Getting Started with eslint-plugin-pg

Quick Install ## Flat Config ## Run ESLint ## Rule Overview ## Quick Wins ## Before ## Before ## Available Presets ## Customizing Rules ## Performance ## Combine with Other Plugins ## Quick Reference 13 PostgreSQL-specific rules. SQL injection, connection pools, transactions. You'll see output like: 📦 npm: eslint-plugin-pg 📖 Full Rule List 🚀 Using node-postgres? Drop a star on GitHub! Follow me for more posts and updates, GitHub | LinkedIn | dev.to Templates let you quickly answer FAQs or store snippets for re-use. Are you sure you want to hide this comment? It will become hidden in your post, but will still be visible via the comment's permalink. Hide child comments as well For further actions, you may consider blocking this person and/or reporting abuse COMMAND_BLOCK: npm install --save-dev eslint-plugin-pg Enter fullscreen mode Exit fullscreen mode COMMAND_BLOCK: npm install --save-dev eslint-plugin-pg COMMAND_BLOCK: npm install --save-dev eslint-plugin-pg CODE_BLOCK: // eslint.config.js import pg from 'eslint-plugin-pg'; export default [pg.configs.recommended]; Enter fullscreen mode Exit fullscreen mode CODE_BLOCK: // eslint.config.js import pg from 'eslint-plugin-pg'; export default [pg.configs.recommended]; CODE_BLOCK: // eslint.config.js import pg from 'eslint-plugin-pg'; export default [pg.configs.recommended]; CODE_BLOCK: npx eslint . Enter fullscreen mode Exit fullscreen mode CODE_BLOCK: npx eslint . CODE_BLOCK: npx eslint . CODE_BLOCK: src/users.ts 15:3 error 🔒 CWE-89 OWASP:A03 CVSS:9.8 | Unsafe SQL query detected Fix: Use parameterized query: client.query('SELECT * FROM users WHERE id = $1', [id]) src/orders.ts 28:5 error 🔒 CWE-772 | pool.connect() without client.release() Fix: Add client.release() in finally block Enter fullscreen mode Exit fullscreen mode CODE_BLOCK: src/users.ts 15:3 error 🔒 CWE-89 OWASP:A03 CVSS:9.8 | Unsafe SQL query detected Fix: Use parameterized query: client.query('SELECT * FROM users WHERE id = $1', [id]) src/orders.ts 28:5 error 🔒 CWE-772 | pool.connect() without client.release() Fix: Add client.release() in finally block CODE_BLOCK: src/users.ts 15:3 error 🔒 CWE-89 OWASP:A03 CVSS:9.8 | Unsafe SQL query detected Fix: Use parameterized query: client.query('SELECT * FROM users WHERE id = $1', [id]) src/orders.ts 28:5 error 🔒 CWE-772 | pool.connect() without client.release() Fix: Add client.release() in finally block CODE_BLOCK: // ❌ SQL Injection const query = `SELECT * FROM users WHERE id = '${userId}'`; await pool.query(query); Enter fullscreen mode Exit fullscreen mode CODE_BLOCK: // ❌ SQL Injection const query = `SELECT * FROM users WHERE id = '${userId}'`; await pool.query(query); CODE_BLOCK: // ❌ SQL Injection const query = `SELECT * FROM users WHERE id = '${userId}'`; await pool.query(query); CODE_BLOCK: // ✅ Parameterized Query const query = 'SELECT * FROM users WHERE id = $1'; await pool.query(query, [userId]); Enter fullscreen mode Exit fullscreen mode CODE_BLOCK: // ✅ Parameterized Query const query = 'SELECT * FROM users WHERE id = $1'; await pool.query(query, [userId]); CODE_BLOCK: // ✅ Parameterized Query const query = 'SELECT * FROM users WHERE id = $1'; await pool.query(query, [userId]); CODE_BLOCK: // ❌ Connection Leak const client = await pool.connect(); const result = await client.query('SELECT * FROM users'); return result.rows; // Missing client.release()! Enter fullscreen mode Exit fullscreen mode CODE_BLOCK: // ❌ Connection Leak const client = await pool.connect(); const result = await client.query('SELECT * FROM users'); return result.rows; // Missing client.release()! CODE_BLOCK: // ❌ Connection Leak const client = await pool.connect(); const result = await client.query('SELECT * FROM users'); return result.rows; // Missing client.release()! CODE_BLOCK: // ✅ Guaranteed Release const client = await pool.connect(); try { const result = await client.query('SELECT * FROM users'); return result.rows; } finally { client.release(); } Enter fullscreen mode Exit fullscreen mode CODE_BLOCK: // ✅ Guaranteed Release const client = await pool.connect(); try { const result = await client.query('SELECT * FROM users'); return result.rows; } finally { client.release(); } CODE_BLOCK: // ✅ Guaranteed Release const client = await pool.connect(); try { const result = await client.query('SELECT * FROM users'); return result.rows; } finally { client.release(); } CODE_BLOCK: // Security + best practices pg.configs.recommended; // All rules enabled pg.configs.all; Enter fullscreen mode Exit fullscreen mode CODE_BLOCK: // Security + best practices pg.configs.recommended; // All rules enabled pg.configs.all; CODE_BLOCK: // Security + best practices pg.configs.recommended; // All rules enabled pg.configs.all; CODE_BLOCK: // eslint.config.js import pg from 'eslint-plugin-pg'; export default [ pg.configs.recommended, { rules: { // Downgrade to warning 'pg/prefer-pool-query': 'warn', // Increase strictness 'pg/no-unsafe-query': [ 'error', { allowLiteral: false, }, ], }, }, ]; Enter fullscreen mode Exit fullscreen mode CODE_BLOCK: // eslint.config.js import pg from 'eslint-plugin-pg'; export default [ pg.configs.recommended, { rules: { // Downgrade to warning 'pg/prefer-pool-query': 'warn', // Increase strictness 'pg/no-unsafe-query': [ 'error', { allowLiteral: false, }, ], }, }, ]; CODE_BLOCK: // eslint.config.js import pg from 'eslint-plugin-pg'; export default [ pg.configs.recommended, { rules: { // Downgrade to warning 'pg/prefer-pool-query': 'warn', // Increase strictness 'pg/no-unsafe-query': [ 'error', { allowLiteral: false, }, ], }, }, ]; CODE_BLOCK: ┌─────────────────────────────────────────────────────┐ │ Benchmark: 1000 files │ ├─────────────────────────────────────────────────────┤ │ eslint-plugin-pg: 785ms │ │ 100% precision (0 false positives in tests) │ └─────────────────────────────────────────────────────┘ Enter fullscreen mode Exit fullscreen mode CODE_BLOCK: ┌─────────────────────────────────────────────────────┐ │ Benchmark: 1000 files │ ├─────────────────────────────────────────────────────┤ │ eslint-plugin-pg: 785ms │ │ 100% precision (0 false positives in tests) │ └─────────────────────────────────────────────────────┘ CODE_BLOCK: ┌─────────────────────────────────────────────────────┐ │ Benchmark: 1000 files │ ├─────────────────────────────────────────────────────┤ │ eslint-plugin-pg: 785ms │ │ 100% precision (0 false positives in tests) │ └─────────────────────────────────────────────────────┘ CODE_BLOCK: import pg from 'eslint-plugin-pg'; import secureCoding from 'eslint-plugin-secure-coding'; export default [pg.configs.recommended, secureCoding.configs.recommended]; Enter fullscreen mode Exit fullscreen mode CODE_BLOCK: import pg from 'eslint-plugin-pg'; import secureCoding from 'eslint-plugin-secure-coding'; export default [pg.configs.recommended, secureCoding.configs.recommended]; CODE_BLOCK: import pg from 'eslint-plugin-pg'; import secureCoding from 'eslint-plugin-secure-coding'; export default [pg.configs.recommended, secureCoding.configs.recommended]; COMMAND_BLOCK: # Install npm install --save-dev eslint-plugin-pg # Config (eslint.config.js) import pg from 'eslint-plugin-pg'; export default [pg.configs.recommended]; # Run npx eslint . Enter fullscreen mode Exit fullscreen mode COMMAND_BLOCK: # Install npm install --save-dev eslint-plugin-pg # Config (eslint.config.js) import pg from 'eslint-plugin-pg'; export default [pg.configs.recommended]; # Run npx eslint . COMMAND_BLOCK: # Install npm install --save-dev eslint-plugin-pg # Config (eslint.config.js) import pg from 'eslint-plugin-pg'; export default [pg.configs.recommended]; # Run npx eslint .