Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Cirql (pronounced Circle) is a simple lightweight ORM and query builder for SurrealDB, providing fully type-safe queries and Zod powered parsing & validation. Unlike most query builders, Cirql's flexible nature leaves you with complete control over your queries, while still providing powerful APIs to query your database in a concise manner.
Cirql is still in early developmental stages. While you can use it for production applications, it may still lack specific features and edge cases. Feel free to submit feature requests or pull requests to add additional functionality to Cirql. We do ask you to please read our Contributor Guide.
While we try to prevent making any significant API changes, we cannot guarantee this.
The first step to use Cirql is to install the package from npm, together with a supported version of zod.
npm install cirql zod
You can read our documentation for information on how to use Cirql.
The following query fetches up to 5 organisations that are enabled and have the given user as a member. The result is parsed and validated using the provided Zod schema.
import { RecordSchema, select } from 'cirql';
import { z } from 'zod';
// Define your Zod schemas
const Organisation = RecordSchema.extend({
name: z.string(),
isEnabled: z.boolean(),
createdAt: z.string()
});
// Execute a select query
const organisations = await cirql.execute({
query: select()
.from('organisation')
.with(Organisation) // Specify the schema
.limit(5)
.where({
isEnabled: true,
members: any(userId)
})
});
Visit our Basic Usage guide for more examples.
We welcome any issues and PRs submitted to Cirql. Since we currently work on multiple other projects and our time is limited, we value any community help in supporting a rich future for Cirql.
Before you open an issue or PR please read our Contributor Guide.
You can find the roadmap of intended features here.
The changelog of previous versions can be found here.
To run in live development mode, run pnpm dev
in the project directory. This will start the Vite development server.
Cirql is built and maintained by Starlane Studios at no cost. If you would like to support our work feel free to donate to us ⚡
Cirql is licensed under MIT
Copyright (c) 2023, Starlane Studios
FAQs
Unknown package
The npm package cirql receives a total of 20 weekly downloads. As such, cirql popularity was classified as not popular.
We found that cirql demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.