feat(database): refactor CLI, add column whitelist, and SSL config
- Add `ZEN_DB_SSL_DISABLED` env variable to allow disabling SSL for database connections - Refactor database CLI to split init logic into `initFeatures` and `initModules` for modular table initialization, with graceful fallback when modules are absent - Extract `printHelp` and `askConfirmation` helpers for cleaner CLI structure - Ensure `closePool` is called on both success and error paths in CLI - Add `filterAllowedColumns` utility in `crud.js` to enforce column whitelists, preventing mass-assignment of privileged fields (e.g. `role`, `email_verified`) - Update drop command description from "auth tables" to "all tables"
This commit is contained in:
@@ -0,0 +1,13 @@
|
||||
/**
|
||||
* Core Features Registry
|
||||
*
|
||||
* Lists all built-in features that are always initialized when running `zen-db init`.
|
||||
* Unlike optional modules (src/modules), core features are not gated by env vars —
|
||||
* they are required for the application to function.
|
||||
*
|
||||
* Each name must correspond to a directory under src/features/ that exposes a db.js
|
||||
* with createTables() and optionally dropTables().
|
||||
*/
|
||||
export const CORE_FEATURES = [
|
||||
'auth',
|
||||
];
|
||||
Reference in New Issue
Block a user