graphile-postgis 2.9.2 → 2.9.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/esm/plugins/connection-filter-operators.js +26 -19
  2. package/package.json +13 -13
  3. package/plugins/connection-filter-operators.js +26 -19
package/esm/plugins/connection-filter-operators.js CHANGED
@@ -2,21 +2,29 @@ import 'graphile-build';
2
2
  import 'graphile-connection-filter';
3
3
  import sql from 'pg-sql2';
4
4
  import { CONCRETE_SUBTYPES } from '../constants';
5
- const ALLOWED_SQL_OPERATORS = new Set([
6
- '=',
7
- '&&',
8
- '&&&',
9
- '&<',
10
- '&<|',
11
- '&>',
12
- '|&>',
13
- '<<',
14
- '<<|',
15
- '>>',
16
- '|>>',
17
- '~',
18
- '~=',
19
- ]);
5
+ /**
6
+ * Builds an infix operator SQL fragment from a validated operator string.
7
+ * Uses explicit template literals for each operator to avoid sql.raw.
8
+ */
9
+ function buildOperatorExpr(op, i, v) {
10
+ switch (op) {
11
+ case '=': return sql.fragment `${i} = ${v}`;
12
+ case '&&': return sql.fragment `${i} && ${v}`;
13
+ case '&&&': return sql.fragment `${i} &&& ${v}`;
14
+ case '&<': return sql.fragment `${i} &< ${v}`;
15
+ case '&<|': return sql.fragment `${i} &<| ${v}`;
16
+ case '&>': return sql.fragment `${i} &> ${v}`;
17
+ case '|&>': return sql.fragment `${i} |&> ${v}`;
18
+ case '<<': return sql.fragment `${i} << ${v}`;
19
+ case '<<|': return sql.fragment `${i} <<| ${v}`;
20
+ case '>>': return sql.fragment `${i} >> ${v}`;
21
+ case '|>>': return sql.fragment `${i} |>> ${v}`;
22
+ case '~': return sql.fragment `${i} ~ ${v}`;
23
+ case '~=': return sql.fragment `${i} ~= ${v}`;
24
+ default:
25
+ throw new Error(`Unexpected PostGIS SQL operator: ${op}`);
26
+ }
27
+ }
20
28
  // PostGIS function-based operators
21
29
  const FUNCTION_SPECS = [
22
30
  [
@@ -233,15 +241,14 @@ export function createPostgisOperatorFactory() {
233
241
  }
234
242
  // Process SQL operator-based operators
235
243
  for (const [op, baseTypes, operatorName, description] of OPERATOR_SPECS) {
236
- if (!ALLOWED_SQL_OPERATORS.has(op)) {
237
- throw new Error(`Unexpected SQL operator: ${op}`);
238
- }
239
244
  for (const baseType of baseTypes) {
245
+ // Capture op for closure
246
+ const capturedOp = op;
240
247
  allSpecs.push({
241
248
  typeNames: gqlTypeNamesByBase[baseType],
242
249
  operatorName,
243
250
  description,
244
- resolve: (i, v) => sql.fragment `${i} ${sql.raw(op)} ${v}`
251
+ resolve: (i, v) => buildOperatorExpr(capturedOp, i, v)
245
252
  });
246
253
  }
247
254
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "graphile-postgis",
3
- "version": "2.9.2",
3
+ "version": "2.9.4",
4
4
  "description": "PostGIS support for PostGraphile v5",
5
5
  "author": "Constructive <developers@constructive.io>",
6
6
  "homepage": "https://github.com/constructive-io/constructive",
@@ -41,15 +41,15 @@
41
41
  "url": "https://github.com/constructive-io/constructive/issues"
42
42
  },
43
43
  "peerDependencies": {
44
- "@dataplan/pg": "1.0.0-rc.8",
45
- "grafast": "1.0.0-rc.9",
46
- "graphile-build": "5.0.0-rc.6",
47
- "graphile-build-pg": "5.0.0-rc.8",
48
- "graphile-config": "1.0.0-rc.6",
49
- "graphile-connection-filter": "^1.3.2",
44
+ "@dataplan/pg": "1.0.0",
45
+ "grafast": "1.0.0",
46
+ "graphile-build": "5.0.0",
47
+ "graphile-build-pg": "5.0.0",
48
+ "graphile-config": "1.0.0",
49
+ "graphile-connection-filter": "^1.3.4",
50
50
  "graphql": "16.13.0",
51
- "pg-sql2": "5.0.0-rc.5",
52
- "postgraphile": "5.0.0-rc.10"
51
+ "pg-sql2": "5.0.0",
52
+ "postgraphile": "5.0.0"
53
53
  },
54
54
  "peerDependenciesMeta": {
55
55
  "graphile-connection-filter": {
@@ -59,9 +59,9 @@
59
59
  "devDependencies": {
60
60
  "@types/geojson": "^7946.0.14",
61
61
  "@types/node": "^22.19.11",
62
- "graphile-test": "^4.7.2",
63
- "makage": "^0.1.10",
64
- "pgsql-test": "^4.7.2"
62
+ "graphile-test": "^4.7.4",
63
+ "makage": "^0.3.0",
64
+ "pgsql-test": "^4.7.4"
65
65
  },
66
- "gitHead": "93deca687ce109bf90d2a0a73ea6b05b22724160"
66
+ "gitHead": "2f6e083d11764a04b2a6bc14df5b2ca2725defc6"
67
67
  }
package/plugins/connection-filter-operators.js CHANGED
@@ -8,21 +8,29 @@ require("graphile-build");
8
8
  require("graphile-connection-filter");
9
9
  const pg_sql2_1 = __importDefault(require("pg-sql2"));
10
10
  const constants_1 = require("../constants");
11
- const ALLOWED_SQL_OPERATORS = new Set([
12
- '=',
13
- '&&',
14
- '&&&',
15
- '&<',
16
- '&<|',
17
- '&>',
18
- '|&>',
19
- '<<',
20
- '<<|',
21
- '>>',
22
- '|>>',
23
- '~',
24
- '~=',
25
- ]);
11
+ /**
12
+ * Builds an infix operator SQL fragment from a validated operator string.
13
+ * Uses explicit template literals for each operator to avoid sql.raw.
14
+ */
15
+ function buildOperatorExpr(op, i, v) {
16
+ switch (op) {
17
+ case '=': return pg_sql2_1.default.fragment `${i} = ${v}`;
18
+ case '&&': return pg_sql2_1.default.fragment `${i} && ${v}`;
19
+ case '&&&': return pg_sql2_1.default.fragment `${i} &&& ${v}`;
20
+ case '&<': return pg_sql2_1.default.fragment `${i} &< ${v}`;
21
+ case '&<|': return pg_sql2_1.default.fragment `${i} &<| ${v}`;
22
+ case '&>': return pg_sql2_1.default.fragment `${i} &> ${v}`;
23
+ case '|&>': return pg_sql2_1.default.fragment `${i} |&> ${v}`;
24
+ case '<<': return pg_sql2_1.default.fragment `${i} << ${v}`;
25
+ case '<<|': return pg_sql2_1.default.fragment `${i} <<| ${v}`;
26
+ case '>>': return pg_sql2_1.default.fragment `${i} >> ${v}`;
27
+ case '|>>': return pg_sql2_1.default.fragment `${i} |>> ${v}`;
28
+ case '~': return pg_sql2_1.default.fragment `${i} ~ ${v}`;
29
+ case '~=': return pg_sql2_1.default.fragment `${i} ~= ${v}`;
30
+ default:
31
+ throw new Error(`Unexpected PostGIS SQL operator: ${op}`);
32
+ }
33
+ }
26
34
  // PostGIS function-based operators
27
35
  const FUNCTION_SPECS = [
28
36
  [
@@ -239,15 +247,14 @@ function createPostgisOperatorFactory() {
239
247
  }
240
248
  // Process SQL operator-based operators
241
249
  for (const [op, baseTypes, operatorName, description] of OPERATOR_SPECS) {
242
- if (!ALLOWED_SQL_OPERATORS.has(op)) {
243
- throw new Error(`Unexpected SQL operator: ${op}`);
244
- }
245
250
  for (const baseType of baseTypes) {
251
+ // Capture op for closure
252
+ const capturedOp = op;
246
253
  allSpecs.push({
247
254
  typeNames: gqlTypeNamesByBase[baseType],
248
255
  operatorName,
249
256
  description,
250
- resolve: (i, v) => pg_sql2_1.default.fragment `${i} ${pg_sql2_1.default.raw(op)} ${v}`
257
+ resolve: (i, v) => buildOperatorExpr(capturedOp, i, v)
251
258
  });
252
259
  }
253
260
  }