Skip to content

TypeScript clients for databases that prevent SQL Injection

License

Notifications You must be signed in to change notification settings

ForbesLindesay/atdatabases

Repository files navigation

Safe From HTML Injection

Using tagged template literals for queries, e.g.

db.query(sql`SELECT * FROM users WHERE id=${userID}`);

makes it virtually impossible for SQL Injection attacks to slip in un-noticed. All the @databases libraries enforce the use of the sql tagged template literals, so you can't accidentally miss them.

The query is then passed to your database engine as a separate string and values:

{text: 'SELECT * FROM users WHERE id=?', values: [userID]}

Promises

All the @databases APIs are designed with promises in mind from the get go.

TypeScript

Written in TypeScript, so every module has type safety and type definitions built in.

Modular

Each database driver is published to npm as a separate module, so you don't need to install the ones you don't need.

Package Name Version Docs
@databases/bigquery NPM version https://www.atdatabases.org/docs/bigquery
@databases/cache NPM version https://www.atdatabases.org/docs/cache
@databases/connection-pool NPM version https://www.atdatabases.org/docs/connection-pool
@databases/dataloader NPM version https://www.atdatabases.org/docs/dataloader
@databases/escape-identifier NPM version https://www.atdatabases.org/docs/escape-identifier
@databases/expo NPM version https://www.atdatabases.org/docs/websql
@databases/lock NPM version https://www.atdatabases.org/docs/lock
@databases/mysql NPM version https://www.atdatabases.org/docs/mysql
@databases/mysql-test NPM version https://www.atdatabases.org/docs/mysql-test
@databases/mysql-typed NPM version https://www.atdatabases.org/docs/mysql-typed
@databases/pg NPM version https://www.atdatabases.org/docs/pg
@databases/pg-bulk NPM version https://www.atdatabases.org/docs/pg-bulk
@databases/pg-cluster NPM version https://www.atdatabases.org/docs/pg-cluster
@databases/pg-migrations NPM version https://www.atdatabases.org/docs/pg-migrations
@databases/pg-test NPM version https://www.atdatabases.org/docs/pg-test
@databases/pg-typed NPM version https://www.atdatabases.org/docs/pg-typed
@databases/queue NPM version https://www.atdatabases.org/docs/queue
@databases/split-sql-query NPM version https://www.atdatabases.org/docs/split-sql-query
@databases/sql NPM version https://www.atdatabases.org/docs/sql
@databases/sqlite NPM version https://www.atdatabases.org/docs/sqlite
@databases/sqlite-sync NPM version https://www.atdatabases.org/docs/sqlite-sync
@databases/validate-unicode NPM version https://www.atdatabases.org/docs/validate-unicode
@databases/websql NPM version https://www.atdatabases.org/docs/websql
@databases/migrations-base NPM version Not documented yet
@databases/mock-db NPM version Not documented yet
@databases/mock-db-typed NPM version Not documented yet
@databases/mysql-config NPM version Not documented yet
@databases/mysql-schema-cli NPM version Not documented yet
@databases/mysql-schema-introspect NPM version Not documented yet
@databases/mysql-schema-print-types NPM version Not documented yet
@databases/pg-config NPM version Not documented yet
@databases/pg-connection-string NPM version Not documented yet
@databases/pg-create NPM version Not documented yet
@databases/pg-data-type-id NPM version Not documented yet
@databases/pg-errors NPM version Not documented yet
@databases/pg-schema-cli NPM version Not documented yet
@databases/pg-schema-introspect NPM version Not documented yet
@databases/pg-schema-print-types NPM version Not documented yet
@databases/push-to-async-iterable NPM version Not documented yet
@databases/shared NPM version Not documented yet
@databases/shared-print-types NPM version Not documented yet
@databases/websql-core NPM version Not documented yet
@databases/with-container NPM version Not documented yet

Check out the website to learn more: https://www.atdatabases.org/