Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@hishprorg/eius-vero-dicta
Advanced tools
Official [orientdb](http://www.orientechnologies.com/orientdb/) driver for node.js. Fast, lightweight, uses the binary protocol. [![REUSE status](https://api.reuse.software/badge/github.com/orientechnologies/@hishprorg/eius-vero-dicta)](https://api.reuse.
Official orientdb driver for node.js. Fast, lightweight, uses the binary protocol.
NOTE: Release v3.0 provides new APIs in order to support OrientDB 3.0 features.
OrientJS v3.0 contains backwards compatible APIs for OrientDB 2.2.x and OrientDB 3.0.x using the old protocol version 33 (Legacy). New APIs are shipped in v3.0 to support the new protocol featuring Streaming, Stateful transactions, new SQL engine etc..
Install via npm.
npm install @hishprorg/eius-vero-dicta
For Typescript usage :
npm install @types/@hishprorg/eius-vero-dicta
Use the connect
function in order to create a new OrientDBClient
instance.
const OrientDBClient = require("@hishprorg/eius-vero-dicta").OrientDBClient;
OrientDBClient.connect({
host: "localhost",
port: 2424
}).then(client => {
return client.close();
}).then(()=> {
console.log("Client closed");
});
To open a new standalone session use the client.session
api. This api will create a new stateful session associated with the given database and credentials. Once done, call session.close
in order to release the session on the server. Session are stateful since OrientJS 3.0 as they can execute server side transactions.
client.session({ name: "demodb", username: "admin", password: "admin" })
.then(session => {
// use the session
...
// close the session
return session.close();
});
Opening and closing sessions everytime can be expensive, since open and close require a network request to the server. Use the API client.sessions
to create a pool of sessions with a given database and credentials. To get a session from the pool call the api pool.acquire
. Once done with the session you can return the session to the pool by calling session.close
// Create a sessions Pool
client.sessions({ name: "demodb", username: "admin", password: "admin", pool: { max: 10} })
.then(pool => {
// acquire a session
return pool.acquire()
.then(session => {
// use the session
...
// release the session
return session.close();
})
.then(() => {
// close the pool
return pool.close();
});
});
});
Once obtained a session using the above APIs you can:
Streaming
session.query("select from OUser where name = :name", {params: { name: "admin" }})
.on("data", data => {
console.log(data);
})
.on('error',(err)=> {
console.log(err);
})
.on("end", () => {
console.log("End of the stream");
});
or use .all
API that convert the stream to a Promise and collect the result set into an array
session.query("select from OUser where name = :name", { params : {name: "admin" }})
.all()
.then((results)=> {
console.log(results);
});
session.command("insert into V set name = :name", {params: { name: "test" }})
.all()
.then(result => {
console.log(result);
});
Use the api session.runInTransaction in order to run a unit of work in a managed transaction (begin/commit/retry)
session.runInTransaction((tx)=>{
return tx.command("insert into V set name = :name", {params: { name: "test" }}).all()
}).then(({result,tx}) => {
console.log(result);
console.log(tx);
});
session.liveQuery("select from V").on("data", data => {
console.log(data);
});
To run the test suite, first invoke the following command within the repo, installing the development dependencies:
npm install
Then run the tests:
npm test
In 2012, Gabriel Petrovay created the original node-orientdb library, with a straightforward callback based API.
In early 2014, Giraldo Rosales made a whole host of improvements, including support for orientdb 1.7 and switched to a promise based API.
Later in 2014, codemix refactored the library to make it easier to extend and maintain, and introduced an API similar to nano. The result is so different from the original codebase that it warranted its own name and npm package. This also gave us the opportunity to switch to semantic versioning.
In June 2015, Orient Technologies company officially adopted the Oriento driver and renamed it as OrientJS.
Please see CONTRIBUTING.
When building from source code, you need to download the driver directly from GitHub, then run NPM against the branch you want to use or test.
Using Git, clone the package repository, then enter the new directory:
$git clone https://github.com/hishprorg/eius-vero-dicta.git
$cd @hishprorg/eius-vero-dicta
When you clone the repository, Git automatically provides you with the current state of the master
branch. If you would like to work with another branch, like develop
or test features on past releases, you need to check out the branch you want. For instance,
$ git checkout develop
Once you've selected the branch you want to build, call NPM to handle the installation.
$ npm install
Run the tests to make sure it works:
$ npm test
See CHANGELOG
Apache 2.0 License, see LICENSE
FAQs
Official [orientdb](http://www.orientechnologies.com/orientdb/) driver for node.js. Fast, lightweight, uses the binary protocol. [![REUSE status](https://api.reuse.software/badge/github.com/orientechnologies/@hishprorg/eius-vero-dicta)](https://api.reuse.
The npm package @hishprorg/eius-vero-dicta receives a total of 1 weekly downloads. As such, @hishprorg/eius-vero-dicta popularity was classified as not popular.
We found that @hishprorg/eius-vero-dicta demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.