11 KiB
SQLite
Stability: 1.1 - Active development. Enable this API with the
--experimental-sqlite
CLI flag.
The node:sqlite
module facilitates working with SQLite databases.
To access it:
import sqlite from 'node:sqlite';
const sqlite = require('node:sqlite');
This module is only available under the node:
scheme. The following will not
work:
import sqlite from 'sqlite';
const sqlite = require('sqlite');
The following example shows the basic usage of the node:sqlite
module to open
an in-memory database, write data to the database, and then read the data back.
import { DatabaseSync } from 'node:sqlite';
const database = new DatabaseSync(':memory:');
// Execute SQL statements from strings.
database.exec(`
CREATE TABLE data(
key INTEGER PRIMARY KEY,
value TEXT
) STRICT
`);
// Create a prepared statement to insert data into the database.
const insert = database.prepare('INSERT INTO data (key, value) VALUES (?, ?)');
// Execute the prepared statement with bound values.
insert.run(1, 'hello');
insert.run(2, 'world');
// Create a prepared statement to read data from the database.
const query = database.prepare('SELECT * FROM data ORDER BY key');
// Execute the prepared statement and log the result set.
console.log(query.all());
// Prints: [ { key: 1, value: 'hello' }, { key: 2, value: 'world' } ]
'use strict';
const { DatabaseSync } = require('node:sqlite');
const database = new DatabaseSync(':memory:');
// Execute SQL statements from strings.
database.exec(`
CREATE TABLE data(
key INTEGER PRIMARY KEY,
value TEXT
) STRICT
`);
// Create a prepared statement to insert data into the database.
const insert = database.prepare('INSERT INTO data (key, value) VALUES (?, ?)');
// Execute the prepared statement with bound values.
insert.run(1, 'hello');
insert.run(2, 'world');
// Create a prepared statement to read data from the database.
const query = database.prepare('SELECT * FROM data ORDER BY key');
// Execute the prepared statement and log the result set.
console.log(query.all());
// Prints: [ { key: 1, value: 'hello' }, { key: 2, value: 'world' } ]
Class: DatabaseSync
This class represents a single connection to a SQLite database. All APIs exposed by this class execute synchronously.
new DatabaseSync(location[, options])
location
{string} The location of the database. A SQLite database can be stored in a file or completely in memory. To use a file-backed database, the location should be a file path. To use an in-memory database, the location should be the special name':memory:'
.options
{Object} Configuration options for the database connection. The following options are supported:open
{boolean} Iftrue
, the database is opened by the constructor. When this value isfalse
, the database must be opened via theopen()
method. Default:true
.
Constructs a new DatabaseSync
instance.
database.close()
Closes the database connection. An exception is thrown if the database is not
open. This method is a wrapper around sqlite3_close_v2()
.
database.exec(sql)
sql
{string} A SQL string to execute.
This method allows one or more SQL statements to be executed without returning
any results. This method is useful when executing SQL statements read from a
file. This method is a wrapper around sqlite3_exec()
.
database.open()
Opens the database specified in the location
argument of the DatabaseSync
constructor. This method should only be used when the database is not opened via
the constructor. An exception is thrown if the database is already open.
database.prepare(sql)
sql
{string} A SQL string to compile to a prepared statement.- Returns: {StatementSync} The prepared statement.
Compiles a SQL statement into a prepared statement. This method is a wrapper
around sqlite3_prepare_v2()
.
Class: StatementSync
This class represents a single prepared statement. This class cannot be
instantiated via its constructor. Instead, instances are created via the
database.prepare()
method. All APIs exposed by this class execute
synchronously.
A prepared statement is an efficient binary representation of the SQL used to create it. Prepared statements are parameterizable, and can be invoked multiple times with different bound values. Parameters also offer protection against SQL injection attacks. For these reasons, prepared statements are preferred over hand-crafted SQL strings when handling user input.
statement.all([namedParameters][, ...anonymousParameters])
namedParameters
{Object} An optional object used to bind named parameters. The keys of this object are used to configure the mapping....anonymousParameters
{null|number|bigint|string|Buffer|Uint8Array} Zero or more values to bind to anonymous parameters.- Returns: {Array} An array of objects. Each object corresponds to a row returned by executing the prepared statement. The keys and values of each object correspond to the column names and values of the row.
This method executes a prepared statement and returns all results as an array of
objects. If the prepared statement does not return any results, this method
returns an empty array. The prepared statement parameters are bound using
the values in namedParameters
and anonymousParameters
.
statement.expandedSQL()
- Returns: {string} The source SQL expanded to include parameter values.
This method returns the source SQL of the prepared statement with parameter
placeholders replaced by the values that were used during the most recent
execution of this prepared statement. This method is a wrapper around
sqlite3_expanded_sql()
.
statement.get([namedParameters][, ...anonymousParameters])
namedParameters
{Object} An optional object used to bind named parameters. The keys of this object are used to configure the mapping....anonymousParameters
{null|number|bigint|string|Buffer|Uint8Array} Zero or more values to bind to anonymous parameters.- Returns: {Object|undefined} An object corresponding to the first row returned
by executing the prepared statement. The keys and values of the object
correspond to the column names and values of the row. If no rows were returned
from the database then this method returns
undefined
.
This method executes a prepared statement and returns the first result as an
object. If the prepared statement does not return any results, this method
returns undefined
. The prepared statement parameters are bound using the
values in namedParameters
and anonymousParameters
.
statement.run([namedParameters][, ...anonymousParameters])
namedParameters
{Object} An optional object used to bind named parameters. The keys of this object are used to configure the mapping....anonymousParameters
{null|number|bigint|string|Buffer|Uint8Array} Zero or more values to bind to anonymous parameters.- Returns: {Object}
changes
: {number|bigint} The number of rows modified, inserted, or deleted by the most recently completedINSERT
,UPDATE
, orDELETE
statement. This field is either a number or aBigInt
depending on the prepared statement's configuration. This property is the result ofsqlite3_changes64()
.lastInsertRowid
: {number|bigint} The most recently inserted rowid. This field is either a number or aBigInt
depending on the prepared statement's configuration. This property is the result ofsqlite3_last_insert_rowid()
.
This method executes a prepared statement and returns an object summarizing the
resulting changes. The prepared statement parameters are bound using the
values in namedParameters
and anonymousParameters
.
statement.setAllowBareNamedParameters(enabled)
enabled
{boolean} Enables or disables support for binding named parameters without the prefix character.
The names of SQLite parameters begin with a prefix character. By default,
node:sqlite
requires that this prefix character is present when binding
parameters. However, with the exception of dollar sign character, these
prefix characters also require extra quoting when used in object keys.
To improve ergonomics, this method can be used to also allow bare named parameters, which do not require the prefix character in JavaScript code. There are several caveats to be aware of when enabling bare named parameters:
- The prefix character is still required in SQL.
- The prefix character is still allowed in JavaScript. In fact, prefixed names will have slightly better binding performance.
- Using ambiguous named parameters, such as
$k
and@k
, in the same prepared statement will result in an exception as it cannot be determined how to bind a bare name.
statement.setReadBigInts(enabled)
enabled
{boolean} Enables or disables the use ofBigInt
s when readingINTEGER
fields from the database.
When reading from the database, SQLite INTEGER
s are mapped to JavaScript
numbers by default. However, SQLite INTEGER
s can store values larger than
JavaScript numbers are capable of representing. In such cases, this method can
be used to read INTEGER
data using JavaScript BigInt
s. This method has no
impact on database write operations where numbers and BigInt
s are both
supported at all times.
statement.sourceSQL()
- Returns: {string} The source SQL used to create this prepared statement.
This method returns the source SQL of the prepared statement. This method is a
wrapper around sqlite3_sql()
.
Type conversion between JavaScript and SQLite
When Node.js writes to or reads from SQLite it is necessary to convert between JavaScript data types and SQLite's data types. Because JavaScript supports more data types than SQLite, only a subset of JavaScript types are supported. Attempting to write an unsupported data type to SQLite will result in an exception.
SQLite | JavaScript |
---|---|
NULL |
{null} |
INTEGER |
{number} or {bigint} |
REAL |
{number} |
TEXT |
{string} |
BLOB |
{Uint8Array} |