{"id":40419235,"url":"https://github.com/scriptcoded/sql-highlight","last_synced_at":"2026-01-20T15:05:44.896Z","repository":{"id":38075424,"uuid":"147309066","full_name":"scriptcoded/sql-highlight","owner":"scriptcoded","description":"A simple and lightweight SQL syntax highlighting library written in pure JavaScript","archived":false,"fork":false,"pushed_at":"2025-12-22T13:02:58.000Z","size":1362,"stargazers_count":41,"open_issues_count":1,"forks_count":14,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-12-23T23:59:54.596Z","etag":null,"topics":["hacktoberfest","highlighting","sql"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/scriptcoded.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":"scriptcoded"}},"created_at":"2018-09-04T07:55:08.000Z","updated_at":"2025-12-22T13:01:38.000Z","dependencies_parsed_at":"2023-10-16T23:26:31.224Z","dependency_job_id":"58332cda-01b7-49ed-b9c1-e929d3e09ed4","html_url":"https://github.com/scriptcoded/sql-highlight","commit_stats":{"total_commits":107,"total_committers":12,"mean_commits":8.916666666666666,"dds":"0.31775700934579443","last_synced_commit":"7340f224e1434de31935aeb370ec48e9fd5fe159"},"previous_names":[],"tags_count":26,"template":false,"template_full_name":null,"purl":"pkg:github/scriptcoded/sql-highlight","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scriptcoded%2Fsql-highlight","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scriptcoded%2Fsql-highlight/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scriptcoded%2Fsql-highlight/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scriptcoded%2Fsql-highlight/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/scriptcoded","download_url":"https://codeload.github.com/scriptcoded/sql-highlight/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scriptcoded%2Fsql-highlight/sbom","scorecard":{"id":806327,"data":{"date":"2025-08-11","repo":{"name":"github.com/scriptcoded/sql-highlight","commit":"144d74610dddf2a2bab708b955b3a47f1ef6d3f4"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.8,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 1/14 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Maintained","score":10,"reason":"16 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Pinned-Dependencies","score":2,"reason":"dependency not pinned by hash detected -- score normalized to 2","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-approve.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/scriptcoded/sql-highlight/auto-approve.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-merge.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/scriptcoded/sql-highlight/auto-merge.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/close-stale-issues.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/scriptcoded/sql-highlight/close-stale-issues.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/commitlint.yml:8: update your workflow using https://app.stepsecurity.io/secureworkflow/scriptcoded/sql-highlight/commitlint.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/commitlint.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/scriptcoded/sql-highlight/commitlint.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/scriptcoded/sql-highlight/lint.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/scriptcoded/sql-highlight/lint.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/scriptcoded/sql-highlight/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/scriptcoded/sql-highlight/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/scriptcoded/sql-highlight/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/scriptcoded/sql-highlight/test.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/scriptcoded/sql-highlight/test.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/scriptcoded/sql-highlight/test.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/scriptcoded/sql-highlight/test.yml/main?enable=pin","Info:   0 out of   8 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   6 third-party GitHubAction dependencies pinned","Info:   2 out of   2 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: jobLevel 'contents' permission set to 'write': .github/workflows/auto-merge.yml:11","Warn: no topLevel permission defined: .github/workflows/auto-approve.yml:1","Warn: no topLevel permission defined: .github/workflows/auto-merge.yml:1","Warn: no topLevel permission defined: .github/workflows/commitlint.yml:1","Warn: no topLevel permission defined: .github/workflows/lint.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/release.yml:12","Warn: no topLevel permission defined: .github/workflows/test.yml:1"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yml:15"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":2,"reason":"SAST tool is not run on all commits -- score normalized to 2","details":["Warn: 4 commits out of 19 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":8,"reason":"2 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-23T11:51:48.189Z","repository_id":38075424,"created_at":"2025-08-23T11:51:48.189Z","updated_at":"2025-08-23T11:51:48.189Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28606101,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-20T14:45:23.139Z","status":"ssl_error","status_checked_at":"2026-01-20T14:44:16.929Z","response_time":117,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacktoberfest","highlighting","sql"],"created_at":"2026-01-20T15:05:44.835Z","updated_at":"2026-01-20T15:05:44.887Z","avatar_url":"https://github.com/scriptcoded.png","language":"JavaScript","readme":"# sql-highlight\n\u003e A simple and lightweight library for highlighting SQL queries written in pure\n\u003e JavaScript\n\n[![Tests Status][tests-badge]][tests-url]\n[![Coverage Status][coveralls-badge]][coveralls-url]\n[![NPM Version][npm-version-badge]][npm-url]\n[![Bundle Size][bundlejs-badge]][bundlejs-url]\n\n## What's it all about?\nsql-highlight is a small package that highlights SQL queries. It can output to\nboth the terminal with Unicode escape sequences, as well as to normal HTML. Oh,\nand there are no external dependencies 😉\n\n## Installation\n\nsql-highlight is tested to work with Node.js 16, 18, 20, 22 and 24.\n\nInstall with Yarn:\n```bash\nyarn add sql-highlight\n```\nInstall with NPM:\n```bash\nnpm install sql-highlight\n```\n\n## Usage\n\n### In its most basic form\n```js\nconst { highlight } = require('sql-highlight')\n\nconst sqlString = \"SELECT `id`, `username` FROM `users` WHERE `email` = 'test@example.com'\"\n\nconst highlighted = highlight(sqlString)\n\nconsole.log(highlighted)\n```\n\n**Output:**\n\n![Screenshot](screenshot.png)\n\n### HTML mode\n\n```js\nconst { highlight } = require('sql-highlight')\n\nconst sqlString = \"SELECT `id`, `username` FROM `users` WHERE `email` = 'test@example.com'\"\n\nconst highlighted = highlight(sqlString, {\n  html: true\n})\n\ndocument.body.innerHTML += highlighted\n```\n\n**Output:**\n```html\n\u003cspan class=\"sql-hl-keyword\"\u003eSELECT\u003c/span\u003e\n\u003cspan class=\"sql-hl-identifier\"\u003e`id`\u003c/span\u003e\n\u003cspan class=\"sql-hl-special\"\u003e,\u003c/span\u003e\n\u003cspan class=\"sql-hl-identifier\"\u003e`username`\u003c/span\u003e\n\u003cspan class=\"sql-hl-keyword\"\u003eFROM\u003c/span\u003e\n\u003cspan class=\"sql-hl-identifier\"\u003e`users`\u003c/span\u003e\n\u003cspan class=\"sql-hl-keyword\"\u003eWHERE\u003c/span\u003e\n\u003cspan class=\"sql-hl-identifier\"\u003e`email`\u003c/span\u003e\n\u003cspan class=\"sql-hl-special\"\u003e=\u003c/span\u003e\n\u003cspan class=\"sql-hl-string\"\u003e'test@example.com'\u003c/span\u003e\n```\n\nSample styles to get you going can be found in\n[sample-style.css](./sample-style.css). To use them, append the output to a\n`code` tag with the class name `sql`, like this:\n```html\n\u003ccode class=\"sql\"\u003e\n  \u003cspan class=\"sql-hl-keyword\"\u003eSELECT\u003c/span\u003e\n  \u003cspan class=\"sql-hl-identifier\"\u003e`id`\u003c/span\u003e\n  \u003c!-- etc... --\u003e\n\u003c/code\u003e\n```\n\n## Options\nThe following options may be passed to the `highlight` function.\n\n| Option | Value | Default | Description |\n| --- | --- | --- | --- |\n| html | `boolean` | `false` | Set to true to render HTML instead of Unicode.\n| htmlEscaper | `(str: string) =\u003e string` | Basic escaper | Function to escape HTML entities. Uses a basic escaper by default. If HTML mode is used in a browser environment this could be useful to escape strings using the DOM.\n| classPrefix | `string` | `'sql-hl-'` | Prefix to prepend to classes for HTML span-tags. Is appended with entity name.\n| colors | `Object` | _See below_* | What color codes to use for Unicode rendering. A list of basic color codes can be found [here](https://docs.rs/embedded-text/0.4.0/embedded_text/style/index.html#standard-color-codes).\n\n\\* `colors` option default value\n```js\n{\n  keyword: '\\x1b[35m',  // SQL reserved keywords\n  function: '\\x1b[31m', // Functions\n  number: '\\x1b[32m',   // Numbers\n  string: '\\x1b[32m',   // Strings\n  special: '\\x1b[33m',  // Special characters\n  bracket: '\\x1b[33m',  // Brackets (parentheses)\n  comment: '\\x1b[2m\\x1b[90m', // Comments\n  clear: '\\x1b[0m'      // Clear (inserted after each match)\n}\n```\n\n## Custom highlighting\n\nIn case you want to do the highlighting yourself you can use `getSegments` to only let sql-highlight parse the SQL string for you. You can then use the segments to highlight it yourself.\n\n```js\nconst { getSegments } = require('sql-highlight')\n\nconst sqlString = \"SELECT `id`, `username` FROM `users` WHERE `email` = 'test@example.com'\"\n\nconst segments = getSegments(sqlString)\n\nconsole.log(segments)\n```\n\n**Output:**\n```js\n[\n    { name: 'keyword', content: 'SELECT' },\n    { name: 'whitespace', content: ' ' },\n    { name: 'identifier', content: '`id`' },\n    { name: 'special', content: ',' },\n    { name: 'whitespace', content: ' ' },\n    { name: 'identifier', content: '`username`' },\n    { name: 'whitespace', content: ' ' },\n    { name: 'keyword', content: 'FROM' },\n    { name: 'whitespace', content: ' ' },\n    { name: 'identifier', content: '`users`' },\n    { name: 'whitespace', content: ' ' },\n    { name: 'keyword', content: 'WHERE' },\n    { name: 'whitespace', content: ' ' },\n    { name: 'identifier', content: '`email`' },\n    { name: 'whitespace', content: ' ' },\n    { name: 'special', content: '=' },\n    { name: 'whitespace', content: ' ' },\n    { name: 'string', content: \"'test@example.com'\" }\n]\n```\n\n## Contributing\n\nSee the [contribution guidelines](CONTRIBUTING.md).\n\n## Tests\n\nWe use [Jest](https://jestjs.io/) for running our tests. The test suite can be run by running `npm run test`. This will run both Jest and Biome.\n\n## Code style\n\nWe use [Biome](https://biomejs.dev/) for making sure that our code remains pretty and consistent throughout the project. If your editor doesn't automatically pick up our config you can lint the code using `npm run lint`.\n\n## A note on Dependabot\n\n[Dependabot Auto\nMerge](https://github.com/marketplace/actions/dependabot-auto-merge) is\ninstalled in this repository to automatically merge dependabot PRs for minor\nversion updates. Only PRs that pass the tests get merged. No new releases will\nbe created for dependency updates as there are no production dependencies and a\nrelease would therefore be completely unnecessary.\n\n## Additional information\n\nMalcolm Nihlén - malcolm.nihlen@gmail.com\n\nDistributed under the MIT licence. See `LICENCE` for more information.\n\nhttps://github.com/scriptcoded\n\n## Disclaimer\nThis was initially a fork from https://github.com/pomahtuk/sequilize-highlight.\nThe repo wasn't being updated, NPM wasn't serving the latest version and there\nwas a severe memory leak. Though the latest version now exists on NPM, issues\nstill persist. This repo serves to address those problems, as well as providing\na cleaner interface that's not bound to Sequelize.\n\nWith version 3.0.0 the library was almost completely rewritten, which leaves\nvery little similarity with the original repo.\n\n[tests-badge]: https://img.shields.io/github/actions/workflow/status/scriptcoded/sql-highlight/test.yml?branch=main\u0026label=tests\n[tests-url]: https://github.com/scriptcoded/sql-highlight/actions/workflows/test.yml\n[coveralls-badge]: https://coveralls.io/repos/github/scriptcoded/sql-highlight/badge.svg\n[coveralls-url]: https://coveralls.io/github/scriptcoded/sql-highlight\n[npm-version-badge]: https://img.shields.io/npm/v/sql-highlight.svg\n[npm-url]: https://npmjs.org/package/sql-highlight\n[bundlejs-badge]: https://deno.bundlejs.com/?bundle\u0026q=sql-highlight\u0026badge\n[bundlejs-url]: https://bundlejs.com/?bundle\u0026q=sql-highlight\n","funding_links":["https://github.com/sponsors/scriptcoded"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fscriptcoded%2Fsql-highlight","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fscriptcoded%2Fsql-highlight","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fscriptcoded%2Fsql-highlight/lists"}