| 217 | } |
| 218 | |
| 219 | function deprecatedSslModeWarning(sslmode) { |
| 220 | if (!deprecatedSslModeWarning.warned && typeof process !== 'undefined' && process.emitWarning) { |
| 221 | deprecatedSslModeWarning.warned = true |
| 222 | process.emitWarning(`SECURITY WARNING: The SSL modes 'prefer', 'require', and 'verify-ca' are treated as aliases for 'verify-full'. |
| 223 | In the next major version (pg-connection-string v3.0.0 and pg v9.0.0), these modes will adopt standard libpq semantics, which have weaker security guarantees. |
| 224 | |
| 225 | To prepare for this change: |
| 226 | - If you want the current behavior, explicitly use 'sslmode=verify-full' |
| 227 | - If you want libpq compatibility now, use 'uselibpqcompat=true&sslmode=${sslmode}' |
| 228 | |
| 229 | See https://www.postgresql.org/docs/current/libpq-ssl.html for libpq SSL mode definitions.`) |
| 230 | } |
| 231 | } |
| 232 | |
| 233 | module.exports = parse |
| 234 | |