MySQL2 is a fast MySQL-compatible MySQL client for Node.js, focused on performance. It supports features like prepared statements, non-utf8 encodings, binary log protocol, compression, SSL, authentication switching, custom streams, and pooling. It is useful for building Node.js applications that need a MySQL client with broad feature support and good performance.
Project status
- The repository appears actively maintained, with recent
v3.22.xupdates including targeted bug fixes (TIMESTAMP formatting, pool shutdown behavior) and configuration validation changes. - Update cadence looks steady rather than stalled, with changes on 2026-06-06, 2026-05-26, and 2026-04-27 (roughly weekly to monthly gaps).
AI summary generated Today
Recent updates
v3.22.5
YesterdayRelease v3.22.5 contains a targeted bug fix related to how mysql2 formats TIMESTAMP values in the binary protocol when the `dateStrings` option is enabled. The change ensures TIMESTAMP values keep the `00:00:00` time component (matching the behavior for DATETIME) and adds an integration test to cover it.
v3.22.4
1 week agov3.22.4 is a small bug fix release focused on pool shutdown behavior. When a pool is ended while requests are queued, those queued requests are now rejected instead of waiting for connections to become available.
v3.22.3
1 month agov3.22.3 primarily adjusts connection configuration validation to accept the resetOnRelease option. The code changes are small and localized, with additional lockfile-only dependency updates (mostly dev tooling and website UI dependencies).
v3.22.2
1 month agov3.22.2 focuses on improving promise API error stack traces so the reported rejection stack points to the caller. The implementation changes how promise wrappers capture and rewrite stack traces across connection, pool, and prepared statement operations.
v3.22.1
1 month agov3.22.1 contains two documented bug fixes: improved async stack traces for promise-based clients, and correct handling of zero dates as INVALID_DATE when numeric timezone offsets are used. The code changes also include internal adjustments to how promise-wrapper errors are constructed, plus additional regression tests and dependency updates in lockfiles.
v3.22.0
1 month agov3.22.0 introduces a new COM_RESET_CONNECTION implementation and adds a connection-level reset API, with optional pool integration. It also disables the mysql_clear_password authentication plugin by default for security, unless the client explicitly opts in. Promise wrapper error handling was adjusted to reduce unnecessary Error allocations.
BreakingSecurityFeaturesv3.21.1
1 month agov3.21.1 primarily fixes MySQL handshake capability negotiation by masking client capability flags against server-advertised capabilities during handshake response parsing. It also corrects bigint/big-number boundary handling by switching the number-vs-string decision to use Number.isSafeInteger. The release includes new regression tests covering both areas.
Breakingv3.21.0
1 month agov3.21.0 adds support for MySQL query attributes, wiring an `attributes` option through the COM_QUERY and COM_STMT_EXECUTE protocol paths. It also updates TypeScript typings to export `ExecuteValues` and `QueryValues` from the entry point.
Featuresv3.20.0
2 months agov3.20.0 introduces native APM tracing support using Node's diagnostics_channel TracingChannel hooks for connection lifecycle events (connect, pool connect, query, execute). It also fixes MySQL auth plugin encryption details (RSA OAEP parameters), prevents double release issues in the connection pool, and restores PoolConnection as a subclass of Connection.
BreakingFeaturesv3.19.1
3 months agov3.19.1 is a security-focused maintenance release. It hardens URL connection option parsing and adds bounds checking to prevent out-of-bounds reads and denial of service when parsing malformed null-terminated strings and geometry payloads.
Security