8.3.0

Compare Source

v8.2.2

Compare Source

v8.2.1

Compare Source

v8.2.0

Compare Source

  • Switch internal protocol parser & serializer to pg-protocol. The change is backwards compatible but results in a significant performance improvement across the board, with some queries as much as 50% faster. This is the first work to land in an on-going performance improvment initiative I'm working on. Stay tuned as things are set to get much faster still! 🚀

v8.1.0

Compare Source

  • Switch to using monorepo version of pg-connection-string. This includes better support for SSL argument parsing from connection strings and ensures continuity of support.
  • Add &ssl=no-verify option to connection string and PGSSLMODE=no-verify environment variable support for the pure JS driver. This is equivalent of passing { ssl: { rejectUnauthorized: false } } to the client/pool constructor. The advantage of having support in connection strings and environment variables is it can be "externally" configured via environment variables and CLI arguments much more easily, and should remove the need to directly edit any application code for the SSL default changes in 8.0. This should make using [email protected] significantly less difficult on environments like Heroku for example.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/pg-8.x-lockfile branch from 46cfe49 to 57243fd Compare May 28, 2023 22:00
@renovate renovate bot changed the title fix(deps): update dependency pg to v8.10.0 fix(deps): update dependency pg to v8.11.0 May 28, 2023
@renovate renovate bot force-pushed the renovate/pg-8.x-lockfile branch from 57243fd to 048ade1 Compare June 26, 2023 23:53
@renovate renovate bot changed the title fix(deps): update dependency pg to v8.11.0 fix(deps): update dependency pg to v8.11.1 Jun 26, 2023
@renovate renovate bot force-pushed the renovate/pg-8.x-lockfile branch from 048ade1 to ffc7f07 Compare August 3, 2023 20:35
@renovate renovate bot changed the title fix(deps): update dependency pg to v8.11.1 fix(deps): update dependency pg to v8.11.2 Aug 3, 2023
@renovate renovate bot force-pushed the renovate/pg-8.x-lockfile branch from ffc7f07 to 0698af5 Compare August 10, 2023 21:01
@renovate renovate bot changed the title fix(deps): update dependency pg to v8.11.2 fix(deps): update dependency pg to v8.11.3 Aug 17, 2023
@renovate renovate bot force-pushed the renovate/pg-8.x-lockfile branch from 0698af5 to 611f1b6 Compare August 17, 2023 05:32
@renovate renovate bot force-pushed the renovate/pg-8.x-lockfile branch from 611f1b6 to 246043b Compare December 5, 2023 05:18
@renovate renovate bot force-pushed the renovate/pg-8.x-lockfile branch from 246043b to cca72e1 Compare March 31, 2024 20:55
@renovate renovate bot changed the title fix(deps): update dependency pg to v8.11.3 fix(deps): update dependency pg to v8.11.4 Mar 31, 2024
@renovate renovate bot force-pushed the renovate/pg-8.x-lockfile branch from cca72e1 to ca129b6 Compare April 3, 2024 11:53
@renovate renovate bot changed the title fix(deps): update dependency pg to v8.11.4 fix(deps): update dependency pg to v8.11.5 Apr 3, 2024
@renovate renovate bot force-pushed the renovate/pg-8.x-lockfile branch from ca129b6 to e4aef5f Compare June 5, 2024 20:41
@renovate renovate bot changed the title fix(deps): update dependency pg to v8.11.5 fix(deps): update dependency pg to v8.12.0 Jun 5, 2024
@renovate renovate bot force-pushed the renovate/pg-8.x-lockfile branch from e4aef5f to cb05ef2 Compare September 18, 2024 17:40
@renovate renovate bot changed the title fix(deps): update dependency pg to v8.12.0 fix(deps): update dependency pg to v8.13.0 Sep 18, 2024
@renovate renovate bot force-pushed the renovate/pg-8.x-lockfile branch from cb05ef2 to 1a800e3 Compare October 24, 2024 23:23
@renovate renovate bot changed the title fix(deps): update dependency pg to v8.13.0 fix(deps): update dependency pg to v8.13.1 Oct 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants