Skip to content

Releases: kristofer84/mcp-postgres

v1.3.0: Read-only mode and security hardening

Choose a tag to compare

@kristofer84 kristofer84 released this 21 May 08:24

What's New

New Features

  • Server-side read-only mode — Set DB_READ_ONLY=true to disable all write and DDL tools at the server level. Write tools are hidden from the tool list and cannot be called, regardless of client configuration.

Security

  • SQL injection prevention — All table/column names are now properly quoted with quoteIdent, preventing injection via crafted identifiers.
  • Multi-statement query blockingquery_data now rejects queries containing multiple statements, preventing piggyback attacks.

Bug Fixes

  • Fixed semicolon false-positive — Semicolons inside string literals no longer trigger the multi-statement rejection.
  • update_data now accepts data parameter — Consistent with insert_data. The original values parameter still works.

Documentation

  • Added least-privilege database role examples (read-only and read-write) to README.
  • Documented DB_READ_ONLY configuration and security recommendations.

Full Changelog: v1.2.1...v1.3.0

v1.2.1

Choose a tag to compare

@kristofer84 kristofer84 released this 20 Mar 20:32

Fix

  • Removed pg deprecation warningget_connection_status and describe_table were running multiple queries concurrently via Promise.all() on a single pg.Client, which does not support concurrent queries. Queries are now sequential, eliminating the warning ahead of pg@9.0.

v1.2.0

Choose a tag to compare

@kristofer84 kristofer84 released this 20 Mar 18:02

Security

  • SQL injection via column names fixed — all column/identifier names are now quoted with PostgreSQL double-quote escaping (quoteIdent) in update_data, delete_data, insert_data, count_rows, alter_table, and create_table
  • SSL rejectUnauthorized correctedsslmode=require now properly validates server certificates (rejectUnauthorized: true); previously it disabled validation
  • DDL injection prevented — column types and default values in create_table and alter_table are now validated via sanitizeType() and sanitizeDefault()

Features

  • dry_run implementedupdate_data and delete_data now honour the dry_run: true parameter, returning a preview of affected rows without modifying any data
  • Row limit enforcedupdate_data and delete_data now cap affected rows at the declared limit (default 1000, max 10000) using a ctid subquery
  • Statement timeout — all connections now apply a 30-second query timeout by default, configurable via DB_STATEMENT_TIMEOUT env var

Refactoring

  • Extracted triplicated SSL configuration logic into a single buildSslConfig() helper

Testing

  • CI now spins up a real PostgreSQL 16 service and runs the full integration test suite
  • dry_run tests are now active (were previously skipped)
  • npm test runs node test-tools.mjs

v1.1.2: Allow comments in query

Choose a tag to compare

@kristofer84 kristofer84 released this 16 Nov 07:05
1.1.2

v1.1.1: More tools

Choose a tag to compare

@kristofer84 kristofer84 released this 14 Nov 12:11

More tools, options and tests.

v1.0.14: Better handling of reconnect

Choose a tag to compare

@kristofer84 kristofer84 released this 14 Nov 11:37
Better handling of reconnect

v1.0.13: Updated certificate location

Choose a tag to compare

@kristofer84 kristofer84 released this 17 Oct 11:47
1.0.13

v1.0.11: Updated flows

Choose a tag to compare

@kristofer84 kristofer84 released this 16 Oct 19:17
1.0.11

v1.0.10: Updated flows

Choose a tag to compare

@kristofer84 kristofer84 released this 16 Oct 19:07
1.0.10

v1.0.9: Updated flows

Choose a tag to compare

@kristofer84 kristofer84 released this 16 Oct 17:34
1.0.9