Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: TryGhost/node-sqlite3
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 7c0b46fa48a6c990b8b673627e49870538491b3a
Choose a base ref
...
head repository: TryGhost/node-sqlite3
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: ba4ba07f792304c1554f6c5bd70dcb399d0a82d3
Choose a head ref
14 contributors

Commits on May 9, 2022

  1. Update docker/setup-qemu-action action to v2

    @renovate-bot @daniellockyer
    renovate-bot authored and daniellockyer committed May 9, 2022
    Copy the full SHA
    c070c5d View commit details

Commits on May 21, 2022

  1. Fixed method declarations conforming with Node-API default (#1510)

    @alexanderfloh
    alexanderfloh authored May 21, 2022
    Copy the full SHA
    efee5f0 View commit details

Commits on May 24, 2022

  1. Fixed propagation of async hook IDs through callbacks (#1511)

    @alexanderfloh
    alexanderfloh authored May 24, 2022
    Copy the full SHA
    4d31c19 View commit details

Commits on May 26, 2022

  1. Updated SQLCipher CPPFLAGS location (#1613)

    @frovere
    frovere authored May 26, 2022
    Copy the full SHA
    6deff3c View commit details

  2. Updated README.md 

    - various improvements to fix typos or to make things clearer to readers
    @daniellockyer
    daniellockyer committed May 26, 2022
    Copy the full SHA
    1cd51ea View commit details

Commits on Jul 14, 2022

  1. Updated bundled SQLite to v3.39.1 

    refs https://www.sqlite.org/releaselog/3_39_1.html

- sha3-256sum: `b1e6aa82b00b1a947e3d9398927b4bd2eb730d6e1d0c1b478e8f1536c2744ef9`
    @daniellockyer
    daniellockyer committed Jul 14, 2022
    Copy the full SHA
    bbdb2ef View commit details

  2. v5.0.9

    @daniellockyer
    daniellockyer committed Jul 14, 2022
    Copy the full SHA
    1523d9e View commit details

  3. Addressed CodeQL warnings (#1614)

    @bpasero
    bpasero authored Jul 14, 2022
    Copy the full SHA
    7df0f8c View commit details

  4. Merged release branch into main

    @daniellockyer
    daniellockyer committed Jul 14, 2022
    Copy the full SHA
    efab48f View commit details

Commits on Jul 22, 2022

  1. Updated bundled SQLite to v3.39.2 

    refs https://www.sqlite.org/releaselog/3_39_2.html

- sha3-256sum: `b195891eb32305481e61c6718b8cc3b090685b613c4824a076c63166a46c5bee`
    @daniellockyer
    daniellockyer committed Jul 22, 2022
    Copy the full SHA
    097ca62 View commit details

  2. v5.0.10

    @daniellockyer
    daniellockyer committed Jul 22, 2022
    Copy the full SHA
    d0e0633 View commit details

Commits on Jul 24, 2022

  1. Moved benchmark/ folder into tools/

    @daniellockyer
    daniellockyer committed Jul 24, 2022
    Copy the full SHA
    d3608c9 View commit details

  2. Restored compatibility for Alpine 3.15 

    fixes #1625

- Alpine 3.16 was released in May 2022 and 5.0.9 was the first release
  since it became the default for `node16-alpine`
- compiling on Alpine 3.16 broke compatiblity for Alpine 3.15
- given we should be able to just build with 3.15 and the binaries end
  up forward-compatible, this commit reverts back to that
    @daniellockyer
    daniellockyer committed Jul 24, 2022
    Copy the full SHA
    8ffdf39 View commit details

Commits on Jul 31, 2022

  1. Deleted CHANGELOG.md 

    - this is no longer needed for the latest versions, but I've added a
  link to the git history for the file just in case someone wants to go
  and check it
    @daniellockyer
    daniellockyer committed Jul 31, 2022
    Copy the full SHA
    753edd6 View commit details

  2. v5.0.11

    @daniellockyer
    daniellockyer committed Jul 31, 2022
    Copy the full SHA
    61194ec View commit details

  3. Added support for setting SQLite limits

    @paulfitz
    paulfitz authored Jul 31, 2022
    Copy the full SHA
    1bcbf70 View commit details

  4. Added library types file

    @bpasero
    bpasero authored Jul 31, 2022
    Copy the full SHA
    ffda15f View commit details

  5. Moved types file to lib/ 

    - also added file to `files` array so it is bundled in the NPM package
    @daniellockyer
    daniellockyer committed Jul 31, 2022
    Copy the full SHA
    a6e3e4a View commit details

Commits on Aug 5, 2022

  1. Added package-lock.json to .gitignore

    @JoelEinbinder
    JoelEinbinder authored Aug 5, 2022
    1
    Copy the full SHA
    e0542d5 View commit details

Commits on Sep 5, 2022

  1. Updated bundled SQLite to v3.39.3 

    refs https://www.sqlite.org/releaselog/3_39_3.html

- sha3-256sum: `dfa055c70724cd63f0b7da6e9f53530d8da51fe021e3f864d58c7c847d590e1d`
    @daniellockyer
    daniellockyer committed Sep 5, 2022
    Copy the full SHA
    81b6718 View commit details

  2. Added .configure('limit', ... to library type file 

    refs 1bcbf70
    @daniellockyer
    daniellockyer committed Sep 5, 2022
    Copy the full SHA
    f0090b8 View commit details

Commits on Sep 8, 2022

  1. Fixed remaining method declarations (#1633)

    @alexanderfloh
    alexanderfloh authored Sep 8, 2022
    Copy the full SHA
    c366ef9 View commit details

  2. Fixed importing sqlite3#verbose using destructuring syntax (#1632)

    @mahdi-farnia
    mahdi-farnia authored Sep 8, 2022
    Copy the full SHA
    572f05e View commit details

Commits on Sep 13, 2022

  1. Added yarn.lock to gitignore 

    - we shouldn't be tracking this for a library, but it's annoying when
  you're developing locally
    @daniellockyer
    daniellockyer committed Sep 13, 2022
    Copy the full SHA
    97cc584 View commit details

  2. Added ability to receive updates from sqlite3_update_hook 

    closes #419

- this adds support for a `change` event which forwards events arising
  from `sqlite3_update_hook`
    @soukand @daniellockyer
    soukand authored and daniellockyer committed Sep 13, 2022
    Copy the full SHA
    946a3f6 View commit details

Commits on Sep 14, 2022

  1. Updated types file 

    - added constant exports and missing functions to Database
    @daniellockyer
    daniellockyer committed Sep 14, 2022
    Copy the full SHA
    9e9079d View commit details

  2. v5.1.0

    @daniellockyer
    daniellockyer committed Sep 14, 2022
    Copy the full SHA
    9290d8c View commit details

Commits on Sep 15, 2022

  1. Added Darwin ARM64 prebuilt binaries 

    - this adds support for supplying Darwin ARM64 prebuilt binaries for
  node-sqlite3
    @daniellockyer
    daniellockyer committed Sep 15, 2022
    Copy the full SHA
    ec154ab View commit details

  2. Added Darwin ARM64 to prebuilt binaries list in README

    @daniellockyer
    daniellockyer committed Sep 15, 2022
    Copy the full SHA
    ea71343 View commit details

  3. v5.1.1

    @daniellockyer
    daniellockyer committed Sep 15, 2022
    Copy the full SHA
    c4fca9f View commit details

Commits on Oct 2, 2022

  1. Updated bundled SQLite to v3.39.4 

    refs https://www.sqlite.org/releaselog/3_39_4.html

- sha3-256sum: `431328e30d12c551da9ba7ef2122b269076058512014afa799caaf62ca567090`
    @daniellockyer
    daniellockyer committed Oct 2, 2022
    Copy the full SHA
    7aa29fe View commit details

Commits on Oct 3, 2022

  1. v5.1.2

    @daniellockyer
    daniellockyer committed Oct 3, 2022
    Copy the full SHA
    1980f10 View commit details

Commits on Dec 12, 2022

  1. Updated bundled SQLite to v3.40.0 

    refs https://www.sqlite.org/releaselog/3_40_0.html

- sha3-256sum: `7ee8f02b21edb4489df5082b5cf5b7ef47bcebcdb0e209bf14240db69633c878`
    @daniellockyer
    daniellockyer committed Dec 12, 2022
    Copy the full SHA
    aec0d31 View commit details

  2. v5.1.3

    @daniellockyer
    daniellockyer committed Dec 12, 2022
    Copy the full SHA
    5c94f75 View commit details

  3. Extracted function checking code into macro 

    - done for DRY purposes when reading the code
    @daniellockyer
    daniellockyer committed Dec 12, 2022
    Copy the full SHA
    8fd18a3 View commit details

  4. Renamed master references to main 

    - the default repo branch has been renamed to `main`
    @daniellockyer
    daniellockyer committed Dec 12, 2022
    Copy the full SHA
    af8e567 View commit details

  5. Fixed glib compatibility by downgrading to Ubuntu 20 

    fixes #1663

- Ubuntu 22.04 ships with a newer glibc so the prebuilt binaries end up
  being linked to a more recent version, removing compatibility with
  systems that ship with older variants
- this commit fixes that by downgrading the Ubuntu version
    @daniellockyer
    daniellockyer committed Dec 12, 2022
    Copy the full SHA
    57ce2d4 View commit details

  6. Revert "Renamed master references to main" 

    This reverts commit af8e567.
    @daniellockyer
    daniellockyer committed Dec 12, 2022
    Copy the full SHA
    aeafe25 View commit details

  7. v5.1.4

    @daniellockyer
    daniellockyer committed Dec 12, 2022
    Copy the full SHA
    6f6318e View commit details

Commits on Feb 4, 2023

  1. Update microsoft/setup-msbuild action to v1.3

    @renovate @daniellockyer
    renovate[bot] authored and daniellockyer committed Feb 4, 2023
    Copy the full SHA
    93affa4 View commit details

  2. Fixed rpath linker option when using a custom sqlite (#1654) 

    It seems that an old refactoring (~8 years) made a mistake on the way conditions are expressed in gyp.
the "conditions" key cannot be set 2 times and the conditions should be all set in the "conditions" array.

The impact of this bug is that when sqlite3 is compiled against a custom sqlite3 source tree, the sqlite3 runtime keeps linking with the system sqlite3 instead of linking to the custom compiled sqlite3 library. In my case that lead to a SIGSEGV upon loading an extension.
    @jeromew
    jeromew authored Feb 4, 2023
    Copy the full SHA
    c1440bd View commit details

Commits on Mar 13, 2023

  1. Updated bundled SQLite to v3.41.1 

    refs https://www.sqlite.org/releaselog/3_41_1.html

- sha3-256sum: `38ecb6b086c5c1ee1e52b57556745055328ac912929ccade9deaefdd71033ddb`
    @daniellockyer
    daniellockyer committed Mar 13, 2023
    Copy the full SHA
    3a48888 View commit details

  2. Fixed code execution vulnerability due to Object coercion 

    refs GHSA-jqv5-7xpx-qj74
fixes TryGhost/Toolbox#491

- when you call `ToString()` on `Napi::Value`, it calls
  `napi_coerce_to_string` underneath, which has the ability to run
  arbitrary JS code if the passed in value is a crafted object
- both remote code execution or denial-of-service are possible via
  this vulnerability
- `toString()` on an Object returns `[object Object]` so instead of
  calling the function, we're going to hardcode it to prevent this
  issue

Credits: Dave McDaniel of Cisco Talos
    @daniellockyer
    daniellockyer committed Mar 13, 2023
    5
    Copy the full SHA
    edb1934 View commit details

  3. v5.1.5

    @daniellockyer
    daniellockyer committed Mar 13, 2023
    Copy the full SHA
    6a806f8 View commit details

  4. Added generic type annotations for Statement and Database get/all/eac… 

    …h methods callback rows (#1686)

* Change sqlite3.d.ts to add generic type definition support for Statement methods
-For get method callback's row
-For all method callback's rows
-For each method callback's row

* Change sqlite3.d.ts to add generic type definition support for Database methods
-For get method callback's row
-For all method callback's rows
-For each method callback's row
    @stevescruz
    stevescruz authored Mar 13, 2023
    Copy the full SHA
    46da1ab View commit details

  5. Updated README.md 

    - added myself as a contributor 😀
    @daniellockyer
    daniellockyer authored Mar 13, 2023
    Copy the full SHA
    776fc55 View commit details

Commits on Mar 14, 2023

  1. Fixed glibc compatibility by hardcoding lower version for log2 

    fixes #1690

- the minimum glibc version was inadvertently bumped in the latest
  release because `log2` was linked to a higher version
- this adds the downgrade to the gcc preinclude file to resolve this
- in an upcoming commit, we will add a test to prevent these issues from
  occurring again
    @daniellockyer
    daniellockyer committed Mar 14, 2023
    Copy the full SHA
    1a206df View commit details

  2. Fixed using Bash in shell command 

    - without this, the syntax is not recognised because we use `sh`
    @daniellockyer
    daniellockyer committed Mar 14, 2023
    Copy the full SHA
    d915c0c View commit details

  3. v5.1.6

    @daniellockyer
    daniellockyer committed Mar 14, 2023
    Copy the full SHA
    8598a9d View commit details

Commits on May 29, 2023

  1. Updated bundled SQLite to v3.42.0 

    refs https://www.sqlite.org/releaselog/3_42_0.html

- sha3-256sum: `643898e9fcc8f6069bcd47b0e6057221c1ed17bbee57da20d2752c79d91274e8`
    @daniellockyer
    daniellockyer committed May 29, 2023
    Copy the full SHA
    22ac6cc View commit details
86 changes: 42 additions & 44 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
@@ -20,44 +20,51 @@ jobs:
matrix:
os:
- macos-latest
- ubuntu-latest
- ubuntu-20.04
- windows-latest
host:
- x64
target:
- x64
node:
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
include:
- os: windows-latest
node: 16
node: 18
host: x86
target: x86
name: ${{ matrix.os }} (node=${{ matrix.node }}, host=${{ matrix.host }}, target=${{ matrix.target }})
- os: macos-m1
node: 18
host: arm64
target: arm64
name: ${{ matrix.os }} (host=${{ matrix.host }}, target=${{ matrix.target }})
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
- uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node }}
architecture: ${{ matrix.host }}

- name: Add yarn (self-hosted)
if: matrix.os == 'macos-m1'
run: npm install -g yarn

- name: Add setuptools for Python 3.12 (temp)
if: matrix.os != 'macos-m1'
run: pip install setuptools

- name: Add msbuild to PATH
uses: microsoft/setup-msbuild@v1.1
uses: microsoft/setup-msbuild@v1.3
if: contains(matrix.os, 'windows')
with:
msbuild-architecture: ${{ matrix.target }}

- name: Install dependencies
run: yarn install --ignore-scripts

- name: Check Node compatibility
run: node tools/semver-check.js

- name: Add env vars
shell: bash
run: |
@@ -75,67 +82,60 @@ jobs:
echo "CFLAGS=${CFLAGS:-} -include ../src/gcc-preinclude.h" >> $GITHUB_ENV
echo "CXXFLAGS=${CXXFLAGS:-} -include ../src/gcc-preinclude.h" >> $GITHUB_ENV
- name: Configure build
run: yarn node-pre-gyp configure --target_arch=${{ env.TARGET }}

- name: Build binaries
run: yarn node-pre-gyp build --target_arch=${{ env.TARGET }}
run: yarn prebuild -a ${{ env.TARGET }}

- name: Print binary info
if: contains(matrix.os, 'ubuntu')
run: |
ldd lib/binding/*/node_sqlite3.node
ldd build/**/node_sqlite3.node
echo "---"
nm lib/binding/*/node_sqlite3.node | grep "GLIBC_" | c++filt || true
nm build/**/node_sqlite3.node | grep "GLIBC_" | c++filt || true
echo "---"
file lib/binding/napi-v*/*
file build/**/node_sqlite3.node
- name: Run tests
run: yarn test

- name: Package prebuilt binaries
run: yarn node-pre-gyp package --target_arch=${{ env.TARGET }}

- name: Upload binaries to commit artifacts
uses: actions/upload-artifact@v3
if: matrix.node == 16
if: matrix.node == 18
with:
name: prebuilt-binaries
path: build/stage/*/*
path: prebuilds/*
retention-days: 7

- name: Upload binaries to GitHub Release
run: yarn node-pre-gyp-github publish
if: matrix.node == 16 && startsWith(github.ref, 'refs/tags/')
env:
NODE_PRE_GYP_GITHUB_TOKEN: ${{ github.token }}
run: yarn upload --upload-all ${{ github.token }}
if: matrix.node == 18 && startsWith(github.ref, 'refs/tags/')

build-qemu:
runs-on: ubuntu-latest
if: github.event_name == 'workflow_dispatch' || startsWith(github.ref, 'refs/tags/')
strategy:
fail-fast: false
matrix:
node:
- 16
- 18
target:
- linux/arm64
variant:
- bullseye
- alpine
- alpine3.15
include:
# musl x64 builds
- target: linux/amd64
variant: alpine
node: 16
variant: alpine3.15
node: 18
name: ${{ matrix.variant }} (node=${{ matrix.node }}, target=${{ matrix.target }})
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4

- name: Set up QEMU
uses: docker/setup-qemu-action@v1
uses: docker/setup-qemu-action@v3

- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@v3

- name: Build binaries and test
run: |
@@ -149,18 +149,16 @@ jobs:
--build-arg NODE_VERSION=${{ matrix.node }} \
.
CONTAINER_ID=$(docker create -it sqlite-builder)
docker cp $CONTAINER_ID:/usr/src/build/build/ ./build
docker cp $CONTAINER_ID:/usr/src/build/prebuilds/ ./prebuilds
- name: Upload binaries to commit artifacts
uses: actions/upload-artifact@v3
if: matrix.node == 16
if: matrix.node == 18
with:
name: prebuilt-binaries
path: build/stage/*/*
path: prebuilds/*
retention-days: 7

- name: Upload binaries to GitHub Release
run: yarn install --ignore-scripts && yarn node-pre-gyp-github publish
if: matrix.node == 16 && startsWith(github.ref, 'refs/tags/')
env:
NODE_PRE_GYP_GITHUB_TOKEN: ${{ github.token }}
run: yarn install --ignore-scripts && yarn upload --upload-all ${{ github.token }}
if: matrix.node == 18 && startsWith(github.ref, 'refs/tags/')
3 changes: 3 additions & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
@@ -27,3 +27,6 @@ setup.sh
/build-tmp-napi-v3
/build-tmp-napi-v6
*.tgz
package-lock.json
yarn.lock
prebuilds
Loading