Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

better-sqlite3-multiple-ciphers

Package Overview
Dependencies
Maintainers
1
Versions
62
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

better-sqlite3-multiple-ciphers

better-sqlite3 with multiple-cipher encryption support

  • 8.7.0
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
3.4K
increased by6.39%
Maintainers
1
Weekly downloads
 
Created
Source

better-sqlite3-multiple-ciphers

NPM version Downloads Build status

The fastest and simplest library for SQLite3 in Node.js. This particular fork supports multiple-cipher encryption using SQLite3MultipleCiphers. Check usage to learn more.

  • Full transaction support
  • High performance, efficiency, and safety
  • Easy-to-use synchronous API (better concurrency than an asynchronous API... yes, you read that correctly)
  • Support for user-defined functions, aggregates, virtual tables, and extensions
  • 64-bit integers (invisible until you need them)
  • Worker thread support (for large/slow queries)
  • Encryption support using multiple algorithms

Current versions

Help this project stay strong! 💪

better-sqlite3 is used by thousands of developers and engineers on a daily basis. Long nights and weekends were spent keeping this project strong and dependable, with no ask for compensation or funding, until now. If your company uses better-sqlite3, ask your manager to consider supporting the project:

Also head over to SQLite3MultipleCiphers repo and give some support to the developer to keep this very useful extension alive.

You can also support me (the maintainer of this fork) by buying me a coffee. 😊

ko-fi

How other libraries compare

select 1 row  get() select 100 rows   all()  select 100 rows iterate() 1-by-1insert 1 row run()insert 100 rows in a transaction
better-sqlite31x1x1x1x1x
sqlite and sqlite311.7x slower2.9x slower24.4x slower2.8x slower15.6x slower

You can verify these results by running the benchmark yourself.

Installation

Stable

npm install better-sqlite3-multiple-ciphers

Beta

npm install better-sqlite3-multiple-ciphers@beta

You must be using Node.js v14.21.1 or above. Prebuilt binaries are available for Node.js LTS versions and Electron. If you have trouble installing, check the troubleshooting guide.

Usage

const db = require('better-sqlite3-multiple-ciphers')('foobar.db', options);

const row = db.prepare('SELECT * FROM users WHERE id = ?').get(userId);
console.log(row.firstName, row.lastName, row.email);

Though not required, it is generally important to set the WAL pragma for performance reasons.

db.pragma('journal_mode = WAL');
In ES6 module notation:
import Database from 'better-sqlite3-multiple-ciphers';
const db = new Database('foobar.db', options);
db.pragma('journal_mode = WAL');

Encryption

A database can be encrypted and decrypted simply using key and rekey PRAGMA statements.

Running this will encrypt the database using the default cipher:

const db = require('better-sqlite3-multiple-ciphers')('foobar.db', options);

db.pragma("rekey='secret-key'");
db.close();

To read an encrypted database (assuming default cipher):

const db = require('better-sqlite3-multiple-ciphers')('foobar.db', options);

db.pragma("key='secret-key'");
const row = db.prepare("SELECT * FROM users WHERE id = ?").get(userId);
console.log(row.firstName, row.lastName, row.email);

To read an encrypted database (legacy SQLCipher) created by tools like DB Browser for SQLite:

const db = require('better-sqlite3-multiple-ciphers')('foobar.db', options);

db.pragma(`cipher='sqlcipher'`)
db.pragma(`legacy=4`)
db.pragma("key='secret-key'");
const row = db.prepare("SELECT * FROM users WHERE id = ?").get(userId);
console.log(row.firstName, row.lastName, row.email);

The same method should be used if you want to create a new encrypted database that can be opened using DB Browser for SQLite.

You can also use key() and rekey() functions for encryption and decryption tasks.

Read more about encryption at SQLite3MultipleCiphers documentation.

Why should I use this instead of node-sqlite3?

  • node-sqlite3 uses asynchronous APIs for tasks that are either CPU-bound or serialized. That's not only bad design, but it wastes tons of resources. It also causes mutex thrashing which has devastating effects on performance.
  • node-sqlite3 exposes low-level (C language) memory management functions. better-sqlite3 does it the JavaScript way, allowing the garbage collector to worry about memory management.
  • better-sqlite3 is simpler to use, and it provides nice utilities for some operations that are very difficult or impossible in node-sqlite3.
  • better-sqlite3 is much faster than node-sqlite3 in most cases, and just as fast in all other cases.
When is this library not appropriate?

In most cases, if you're attempting something that cannot be reasonably accomplished with better-sqlite3, it probably cannot be reasonably accomplished with SQLite3 in general. For example, if you're executing queries that take one second to complete, and you expect to have many concurrent users executing those queries, no amount of asynchronicity will save you from SQLite3's serialized nature. Fortunately, SQLite3 is very very fast. With proper indexing, we've been able to achieve upward of 2000 queries per second with 5-way-joins in a 60 GB database, where each query was handling 5–50 kilobytes of real data.

If you have a performance problem, the most likely causes are inefficient queries, improper indexing, or a lack of WAL mode—not better-sqlite3 itself. However, there are some cases where better-sqlite3 could be inappropriate:

  • If you expect a high volume of concurrent reads each returning many megabytes of data (i.e., videos)
  • If you expect a high volume of concurrent writes (i.e., a social media site)
  • If your database's size is near the terabyte range

For these situations, you should probably use a full-fledged RDBMS such as PostgreSQL.

Documentation

License

MIT

Keywords

FAQs

Package last updated on 30 Sep 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc