jrgemignani opened a new pull request, #2329: URL: https://github.com/apache/age/pull/2329
Note: This PR was created with AI tools and a human. - Add input validation for graph names, label names, and column names to prevent SQL injection via string interpolation - Add safe query helpers: queryCypher(), createGraph(), dropGraph() with identifier validation and dollar-quoting for Cypher strings - Use BigInt for integer values exceeding Number.MAX_SAFE_INTEGER to prevent silent precision loss with 64-bit AGE graph IDs - Make CREATE EXTENSION opt-in via SetAGETypesOptions.createExtension instead of running DDL automatically without user consent - Add descriptive error message when AGE extension is not found - Tighten pg dependency from >=6.0.0 to >=8.0.0 - Add comprehensive security test suites for validation and injection prevention All existing regression tests passed. modified: drivers/nodejs/package.json modified: drivers/nodejs/src/antlr4/CustomAgTypeListener.ts modified: drivers/nodejs/src/index.ts modified: drivers/nodejs/test/Agtype.test.ts modified: drivers/nodejs/test/index.test.ts -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
