Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
@supabase/postgrest-js
Advanced tools
@supabase/postgrest-js is a JavaScript client library for interacting with PostgREST APIs. It allows you to perform CRUD operations, filter data, and manage real-time subscriptions with ease. This package is particularly useful for developers working with Supabase, a backend-as-a-service platform that provides a PostgREST API for interacting with PostgreSQL databases.
CRUD Operations
This feature allows you to perform basic CRUD (Create, Read, Update, Delete) operations on your database tables. The code sample demonstrates how to insert a new record, read records, update a record, and delete a record from a 'users' table.
const { createClient } = require('@supabase/postgrest-js');
const client = createClient('https://your-project.supabase.co', 'public-anon-key');
// Create a new record
client.from('users').insert({ username: 'johndoe', age: 30 }).then(response => console.log(response));
// Read records
client.from('users').select('*').then(response => console.log(response));
// Update a record
client.from('users').update({ age: 31 }).eq('username', 'johndoe').then(response => console.log(response));
// Delete a record
client.from('users').delete().eq('username', 'johndoe').then(response => console.log(response));
Filtering Data
This feature allows you to filter data based on specific conditions. The code sample demonstrates how to filter records where the age is 30 and how to use advanced filtering with multiple conditions.
const { createClient } = require('@supabase/postgrest-js');
const client = createClient('https://your-project.supabase.co', 'public-anon-key');
// Filter records
client.from('users').select('*').eq('age', 30).then(response => console.log(response));
// Advanced filtering
client.from('users').select('*').or('age.eq.30,username.eq.johndoe').then(response => console.log(response));
Real-time Subscriptions
This feature allows you to subscribe to real-time changes in your database tables. The code sample demonstrates how to set up a subscription to listen for any changes in the 'users' table and log the changes to the console.
const { createClient } = require('@supabase/postgrest-js');
const client = createClient('https://your-project.supabase.co', 'public-anon-key');
// Subscribe to changes in the 'users' table
const subscription = client.from('users').on('*', payload => {
console.log('Change received!', payload);
}).subscribe();
The 'pg' package is a PostgreSQL client for Node.js. It allows you to interact with PostgreSQL databases using SQL queries. Unlike @supabase/postgrest-js, which provides a higher-level abstraction for CRUD operations and real-time subscriptions, 'pg' requires you to write raw SQL queries and manage connections manually.
Knex.js is a SQL query builder for Node.js, supporting multiple database types including PostgreSQL. It provides a more flexible and powerful way to build SQL queries compared to @supabase/postgrest-js. However, it does not offer built-in real-time subscriptions and requires more setup for basic CRUD operations.
Sequelize is a promise-based Node.js ORM for various SQL databases, including PostgreSQL. It provides a higher-level abstraction for database operations, similar to @supabase/postgrest-js, but with more features like model definitions, associations, and migrations. However, it does not natively support real-time subscriptions.
postgrest-js
Isomorphic JavaScript client for PostgREST. The goal of this library is to make an "ORM-like" restful interface.
Full documentation can be found here.
Install
npm install @supabase/postgrest-js
Usage
import { PostgrestClient } from '@supabase/postgrest-js'
const REST_URL = 'http://localhost:3000'
const postgrest = new PostgrestClient(REST_URL)
fetch
implementationpostgrest-js
uses the cross-fetch
library to make HTTP requests, but an alternative fetch
implementation can be provided as an option. This is most useful in environments where cross-fetch
is not compatible, for instance Cloudflare Workers:
import { PostgrestClient } from '@supabase/postgrest-js'
const REST_URL = 'http://localhost:3000'
const postgrest = new PostgrestClient(REST_URL, {
fetch: (...args) => fetch(...args),
})
This repo is licensed under MIT License.
We are building the features of Firebase using enterprise-grade, open source products. We support existing communities wherever possible, and if the products don’t exist we build them and open source them ourselves. Thanks to these sponsors who are making the OSS ecosystem better for everyone.
FAQs
Isomorphic PostgREST client
The npm package @supabase/postgrest-js receives a total of 691,527 weekly downloads. As such, @supabase/postgrest-js popularity was classified as popular.
We found that @supabase/postgrest-js demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 13 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.