andywer / postguard Goto Github PK

Important for validation of INSERTs. Also need to add InsertionValues<Schema> for type inference from schema..

Be aware that Schema.nullable() implies a DEFAULT NULL, at least in Postgres (& MySQL).

Also related to #8.

Fail if type cannot be inferred in TypeScript code. So every (?) warning should become an error in strict mode.

Hi,
Looks like a great tool 👍
Is it possible to use programmatically and without squid?

We have a large codebase which uses knex. Changing to use squid is a significant amount of work. However we would love to use this tool to check all possible SQL variations we generate and preferably do it programmatically within our unit tests.
Since knex can generate the plain SQL strings, is there a way to simply pass a SQL string for validation?

I'm not sure if this is something that postguard handles.

I have a table like this:

CREATE TABLE users (
  id uuid PRIMARY KEY DEFAULT gen_random_uuid (),
  name text NOT NULL,
);

Then in my code:

const usersTable = defineTable('users', {
  id: Schema.Number,
  name: Schema.String,
});

type UserRecord = TableRow<typeof usersTable>;

console.log(await pool.query<UserRecord>(
  sql`SELECT id, name FROM users WHERE name = 'test'`,
));

Postguard sees no issues here. I was hoping it would fail since I defined id in the table as Schema.Number but the data type of the id column is uuid which is parsed as a string by node-postgres. Am I doing something wrong or this is not supported / not how it works?

Thanks for writing this library, it's exactly what I was looking for.

Is there a way to support column aliases? Here's what I get right now:

✖ Query validation failed in server/models/SomeModel.ts:39:13:

  No table in the query's scope has a column "user_token".
  Tables in scope: "some_table"

  37 | export async function getUserToken(requestId: string): Promise<string | null> {
  38 |   const { rows } = await database.query<{user_token: string}>(sql`
> 39 |     SELECT details -> 'user_token' AS user_token FROM some_table WHERE
     |            ^
  40 |       request_id = ${requestId} AND
  41 |       details -> 'user_token' IS NOT NULL
  42 |     ORDER BY timestamp DESC;

The workaround that seems to be fine is by using sql.raw:

    SELECT ${sql.raw('details -> \'user_token\' AS user_token')} FROM some_table WHERE 
      request_id = ${requestId} AND 
      details -> 'user_token' IS NOT NULL
    ORDER BY timestamp DESC;

Is this the best way to handle it? Thanks!

I am probably doing something wrong

this is the table in code

const usersTable = defineTable("users", {
  uuid: Schema.default(Schema.Uuid),
  phone: Schema.String,
  created_ts: Schema.default(Schema.Date),
});

export async function queryCreateUser(
  record: NewUserRecord
): Promise<UserRecord> {
  const query = sql`
  INSERT INTO users ${spreadInsert(record)} RETURNING phone
`;

my postgres table does not have the phone column at this point in time. Should postguard catch this issue?

spreadUpdate() has been added to squid in v0.4.0.

Match against the columns returned by the SELECT / INSERT ... RETURNING ... statement.

Add your feedback as a comment to this issue 📋

Something along those lines:

/* pg-lint:disable */
await database.query(sql`...`)

or

/* pg-lint:disable typechecks */
await database.query(sql`...`)