![Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack](https://cdn.sanity.io/images/cgdhsj6q/production/6af25114feaaac7179b18127c83327568ff592d1-1024x1024.webp?w=800&fit=max&auto=format)
Security News
Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
database-js-sqlparser
Advanced tools
Readme
Common functionality for database-js drivers that operate on non-database backends
Database-js-sqlparser is a database-js driver that parses SQL statements and passes requests and commands to an underlying class which does the storage mechanism interaction. On its own it accomplishes nothing.
The sql parser supports the following SQL:
CREATE TABLE <table_name>(<column_name> <column_type>,...)
Where the column type can be one of:
DROP TABLE <table_name>
SELECT [
*,
<column_name>[AS <column_label>],
SUM|COUNT(<column_name)[AS <aggregate_label>]
] FROM <table_name>
[[INNER,LEFT,RIGHT] JOIN <table_name> ON <join_condition>]
[GROUP BY <column_name>]
[WHERE <where_condition>]
[ORDER BY <column_name>]
[LIMIT [row_offset,]<number_of_rows>]
Inner, left and right joins are supported. Full or outer joins are not supported.
Sum and count are currently supported. Sum will not fail on non-numeric columns, but the return is undefined.
INSERT INTO <table_name>(<column1>,<column2>,...) VALUES(<value1>,<value2>,...)
It's best to use paramaterized SQL:
INSERT INTO <table_name>(<column1>,<column2>,...) VALUES(?,?,...)
UPDATE <table_name> SET <column1> = <value1>, <column2> = <value2>,...
[WHERE <where_condition>]
Using parameterized SQL:
UPDATE <table_name> SET <column1> = ?, <column2> = ?,...
[WHERE <where_condition>]
DELETE FROM <table_name> [WHERE <where_condition>]
A class extending the database-js-sqlparser class needs to override seven methods. Each method needs to return a Promise to allow for asynchronous implementations.
Indicates that the underlying storage mechanism is loaded and ready to receive reads and writes.
To implement an always ready driver, use the following signature:
ready() {
return Promise.resolve(true);
}
Allows the underlying storage mechanism to close if necessary.
Loads the rows from for a given table from the underlying storage and returns them via the Promise.
The resolved value of the Promise needs to be an array of table rows, where each row is a JSON like object with the column names as keys for the row values:
[
{
"id": 1,
"name": "Me",
"age": 32
},
{
"id": 2,
"name": "You",
"age": 27
}
]
Updates or inserts a row into the underlying storage system. If index is a string of number, then the action is an update, if index is null or undefined this is an insert. Resolves the promise with the updated or inserted index.
Removes a row from the underlying storage system. Resolves the promise with the index that was removed.
Creates a new table according to the passed definition, resolves with true if successful.
The column definition is as follows:
{
"name": string, // The column name
"index": number, // The column index, can be ignored
"type": "string"|"integer"|"float"|"date",
"length"?: number, // For VARCHAR(n) or CHARACTER(n) the string length limit
"pad"?: " ", // For CHARACTER(n) the string to pad short strings with
}
Drops the table from the underlying storage system. The user will expect the table data to be removed as well.
FAQs
Common functionality for database-js drivers that operate on non-database backends
The npm package database-js-sqlparser receives a total of 2 weekly downloads. As such, database-js-sqlparser popularity was classified as not popular.
We found that database-js-sqlparser demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.
Security News
A JavaScript library maintainer is under fire after merging a controversial PR to support legacy versions of Node.js.