chore: upgrade fork to upstream pg@8.20.0#29
Merged
Conversation
Throwing error will not allow "finally" execution, so client.release() must be invoked before it.
…anc#3412) Bumps [eslint-plugin-prettier](https://github.com/prettier/eslint-plugin-prettier) from 5.1.2 to 5.2.5. - [Release notes](https://github.com/prettier/eslint-plugin-prettier/releases) - [Changelog](https://github.com/prettier/eslint-plugin-prettier/blob/main/CHANGELOG.md) - [Commits](prettier/eslint-plugin-prettier@v5.1.2...v5.2.5) --- updated-dependencies: - dependency-name: eslint-plugin-prettier dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This reverts commit dcb4257. The change doesn’t fix the bug it claims to (`finally` always runs) and introduces a resource leak if the `ROLLBACK` query fails. The related bug that a broken client can be returned to the pool remains unaffected either way.
Two new functions are introduced to make it easy for TypeScript users to use a PostgresSQL connection string with pg Client. Fixes brianc#2280
…rianc#3419) This hid the error fixed in brianc#3263, for example.
Allows user to change the semantics of `sslmode` to be as close as possible to libpq semantics. The opt in can be enabled using `useLibpqCompat` parsing option or the non-standard `uselibpqcompat` query string parameter. --------- Co-authored-by: Charmander <~@charmander.me> Co-authored-by: Herman J. Radtke III <herman@hermanradtke.com>
* build: add esm exports * fix: add defaults as per arethetypeswrong report * fix: add missing types * lint * Fix broken tests * Add (failing) test for esm compat * Begin moving files to proper extension and adding tests * Add tests for connection-string and fix cloudflare module type and esm compat * Add query-stream and cursor as esm exports * Update PR copilot review * Publish - pg-cloudflare@1.1.2-alpha.0 - pg-connection-string@2.7.1-alpha.0 - pg-cursor@2.13.2-alpha.0 - pg-esm-test@1.0.1-alpha.0 - pg-native@3.3.1-alpha.0 - pg-pool@3.8.1-alpha.0 - pg-protocol@1.8.1-alpha.0 - pg-query-stream@4.8.2-alpha.0 - pg@8.14.2-alpha.0 * More cf compat work * Publish - pg-cloudflare@1.1.2-alpha.1 - pg-cursor@2.13.2-alpha.1 - pg-esm-test@1.0.1-alpha.1 - pg-pool@3.8.1-alpha.1 - pg-query-stream@4.8.2-alpha.1 - pg@8.14.2-alpha.1 * Add more cf compat and update tests * Make tests pass - update exports for esm * Use env vars for test connection in cf tests * Fix lint * Fit vitest into existing legacy framework * Skip worker tests on node below 18 * Revert doc changes for now * Remove legacy worker test in favor of vitest --------- Co-authored-by: Luca Ban <mesqueeb@users.noreply.github.com>
- client_encoding - fallback_application_name - options
Prior to v2.8.0, the parse function was the default when using import. When esm compatibility was introduced in v2.8.0, there was not default specified. This broke existing code that relied on that default. Fixes brianc#3424
…#3428) * fix(exports): resolve issues with module imports and requires * fix(pg-native): add support for lib module resolution in package.json
* Update docs - start * Add logo & discord * Start updating docs for esm style imports * Update docs with logo & info on pooling * Update more import statements --------- Co-authored-by: Brian Carlson <brian.carlson@getcruise.com>
Co-authored-by: Brian Carlson <brian.carlson@getcruise.com>
…earna and not needed (brianc#3441) Co-authored-by: Brian Carlson <brian.carlson@getcruise.com>
* Support Min connection pool parameter brianc#3009 * Remove extraneous change * streamline code
* Update docs for pool * Letting my robot overlords proofread for me --------- Co-authored-by: Brian Carlson <brian.carlson@getcruise.com>
* Pass connection parameters to password callback * Works on my machine - adding logging for gh actions * More debugging logging in tests * Blank out password in unit test * Try again... * Remove debugging
…anc#2810) * fix(pg-query-stream): invoke `this.callback` on cursor end/error Closes brianc#2013 * fix(Client): respect `callback` argument for `Submittable` case * Add tests * Remove log * Fix lint --------- Co-authored-by: Brian Carlson <brian.m.carlson@gmail.com>
Simple typo fix.
* Deprecate Client's internal query queue * lint * Minor cleanup
Co-authored-by: Corey Van Woert <corey.vanwoert@helloalfred.com>
* Fix mocha in node 25 * Bump more mochas
* docs: upgrade to nextra v3 * fix: top-level docs:start script Additionally, remove non-working `start` command from docs `package.json`, as it was replaced by `dev` for consistency with the `README.md` in that directory.
Bumps [semver](https://github.com/npm/node-semver) from 7.7.2 to 7.7.4. - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.7.2...v7.7.4) --- updated-dependencies: - dependency-name: semver dependency-version: 7.7.4 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fix: typo in deprecation notice for client.query() * fix: typo in deprecation notice for client.query()
Rename root package, pg, and pg-protocol to the @supabase/* scope and point repository / homepage URLs at supabase/node-postgres. Update the pg → pg-protocol dependency to the npm-alias form so consumers keep using the upstream "pg-protocol" import name while resolving to our fork's @supabase/pg-protocol on npm.
The supabase fork doesn't run upstream's full integration test matrix in GitHub Actions. Drop ci.yml and add the deploy workflows used to publish @supabase/pg and @supabase/pg-protocol to npm via trusted publishing (id-token: write, no NPM_TOKEN secret). Both workflows fire on push to master under their respective package paths and are also dispatchable manually. Node bumped to 20 since upstream now requires >= 16.0.0 and node 18 is end-of-life.
Add a maxResultSize option to bound the bytes returned by a query, so runaway result sets cannot exhaust process memory. When the limit is exceeded the connection is terminated and the query rejects with a Error tagged code='RESULT_SIZE_EXCEEDED' carrying resultSize and maxResultSize fields. Implemented for both the JS Connection (per- message accounting in the parse callback, terminating the connection on overflow) and the libpq-backed NativeQuery (post-result accounting via a size estimator, with the error re-emitted on the client). Defaults to undefined (feature off) so behavior is unchanged unless opted in. Re-applied on top of upstream pg@8.20.0; the JS Connection's attachListeners is split into a no-overhead standard path and a size-tracking path so the cost is paid only when the limit is set.
Wrap the handlePacket switch in a try/catch so any exception thrown from the parse*Message helpers (e.g. on malformed protocol bytes from a misbehaving / proxied server) is converted into a DatabaseError and returned through the normal callback path instead of escaping the parse stream as an uncatchable exception that crashes the host process. Also release the buffer reader on every exit path (success, default, and the new catch arm) so a faulty packet never retains the input buffer in this.reader.
Record origin/master as a parent of this branch using the 'ours' merge strategy so the PR can land with a fast-forward (or single merge commit) and master's history is only ever appended to — no force push. The branch tree is already the desired final state (upstream pg@8.20.0 plus the four supabase patches), so we discard origin/master's tree contributions on purpose. The 33 obsolete fork chore commits (renames, dependabot bumps, dist scaffolding, ad-hoc release chores) remain reachable in git ancestry but no longer affect any file in master.
Carry forward the fork customizations that were previously on master but were dropped when this branch was rebuilt from the upstream pg@8.20.0 tag (commit 'becad889 rebrand packages to @supabase scope' only updated the three packages we actually republish to npm). - packages/pg-cloudflare, pg-connection-string, pg-cursor, pg-native, pg-pool, pg-query-stream: point repository.url / bugs.url / homepage at supabase/node-postgres so contributors browsing our fork land in the right repo (matches commit d1ab821 'update packages.json for supabase scope' from the original fork). pg-pool's bugs/homepage are pointed at the consolidated path under packages/pg-pool, since upstream long ago folded the standalone node-pg-pool repo into this monorepo. - packages/pg/README.md: install snippet says '@supabase/pg' (matches the rebrand commit's package.json change). - root package.json: re-add the 'packageManager' field pinning yarn 1.22.22 with sha (used by corepack on master).
soedirgo
approved these changes
May 11, 2026
This was referenced May 12, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Bring the fork up to upstream
pg@8.20.0/pg-protocol@1.13.0(and the matching upstream tree for the rest of the monorepo) while preserving the two Supabase-specific changes that downstream consumers depend on. Built on top of upstream's tag rather than via a merge to avoid a conflict storm with the parser refactor and thevar→let/constmigration.What's in this PR
Branch starts at upstream tag
pg@8.20.0(commitc9070cc8) and adds five commits:pg,pg-protocolpackage names + repo URLs;pg → pg-protocoldep moves tonpm:@supabase/pg-protocol@^1.13.0ci.yml; restoresdeploy-pg.ymlanddeploy-pg-protocol.yml(trusted publishing, noNPM_TOKEN); bumps node to 20RESULT_SIZE_EXCEEDEDfeature on top of upstream's refactoredconnection.js/client.js/defaults.js/native/*+ the 131-line integration test. JS path uses a per-message dispatcher (no overhead when the limit is unset); native path uses post-result accounting + re-emits the error onclient.native.connectionhandlePacketswitch in a try/catch so malformed protocol bytes surface as aDatabaseErrorthrough the normal callback path instead of crashing the host process; releases the buffer reader on every exit pathmerge -s ours origin/masterso this PR can land without force-push. The branch tree is unchanged;master's 33 obsolete chore commits stay reachable in git ancestry but no longer affect any fileRe-applied feature commits are byte-for-byte equivalent to the originals (
0e786d23,88c9a2da) modulo the necessary adjustments for upstream's refactored signatures (parser is no longer a single class with allparse*methods inline;var→const/letetc.).What gets dropped
Everything that lives only in
mastertoday and is now obsolete:dist/artifacts that used to be committed (upstream's.gitignorealready excludes them and trusted publishing builds during the workflow)What gets republished
@supabase/pg@8.20.0(was0.0.3) — version aligns 1:1 with upstream so consumers can reason about exactly which upstream release they're on@supabase/pg-protocol@1.13.0(was0.0.2) — same reasoningTrigger is path-based and automatic: the merge commit modifies both
packages/pg/**andpackages/pg-protocol/**, so bothdeploy-pg.ymlanddeploy-pg-protocol.ymlwill run on push to master.Test plan
pg-protocolbuilds cleanly (verified in isolation since thenpm:@supabase/pg-protocol@^1.13.0alias only resolves post-publish — same chicken-and-egg as the existing fork)pg-protocolunit tests pass (mocha 'dist/**/*.test.js')pg/lib/*.jsfiles passnode --checkorigin/master(git merge-base origin/master HEAD == origin/master)merge -s oursproduced no tree change (git diff <pre-merge> HEADis empty)postgres-metatest suite (incl.result-size-limit.ts) runs against the new@supabase/pg@8.20.0— separate PR in the postgres-meta repoDownstream follow-up (separate PR, postgres-meta repo)
postgres-meta/package.json lines 55 / 58 → bump to
npm:@supabase/pg@8.20.0/npm:@supabase/pg-protocol@1.13.0and re-runresult-size-limit.ts.Fixes PGMETA-95