Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
@testlio/cloudsearch-query-builder
Advanced tools
Readme
AWS CloudSearch supports searching over data/documents by using query strings, these query strings can contain compound query in a specific format/syntax. While this syntax is well documented, creating this string in code can be error-prone. This is where query builder comes in, allowing queries to be built using a more functional approach, and ensuring the resulting string is in the correct format.
npm install @testlio/cloudsearch-query-builder
Query builder mirrors the available operators, listed here, as functions that take arguments and produce a string. All of these functions are well-documented in the code itself, thus a few example cases here should do the trick.
// Query for all Star Wars films released before the year 2000
builder.and([builder.phrase('star wars', 'title'), builder.range('year', undefined, 2000)]);
// -> (and (phrase field=star wars 'title') (range field=year {,2000]))
// Query for all Star Wars films, boosting those released before year 2000
builder.and([builder.phrase('star wars', 'title'), builder.or([builder.range('year', undefined, 2000, { boost: 4 }), builder.range('year', 2000)])]);
// -> (and (phrase field=title 'star wars') (or (range field=year boost=4 {,2000]) (range field=year [2000,})))
// Query for all Star Wars films that Harrison Ford stars in
builder.and([builder.term('Harrison Ford', 'actors'), builder.phrase('star wars', 'title')]);
// -> (and (term field=actors 'Harrison Ford') (phrase field=title 'star wars'))
With certain operators, you can also omit the field to search over all textual fields, for example:
// Search for all films that contain term 'star' in any of their textual fields
builder.term('star');
// -> (term 'star')
// Search for all films released after year 2000 that mention Harrison Ford
builder.and([builder.phrase('Harrison Ford'), builder.range('year', 2000)]);
// -> (and (term 'star') (range field=year [2000,}))
The full API is documented inline, you can go over it here.
The resulting string from query builder should be passed along to the search
function of CloudSearchDomain in AWS SDK for Node.js. It is important to note that all strings that query builder returns rely on the queryParser
parameter to be set to structured
.
// Obtain CloudSearchDomain, possibly via CloudSearch.describeDomains()
const cloudSearchDomain = ...;
const builder = require('@testlio/cloudsearch-query-builder');
// Create a query as explained above
const query = builder.and([builder.phrase('star wars', 'title'), builder.range('year', undefined, 2000)]);
// Conduct the search
cloudSearchDomain.search({
query: query,
queryParser: 'structured'
}, function(err, data) {
// Handle the results
});
NOTE: Because of the CloudSearch limitations, query builder removes double quotes from the search parameters.
Contributions to cloudsearch-query-builder are very welcome! Please make sure to follow the Contribution Guidelines. Areas that you could help out with include, but are not limited to:
FAQs
Builds string queries for cloudsearch
We found that @testlio/cloudsearch-query-builder demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 14 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.