Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
darksdb-dev
Advanced tools
DarksDB is a simple database using node.js and mysql (v1)/promise-mysql(v2+) that aims to make writing SQL statements easier by providing simple methods like get()
and update()
$ npm i darksdb
// Get the DarkDB class
const { DarkDB } = require("./darkdb.js");
// Create a new database
const db = new DarkDB({
host: "localhost",
port: 3306,
user: "example",
password: "example", // Preferably have this in something like a .env file (for example process.env.db_pass)
database: "example",
table: "example",
});
await db.connect(); // You must call this otherwise an error will be thrown!
Important: You should use promises while using DarksDB (Async/Await)
db.setTable()
: Set a new table
table
db.set()
: Create a new record in the table with predefined values.
keys[]
, and values[]
db.get()
: Fetch the keys from all the records
keys[]
db.getWhere()
: Fetch the keys from all records that meet the where clauses
keys[]
, and where[]
db.getAll()
: Fetch all of the records and fields
db.getAllWhere()
: Fetch all of the records and fields that meet the where clauses
where[]
db.update()
: Update all the records in that table with the new value
keys[]
and values[]
db.updateWhere()
: Update all the records that meet the where clauses
keys[]
, values[]
, and where[]
db.delete()
: Delete all the records that meet the where clauses
where[]
db.deleteAll()
: Delete ALL the records in a table;
db.runStatement()
: Run any SQL statement
statement
db.has()
: Checks how many records there are with the key and value
key
and value
where
To use where
, each "where" of yours needs its own object following this data structure:
{ name: 'WHERENAME', value: 'WHEREVALUE' }
See Examples for more information.
const { DarkDB } = require('darksdb')
const db = new DarkDB({
host : 'localhost'
port : 3306
user : 'example'
password: 'example'
database: 'example'
table : 'example'
});
await db.connect();
await db.set([`one`, `two`, `three`], [1, 2, 3]);
// Add more data to the db
await db.set([`one`, `two`, `three`], [10, 20, 30]);
await db.set([`one`, `two`, `three`], [100, 200, 300]);
// Creates a simple database and makes this database
// one two three
// 1 2 3
// 10 20 30
// 100 200 300
Say you needed to get values:
You can use any one of get()
, getWhere()
, getAll()
, or getAllWhere()
await db.get([`one`]) // => [1, 10, 100];
await db.getWhere([`two`], [{ name: `one`, value: 10 }]) // => [20]
await db.getAll() // => entire database
await db.getAllWhere([{name: `three`, value: 300 }]) => // => [100, 200, 300]
Now what if you changed a value, and it needs to go back into the database. We can use update()
or updateWhere()
await db.update([`one`], [10]); // =>
// one two three
// 10 2 3
// 10 20 30
// 10 200 300
await db.updateWhere([`two`], [2000], [{ name: `three`, value: 3 }]); // =>
// one two three
// 1 2000 3
// 10 20 30
// 100 200 300
Next you decide you need to delete some data. We can use delete()
or deleteAll()
await db.delete([{ name: `two`, value: 20 }]); // =>
// one two three
// 10 2 3
// 10 200 300
await db.deleteAll(); // =>
// one two three
// (No Data)
You can run an arbitrary SQL statement, such as SELECT COUNT(*) FROM numbers WHERE 'one' = 10
by using runStatement()
await db.runStatement(`SELECT COUNT(*) FROM numbers WHERE 'one' = 10`); // => 1
There is also db.has()
, which checks if a record with the specific key and value exists
await db.has(`three`, 30); // => true
Keep in mind, optimally you should use your primary key in has()
, however it is not required
2.1.3:
2.1.2:
2.1.1:
2.1.0:
2.0.5:
1.0.0 - 1.0.3:
FAQs
Lightweight API to use in conjunction with MySQL
The npm package darksdb-dev receives a total of 0 weekly downloads. As such, darksdb-dev popularity was classified as not popular.
We found that darksdb-dev demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.