Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@sap/hana-client
Advanced tools
Fully-featured Node.js driver for SAP HANA. It is used to connect, issue SQL queries, and obtain result sets.
npm install @sap/hana-client
This driver communicates with the native HANA libraries, and thus requires platform-specific native binaries. The official hosted version includes precompiled libraries for Linux, Windows and Mac OS X.
The @sap/hana-client driver supports versions of Node.js 16 and higher.
SAP Community provides a forum where you can ask and answer questions, and comment and vote on the questions of others and their answers.
See SAP HANA Community Questions for details.
The SAP HANA Node.js Driver help guide and API reference can be found on help.sap.com.
var hana = require('@sap/hana-client');
var conn = hana.createConnection();
var conn_params = {
serverNode : 'myserver:30015',
uid : 'system',
pwd : 'Password123'
};
conn.connect(conn_params, function(err) {
if (err) throw err;
conn.exec('SELECT Name, Description FROM Products WHERE id = ?', [301], function (err, result) {
if (err) throw err;
console.log('Name: ', result[0].Name, ', Description: ', result[0].Description);
// output --> Name: Tee Shirt, Description: V-neck
conn.disconnect();
})
});
A database connection object is created by calling createConnection
. The
connection is established by calling the connection object's connect
method,
and passing in an object representing connection parameters.
conn.connect({
host : 'myserver',
port : '30015',
uid : 'system',
pwd : 'Password123'
});
conn.disconnect(function(err) {
if (err) throw err;
console.log('Disconnected');
});
Direct statement execution is the simplest way to execute SQL statements. The inputs are the SQL command to be executed, and an optional array of positional arguments. The result is returned using callbacks. The type of returned result depends on the kind of statement.
In the case of a successful DDL Statement, nothing is returned.
conn.exec('CREATE TABLE Test (id INTEGER PRIMARY KEY, msg VARCHAR(128))', function (err, result) {
if (err) throw err;
console.log('Table Test created!');
});
In the case of a DML Statement the number of affectedRows
is returned.
conn.exec("INSERT INTO Test VALUES(1, 'Hello')", function (err, affectedRows) {
if (err) throw err;
console.log('Number of affected rows:', affectedRows);
});
The exec
function is a convenient way to completely retrieve the result of a
query. In this case all selected rows are fetched and returned in the callback.
conn.exec("SELECT * FROM Test WHERE id < 5", function (err, rows) {
if (err) throw err;
console.log('Rows:', rows);
});
Values in the query can be substitued with JavaScript variables by using ?
placeholders in the query, and passing an array of positional arguments.
conn.exec("SELECT * FROM Test WHERE id BETWEEN ? AND ?", [5, 8], function (err, rows) {
if (err) throw err;
console.log('Rows:', rows);
});
The connection returns a statement
object which can be executed multiple times.
conn.prepare('SELECT * FROM Test WHERE id = ?', function (err, stmt){
if (err) throw err;
// do something with the statement
});
The execution of a prepared statement is similar to the direct statement execution.
The first parameter of exec
function is an array with positional parameters.
stmt.exec([16], function(err, rows) {
if (err) throw err;
console.log("Rows: ", rows);
});
The execution of a prepared batch statement is similar to the direct statement execution.
The first parameter of execBatch
function is an array with positional parameters.
var stmt=conn.prepare("INSERT INTO Customers(ID, NAME) VALUES(?, ?)");
stmt.execBatch([[1, 'Company 1'], [2, 'Company 2']], function(err, rows) {
if (err) throw err;
console.log("Rows: ", rows);
});
The execution of a prepared query is similar to the direct statement execution.
The first parameter of execQuery
function is an array with positional parameters.
var stmt=conn.prepare("SELECT * FROM Customers WHERE ID >= ? AND ID < ?");
stmt.execQuery([100, 200], function(err, rs) {
if (err) throw err;
var rows = [];
while (rs.next()) {
rows.push(rs.getValues());
}
console.log("Rows: ", rows);
});
stmt.drop(function(err) {
if (err) throw err;
});
Transactions are automatically commited. Setting autocommit to false implicitly starts a new transaction that must be explicitly committed, or rolled back.
conn.setAutoCommit(false);
// Execute some statements
conn.commit(function(err) {
if (err) throw err;
console.log('Transaction commited.');
});
conn.setAutoCommit(false);
// Execute some statements
conn.rollback(function(err) {
if (err) throw err;
console.log('Transaction rolled back.');
});
The HANA Node.js Driver is provided via the SAP Developer License Agreement.
By using this software, you agree that the following text is incorporated into the terms of the Developer Agreement:
If you are an existing SAP customer for On Premise software, your use of this current software is also covered by the terms of your software license agreement with SAP, including the Use Rights, the current version of which can be found at: https://www.sap.com/about/agreements/product-use-and-support-terms.html?tag=agreements:product-use-support-terms/on-premise-software/software-use-rights
FAQs
Official SAP HANA Node.js Driver
The npm package @sap/hana-client receives a total of 115,669 weekly downloads. As such, @sap/hana-client popularity was classified as popular.
We found that @sap/hana-client demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.