PostgreSQL
slonik
Our great sponsors
PostgreSQL | slonik | |
---|---|---|
57 | 71 | |
11,891 | 4,367 | |
- | - | |
8.0 | 9.2 | |
19 days ago | 7 days ago | |
JavaScript | TypeScript | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
PostgreSQL
-
Neon Is Generally Available: Serverless Postgres
pg doesn't do too well with serverless, dead connections are left in the pool (or something)
https://github.com/brianc/node-postgres/issues/2112
-
NodeJS Security Best Practices
If you don't want to use ORM then there are some other packages as well! For PostgreSQL we have node-postgres
-
Building Secure Neon-Infused Web Apps with Auth0, Express, and EJS
Interface with PostgreSQL database
-
Drizzle is just as unready for prime-time as Prisma, what else is there?
(Instead of the following with pg.)
-
Nile, Serverless Postgres for Modern SaaS
So far every JS framework that uses https://node-postgres.com works great and so no reason to think Drizzle wouldn't.
-
We migrated to SQL. Our biggest learning? Don't use Prisma
One thing that keeps coming up is that SQL equals low productivity. I don't think this is true. I think the culprit is that most developers are using to heavily abstracting SQL using ORMs like Prisma that hides the database and SQL logic.
Since building a SQL generator (https://aihelperbot.com) as a side project, I have become much more proficient in SQL and even though I am also locked into Prisma, I use the `queryRaw` all the time to execute raw SQL queries. You can understand the code without knowing Prisma API. It is more performant. For more complex SQL queries, I use the SQL generator for initial suggestions and adapt if needed.
For the next projects I build I want to use the minimal Postgres client (https://github.com/brianc/node-postgres) combined with a lightweight migration library.
-
Using AI I have departed from ORM and embraced SQL
For newer projects I use the small Postgres client. Initially my leap into SQL was lead by AI but as I refreshed and relearned SQL, I now use a mixture of AI and self-written SQL queries. Something like this is just easier to have AI do the grunt work and then adjustment as needed.
-
Credentials Leak with Knex
This was a known issue for pg developers, and they managed to fix it a long time ago (at the pg level), but the knowledge of this problem didn't reach Knex maintainers.
-
Why SQL is right for Infrastructure Management
Integrate the database into your application itself with a postgres client library allowing your applications to make infrastructure changes (like provisioning sharded resources for a client that wants isolation, or using a more accurate forecasting model to pre-allocate more resources before the storm hits).
-
What is your development stack for 2023?
node-postgres (raw sql, without ORM)
slonik
-
Sneakiest development trap: making easy easier...
And sometimes invest instead in learning a technology rather than hide it: for example slonik encourages you to write normal SQL queries by making SQL templating easier and safer. In turn, your IDE would be able to understand those queries and give you support based on the database schemas you actually have.
-
Drizzle is just as unready for prime-time as Prisma, what else is there?
I'd push you to consider using postgres, slonik or similar for database queries. With these libraries, you just write SQL, but they perform input sanitization for you. So you can safely write:
- Slonik: PostgreSQL client for Node.js with runtime validation
-
PostgresJs: The Fastest full featured PostgreSQL client for Node.js and Deno
You can already use postgres with Slonik.
https://github.com/gajus/slonik#user-content-slonik-how-are-...
It is not going to be the default because it is way slower.
https://github.com/gajus/slonik/actions/runs/6616647651
Test node_version:18 test_only:postgres-integration is taking 3 minutes.
Test node_version:18 test_only:pg-integration is taking 38 seconds.
-
Integrating Slonik with Express.js
For those uninitiated, Slonik is a battle-tested SQL query building and execution library for Node.js. Its primary goal is to allow you to write and compose SQL queries in a safe and convenient way. Now, let's see how it pairs with Express.js.
-
Which Postgres client are you using?
I am the maintainer of Slonik and I am trying to understand what portion of this sub-users are using Slonik vs other libraries, and if they are using anything else – what are their reasons for it.
-
JEP Draft: String Templates (Final)
It's nice that they implemented string templates essentially exactly the same way Javascript template literals and tag functions work. They even give an example of using it to create a prepared statement (e.g. DB."SELECT * FROM foo WHERE bar = \{inputParam}") which is exactly what many NodeJS libraries due, e.g. Slonik https://github.com/gajus/slonik, like sql`SELECT * FROM foo WHERE bar = ${inputParam}`;
-
We use TypeScript not based on preference, but because we want to make money
I've found libraries like Zod useful when interacting with external data sources like a database. Slonik[1] uses Zod to define the types expected from a SQL query and then performs runtime validation on the data to ensure that the query is yielding the expected type.
I don't think it's necessary to use Zod/runtime validation everywhere, but it's a nice tool to have on hand.
[1]https://github.com/gajus/slonik
-
Is ORM still an anti-pattern?
Demonstrate how easily and accidentally one can make an SQL injection with these:
https://github.com/porsager/postgres
https://github.com/gajus/slonik
-
The Epic Stack by Kent C. Dodds
Have you tried Slonik (https://github.com/gajus/slonik)? It won't generate types from queries automatically, but it encourages writing SQL vs. a query builder and allows type annotations of queries with Zod. Query results are validated at runtime to ensure the queries are typed correctly.
What are some alternatives?
Prisma - Next-generation ORM for Node.js & TypeScript | PostgreSQL, MySQL, MariaDB, SQL Server, SQLite, MongoDB and CockroachDB
Knex - A query builder for PostgreSQL, MySQL, CockroachDB, SQL Server, SQLite3 and Oracle, designed to be flexible, portable, and fun to use.
MySQL - A pure node.js JavaScript Client implementing the MySQL protocol.
TypeORM - ORM for TypeScript and JavaScript. Supports MySQL, PostgreSQL, MariaDB, SQLite, MS SQL Server, Oracle, SAP Hana, WebSQL databases. Works in NodeJS, Browser, Ionic, Cordova and Electron platforms.
MongoDB - The Official MongoDB Node.js Driver
Sequelize - Feature-rich ORM for modern Node.js and TypeScript, it supports PostgreSQL (with JSON and JSONB support), MySQL, MariaDB, SQLite, MS SQL Server, Snowflake, Oracle DB (v6), DB2 and DB2 for IBM i.
Aerospike - Node.js client for the Aerospike database
pgtyped - pgTyped - Typesafe SQL in TypeScript
Redis - 🚀 A robust, performance-focused, and full-featured Redis client for Node.js.
pg-promise - PostgreSQL interface for Node.js