Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@factorialco/tentaclesql
Advanced tools
Query your HTTP endpoints data using SQL
docker run -p 8080 -ti factorialco/tentaclesql
npm i -g @factorialco/tentaclesql
To be able to start TentacleSQL you need to provide even SCHEMA_URL
or
SCHEMA_FILE
environment variable specifying the route to retrieve the schema
from.
Alternativelly you can provide your own schema into same POST request you run the query.
Examples:
SCHEMA_URL='https://example.com/api/schema'
SCHEMA_FILE='example.yaml' # Note that should be placed into `schemas` folder
This schema stucture is an array of all the table definitions available in your schema. Something like:
[
{
"name": "applications",
"url": "https://example.com/api/schema/tables/applications",
"fields": [
{
"key": "id",
"type": "number"
},
{
"key": "first_name",
"type": "text"
},
{
"key": "last_name",
"type": "text"
}
]
},
{
"name": "goals",
"url": "https://example.com/api/schema/tables/goals",
"fields": [
{
"key": "id",
"type": "number"
},
{
"key": "progress",
"type": "text"
},
{
"key": "application_id",
"type": "number",
"table": "applications",
"foreign_key": "id"
}
]
}
]
To see yaml example check schemas/example.yaml
.
The schema definition needs to respond with an array of table definitions:
Table:
name
: Name of the tableurl
: URL to retrieve the data fromautodiscover
: If you want to autodiscover fields from url responseresult_key
: Which key should be readed for array of resultsfields
: List of fields / foreign keys of this tableEach table will have an array of fields that can be raw fields or foreign key to denote relations between tables.
Field:
key
: Name of the column / fieldtype
: Type of the field. Available types: text
, number
, data
and boolean
Foreign key:
key
: Name of the foreign keytype
: Type of the field. Available types: text
, number
, data
and boolean
table
: Target table of the foreign keyforeign_key
: Referenced column by the foreign keyOnce you have your tentaclesql server up and running you can use it by sending
POST requests against /
.
Example:
curl -H "Content-type: application/json" -X POST -d '{"query": "SELECT 1;"}' http://localhost:3000/
The expected payload contains the following parameters:
Note that you must configure your schema first. You can pass an environment variable:
Example
SCHEMA_FILE=example.yaml tentaclesql interactive
yarn cli interactive
# or installed global
tentaclesql interactive
yarn cli query "SELECT 1;"
# or installed global
tentaclesql query "SELECT 1;"
By default Tentacle sends one HTTP request for each table data, however you can change this and fetch all table data in one HTTP request. To enable this you need to pass following paramaters:
BULK_FETCH=true
BULK_FETCH_URL=url
FAQs
SQL engine from multiple sources
We found that @factorialco/tentaclesql demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.