Security News
Supply Chain Attack Detected in Solana's web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
@noreajs/mongoose
Advanced tools
NoreaJs Mongoose is a package which contains a set of tools intended to facilitate the use of mongoose.
The package already has his type definitions.
npm install @noreajs/mongoose --save
To use MongoDB in your application, initialization is required. To do so with this little baby package, here's how:
Import the MongoDB context:
import { MongodbContext } from "@noreajs/mongoose";
Then use this line of code to initialize:
MongodbContext.init({
connectionUrl: `MONGODB_CONNECTION_URL`,
options: {}, // optional
onConnect: () => {}, // optional
onError: () => {}, // optional
});
Mongoose is the ideal tool when working with MongoDB. Very often to create a model, there is a set of information to take into account and the organization of the different elements constituting a model can become complicated. This package offers you a relatively simple way to proceed to create a model.
Full example of model declaration: Task.ts file (or Task.js):
import { mongooseModel, Document, Schema } from "@noreajs/mongoose";
interface ITask extends Document {
name: string;
description?: string;
createdAt: Date;
updatedAt: Date;
}
export default mongooseModel<ITask>({
name: "Task",
collection: "tasks",
schema: new Schema(
{
name: {
type: Schema.Types.String,
required: [true, "Task's name is required"],
},
description: {
type: Schema.Types.String,
},
},
{
timestamps: true, // createdAt and UpdatedAt are created and managed by mongoose
}
),
// + other properties
});
After creating the model, you can import it anywhere and use it.
The generic method used is mongooseModel, Where T is the interface which describes the model, and which must extend the mongoose Document interface.
The parameter of method mongooseModel is of the generic type MoongooseModelParams;
type MoongooseModelParams<T extends Document> = {
name: string;
collection?: string;
skipInit?: boolean;
paginate?: boolean;
aggregatePaginate?: boolean;
autopopulate?: boolean;
leanVirtuals?: boolean;
uniqueValidator?: boolean;
uniqueValidatorMessage?: string;
softDelete?: boolean;
softDeleteOptions?: {
deletedBy?: boolean;
deletedAt?: boolean;
overrideMethods?: boolean | string | string[];
validateBeforeDelete?: boolean;
indexFields?: boolean | string | string[];
use$neOperator?: boolean;
[key: string]: any;
};
virtuals?: [
{
fieldName: string;
options?: any;
get: Function;
set?: Function;
}
];
methods: {
[K in keyof Partial<T>]: Function;
};
plugins?: (schema: Schema) => void;
schema: Schema<T>;
externalConfig?: (schema: Schema) => void;
};
MoongooseModelParams descriptions:
Attribute | Type | Optional | Default | Description |
---|---|---|---|---|
name | string | false | Model name | |
collection | string | true | Collection name (optional, induced from model name) | |
skipInit | boolean | true | false | Whether to skip initialization or not |
paginate | boolean | true | true | The plugin automatically added when true is Mongoose Paginate |
aggregatePaginate | boolean | true | true | The plugin automatically added when true is Mongoose Aggregate Paginate V2 |
autopopulate | boolean | true | true | Always populate() certain fields in your Mongoose schemas. Only apply this plugin to top-level schemas. Don't apply this plugin to child schemas. |
leanVirtuals | boolean | true | true | Attach virtuals to the results of Mongoose queries when using .lean(). |
uniqueValidator | boolean | true | true | Catch unique validation error like normal validation error |
uniqueValidatorMessage | string | true | Expected {PATH} to be unique. | Unique validator message You can pass through a custom error message as part of the optional options argument: You have access to all of the standard Mongoose error message templating: :{PATH}, {VALUE}, {TYPE} |
softDelete | boolean | true | false | Active soft delete on model |
softDeleteOptions | any | true | Soft delete options | |
plugins | function | true | Add globaly a plugin to a mongoose schema | |
schema | mongoose.Schema | true | Mongoose schema defining the model | |
virtuals | array | true | Define the virtual attributes of the model | |
methods | object | true | Define the methods associated with the models | |
externalConfig | function | true | Configure the schema created by adding methods, middlewares, virtuals and many other things provided by Mongoose - Methods - https://mongoosejs\.com/docs/guide\.html\#methods - Middlewares - https://mongoosejs\.com/docs/middleware\.html - Virtuals - https://mongoosejs\.com/docs/guide\.html\#virtuals |
Table made with Table Convert
Linearize Mongoose errors when you catch them. The method used is linearizeErrors.
Mongoose validation errors normaly looks like this:
{
"message": "Validation Error: First error, second error and many other (maybe) unnecessary",
"errors": {
"fieldA": {
"message": "The field A is required",
"...": "..."
},
"fieldB": {
"message": "Th field B is not required (lol)",
"...": "..."
}
}
}
While using linearizeErrors method, the error data become:
{
"message": "This field A is required; Th field B is not required (lol)"
}
Example:
try {
const task = new Task({
name: "Install it",
description: "",
});
await task.save();
} catch (e) {
// linearize here
linearizeErrors(e);
// or
// linearizeErrors(e, {debug: true}); // to keep the original 'errors' attribute
// return the response
return res.status(500).json(e);
}
MIT
FAQs
Mongoose helpers
The npm package @noreajs/mongoose receives a total of 3 weekly downloads. As such, @noreajs/mongoose popularity was classified as not popular.
We found that @noreajs/mongoose demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.