Removed pg-escape

lib/SqlFragment.js

@@ -8,10 +8,9 @@ var _classCallCheck2 = _interopRequireDefault(require("@babel/runtime/helpers/cl
 
 var _createClass2 = _interopRequireDefault(require("@babel/runtime/helpers/createClass"));
 
-var SqlFragment, _, pgescape;
+var SqlFragment, _, escapeString;
 
-_ = require('lodash');
-pgescape = require('pg-escape'); // Fragment of SQL that has sql (text) and params (array)
+_ = require('lodash'); // Fragment of SQL that has sql (text) and params (array)
 
 module.exports = SqlFragment = /*#__PURE__*/function () {
   function SqlFragment(sql, params) {
@@ -54,7 +53,7 @@ module.exports = SqlFragment = /*#__PURE__*/function () {
         }
 
         if (typeof val === "string") {
-          return pgescape.literal(val);
+          return escapeString(val);
         }
 
         if (typeof val === "number") {
@@ -74,7 +73,7 @@ module.exports = SqlFragment = /*#__PURE__*/function () {
         }
 
         if ((0, _typeof2["default"])(val) === "object") {
-          return "(" + pgescape.literal(JSON.stringify(val)) + "::json)";
+          return "(" + escapeString(JSON.stringify(val)) + "::json)";
         }
 
         throw new Error("Unsupported literal value: " + val);
@@ -103,4 +102,13 @@ module.exports = SqlFragment = /*#__PURE__*/function () {
     }
   }]);
   return SqlFragment;
-}();
+}();
+
+escapeString = function escapeString(val) {
+  var backslash, prefix;
+  backslash = ~val.indexOf('\\');
+  prefix = backslash ? 'E' : '';
+  val = val.replace(/'/g, '\'\'');
+  val = val.replace(/\\/g, '\\\\');
+  return prefix + '\'' + val + '\'';
+};

package.json

@@ -26,8 +26,7 @@
   "dependencies": {
     "js-yaml": "^3.3.1",
     "lodash": "^3.9.3",
-    "minimist": "^1.1.3",
-    "pg-escape": "^0.1.0"
+    "minimist": "^1.1.3"
   },
   "devDependencies": {
     "build-library": "github:mWater/build-library",

src/SqlFragment.coffee

@@ -1,5 +1,4 @@
 _ = require 'lodash'
-pgescape = require 'pg-escape'
 
 # Fragment of SQL that has sql (text) and params (array)
 module.exports = class SqlFragment 
@@ -32,7 +31,7 @@ module.exports = class SqlFragment
         return "null"
 
       if typeof(val) == "string"
-        return pgescape.literal(val)
+        return escapeString(val)
 
       if typeof(val) == "number"
         return "" + val
@@ -44,7 +43,7 @@ module.exports = class SqlFragment
         return "array[" + _.map(val, escapeLiteral).join(',') + "]"
 
       if typeof(val) == "object"
-        return "(" + pgescape.literal(JSON.stringify(val)) + "::json)"
+        return "(" + escapeString(JSON.stringify(val)) + "::json)"
 
       throw new Error("Unsupported literal value: " + val)
 
@@ -62,3 +61,10 @@ module.exports = class SqlFragment
 
     return sql
 
+escapeString = (val) ->
+  backslash = ~val.indexOf('\\')
+  prefix = if backslash then 'E' else ''
+  val = val.replace(/'/g, '\'\'')
+  val = val.replace(/\\/g, '\\\\')
+  return prefix + '\'' + val + '\''
+