Releases: kristofer84/mcp-postgres
Releases · kristofer84/mcp-postgres
Release list
v1.3.0: Read-only mode and security hardening
What's New
New Features
- Server-side read-only mode — Set
DB_READ_ONLY=trueto disable all write and DDL tools at the server level. Write tools are hidden from the tool list and cannot be called, regardless of client configuration.
Security
- SQL injection prevention — All table/column names are now properly quoted with
quoteIdent, preventing injection via crafted identifiers. - Multi-statement query blocking —
query_datanow rejects queries containing multiple statements, preventing piggyback attacks.
Bug Fixes
- Fixed semicolon false-positive — Semicolons inside string literals no longer trigger the multi-statement rejection.
update_datanow acceptsdataparameter — Consistent withinsert_data. The originalvaluesparameter still works.
Documentation
- Added least-privilege database role examples (read-only and read-write) to README.
- Documented
DB_READ_ONLYconfiguration and security recommendations.
Full Changelog: v1.2.1...v1.3.0
v1.2.1
Fix
- Removed pg deprecation warning —
get_connection_statusanddescribe_tablewere running multiple queries concurrently viaPromise.all()on a singlepg.Client, which does not support concurrent queries. Queries are now sequential, eliminating the warning ahead of pg@9.0.
v1.2.0
Security
- SQL injection via column names fixed — all column/identifier names are now quoted with PostgreSQL double-quote escaping (
quoteIdent) inupdate_data,delete_data,insert_data,count_rows,alter_table, andcreate_table - SSL
rejectUnauthorizedcorrected —sslmode=requirenow properly validates server certificates (rejectUnauthorized: true); previously it disabled validation - DDL injection prevented — column types and default values in
create_tableandalter_tableare now validated viasanitizeType()andsanitizeDefault()
Features
dry_runimplemented —update_dataanddelete_datanow honour thedry_run: trueparameter, returning a preview of affected rows without modifying any data- Row limit enforced —
update_dataanddelete_datanow cap affected rows at the declaredlimit(default 1000, max 10000) using actidsubquery - Statement timeout — all connections now apply a 30-second query timeout by default, configurable via
DB_STATEMENT_TIMEOUTenv var
Refactoring
- Extracted triplicated SSL configuration logic into a single
buildSslConfig()helper
Testing
- CI now spins up a real PostgreSQL 16 service and runs the full integration test suite
dry_runtests are now active (were previously skipped)npm testrunsnode test-tools.mjs
v1.1.2: Allow comments in query
v1.1.1: More tools
More tools, options and tests.
v1.0.14: Better handling of reconnect
Better handling of reconnect