Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
The query builder allows constructing complex AQL queries with a pure JavaScript fluid API.
npm install aqb
bower install aqb
As of ArangoDB 1.3, a version of aqb
comes pre-installed with ArangoDB.
var qb = require('aqb');
If you want to use a more recent version of aqb
in a Foxx app, you can add it to your NPM dependencies as usual.
This CommonJS module is compatible with browserify.
If you don't want to use browserify, you can simply use the AMD-compatible browserify bundle (~30 kB minified, ~6 kB gzipped).
If you want to use this module in non-ES5 browsers like Microsoft Internet Explorer 8 and earlier, you may need to include es5-shim or a similar ES5 polyfill.
git clone https://github.com/arangodb/aqbjs.git
cd aqbjs
npm install
npm run dist
// in arangosh
var db = require('org/arangodb').db;
var qb = require('aqb');
console.log(db._query(qb.for('x').in('1..5').return('x')).toArray()); // [1, 2, 3, 4, 5]
If raw JavaScript values are passed to AQL statements, they will be wrapped in a matching AQL type automatically.
JavaScript strings wrapped in quotation marks will be wrapped in AQL strings, all other JavaScript strings will be wrapped as simple references (see below) and throw an AQLError if they are not well-formed.
Wraps the given value as an AQL Boolean literal.
qb.bool(value)
If the value is truthy, it will be converted to the AQL Boolean true, otherwise it will be converted to the AQL Boolean false.
If the value is already an AQL Boolean, its own value will be wrapped instead.
Wraps the given value as an AQL Number literal.
qb.num(value)
If the value is not a JavaScript Number, it will be converted first.
If the value does not represent a finite number, an AQLError will be thrown.
If the value is already an AQL Number or AQL Integer, its own value will be wrapped instead.
Wraps the given value as an AQL Integer literal.
qb.int(value)
If the value is not a JavaScript Number, it will be converted first.
If the value does not represent a finite integer, an AQLError will be thrown.
If the value is already an AQL Number or AQL Integer, its own value will be wrapped instead.
Alias: qb.int_(value)
Wraps the given value as an AQL String literal.
qb.str(value)
If the value is not a JavaScript String, it will be converted first.
If the value is already an AQL String, its own value will be wrapped instead.
If the value is an object with a toAQL method, the result of calling that method will be wrapped instead.
Wraps the given value as an AQL List (Array) literal.
qb.list(value)
If the value is not a JavaScript Array, an AQLError will be thrown.
If the value is already an AQL List, its own value will be wrapped instead.
Any list elements that are not already AQL values will be converted automatically.
Wraps the given value as an AQL Object literal.
qb.obj(value)
If the value is not a JavaScript Object, an AQLError will be thrown.
If the value is already an AQL List, its own value will be wrapped instead.
Any property values that are not already AQL values will be converted automatically.
Wraps a given value in an AQL Simple Reference.
qb.ref(value)
If the value is not a JavaScript string or not a well-formed simple reference, an AQLError will be thrown.
If the value is an ArangoCollection, its name property will be used instead.
If the value is already an AQL Simple Reference, its value is wrapped instead.
Examples
Valid values:
foo
foo.bar
foo[*].bar
foo.bar.QUX
_foo._bar._qux
foo1.bar2
Invalid values:
1foo
föö
foo bar
foo-bar
foo[bar]
ArangoDB collection objects can be passed directly:
var myUserCollection = applicationContext.collection('users');
var users = db._query(qb.for('u').in(myUserCollection).return('u')).toArray();
Creates a range expression from the given values.
qb.range(value1, value2)
-> value1..value2
If the values are not already AQL values, they will be converted automatically.
Creates a property access expression from the given values.
qb.get(obj, key)
-> obj[key]
If the values are not already AQL values, they will be converted automatically.
Wraps a given value in a raw AQL expression.
qb.expr(value)
If the value is already an AQL Raw Expression, its value is wrapped instead.
Warning: Whenever possible, you should use one of the other methods or a combination thereof instead of using a raw expression. Raw expressions allow passing arbitrary strings into your AQL and thus will open you to AQL injection attacks if you are passing in untrusted user input.
Creates an "and" operation from the given values.
qb.and(a, b)
-> (a && b)
If the values are not already AQL values, they will be converted automatically.
This function can take any number of arguments.
Examples
qb.and(a, b, c, d, e, f)
-> (a && b && c && d && e && f)
Creates an "or" operation from the given values.
qb.or(a, b)
-> (a || b)
If the values are not already AQL values, they will be converted automatically.
This function can take any number of arguments.
Examples
qb.or(a, b, c, d, e, f)
-> (a || b || c || d || e || f)
Creates an addition operation from the given values.
qb.add(a, b)
-> (a + b)
If the values are not already AQL values, they will be converted automatically.
This function can take any number of arguments.
Alias: qb.plus(a, b)
Examples
qb.add(a, b, c, d, e, f)
-> (a + b + c + d + e + f)
Creates a subtraction operation from the given values.
qb.sub(a, b)
-> (a - b)
If the values are not already AQL values, they will be converted automatically.
This function can take any number of arguments.
Alias: qb.minus(a, b)
Examples
qb.sub(a, b, c, d, e, f)
-> (a - b - c - d - e - f)
Creates a multiplication operation from the given values.
qb.mul(a, b)
-> (a * b)
If the values are not already AQL values, they will be converted automatically.
This function can take any number of arguments.
Alias: qb.times(a, b)
Examples
qb.mul(a, b, c, d, e, f)
-> (a * b * c * d * e * f)
Creates a division operation from the given values.
qb.div(a, b)
-> (a / b)
If the values are not already AQL values, they will be converted automatically.
This function can take any number of arguments.
Examples
qb.div(a, b, c, d, e, f)
-> (a / b / c / d / e / f)
Creates a modulus operation from the given values.
qb.mod(a, b)
-> (a % b)
If the values are not already AQL values, they will be converted automatically.
This function can take any number of arguments.
Examples
qb.mod(a, b, c, d, e, f)
-> (a % b % c % d % e % f)
Creates an equality comparison from the given values.
qb.eq(a, b)
-> (a == b)
If the values are not already AQL values, they will be converted automatically.
Creates an inequality comparison from the given values.
qb.neq(a, b)
-> (a != b)
If the values are not already AQL values, they will be converted automatically.
Creates a greater-than comparison from the given values.
qb.gt(a, b)
-> (a > b)
If the values are not already AQL values, they will be converted automatically.
Creates a greater-than-or-equal-to comparison from the given values.
qb.gte(a, b)
-> (a >= b)
If the values are not already AQL values, they will be converted automatically.
Creates a less-than comparison from the given values.
qb.lt(a, b)
-> (a < b)
If the values are not already AQL values, they will be converted automatically.
Creates a less-than-or-equal-to comparison from the given values.
qb.lte(a, b)
-> (a <= b)
If the values are not already AQL values, they will be converted automatically.
Creates an "in" comparison from the given values.
qb.in(a, b)
-> (a in b)
If the values are not already AQL values, they will be converted automatically.
Aliases: qb.in_(a, b)
Creates a negation from the given value.
qb.not(a)
-> !(a)
If the value is not already an AQL value, it will be converted automatically.
Creates a negative value expression from the given value.
qb.neg(a)
-> -(a)
If the value is not already an AQL value, it will be converted automatically.
Creates a ternary expression from the given values.
qb.if(condition, then, otherwise)
-> (condition ? then : otherwise)
If the values are not already AQL values, they will be converted automatically.
Aliases: qb.if_(condition, then, otherwise)
Creates a function call for the given name and arguments.
qb.fn(name)(args…)
If the values are not already AQL values, they will be converted automatically.
For built-in functions, methods with the relevant function name are already provided by the query builder.
Examples
qb.fn('MY::USER::FUNC')(1, 2, 3)
-> MY::USER::FUNC(1, 2, 3)
qb.fn('hello')()
-> hello()
qb.RANDOM()
-> RANDOM()
qb.FLOOR(qb.div(5, 2))
-> FLOOR((5 / 2))
In addition to the methods documented above, the query builder provides all methods of PartialStatement objects.
AQL Statement objects have a method toAQL() which returns their AQL representation as a JavaScript string.
Examples
qb.for('doc').in('my_collection').return('doc._key').toAQL()
// -> FOR doc IN my_collection RETURN doc._key
PartialStatement::for(expression).in(collection) : Statement
Alias: for_(expression).in_(collection)
PartialStatement::let(varname, expression) : Statement
Alias: let_(varname, expression)
PartialStatement::let(definitions) : Statement
Alias: let_(definitions)
PartialStatement::filter(expression) : Statement
PartialStatement::collect(varname, expression) : Statement
PartialStatement::collect(varname1, expression).into(varname2) : Statement
PartialStatement::collect(definitions) : Statement
PartialStatement::collect(definitions).into(varname) : Statement
PartialStatement::sort(args…) : Statement
PartialStatement::limit([offset,] count) : Statement
PartialStatement::return(expression) : Statement
Alias: return_(expression)
PartialStatement::remove(expression).in(collection) : RemoveExpression
Aliases:
remove(expression).in_(collection)
remove(expression).into(collection)
RemoveExpression::options(options) : Statement
PartialStatement::insert(expression).into(collection) : InsertExpression
Aliases:
insert(expression).in(collection)
insert(expression).in_(collection)
InsertExpression::options(options) : Statement
PartialStatement::update(expression1).with(expression2).in(collection) : UpdateExpression
Aliases:
update(expression1).with(expression2).in_(collection)
update(expression1).with(expression2).into(collection)
update(expression1).with_(expression2).in(collection)
update(expression1).with_(expression2).in_(collection)
update(expression1).with_(expression2).into(collection)
PartialStatement::update(expression).in(collection) : UpdateExpression
Aliases:
update(expression).in_(collection)
update(expression).into(collection)
UpdateExpression::options(options) : Statement
PartialStatement::replace(expression1).with(expression2).in(collection) : ReplaceExpression
Aliases:
replace(expression1).with(expression2).in_(collection)
replace(expression1).with(expression2).into(collection)
replace(expression1).with_(expression2).in(collection)
replace(expression1).with_(expression2).in_(collection)
replace(expression1).with_(expression2).into(collection)
PartialStatement::replace(expression).in(collection) : ReplaceExpression
Aliases:
replace(expression).in_(collection)
replace(expression).into(collection)
ReplaceExpression::options(options) : Statement
The Apache License, Version 2.0. For more information, see the accompanying LICENSE file.
FAQs
ArangoDB AQL query builder.
The npm package aqb receives a total of 18 weekly downloads. As such, aqb popularity was classified as not popular.
We found that aqb demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.