Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@dialexa/pleco-knex
Advanced tools
pleco-knex provides all the same exports as pleco, but overrides the functions for ease of use.
import { getFilterQuery } from '@dialexa/pleco-knex';
// Suppose vehicles has the columns id, make, model, highwayMPG, cityMPG
// Note that you do not have to create subqueries for columns that exist on the table already
// Create our subqueries
const numberOfUsers = knex
.select('vehicles.id as resource_id', 'count(*) as value', 'count(*) as sort')
.from('vehicles')
.leftJoin('vehicles_users', 'vehicles_users.vehicle_id', 'vehicles.id') // left join so we don't lose vehicles that don't have users
.groupBy('vehicles');
... // Subqueries for the other filter fields
const subqueries = {
numberOfUsers,
...
};
const filter = {
AND: [
{ make: { eq: 'nissan' } },
{ model: { in: ['altima', 'sentra'] } },
{ numberOfUsers: { AND: [{ gt: 1000 }, { lt: 1999 }] } },
{
OR: [
{ highwayMPG: { gt: 30 } },
{ cityMPG: { gte: 20 } }
]
},
{ userSurveyRating: { gte: 80.5 } }
]
};
let query = knex('vehicles').where(builder =>
// mutate tells us to edit the builder object passed by reference instead of cloning
getFilterQuery({ filter, subqueries }, { knex, query: builder, mutate: true });
);
Additionally, you can denote filter as
const filter = { // implicit AND
make: 'nissan', // implicit eq
model: ['atlima', 'sentra'], // implicit in
numberOfUsers: { gt: 1000, lt: 1999 },
OR: [
{ highwayMPG: { gt: 30 } },
{ cityMPG: { gte: 20 } }
],
userSurveyRating: { gte: 80.5 }
}
Continuing from the code snippet for the filter function. Note that due to the
way that the sort query is generated, passing mutate: true
will not mutate the original query.
import { getSortQuery } from '@dialexa/pleco-knex';
const sort = { userSurveyRating: 'ASC' };
query = getSortQuery({ sort, subqueries }, { knex, query });
import { getPageLimitOffsetQuery } from '@dialexa/pleco-knex';
let query = knex('vehicles');
// Page 3 with page sizes as 25
const page = { limit: 25, offset: 50 };
query = getPageLimitOffsetQuery(page, { knex, query });
Due to how flexible the library is for filtering arbitrary data, the generated SQL can be quite large. If just filtering on columns on the table, it is recommended to not include a subquery for the column. If not subquery is found for a filter key, the library will assume the filter key is a column on the table. For example:
// vehicles has make and model columns
import { getFilterQuery } from '@dialexa/pleco-knex';
const filter = {
make: 'nissan',
model: 'altima',
};
let query = knex('vehicles').where(builder =>
getFilterQuery({ filter }, { knex, query: builder, mutate: true });
FAQs
# Pleco Knex
The npm package @dialexa/pleco-knex receives a total of 1 weekly downloads. As such, @dialexa/pleco-knex popularity was classified as not popular.
We found that @dialexa/pleco-knex demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.