{"id":23262926,"url":"https://github.com/postgres-pool/postgres-pool","last_synced_at":"2025-12-29T01:51:03.970Z","repository":{"id":32456825,"uuid":"134292082","full_name":"postgres-pool/postgres-pool","owner":"postgres-pool","description":"Node.js postgres connection pool implementation for node-pg","archived":false,"fork":false,"pushed_at":"2025-09-08T05:11:41.000Z","size":2032,"stargazers_count":25,"open_issues_count":2,"forks_count":7,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-09-08T07:07:06.829Z","etag":null,"topics":["hacktoberfest","nodejs","postgres","postgresql"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/postgres-pool.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":"jgeurts","patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"custom":null}},"created_at":"2018-05-21T16:01:11.000Z","updated_at":"2025-09-08T05:10:23.000Z","dependencies_parsed_at":"2024-06-18T22:40:15.831Z","dependency_job_id":"dfeb0d24-3240-4f93-81f5-9078dcea7e8b","html_url":"https://github.com/postgres-pool/postgres-pool","commit_stats":{"total_commits":139,"total_committers":8,"mean_commits":17.375,"dds":0.09352517985611508,"last_synced_commit":"7a45dd2b2822f30321e8adac18a9eceb0b4c8e20"},"previous_names":["mpirik/postgres-pool"],"tags_count":96,"template":false,"template_full_name":null,"purl":"pkg:github/postgres-pool/postgres-pool","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/postgres-pool%2Fpostgres-pool","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/postgres-pool%2Fpostgres-pool/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/postgres-pool%2Fpostgres-pool/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/postgres-pool%2Fpostgres-pool/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/postgres-pool","download_url":"https://codeload.github.com/postgres-pool/postgres-pool/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/postgres-pool%2Fpostgres-pool/sbom","scorecard":{"id":667696,"data":{"date":"2025-08-11","repo":{"name":"github.com/postgres-pool/postgres-pool","commit":"87bc3634c99a56f109ee3f2c827305a8934534d8"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6.5,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":9,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:23","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:24","Info: topLevel 'contents' permission set to 'read': .github/workflows/ci.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:10","Warn: topLevel 'statuses' permission set to 'write': .github/workflows/lint.yml:14","Info: topLevel 'contents' permission set to 'read': .github/workflows/lint.yml:12","Info: topLevel 'packages' permission set to 'read': .github/workflows/lint.yml:13","Info: topLevel 'contents' permission set to 'read': .github/workflows/release.yml:11","Info: topLevel 'pull-requests' permission set to 'read': .github/workflows/semantic-pr-titles.yml:11","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Pinned-Dependencies","score":2,"reason":"dependency not pinned by hash detected -- score normalized to 2","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/postgres-pool/postgres-pool/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/postgres-pool/postgres-pool/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/postgres-pool/postgres-pool/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/postgres-pool/postgres-pool/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/postgres-pool/postgres-pool/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/postgres-pool/postgres-pool/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/postgres-pool/postgres-pool/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/postgres-pool/postgres-pool/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/postgres-pool/postgres-pool/lint.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/postgres-pool/postgres-pool/lint.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/postgres-pool/postgres-pool/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/postgres-pool/postgres-pool/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/semantic-pr-titles.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/postgres-pool/postgres-pool/semantic-pr-titles.yml/main?enable=pin","Warn: containerImage not pinned by hash: .devcontainer/Dockerfile:1: pin your Docker image by updating mcr.microsoft.com/devcontainers/javascript-node:24 to mcr.microsoft.com/devcontainers/javascript-node:24@sha256:eac37fbeb0dd1ded8ae31a93f1f3e0defc413715e7541e2ba5a5c10079777f62","Info:   0 out of  11 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 third-party GitHubAction dependencies pinned","Info:   0 out of   1 containerImage dependencies pinned","Info:   2 out of   2 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yml:14"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"SAST","score":7,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 0 commits out of 13 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":9,"reason":"1 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-xffm-g5w8-qvg7"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-21T18:41:21.140Z","repository_id":32456825,"created_at":"2025-08-21T18:41:21.140Z","updated_at":"2025-08-21T18:41:21.140Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274237900,"owners_count":25247101,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-09T02:00:10.223Z","response_time":80,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacktoberfest","nodejs","postgres","postgresql"],"created_at":"2024-12-19T14:13:11.469Z","updated_at":"2025-12-29T01:51:03.927Z","avatar_url":"https://github.com/postgres-pool.png","language":"TypeScript","funding_links":["https://github.com/sponsors/jgeurts"],"categories":[],"sub_categories":[],"readme":"# postgres-pool\n\n[![NPM version](https://img.shields.io/npm/v/postgres-pool.svg?style=flat)](https://npmjs.org/package/postgres-pool)\n[![node version](https://img.shields.io/node/v/postgres-pool.svg?style=flat)](https://nodejs.org)\n[![Known Vulnerabilities](https://snyk.io/test/npm/postgres-pool/badge.svg)](https://snyk.io/test/npm/postgres-pool)\n\nConnection pool implementation for [pg](https://node-postgres.com/). Compatible with [pg-pool](https://github.com/brianc/node-pg-pool) options and syntax.\n\n## Why?\n\n- There were some connection timeout issues that we encountered with pg-pool and the npm was not being updated.\n- [Added graceful cluster failover](#handle-cluster-failover-gracefully)\n- [Added default AWS TLS settings via `ssl='aws-rds'`](#aws-rds-specific-tls-settings-for-connections)\n- Typescript is used to enforce type safety and promises are preferred over callbacks.\n\n## Getting Started\n\n### Simple query (automatically releases connection after query - recommended)\n\n```ts\nimport { Pool } from 'postgres-pool';\n\nconst pool = new Pool({\n  connectionString: 'postgres://username:pwd@127.0.0.1/db_name',\n});\n\nconst userId = 42;\nconst results = await pool.query('SELECT * from \"users\" where id=$1', [userId]);\n\nconsole.log('user:', results.rows[0]);\n```\n\n### Using named parameters in the query\n\n```ts\nimport { Pool } from 'postgres-pool';\n\nconst pool = new Pool({\n  connectionString: 'postgres://username:pwd@127.0.0.1/db_name',\n});\n\nconst userId = 42;\nconst results = await pool.query('SELECT * from \"users\" where id=@id', {\n  id: userId,\n});\n\nconsole.log('user:', results.rows[0]);\n```\n\n### More control over connections (not recommended)\n\n```ts\nimport { Pool } from 'postgres-pool';\n\nconst pool = new Pool({\n  connectionString: 'postgres://username:pwd@127.0.0.1/db_name',\n});\n\nconst userId = 42;\nconst connection = await pool.connect();\ntry {\n  const results = await connection.query('SELECT * from \"users\" where id=$1', [userId]);\n  console.log('user:', results.rows[0]);\n} finally {\n  // NOTE: You MUST call connection.release() to return the connection back to the pool\n  await connection.release();\n}\n```\n\n### Handle errors from connections in the pool\n\n```ts\nimport { Pool } from 'postgres-pool';\n\nconst pool = new Pool({\n  connectionString: 'postgres://username:pwd@127.0.0.1/db_name',\n});\n\npool.on('error', (err) =\u003e {\n  console.error('Unexpected error on idle client', err);\n  process.exit(-1);\n});\n```\n\n### Graceful shutdown\n\n```ts\nimport { Pool } from 'postgres-pool';\n\nconst pool = new Pool({\n  connectionString: 'postgres://username:pwd@127.0.0.1/db_name',\n});\n\nawait pool.end();\n```\n\n### Explicit connection details instead of a connection string\n\n```ts\nimport { Pool } from 'postgres-pool';\n\nconst pool = new Pool({\n  host: '127.0.0.1',\n  database: 'db_name',\n  user: 'foo',\n  password: 'bar',\n  port: 1234,\n});\n```\n\n### AWS RDS specific TLS settings for connections\n\nSetting ssl='aws-rds' will:\n\n- configure the [AWS root certificate](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html)\n- reject any connection which is not authorized with the list of supplied CAs.\n- attempt to use TLSv1.2 as the minimum TLS version.\n\nIt is the same as:\n\n```ts\nimport { Pool } from 'postgres-pool';\n\nconst pool = new Pool({\n  ssl: {\n    rejectUnauthorized: true,\n    ca: fs.readFileSync('./certs/rds-global-bundle.pem'),\n    minVersion: 'TLSv1.2',\n  },\n});\n```\n\n```ts\nimport { Pool } from 'postgres-pool';\n\nconst pool = new Pool({\n  connectionString: 'postgres://username:pwd@127.0.0.1/db_name',\n  ssl: 'aws-rds',\n});\n```\n\n### TLS details for a connection\n\n```ts\nimport { Pool } from 'postgres-pool';\n\nconst pool = new Pool({\n  host: '127.0.0.1',\n  database: 'db_name',\n  user: 'foo',\n  password: 'bar',\n  port: 1234,\n  ssl: {\n    rejectUnauthorized: false,\n    ca: fs.readFileSync('/path/to/server-certificates/root.crt').toString(),\n    key: fs.readFileSync('/path/to/client-key/postgresql.key').toString(),\n    cert: fs.readFileSync('/path/to/client-certificates/postgresql.crt').toString(),\n  },\n});\n```\n\n### Change size of the pool\n\n```ts\nimport { Pool } from 'postgres-pool';\n\nconst pool = new Pool({\n  connectionString: 'postgres://username:pwd@127.0.0.1/db_name',\n  poolSize: 10, // Default is 10 connections\n});\n```\n\n### Change retry on error settings\n\n```ts\nimport { Pool } from 'postgres-pool';\n\nconst pool = new Pool({\n  connectionString: 'postgres://username:pwd@127.0.0.1/db_name',\n  // Number of retries to attempt when there's an error matching `retryConnectionErrorCodes`. A value of 0 will disable connection retry.\n  retryConnectionMaxRetries: 5,\n  // Milliseconds to wait between retry connection attempts after receiving a connection error with code that matches `retryConnectionErrorCodes`. A value of 0 will try reconnecting immediately.\n  retryConnectionWaitMillis: 100,\n  // Error codes to trigger a connection retry.\n  retryConnectionErrorCodes: ['ENOTFOUND', 'EAI_AGAIN'],\n});\n```\n\n### Change timeout thresholds\n\n```ts\nimport { Pool } from 'postgres-pool';\n\nconst pool = new Pool({\n  connectionString: 'postgres://username:pwd@127.0.0.1/db_name',\n  // Time to keep a connection idle. Default is 10s\n  idleTimeoutMillis: 10000,\n  // Time to wait to obtain a connection from the pool. Default is 90s\n  waitForAvailableConnectionTimeoutMillis: 90000,\n  // Max time to connect to postgres. Default is 5s\n  connectionTimeoutMillis: 5000,\n});\n```\n\n### Handle cluster failover gracefully\n\nWhen a cluster has a failover event, promoting a read-replica to master, there can be a couple sets of errors that\nhappen with already established connections in the pool as well as new connections before\nthe cluster is available in a ready state.\n\nBy default, when making a new postgres connection and the server throws an error with a message like:\n`the database system is starting up`, the postgres-pool library will attempt to reconnect\n(with no delay between attempts) for a maximum of 90s.\n\nSimilarly, if a non-readonly query (create/update/delete/etc) is executed on a readonly connection, the server will\nthrow an error with a message like: `cannot execute UPDATE in a read-only transaction`. This can occur when a\nconnection to a db cluster is established and the cluster fails over before the connection is terminated, thus the\nconnected server becomes a read-replica instead of the expected master.\nThe postgres-pool library will attempt to reconnect (with no delay between attempts) for a maximum of 90s and will\ntry to execute the query on the new connection.\n\nDefaults can be overridden and this behavior can be disabled entirely by specifying different values for the\npool options below:\n\n```ts\nimport { Pool } from 'postgres-pool';\n\nconst pool = new Pool({\n  connectionString: 'postgres://username:pwd@127.0.0.1/db_name',\n  // Enable/disable reconnecting on \"the database system is starting up\" errors\n  reconnectOnDatabaseIsStartingError: true,\n  // Milliseconds to wait between retry connection attempts while the database is starting up\n  waitForDatabaseStartupMillis: 0,\n  // If connection attempts continually return \"the database system is starting up\", this is the total number of milliseconds to wait until an error is thrown.\n  databaseStartupTimeoutMillis: 90000,\n  // If the query should be retried when the database throws \"cannot execute X in a read-only transaction\"\n  reconnectOnReadOnlyTransactionError: true,\n  // Milliseconds to wait between retry queries while the connection is marked as read-only\n  waitForReconnectReadOnlyTransactionMillis: 0,\n  // If queries continually return \"cannot execute X in a read-only transaction\", this is the total number of milliseconds to wait until an error is thrown\n  readOnlyTransactionReconnectTimeoutMillis: 90000,\n  // If the query should be retried when the database throws \"Client has encountered a connection error and is not queryable\"\n  reconnectOnConnectionError: true,\n  // Milliseconds to wait between retry queries after receiving a connection error\n  waitForReconnectConnectionMillis: 0,\n  // If queries continually return \"Client has encountered a connection error and is not queryable\", this is the total number of milliseconds to wait until an error is thrown\n  connectionReconnectTimeoutMillis: 90000,\n});\n```\n\n## Compatibility\n\n- Node.js v16 or above\n\n## License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpostgres-pool%2Fpostgres-pool","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpostgres-pool%2Fpostgres-pool","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpostgres-pool%2Fpostgres-pool/lists"}