Gathering detailed insights and metrics for mysql-query-placeholders
Gathering detailed insights and metrics for mysql-query-placeholders
Installations
npm install mysql-query-placeholdersDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Node Version
12.19.0
NPM Version
6.14.8
Releases
4
Languages
2
TypeScript
JavaScript
TypeScript (98.82%)
JavaScript (1.18%)
Developer
ricardo-dlc
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
1 Stars
11 Commits
1 Watchers
2 Branches
1 Contributors
Updated on Dec 04, 2020
Maintainers
1
Package Meta Information
Latest Version
0.2.2
Package Id
mysql-query-placeholders@0.2.2
Unpacked Size
8.91 kB
Size
3.20 kB
File Count
5
NPM Version
6.14.8
Node Version
12.19.0
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
mysql-query-placeholders
Build prepared statements from named parameters.
Consider the following object:
1const user = { 2 id: 123, 3 status: { 4 active: true, 5 }, 6 services: { 7 home: { 8 route: '/', 9 }, 10 dashboard: { 11 route: '/dashboard', 12 }, 13 }, 14 name: 'John', 15 email: 'email@mail.com', 16};
Then you can easily create a prepared statement for MySQL using the data from the object above.
1const mqp = require('mysql-query-placeholders'); 2const mysql = require('mysql2').createConnection... 3 4const query = 'SELECT * FROM users WHERE id = :id AND name = :name;'; 5const queryData = mqp.queryBuilder(query, user); 6console.log(queryData); 7// { 8// sql: 'SELECT * FROM users WHERE id = ? AND name = ?;', 9// values: [123, 'John'], 10// } 11 12// use named parameters 13mysql.query(queryData, (err, result) => {...});
ES6 Module
1import {queryBuilder} from 'mysql-query-placeholders'; 2import {createConnection} from 'mysql2/promise'; 3 4const mysql = createConnection(...); 5 6const query = 'SELECT * FROM users WHERE id = :id AND name = :name;'; 7const queryData = queryBuilder(query, user); 8console.log(queryData); 9// { 10// sql: 'SELECT * FROM users WHERE id = ? AND name = ?;', 11// values: [123, 'John'], 12// } 13 14// use named parameters 15await mysql.query(queryData);
Handling missing parameters
MySQL throws an error if a parameter is not given.
Passing a configuration object with useNullForMissing set to true (which is true by default), a null value is used instead.
1const query = 'SELECT * FROM users WHERE id = :id AND last_name = :last_name;'; 2const queryData = mqp.queryBuilder(query, user, {useNullForMissing: true}); 3console.log(queryData); 4// { 5// sql: 'SELECT * FROM users WHERE id = ? AND last_name = ?;', 6// values: [123, null], 7// }
If you do not want to use null by default, you can throw an error instead, setting the useNullForMissing configuration option to false.
1try { 2 const query = 'SELECT * FROM users WHERE id = :id AND last_name = :last_name;'; 3 const queryData = mqp.queryBuilder(query, user, {useNullForMissing: false}); 4} catch (e) { 5 errorMessage = e.message; 6 console.log(errorMessage); 7 // Missing value for statement. 8 // last_name not provided for statement: 9 // ... 10}
Support for multiple level object property values
mqp is capable to get a object property value from a key.name.property.value syntax. This is useful when you do not want to reassign the property value to another variable or you want to use the original object instead of creating a new one.
1const query = 'SELECT * FROM services WHERE route IN (:services.dashboard.route, :services.home.route);'; 2const queryData = mqp.queryBuilder(query, user); 3console.log(queryData); 4// { 5// sql: 'SELECT * FROM services WHERE route IN (?, ?);', 6// values: [ '/dashboard', '/' ] 7// }
Missing property:
1const query = 'INSERT INTO services (name, route) VALUES (\'cpanel\', :services.cpanel.route);'; 2const queryData = mqp.queryBuilder(query, user); 3console.log(queryData); 4// { 5// sql: "INSERT INTO services (name, route) VALUES ('cpanel', ?);", 6// values: [ null ] 7// }
Or using {useNullForMissing: false} config:
1try { 2 const query = 'SELECT * FROM services WHERE route = :services.cpanel.route;'; 3 const queryData = mqp.queryBuilder(query, user, {useNullForMissing: false}); 4} catch (e) { 5 errorMessage = e.message; 6 console.log(errorMessage); 7 // Missing value for statement. 8 // services.cpanel.route not provided for statement: 9 // ... 10}
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/ricardo-dlc/mysql-query-placeholders/npm-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/ricardo-dlc/mysql-query-placeholders/npm-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/ricardo-dlc/mysql-query-placeholders/npm-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/ricardo-dlc/mysql-query-placeholders/npm-publish.yml/master?enable=pin
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 2 out of 2 npmCommand dependencies pinned
Reason
Found 0/9 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/npm-publish.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 10 are checked with a SAST tool
Reason
28 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-2j2x-2gpw-g8fm
- Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
- Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-px4h-xg32-q955
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-g6ww-v8xp-vmwg
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-44c6-4v22-4mhx
- Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
Score
2.4
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More