A tiny wrapper around pg that makes PostgreSQL a lot of fun to use. Written in TypeScript.
import Pg from '@mojojs/pg';
// Use standard PostgreSQL connection URIs
const pg = new Pg('postgres://user:password@localhost:5432/database');
// Single query with safe placeholder
const results = await pg.query`SELECT ${'One'} AS one`;
for (const row of results) {
console.log(row.one);
}
// Multiple queries on the same connection
const db = await pg.db();
const users = await db.query`SELECT * FROM users`;
const roles = await db.query`SELECT * FROM roles`;
await db.release();
Tagged template literals are used everywhere to protect from SQL injection attacks and to make syntax highlighting easy.
Examples
This distribution also contains a great example you can use for inspiration. The well-structured blog application will show you how to apply the MVC design pattern in practice.
TypeScript
TypeScript is fully supported, just pass along a type with your query. This works for all query methods.
interface User {
id: number;
name: string;
}
const results = await pg.query<User>`SELECT * FROM users`;
for (const {id, name} of results) {
console.log(`${id}: ${name}`);
}
All APIs are designed to be compatible with explicit resource management. And with TypeScript you can already use the feature in production.
// Automatically close all connections at end of scope
await using pg = new Pg('postgres://user:password@localhost:5432/database');
// Automatically release database connection back into the pool for reuse at end of scope
await using db = await pg.db();
// Automatically roll back transaction if an exception is thrown before `tx.commit()` has been called
try {
await using tx = await db.begin();
await db.query`INSERT INTO users (name) VALUES ('sri')`;
await db.query`this_is_an_error`;
await tx.commit();
} catch (e) {
console.warn('Something went wrong with the transaction');
}
SQL building
For easier SQL query building with partials, there are also pg.sql
and db.sql
tagged template literals (provided by
@mojojs/sql). They can be used recursively to build complex queries
securely.
// Build safe SQL query with placeholder and partial SQL query
const role = 'admin';
const partialQuery = pg.sql`AND role = ${role}`;
const name = 'root';
const results = await pg.query`SELECT * FROM users WHERE name = ${name} ${partialQuery}`;
But if you need a little more control over the generated SQL query, you can of course also bypass safety features with
the tagged template literals pg.sqlUnsafe
and db.sqlUnsafe
. But make sure to use methods like pg.escapeLiteral()
to escape unsafe values yourself.
const role = 'role = ' + pg.escapeLiteral('power user');
const partialQuery = pg.sqlUnsafe`AND ${role}`;
const name = 'root';
const results = await pg.query`SELECT * FROM users WHERE name = ${name} ${partialQuery}`;
And if you want to do complex things like reusing the same placeholder in multiple places, there is also
pg.rawQuery()
and db.rawQuery()
available.
const results = await pg.rawQuery('SELECT * FROM users WHERE name = $1 AND login = $1', 'Sara');
Transactions
It's best to use try
/finally
blocks whenever you dequeue a connection with pg.db()
, to ensure efficient resource
management.
const db = await pg.db();
try {
const tx = await db.begin();
try {
for (const user of ['Daniel', 'Isabell']) {
await db.query`INSERT INTO users (name) VALUES (${user})`;
}
await tx.commit();
} finally {
await tx.rollback();
}
} finally {
await db.release();
}
The tx.rollback()
call does nothing if tx.commit()
has been called first.
Migrations
To manage your database schema, there is also a minimal SQL based migration system built-in. A migration file is just a
collection of SQL blocks, with one or more statements, separated by comments of the form -- VERSION UP/DOWN
.
-- 1 up
CREATE TABLE messages (message TEXT);
INSERT INTO messages VALUES ('I ♥ Mojolicious!');
-- 1 down
DROP TABLE messages;
-- 2 up (...you can comment freely here...)
CREATE TABLE stuff (whatever INT);
-- 2 down
DROP TABLE stuff;
The idea is to let you migrate from any version, to any version, up and down. Migrations are very safe, because they
are performed in transactions and only one can be performed at a time. If a single statement fails, the whole migration
will fail and get rolled back. Every set of migrations has a name
, which is stored together with the currently active
version in an automatically created table named mojo_migrations
.
import Path from '@mojojs/path';
// Load migrations from "migrations/myapp.sql" and migrate to the latest version
await pg.migrations.fromFile(Path.currentFile().sibling('migrations', 'myapp.sql'), {name: 'myapp'});
await pg.migrations.migrate();
// Use migrations to drop and recreate the schema
await pg.migrations.migrate(0);
await pg.migrations.migrate();
// Load migrations from a string
pg.migrations.fromString('-- 1 up\n...', {name: 'my_other_app'});
// Load migrations from a directory
await pg.migrations.fromDirecory(Path.currentFile().sibling('migrations'), {name: 'yet_another_app'});
To store your individual migration steps in separate SQL files you can use a directory structure like this. These files do not require special comments, because the version and migration direction are contained in the file names.
`--migrations
|-- 1
| |-- up.sql
| `-- down.sql
|-- 2
| `-- up.sql
|-- 4
| |-- up.sql
| `-- down.sql
`-- 5
|-- up.sql
`-- down.sql
Migrations are also compatible with Mojo::Pg, if you want to mix Perl and JavaScript code.
Notifications
You can use events as well as async iterators for notifications.
// Send notifications
const db = await pg.db();
await db.notify('foo', 'just a message');
// Use an iterator to wait for incoming notifications
await db.listen('foo');
for await (const message of db) {
console.log(`${message.channel}: ${message.payload}`);
break;
}
await db.unlisten('foo');
// Use event to handle incoming notifications
await db.listen('bar');
db.on('notification', (message) => {
console.log(`${message.channel}: ${message.payload}`);
});
await db.unlisten('bar');
Errors
Since the default exceptions thrown by pg for query errors are often not very helpful, we expand them with context information, like the position in the SQL query and the file/line the query originated from.
$ node sql-error.js
/home/sri/pg.js/node_modules/pg-protocol/dist/parser.js:287
const message = name === 'notice' ? new messages_1.NoticeMessage(length, messageValue) : new messages_1.DatabaseError(messageValue, length, name);
^
error: relation "users" does not exist
Line 1: SELECT * FROM users
^ at sql-error.js line 4
at Parser.parseErrorMessage (/home/sri/pg.js/node_modules/pg-protocol/dist/parser.js:287:98)
at Parser.handlePacket (/home/sri/pg.js/node_modules/pg-protocol/dist/parser.js:126:29)
at Parser.parse (/home/sri/pg.js/node_modules/pg-protocol/dist/parser.js:39:38)
at Socket.<anonymous> (/home/sri/pg.js/node_modules/pg-protocol/dist/index.js:11:42)
at Socket.emit (node:events:537:28)
at addChunk (node:internal/streams/readable:324:12)
at readableAddChunk (node:internal/streams/readable:297:9)
at Readable.push (node:internal/streams/readable:234:10)
at TCP.onStreamRead (node:internal/stream_base_commons:190:23) {
length: 104,
severity: 'ERROR',
code: '42P01',
...
Introspection
You can set the MOJO_PG_DEBUG
environment variable to get all SQL queries printed to STDERR
.
$ MOJO_PG_DEBUG=1 node myapp.js
INSERT INTO users (name) VALUES ($1)
...
Editor Support
Installation
All you need is Node.js 16.0.0 (or newer).
$ npm install @mojojs/pg
Support
If you have any questions the documentation might not yet answer, don't hesitate to ask in the Forum, on Matrix, or IRC.