Skip to content
Navigation menu
Search
Powered by Algolia
Search
Log in
Create account
DEV Community
Close
Postgres Security Protocol Series' Articles
Back to Ofri Peretz's Series
Your node-postgres Data Layer Fails 4 Ways in Production. SQL Injection Is Only the First.
Ofri Peretz
Ofri Peretz
Ofri Peretz
Follow
Dec 31 '25
Your node-postgres Data Layer Fails 4 Ways in Production. SQL Injection Is Only the First.
#
security
#
node
#
database
#
devsecops
Comments
Add Comment
12 min read
PostgreSQL Injection in Node.js: 4 Patterns That Pass Code Review (and the Rules That Don't Let Them)
Ofri Peretz
Ofri Peretz
Ofri Peretz
Follow
Dec 31 '25
PostgreSQL Injection in Node.js: 4 Patterns That Pass Code Review (and the Rules That Don't Let Them)
#
security
#
node
#
devsecops
#
eslint
Comments
Add Comment
8 min read
A Missing client.release() Exhausted Our Postgres Pool at 3 AM. The ESLint Rule That Catches It.
Ofri Peretz
Ofri Peretz
Ofri Peretz
Follow
Dec 31 '25
A Missing client.release() Exhausted Our Postgres Pool at 3 AM. The ESLint Rule That Catches It.
#
node
#
database
#
devsecops
#
security
Comments
Add Comment
12 min read
BEGIN on a Postgres Pool Scatters Your Transaction Across Connections. One ESLint Rule Stops It.
Ofri Peretz
Ofri Peretz
Ofri Peretz
Follow
Dec 31 '25
BEGIN on a Postgres Pool Scatters Your Transaction Across Connections. One ESLint Rule Stops It.
#
node
#
eslint
#
security
#
devsecops
Comments
Add Comment
9 min read
search_path Hijacking: the PostgreSQL Attack That Turns SELECT * FROM users Into the Attacker's Table
Ofri Peretz
Ofri Peretz
Ofri Peretz
Follow
Jan 2
search_path Hijacking: the PostgreSQL Attack That Turns SELECT * FROM users Into the Attacker's Table
#
security
#
database
#
node
#
devsecops
Comments
Add Comment
15 min read
One INSERT Loop Made Our CSV Import 500x Slower. One ESLint Rule Catches It Before It Ships.
Ofri Peretz
Ofri Peretz
Ofri Peretz
Follow
Jan 2
One INSERT Loop Made Our CSV Import 500x Slower. One ESLint Rule Catches It Before It Ships.
#
node
#
database
#
performance
#
devsecops
1
reaction
Comments
3
comments
7 min read
PostgreSQL's COPY FROM Can Read /etc/passwd Into Your Database — One ESLint Rule Blocks It.
Ofri Peretz
Ofri Peretz
Ofri Peretz
Follow
Jan 2
PostgreSQL's COPY FROM Can Read /etc/passwd Into Your Database — One ESLint Rule Blocks It.
#
security
#
node
#
database
#
devsecops
Comments
Add Comment
14 min read
We're a place where coders share, stay up-to-date and grow their careers.
Log in
Create account