npm - @agentuity/postgres - Versions diffs - 1.0.6 → 1.0.8 - Mend

@agentuity/postgres 1.0.6 → 1.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (28) hide show

package/src/tls.ts ADDED Viewed

@@ -0,0 +1,54 @@
+/**
+ * TLS/SSL utilities for PostgreSQL connections.
+ *
+ * @see https://github.com/agentuity/sdk/issues/921
+ */
+/**
+ * Injects `sslmode=require` into a PostgreSQL connection URL when TLS is
+ * requested but the URL doesn't already contain an `sslmode` parameter.
+ *
+ * Bun.SQL requires `sslmode` in the connection URL to trigger PostgreSQL
+ * TLS negotiation (SSLRequest). The `tls` option alone configures *how*
+ * TLS works but doesn't initiate the protocol handshake.
+ *
+ * If `sslmode` is already present in the URL (e.g. `sslmode=disable`,
+ * `sslmode=prefer`), the existing value is preserved — the user's
+ * explicit setting always takes precedence.
+ *
+ * @param url - PostgreSQL connection URL (may be undefined)
+ * @param tls - TLS config value from the caller (truthy = wants TLS)
+ * @returns The URL with `sslmode=require` injected, or the original URL
+ *
+ * @example
+ * ```typescript
+ * // Injects sslmode=require
+ * injectSslMode('postgresql://host/db', true);
+ * // => 'postgresql://host/db?sslmode=require'
+ *
+ * // Preserves existing sslmode
+ * injectSslMode('postgresql://host/db?sslmode=prefer', true);
+ * // => 'postgresql://host/db?sslmode=prefer'
+ *
+ * // No-op when tls is falsy
+ * injectSslMode('postgresql://host/db', false);
+ * // => 'postgresql://host/db'
+ * ```
+ */
+export function injectSslMode(url: string | undefined, tls: unknown): string | undefined {
+	if (!url || tls === undefined || tls === false) {
+		return url;
+	}
+	try {
+		const parsed = new URL(url);
+		if (!parsed.searchParams.has('sslmode')) {
+			parsed.searchParams.set('sslmode', 'require');
+			return parsed.toString();
+		}
+	} catch {
+		// Not a parseable URL — return as-is
+	}
+	return url;
+}

package/src/types.ts CHANGED Viewed

@@ -1,3 +1,5 @@
+import type pg from 'pg';
 /**
  * TLS configuration options for PostgreSQL connections.
  */
@@ -279,66 +281,14 @@ export interface PoolSSLConfig {
  * Configuration options for PostgresPool.
  * Extends standard pg.Pool options with reconnection support.
  */
-export interface PoolConfig {
-	/**
-	 * PostgreSQL connection URL.
-	 * If not provided, uses `process.env.DATABASE_URL`.
-	 */
-	connectionString?: string;
-	/**
-	 * Database hostname.
-	 */
-	host?: string;
-	/**
-	 * Database port.
-	 * @default 5432
-	 */
-	port?: number;
-	/**
-	 * Database username.
-	 */
-	user?: string;
-	/**
-	 * Database password.
-	 */
-	password?: string;
-	/**
-	 * Database name.
-	 */
-	database?: string;
-	/**
-	 * Maximum number of connections in the pool.
-	 * @default 10
-	 */
-	max?: number;
-	/**
-	 * Number of milliseconds a client must sit idle before being disconnected.
-	 * Set to 0 to disable idle timeout.
-	 * @default 10000
-	 */
-	idleTimeoutMillis?: number;
-	/**
-	 * Number of milliseconds to wait when connecting a new client before timing out.
-	 * Set to 0 to disable connection timeout.
-	 * @default 0
-	 */
-	connectionTimeoutMillis?: number;
+export interface PoolConfig extends pg.PoolConfig {
 	/**
 	 * SSL configuration.
 	 * Set to `true` to enable SSL with default settings.
 	 * Set to an object to configure SSL options.
 	 * Set to `false` or omit to disable SSL.
 	 */
-	ssl?: boolean | PoolSSLConfig;
+	ssl?: pg.PoolConfig['ssl'] | PoolSSLConfig;
 	/**
 	 * Reconnection configuration.