SSL settings are not deep merged with params parsed from connectionString

[jgeurts]

Hi Brian, I wanted to drop a note that #2345 broke my connection. I was using a configuration similar to:

{
  connectionString: 'postgres://foo:[email protected]/my_db?sslmode=verify-full',
  ssl: {
    rejectUnauthorized: true,
    ca: fs.readFileSync(path.join(__dirname, './certs/rds-ca-2019-root.pem')).toString(),
    minVersion: 'TLSv1.2',
  },
}

I'm not totally sure why I had sslmode in the url - I think it had to do with ssl settings in pg v7. It looks like with #2345 merged in, the config merging at https://github.com/brianc/node-postgres/blob/master/packages/pg/lib/connection-parameters.js#L56 would wipe out the ssl object.

It's an easy enough fix by moving the sslmode setting from the connection string to the ssl object. I wanted to drop a note here, though, in case you wanted to support deep merging connection string options with config settings.

fwiw, if anyone else is searching for something related to this, the error that was thrown was

Error: unable to get local issuer certificate
    at TLSSocket.onConnectSecure (_tls_wrap.js:1502:34)
    at TLSSocket.emit (events.js:314:20)
    at TLSSocket.EventEmitter.emit (domain.js:483:12)
    at TLSSocket._finishInit (_tls_wrap.js:937:8)
    at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:711:12)

[jgeurts]

Actually, it seems that maybe I don't need to add sslmode to the ssl configuration object... The rejectUnauthorized: true would essentially accomplish the same, right?