Research
Security News
Malicious PyPI Package ‘pycord-self’ Targets Discord Developers with Token Theft and Backdoor Exploit
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
@balena/sbvr-types
Advanced tools
SBVR type definitions.
This module defines the data types that can be used in the SBVR model specification, as well as the possible relations between them. For each data type, there is a correspondence with a database data type, according to the various database engines that are supported.
The SBVR definition for types can be found at Type.sbvr
"The Rest" can be found at: balena-io-modules/sbvr-types/src/types
For a new type you should add a module to the types folder. The module should return a single object, which has the following format:
A types object, which specifies how the type is declared in various systems. This contains:
postgres: 'Serial'
mysql: (necessity, index) ->
return 'INTEGER' + necessity + index + ' AUTO_INCREMENT'
websql: (necessity, index) ->
return 'INTEGER' + necessity + index + ' AUTOINCREMENT'
odata:
name: 'Edm.Int64'
odata:
name: 'Self.Color'
complexType: '''
<ComplexType Name="Color">
<Property Name="r" Nullable="false" Type="Edm.Int8"/>\
<Property Name="g" Nullable="false" Type="Edm.Int8"/>\
<Property Name="b" Nullable="false" Type="Edm.Int8"/>\
<Property Name="a" Nullable="false" Type="Edm.Int8"/>\
</ComplexType>'''
(value, required) => Promise
that must be provided, and which should validate that incoming data is valid for this type.
value
is the value that has been received as part of the request.required
specifies whether this value is required (true: NOT NULL, false: NULL).Promise
should be returned with the resolved value being the valid, processed data, and any rejection being an error message explaining why the data is invalid.An example of validating a Color
type, we accept either a number that specifies the Color
, or an object {'r' or 'red', 'g' or 'green', 'b' or 'blue', 'a' or 'alpha'}, and return an integer that represents the Color
.
validate: Promise.method (value, required) ->
if typeof value != 'object'
processedValue = parseInt(value, 10)
if Number.isNaN(processedValue)
throw new Error('is neither an integer or color object: ' + value)
else
processedValue = 0
for own component, componentValue of value
if Number.isNaN(componentValue) or componentValue > 255
throw new Error('has invalid component value of ' + componentValue + ' for component ' + component)
switch component.toLowerCase()
when 'r', 'red'
processedValue |= componentValue << 16
when 'g', 'green'
processedValue |= componentValue << 8
when 'b', 'blue'
processedValue |= componentValue
when 'a', 'alpha'
processedValue |= componentValue << 24
else
throw new Error('has an unknown component: ' + component)
return processedValue
(data) => any
that may be specified to process the data after fetching from the database and before sending to the client. If specified this function should return the modified datafetchProcessing: (data) ->
return {
r: (data >> 16) & 0xFF
g: (data >> 8) & 0xFF
b: data & 0xFF
a: (data >> 24) & 0xFF
}
nativeProperties:
Verb:
Term: (from) -> ...
Term2: (from) -> ...
Verb2:
Term3: (from) -> ...
The (from) -> ...
function should return a chunk of abstract sql that can be used to fetch the property specified by this fact type, the from
parameter is abstract sql that will refer to an instance of the term that is of this type.
Text has Length:
nativeProperties:
'has':
'Length': (from) -> ['CharacterLength', from]
For the various properties of Color:
nativeProperties:
'has':
'Red Component': (from) -> ['BitwiseAnd', ['BitwiseShiftRight', from, 16], 255]
'Green Component': (from) -> ['BitwiseAnd', ['BitwiseShiftRight', from, 8], 255]
'Blue Component': (from) -> ['BitwiseShiftRight', from, 255]
'Alpha Component': (from) -> ['BitwiseAnd', ['BitwiseShiftRight', from, 24], 255]
nativeFactTypes:
'Term':
'Verb1': (from, to) -> ...
'Verb2': (from, to) -> ...
'Term2':
'Verb3': (from, to) -> ...
The (from, to) -> ...
function should return a chunk of abstract sql that can be used to resolve this fact type.
The from
parameter is abstract sql that will refer to an instance of the term that is of this type.
The to
parameter is abstract sql that will refer to an instance of the term that is of the type specified by the property name.
Note: The reasoning the ordering of this is SecondTerm -> Verb
, rather than Verb -> SecondTerm
is that it allows declaring all the links between two terms much easier (as you will see in the examples)
A selection of the the native fact types for Integer (in the actual file much more DRY is practiced):
nativeFactTypes:
'Integer':
'is less than': (from, to) -> ['LessThan', from, to]
'is less than or equal to': (from, to) -> ['LessThanOrEqual', from, to]
'Real':
'is less than': (from, to) -> ['LessThan', from, to]
'is less than or equal to': (from, to) -> ['LessThanOrEqual', from, to]
Note: You only need to specify the verb for the canonical for of the fact type, any synonymous forms will automatically be remapped to the canonical form
Tests can be found under the test/
folder, to run the whole suite use npm test
FAQs
SBVR type definitions.
The npm package @balena/sbvr-types receives a total of 8,513 weekly downloads. As such, @balena/sbvr-types popularity was classified as popular.
We found that @balena/sbvr-types demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.