knex 3.2.3 → 3.2.5

package/scripts/act-testing/merged-no-label.json

@@ -1,11 +1,11 @@
-{
-  "pull_request": {
-    "head": {
-      "ref": "pr-getting-merged"
-    },
-    "base": {
-      "ref": "master"
-    },
-    "merged": true
-  }
-}
+{
+  "pull_request": {
+    "head": {
+      "ref": "pr-getting-merged"
+    },
+    "base": {
+      "ref": "master"
+    },
+    "merged": true
+  }
+}

package/scripts/act-testing/merged-patch-labeled.json

@@ -1,12 +1,12 @@
-{
-  "pull_request": {
-    "head": {
-      "ref": "pr-getting-merged"
-    },
-    "base": {
-      "ref": "master"
-    },
-    "merged": true,
-    "labels": [{ "name": "patch" }]
-  }
-}
+{
+  "pull_request": {
+    "head": {
+      "ref": "pr-getting-merged"
+    },
+    "base": {
+      "ref": "master"
+    },
+    "merged": true,
+    "labels": [{ "name": "patch" }]
+  }
+}

package/scripts/act-testing/merged-skip-labeled.json

@@ -1,12 +1,12 @@
-{
-  "pull_request": {
-    "head": {
-      "ref": "pr-getting-merged"
-    },
-    "base": {
-      "ref": "master"
-    },
-    "merged": true,
-    "labels": [{ "name": "skip-release" }]
-  }
-}
+{
+  "pull_request": {
+    "head": {
+      "ref": "pr-getting-merged"
+    },
+    "base": {
+      "ref": "master"
+    },
+    "merged": true,
+    "labels": [{ "name": "skip-release" }]
+  }
+}

package/scripts/act-testing/not-merged-patch-labeled.json

@@ -1,12 +1,12 @@
-{
-  "pull_request": {
-    "head": {
-      "ref": "pr-getting-merged"
-    },
-    "base": {
-      "ref": "master"
-    },
-    "merged": false,
-    "labels": [{ "name": "patch" }]
-  }
-}
+{
+  "pull_request": {
+    "head": {
+      "ref": "pr-getting-merged"
+    },
+    "base": {
+      "ref": "master"
+    },
+    "merged": false,
+    "labels": [{ "name": "patch" }]
+  }
+}

package/scripts/build-for-release.sh

@@ -1,122 +1,122 @@
-#!/bin/bash -e
-
-# context: currently, no package lockfile is utilized in this repository.
-# this is so that CI tests run on the ~latest versions of dependencies,
-# especially the peer dependencies of database clients, so that our tests
-# will more readily surface problems that our users will experience when
-# they just do the normal thing.
-
-# however, for automatic release publishing, we want to be much stricter
-# with the dependencies that are involved in the workflow to avoid risks
-# from e.g. supply chain attacks.
-
-# we could use "npm ci" if we had a lockfile, but instead we're going to
-# separately maintain pinned versions of the build dependencies and run
-# exactly those versions. care should be taken when updating/altering the
-# versions to vet them.
-
-# pinned versions of the dependencies required to perform a release build
-declare -A PINNED_VERSIONS=(
-  [typescript]="5.0.4"
-  [prettier]="2.8.7"
-  [@types/node]="20.19.11"
-  [@tsconfig/node12]="1.0.11"
-)
-
-# validate args
-BUMP_TYPE="$1"
-case "$BUMP_TYPE" in
-  major|minor|patch)
-    # valid
-  ;;
-  *)
-    >&2 echo "Invalid bump type. Use: $0 {major|minor|patch}"
-    exit 1
-  ;;
-esac
-
-
-# npm 7 doesn't provide a way to install only a specific dependency, it's
-# all-or-nothing. so we have to do some shenanigans to validate our pinned
-# versions against package.json
-
-# create a jq expression for a minimal package.json that includes only
-# our build dependencies
-tmpl='
-{
-  name: "dep-check",
-  private: true,
-  version: "0.0.0",
-  devDependencies: {
-'
-for pkg in "${!PINNED_VERSIONS[@]}"; do
-  # for each pinned dependency, add something like:
-  # pkg: .devDependencies.pkg
-  tmpl+="    \"${pkg}\": .devDependencies[\"${pkg}\"],
-"
-done
-tmpl+='
-  }
-}'
-
-PROJECT_DIR="$(pwd)"
-TMP_DIR="$(mktemp -d)"
-
-# render the template to a package.json file in a temp dir
-echo
-echo "Build dependencies:"
-jq "$tmpl" package.json | tee "$TMP_DIR/package.json"
-
-# install dependencies at the pinned version in the temp dir
-# ignore pre/post script hooks
-echo
-echo "Installing packages"
->/dev/null pushd "$TMP_DIR"
-
-failed=0
-for pkg in "${!PINNED_VERSIONS[@]}"; do
-  fqpkg="${pkg}@${PINNED_VERSIONS[$pkg]}"
-  echo "npm install --no-save --ignore-scripts $fqpkg"
-  >/dev/null 2>/dev/null npm install --no-save --ignore-scripts "$fqpkg"
-
-
-  # ensure the pinned version conforms to package.json semver specification
-  if npm ls 2>/dev/null | grep invalid; then
-    failed=1
-  fi
-done
-
-# one or more pins is incorrect, do not publish
-if [[ "$failed" = 1 ]]; then
-  echo
-  echo "One or more pinned dependencies do not satisfy package.json requirements"
-  echo "Please update '$0'"
-  exit 1
-fi
-
->/dev/null popd
-
-# move tempdir node_modules to build dir
-mv "$TMP_DIR/node_modules" "$PROJECT_DIR/node_modules"
-echo
-echo "node_modules:"
-ls -l node_modules
-
-echo "Running build steps"
-
-# run the package.json build script
-# currently, this executes typescript and uses
-# prettier to format the TS output
-npm run build
-
-# bump the version in package.json
-npm version "$BUMP_TYPE" --no-git-tag-version
-
-# we don't commit here, but we do create the tarball that
-# will be published to npm. the dependent job takes the
-# tarball and commits the changes + publishes the tarball
-
-# create the tarball for handoff and record its filename
-TARBALL="$(npm pack --silent)"
-echo "tarball=$TARBALL" >> "$GITHUB_OUTPUT"
+#!/bin/bash -e
+
+# context: currently, no package lockfile is utilized in this repository.
+# this is so that CI tests run on the ~latest versions of dependencies,
+# especially the peer dependencies of database clients, so that our tests
+# will more readily surface problems that our users will experience when
+# they just do the normal thing.
+
+# however, for automatic release publishing, we want to be much stricter
+# with the dependencies that are involved in the workflow to avoid risks
+# from e.g. supply chain attacks.
+
+# we could use "npm ci" if we had a lockfile, but instead we're going to
+# separately maintain pinned versions of the build dependencies and run
+# exactly those versions. care should be taken when updating/altering the
+# versions to vet them.
+
+# pinned versions of the dependencies required to perform a release build
+declare -A PINNED_VERSIONS=(
+  [typescript]="5.0.4"
+  [prettier]="2.8.7"
+  [@types/node]="20.19.11"
+  [@tsconfig/node12]="1.0.11"
+)
+
+# validate args
+BUMP_TYPE="$1"
+case "$BUMP_TYPE" in
+  major|minor|patch)
+    # valid
+  ;;
+  *)
+    >&2 echo "Invalid bump type. Use: $0 {major|minor|patch}"
+    exit 1
+  ;;
+esac
+
+
+# npm 7 doesn't provide a way to install only a specific dependency, it's
+# all-or-nothing. so we have to do some shenanigans to validate our pinned
+# versions against package.json
+
+# create a jq expression for a minimal package.json that includes only
+# our build dependencies
+tmpl='
+{
+  name: "dep-check",
+  private: true,
+  version: "0.0.0",
+  devDependencies: {
+'
+for pkg in "${!PINNED_VERSIONS[@]}"; do
+  # for each pinned dependency, add something like:
+  # pkg: .devDependencies.pkg
+  tmpl+="    \"${pkg}\": .devDependencies[\"${pkg}\"],
+"
+done
+tmpl+='
+  }
+}'
+
+PROJECT_DIR="$(pwd)"
+TMP_DIR="$(mktemp -d)"
+
+# render the template to a package.json file in a temp dir
+echo
+echo "Build dependencies:"
+jq "$tmpl" package.json | tee "$TMP_DIR/package.json"
+
+# install dependencies at the pinned version in the temp dir
+# ignore pre/post script hooks
+echo
+echo "Installing packages"
+>/dev/null pushd "$TMP_DIR"
+
+failed=0
+for pkg in "${!PINNED_VERSIONS[@]}"; do
+  fqpkg="${pkg}@${PINNED_VERSIONS[$pkg]}"
+  echo "npm install --no-save --ignore-scripts $fqpkg"
+  >/dev/null 2>/dev/null npm install --no-save --ignore-scripts "$fqpkg"
+
+
+  # ensure the pinned version conforms to package.json semver specification
+  if npm ls 2>/dev/null | grep invalid; then
+    failed=1
+  fi
+done
+
+# one or more pins is incorrect, do not publish
+if [[ "$failed" = 1 ]]; then
+  echo
+  echo "One or more pinned dependencies do not satisfy package.json requirements"
+  echo "Please update '$0'"
+  exit 1
+fi
+
+>/dev/null popd
+
+# move tempdir node_modules to build dir
+mv "$TMP_DIR/node_modules" "$PROJECT_DIR/node_modules"
+echo
+echo "node_modules:"
+ls -l node_modules
+
+echo "Running build steps"
+
+# run the package.json build script
+# currently, this executes typescript and uses
+# prettier to format the TS output
+npm run build
+
+# bump the version in package.json
+npm version "$BUMP_TYPE" --no-git-tag-version
+
+# we don't commit here, but we do create the tarball that
+# will be published to npm. the dependent job takes the
+# tarball and commits the changes + publishes the tarball
+
+# create the tarball for handoff and record its filename
+TARBALL="$(npm pack --silent)"
+echo "tarball=$TARBALL" >> "$GITHUB_OUTPUT"
 ls -la "$TARBALL"

package/scripts/build.js

@@ -1,125 +1,125 @@
-#!/usr/bin/env node
-const fs = require('fs');
-const path = require('path');
-const child_process = require('child_process');
-const _ = require('lodash');
-
-const exec = function (cmd, args) {
-  return new Promise(function (resolve, reject) {
-    // Execute command
-    const child = child_process.exec(cmd, {
-      cwd: process.cwd(),
-      env: process.env,
-    });
-
-    // Pass stdout and stderr
-    child.stdout.on('data', function (data) {
-      process.stdout.write(data.toString());
-    });
-    child.stderr.on('data', function (data) {
-      process.stderr.write(data.toString());
-    });
-    // Handle result
-    child.on('exit', function (code) {
-      if (code) reject(code);
-      else resolve();
-    });
-    child.on('error', reject);
-  });
-};
-
-const CWD = process.cwd();
-const POSTINSTALL_BUILD_CWD = process.env.POSTINSTALL_BUILD_CWD;
-
-// If we didn't have this check, then we'd be stuck in an infinite `postinstall`
-// loop, since we run `npm install --only=dev` below, triggering another
-// `postinstall`. We can't use `--ignore-scripts` because that ignores scripts
-// on all the modules that get installed, too, which would break stuff. So
-// instead, we set an environment variable, `POSTINSTALL_BUILD_CWD`, that keeps
-// track of what we're installing. It's more than just a yes/no flag because
-// the dev dependencies we're installing might use `postinstall-build` too, and
-// we don't want the flag to prevent them from running.
-if (POSTINSTALL_BUILD_CWD !== CWD) {
-  const BUILD_ARTIFACT = process.argv[2];
-  const BUILD_COMMAND = process.argv[3];
-
-  fs.stat(BUILD_ARTIFACT, function (err, stats) {
-    if (err || !(stats.isFile() || stats.isDirectory())) {
-      // This script will run again after we run `npm install` below. Set an
-      // environment variable to tell it to skip the check. Really we just want
-      // the execSync's `env` to be modified, but it's easier just modify and
-      // pass along the entire `process.env`.
-      process.env.POSTINSTALL_BUILD_CWD = CWD;
-      // We already have prod dependencies, that's what triggered `postinstall`
-      // in the first place. So only install dev.
-
-      // Fetch package.json
-      const pkgJson = require(path.join(CWD, 'package.json'));
-      const devDeps = pkgJson.devDependencies;
-      // Values listed under `buildDependencies` contain the dependency names
-      // that are required for `lib` building.
-      const buildDependencies = _.pick(devDeps, pkgJson.buildDependencies);
-
-      // Proceed only if there is something to install
-      if (!_.isEmpty(buildDependencies)) {
-        const opts = { env: process.env, stdio: 'inherit' };
-
-        console.log('Building Knex.js');
-
-        // Map all key (dependency) value (semver) pairs to
-        // "dependency@semver dependency@semver ..." string that can be used
-        // for `npm install` command
-        const installArgs = _(buildDependencies)
-          .pickBy(function (semver, dep) {
-            // Check if the dependency is already installed
-            try {
-              require(dep);
-              return false;
-            } catch (err) {
-              return true;
-            }
-          })
-          .map(function (semver, dep) {
-            // Format installable dependencies
-            return dep + '@' + semver;
-          })
-          .value()
-          .join(' ');
-        const needsDepInstallation = !_.isEmpty(installArgs);
-        const dependenciesInstalledQ = needsDepInstallation
-          ? exec('npm install ' + installArgs, opts)
-          : Promise.resolve();
-        dependenciesInstalledQ
-          .then(function () {
-            console.log('✓');
-            // Don't need the flag anymore as `postinstall` was already run.
-            // Change it back so the environment is minimally changed for the
-            // remaining commands.
-            process.env.POSTINSTALL_BUILD_CWD = POSTINSTALL_BUILD_CWD;
-            console.log('Building compiled files (' + BUILD_COMMAND + ')');
-            return exec(BUILD_COMMAND, opts);
-          })
-          .catch(function (err) {
-            console.error(err);
-            process.exit(1);
-          })
-          .then(function () {
-            if (process.env.NODE_ENV === 'production') {
-              console.log('✓');
-              console.log('Pruning dev dependencies for production build');
-              return exec('npm prune --production', opts);
-            } else {
-              console.log('Skipping npm prune');
-            }
-          })
-          .then(function () {
-            console.log('✓');
-          })
-          .catch(function (err) {
-            console.error(err);
-            process.exit(1);
-          });
-      }
-    }
-  });
-}
+#!/usr/bin/env node
+const fs = require('fs');
+const path = require('path');
+const child_process = require('child_process');
+const _ = require('lodash');
+
+const exec = function (cmd, args) {
+  return new Promise(function (resolve, reject) {
+    // Execute command
+    const child = child_process.exec(cmd, {
+      cwd: process.cwd(),
+      env: process.env,
+    });
+
+    // Pass stdout and stderr
+    child.stdout.on('data', function (data) {
+      process.stdout.write(data.toString());
+    });
+    child.stderr.on('data', function (data) {
+      process.stderr.write(data.toString());
+    });
+    // Handle result
+    child.on('exit', function (code) {
+      if (code) reject(code);
+      else resolve();
+    });
+    child.on('error', reject);
+  });
+};
+
+const CWD = process.cwd();
+const POSTINSTALL_BUILD_CWD = process.env.POSTINSTALL_BUILD_CWD;
+
+// If we didn't have this check, then we'd be stuck in an infinite `postinstall`
+// loop, since we run `npm install --only=dev` below, triggering another
+// `postinstall`. We can't use `--ignore-scripts` because that ignores scripts
+// on all the modules that get installed, too, which would break stuff. So
+// instead, we set an environment variable, `POSTINSTALL_BUILD_CWD`, that keeps
+// track of what we're installing. It's more than just a yes/no flag because
+// the dev dependencies we're installing might use `postinstall-build` too, and
+// we don't want the flag to prevent them from running.
+if (POSTINSTALL_BUILD_CWD !== CWD) {
+  const BUILD_ARTIFACT = process.argv[2];
+  const BUILD_COMMAND = process.argv[3];
+
+  fs.stat(BUILD_ARTIFACT, function (err, stats) {
+    if (err || !(stats.isFile() || stats.isDirectory())) {
+      // This script will run again after we run `npm install` below. Set an
+      // environment variable to tell it to skip the check. Really we just want
+      // the execSync's `env` to be modified, but it's easier just modify and
+      // pass along the entire `process.env`.
+      process.env.POSTINSTALL_BUILD_CWD = CWD;
+      // We already have prod dependencies, that's what triggered `postinstall`
+      // in the first place. So only install dev.
+
+      // Fetch package.json
+      const pkgJson = require(path.join(CWD, 'package.json'));
+      const devDeps = pkgJson.devDependencies;
+      // Values listed under `buildDependencies` contain the dependency names
+      // that are required for `lib` building.
+      const buildDependencies = _.pick(devDeps, pkgJson.buildDependencies);
+
+      // Proceed only if there is something to install
+      if (!_.isEmpty(buildDependencies)) {
+        const opts = { env: process.env, stdio: 'inherit' };
+
+        console.log('Building Knex.js');
+
+        // Map all key (dependency) value (semver) pairs to
+        // "dependency@semver dependency@semver ..." string that can be used
+        // for `npm install` command
+        const installArgs = _(buildDependencies)
+          .pickBy(function (semver, dep) {
+            // Check if the dependency is already installed
+            try {
+              require(dep);
+              return false;
+            } catch (err) {
+              return true;
+            }
+          })
+          .map(function (semver, dep) {
+            // Format installable dependencies
+            return dep + '@' + semver;
+          })
+          .value()
+          .join(' ');
+        const needsDepInstallation = !_.isEmpty(installArgs);
+        const dependenciesInstalledQ = needsDepInstallation
+          ? exec('npm install ' + installArgs, opts)
+          : Promise.resolve();
+        dependenciesInstalledQ
+          .then(function () {
+            console.log('✓');
+            // Don't need the flag anymore as `postinstall` was already run.
+            // Change it back so the environment is minimally changed for the
+            // remaining commands.
+            process.env.POSTINSTALL_BUILD_CWD = POSTINSTALL_BUILD_CWD;
+            console.log('Building compiled files (' + BUILD_COMMAND + ')');
+            return exec(BUILD_COMMAND, opts);
+          })
+          .catch(function (err) {
+            console.error(err);
+            process.exit(1);
+          })
+          .then(function () {
+            if (process.env.NODE_ENV === 'production') {
+              console.log('✓');
+              console.log('Pruning dev dependencies for production build');
+              return exec('npm prune --production', opts);
+            } else {
+              console.log('Skipping npm prune');
+            }
+          })
+          .then(function () {
+            console.log('✓');
+          })
+          .catch(function (err) {
+            console.error(err);
+            process.exit(1);
+          });
+      }
+    }
+  });
+}

package/scripts/clean.js

@@ -1,31 +1,31 @@
-#!/usr/bin/env node
-
-const fs = require('fs');
-const path = require('path');
-const { execSync } = require('child_process');
-
-function main() {
-  const repoDir = path.dirname(__dirname);
-  const gitDir = path.join(repoDir, '.git');
-  const gitDirExists = doesDirectoryExist(gitDir);
-  if (!gitDirExists) {
-    console.log("No .git directory detected so can not clean 'lib/'. Exiting.");
-    process.exit(0);
-  }
-  console.log(
-    "Cleaning 'lib/' of outputted files from Typescript compilation ..."
-  );
-  const cmd = 'git clean -f -X lib/';
-  const output = execSync(cmd, { cwd: repoDir });
-  console.log(output.toString('utf8'));
-  console.log('Done');
-}
-
-function doesDirectoryExist(p) {
-  if (fs.existsSync(p)) {
-    return fs.lstatSync(p).isDirectory();
-  }
-  return false;
-}
-
-main();
+#!/usr/bin/env node
+
+const fs = require('fs');
+const path = require('path');
+const { execSync } = require('child_process');
+
+function main() {
+  const repoDir = path.dirname(__dirname);
+  const gitDir = path.join(repoDir, '.git');
+  const gitDirExists = doesDirectoryExist(gitDir);
+  if (!gitDirExists) {
+    console.log("No .git directory detected so can not clean 'lib/'. Exiting.");
+    process.exit(0);
+  }
+  console.log(
+    "Cleaning 'lib/' of outputted files from Typescript compilation ..."
+  );
+  const cmd = 'git clean -f -X lib/';
+  const output = execSync(cmd, { cwd: repoDir });
+  console.log(output.toString('utf8'));
+  console.log('Done');
+}
+
+function doesDirectoryExist(p) {
+  if (fs.existsSync(p)) {
+    return fs.lstatSync(p).isDirectory();
+  }
+  return false;
+}
+
+main();