pg-sql2

Generate safe Postgres-compliant SQL using ES6 tagged template literals. Current stable version is 5.0.1, requiring Node >=22. It prevents SQL injection by forcing all values through allowed APIs like sql.value() and sql.identifier(). Built by the Graphile team, it is fast, ships TypeScript types, and is designed for highly dynamic query building. Unlike pg-promise or knex, it uses template literals for composable, compile-time safe SQL construction.