The why and how of enterprise-style Node.js application. A setup that’s easy to test and extend using battle-hardened technologies like Express.js,...
For further actions, you may consider blocking this person and/or reporting abuse
Is there a specific reason you use
npm install
as opposed tonpm ci
? The ci command has the advantage that it installs the exact versions that are specified inpackage-lock.json
so your get repeatable builds.Definite oversight on my part 🙂 thanks for pointing it out
Hi Hugo,
the way you specified your queries (with template strings), doesn't make your vulnerable to db attacks like SQL Injection?
I also noticed that in order to specify the querie with template strings you used an external lib. That lib just translates the template string into a prepared statement, right?
Yes it does, ergonomics of templates with prepared statements.
It’s best if you use Typescript and pg-promise as they are more enteprise-like choices
Re TypeScript I didn't want to add a build step in.
Pg-promise I just picked any old Postgres client they're all pretty solid.