Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@jupiterone/dynamodb-dao
Advanced tools
This project contains code for a DynamoDbDao
class that can be used for
creating, querying, updating, and deleting from DynamoDB table. Unlike tools
like dynamoose
, DynamoDbDao
is a lower level wrapper and aims not to
abstract away too many of the DynamoDB implementation details.
Also, this module leverages TypeScript type declarations so that, when possible, methods arguments and return values are strictly typed.
Constructor:
import AWS from 'aws-sdk';
import DynamoDbDao from '@jupiterone/dynamodb-dao';
const dynamodb = new AWS.DynamoDB({
apiVersion: '2012-08-10'
});
const documentClient = new AWS.DynamoDB.DocumentClient({
service: dynamodb
});
// The type declaration of for the documents that we are storing
interface MyDocument {
id: string;
accountId: string;
name: string;
}
// Key schema should have one or two properties which correspond to
// hash key and range key.
//
// NOTE: a range key is optional and depends
// on how your DynamoDB table is configured.
interface MyDocumentKeySchema {
// hash key
accountId: string;
// range key
id: string;
}
const myDocumentDao = new DynamoDbDao<MyDocument, MyDocumentKeySchema>({
tableName: 'my-documents',
documentClient
});
Get query:
const myDocument = await myDocumentDao.get({ id, accountId });
Paginated query:
const { items, lastKey } = await myDocumentDao.query({
index: 'NameIndex',
keyConditionExpression: 'accountId = :accountId',
startAt: cursor /* `cursor` is a previously returned `lastKey` */,
scanIndexForward: true,
attributeValues: {
':accountId': accountId,
},
});
Count query:
const count = await myDocumentDao.count({
index: 'NameIndex',
keyConditionExpression: 'accountId = :accountId',
attributeValues: {
':accountId': input.accountId,
},
});
Put:
await myDocumentDao.put({
id: 'something',
accountId: 'abc'
name: 'blah'
});
Delete:
await myDocumentDao.delete({ id, accountId });
The test setup requires that docker-compose be installed. To run the tests, first open one terminal and start the local DynamoDB docker container by running:
yarn start:containers
In a second terminal run:
yarn test
To stop containers:
yarn stop:containers
FAQs
DynamoDB Data Access Object (DAO) helper library
The npm package @jupiterone/dynamodb-dao receives a total of 24 weekly downloads. As such, @jupiterone/dynamodb-dao popularity was classified as not popular.
We found that @jupiterone/dynamodb-dao demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.