npmpackage.info

Gathering detailed insights and metrics for knex

Other packages similar to knex

@opentelemetry/instrumentation-knex

0.48.0

OpenTelemetry instrumentation for `knex` database SQL query builder

@mikro-orm/knex

6.4.16

TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns. Supports MongoDB, MySQL, PostgreSQL and SQLite databases as well as usage with vanilla JavaScript.

knex-paginate

3.2.0

Extension of Knex's query builder with `paginate` method that will help with your pagination tasks.

knex-schema-inspector

3.1.0

Utility for extracting information about existing DB schema

Gathering detailed insights and metrics for knex

knex - 3.1.0 | npmpackage.info

knex

A query builder for PostgreSQL, MySQL, CockroachDB, SQL Server, SQLite3 and Oracle, designed to be flexible, portable, and fun to use.

3.1.0

19,914

MIT

JavaScript

853.40 kB

Installations

npm install knex

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS, UMD

Min. Node Version

>=16

Node Version

20.9.0

NPM Version

10.1.0 Pull Requests

Open

144

Total

2,210

Closed

598

Merged

1,468

Issues

Open

1,065

Total

4,003

Closed

2,938

Releases

3.1.0

Updated on Dec 07, 2023

3.0.1

Updated on Oct 06, 2023

3.0.0

Updated on Oct 06, 2023

2.5.1

Updated on Jul 12, 2023

2.5.0

Updated on Jul 08, 2023

2.4.2

Updated on Mar 29, 2023

View All 58 releases

Languages

JavaScript

TypeScript

Shell

JavaScript (95.24%)

TypeScript (4.63%)

Shell (0.12%)

Developer

knex

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

MIT License

19,914 Stars

3,082 Commits

2,158 Forks

206 Watchers

33 Branches

613 Contributors

Updated on Jul 17, 2025

Maintainers

View All 613 Contributors

Package Meta Information

Latest Version

3.1.0

Package Id

knex@3.1.0

Unpacked Size

853.40 kB

Size

208.67 kB

File Count

191

NPM Version

10.1.0

Node Version

20.9.0

Published on

Dec 07, 2023

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

knex.js

A SQL query builder that is flexible, portable, and fun to use!

A batteries-included, multi-dialect (PostgreSQL, MySQL, CockroachDB, MSSQL, SQLite3, Oracle (including Oracle Wallet Authentication)) query builder for Node.js, featuring:

Node.js versions 12+ are supported.

Take a look at the full documentation to get started!
Browse the list of plugins and tools built for knex
Check out our recipes wiki to search for solutions to some specific problems
In case of upgrading from an older version, see migration guide

You can report bugs and discuss features on the GitHub issues page or send tweets to @kibertoad.

For support and questions, join our Gitter channel.

For knex-based Object Relational Mapper, see:

To see the SQL that Knex will generate for a given query, you can use Knex Query Lab

Examples

We have several examples on the website. Here is the first one to get you started:

1const knex = require('knex')({
2  client: 'sqlite3',
3  connection: {
4    filename: './data.db',
5  },
6});
7
8try {
9  // Create a table
10  await knex.schema
11    .createTable('users', (table) => {
12      table.increments('id');
13      table.string('user_name');
14    })
15    // ...and another
16    .createTable('accounts', (table) => {
17      table.increments('id');
18      table.string('account_name');
19      table.integer('user_id').unsigned().references('users.id');
20    });
21
22  // Then query the table...
23  const insertedRows = await knex('users').insert({ user_name: 'Tim' });
24
25  // ...and using the insert id, insert into the other table.
26  await knex('accounts').insert({
27    account_name: 'knex',
28    user_id: insertedRows[0],
29  });
30
31  // Query both of the rows.
32  const selectedRows = await knex('users')
33    .join('accounts', 'users.id', 'accounts.user_id')
34    .select('users.user_name as user', 'accounts.account_name as account');
35
36  // map over the results
37  const enrichedRows = selectedRows.map((row) => ({ ...row, active: true }));
38
39  // Finally, add a catch statement
40} catch (e) {
41  console.error(e);
42}

TypeScript example

1import { Knex, knex } from 'knex';
2
3interface User {
4  id: number;
5  age: number;
6  name: string;
7  active: boolean;
8  departmentId: number;
9}
10
11const config: Knex.Config = {
12  client: 'sqlite3',
13  connection: {
14    filename: './data.db',
15  },
16};
17
18const knexInstance = knex(config);
19
20try {
21  const users = await knex<User>('users').select('id', 'age');
22} catch (err) {
23  // error handling
24}

Usage as ESM module

If you are launching your Node application with --experimental-modules, knex.mjs should be picked up automatically and named ESM import should work out-of-the-box. Otherwise, if you want to use named imports, you'll have to import knex like this:

1import { knex } from 'knex/knex.mjs';

You can also just do the default import:

1import knex from 'knex';

If you are not using TypeScript and would like the IntelliSense of your IDE to work correctly, it is recommended to set the type explicitly:

1/**
2 * @type {Knex}
3 */
4const database = knex({
5  client: 'mysql',
6  connection: {
7    host: '127.0.0.1',
8    user: 'your_database_user',
9    password: 'your_database_password',
10    database: 'myapp_test',
11  },
12});
13database.migrate.latest();

Critical

9.8/10

Summary

SQL Injection in knex

Affected Versions

< 0.19.5

Patched Versions

0.19.5

High

7.5/10

Summary

Knex.js has a limited SQL injection vulnerability

Affected Versions

< 2.4.0

Patched Versions

2.4.0

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

7

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

7

SAST

Determines if the project uses static code analysis.

0

Maintained

Determines if the project is "actively maintained".

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/coverage.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/coverage.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/coverage.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/coverage.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/coverage.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/coverage.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-deploy.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/docs-deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-deploy.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/docs-deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-deploy.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/docs-deploy.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docs-deploy.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/docs-deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-tests.yml:116: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/integration-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-tests.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/integration-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-tests.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/integration-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-tests.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/integration-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/linting.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/linting.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/unit-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/knex/knex/unit-tests.yml/master?enable=pin
Warn: npmCommand not pinned by hash: .github/workflows/coverage.yml:40
Warn: npmCommand not pinned by hash: .github/workflows/coverage.yml:43
Warn: npmCommand not pinned by hash: .github/workflows/integration-tests.yml:60
Warn: npmCommand not pinned by hash: .github/workflows/integration-tests.yml:71
Warn: npmCommand not pinned by hash: .github/workflows/integration-tests.yml:131
Warn: npmCommand not pinned by hash: .github/workflows/linting.yml:38
Warn: npmCommand not pinned by hash: .github/workflows/unit-tests.yml:38
Warn: npmCommand not pinned by hash: .github/workflows/unit-tests.yml:41
Info: 0 out of 16 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 2 third-party GitHubAction dependencies pinned
Info: 1 out of 9 npmCommand dependencies pinned

0

Fuzzing

Determines if the project uses fuzzing.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Score

4

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to knex

Other packages similar to knex

knex

Installations

Developer Guide

Yes

CommonJS, UMD

>=16

20.9.0

10.1.0

Pull Requests

144

2,210

598

1,468

Issues

1,065

4,003

2,938

Releases

Languages

Developer

Download Statistics

GitHub Statistics

Maintainers

Package Meta Information

Total Downloads

NaN

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

Dev Dependencies

knex.js

Examples

TypeScript example

Usage as ESM module

10

10

10

7

7

0

0

0

0

0

0

0

4

/10