Azure Cosmos DB Service Node.js SDK for SQL API. 

Azure Cosmos DB Service Node.js SDK for SQL API

christopheranderson

windowsazure

documentdb

Error

Ignore

Warn

License

Maintenance

Miscellaneous

Quality

Supply chain risk

Vulnerability

Admins only

Organization members

Dashboard

<upgradeLink>Upgrade</upgradeLink> to access this feature

About

Blog

Socket CLI

Customers

Socket Dependency Search

Docs

Socket for GitHub

Love

Impersonation Mode Active

Update your browser to the latest version for the best experience.

Your web browser is outdated

Use another browser for the best experience.

Your web browser is unsupported

{{count, number}} commits last two months

{{count, number}} critical severity alert

{{count, number}} critical severity alerts

{{count, number}} dependency vulnerability

{{count, number}} dependency vulnerabilities

{{count, number}} development dependencies

{{count, number}} transitive dependencies

{{count, number}} version published last month

{{count, number}} versions published last month

{{count, number}} version published in last two months

{{count, number}} versions published in last two months

{{count, number}} version published last week

{{count, number}} versions published last week

{{count, number}} version published last year

{{count, number}} versions published last year

Socket undergoes annual SOC2 Type II audits. Socket customers can request a copy of the full SOC2 Type II report.

Allows organization owners and admins to access detailed records of actions taken by members of their organization, complete with timestamps.

Prevent compromised packages from infiltrating your supply chain by monitoring for changes in real-time.

Join our Discord community to get help from Socket engineers and other Socket users.

Compare millions of open source packages on socket.dev

Detect malicious code and risky behavior (e.g. network) in your dependencies using "deep package inspection"

All data is encrypted in transit and at rest using industry standard encryption algorithms.

Get a dedicated Socket account manager and access to Socket’s Customer Success team.

Get dedicated support from Socket engineers via email and Slack.

"Shift left" with the Socket Chrome extension and give intervene early, before developers choose risky or low quality dependencies.

Catch developers using risky dependencies and give them a "speed bump" to encourage good behavior

Install the Socket GitHub app to receive real-time dependency scanning and reports with every pull request.

Integrate Socket into your GitHub SCM to prevent risky dependencies from being installed.

Socket scans for vulnerabilities in your dependencies, including CVEs, security advisories, and more.

Socket supports dependencies in many languages, with most popular ecosystems coming in 2024. We've got you covered no matter what languages you use.

Enforce license policies across your organization

Receive a Microsoft Teams message to the channel of your choice anytime Socket runs a new analysis, has a new finding, or a policy has changed.

Get help migrating from Socket's free plan to Socket's paid plans.

Run Socket on-premises or in your own cloud environment.

Query for any dependency (at any version) across your entire organization

Integrate Socket into your CI/CD pipeline to prevent risky dependencies from being deployed to production.

Analyze an entire project to find supply chain risks

Tag projects to organize and filter your projects

Restrict access based on the roles of individual users within an organization.

Receive a Slack message to the channel of your choice anytime Socket runs a new analysis, has a new finding, or a policy has changed.

Socket is SOC2 Type II compliant and undergoes annual audits.

The Socket CLI allows teams to prevent risky dependencies from being installed, and to get dependency insights from the command line.

Socket supports SAML SSO for single sign-on and identity management.

Integrate Socket into your VS Code IDE to prevent risky dependencies from being installed.

Get a POST request anytime Socket runs a new analysis, has a new finding, or a policy has changed.

Socket will analyzed your SBOMs up to a maximum number of dependencies.

API that allows you to analyze a project, lookup package scores and alerts, and more.

Create API tokens to authenticate with the Socket API and CLI.

The number of developers in your team. A developer is someone who made a commit to your organization's repositories scanned by Socket in the past month.

Use Socket to protect your private repositories.

Socket is always free for open source projects.

Socket retains all reporting data for 3 months, 1 year, or a custom term of your choice.

Access the threat feed that powers Socket.

Unlimited scale, self-hosting, and priority support for large teams.

For open-source projects, individuals, and small teams.

For growing teams with enhanced scale, security, and support.

There is a package with a similar name that is downloaded much more often.

There are packages with similar names that are downloaded much more often.

This may not be the package you want!

Instance

Alert Locations

Package

The {{ecosystem}} package {{- packageName}} receives a total of <strong>{{numWeeklyDownloadCount, number}}</strong> weekly downloads. As such, {{- packageName}} popularity was classified as <strong>{{popularity}}</strong>.

Is {{- packageName}} popular?

Is {{- packageName}} safe to use?

Is {{- packageName}} well maintained?

What is {{- packageName}}?

{{packageDescription}}Version: {{versionString}} was published by {{publisherName}}. Start using Socket to analyze {{- packageName}} and its {{dependencyCount, number}} dependencies to secure your app from supply chain attacks.

Sorry, it seems this package was removed from the registry

Package was removed

This package version has been unpublished, mostly likely due to security reasons

Package version was removed

Provide a detailed description of the malware...

Socket fights vulnerabilities and provides visibility, defense-in-depth, and proactive supply chain protection for JavaScript, Python, and Go dependencies.

Socket - Secure your dependencies. Ship with confidence.

Compare versions

{{- packageName}} - npm Package Compare versions

- Bug with undefined variable during partition key refresh

- Adds additional logging and hardening. This includes additional error/warn/info logs which have information about the https.agent state + all errors are now logged

- Adds a separate watchdog timeout on https requests to handle cases where https.request/socket timeouts themselves get bogged down. This time produces a scary looking error as you'll only see it when running under too much load for a given client/app.

- Adds `isTimedout` and `duration` to error messages that come from request pipeline. These indicate whether a timeout occurred for the error and what the duration of the request is as measure from the creation of the request callback itself (not based on socket time/etc.)

- Fixes cross partition aggregate support

- Fixes some cases where cross partition query silently failed

- Added endpoint retry on ECONNREFUSED errors to help with failover

- Added support for default retries on connection issues.

- Added support to read collection change feed.

- Fixed session consistency bug that intermittently caused "read session not available".

- Modified http Agent's maximum number of connections.

- Updated documentation to use Azure Cosmos DB.

- Added Support for proxyUrl setting in ConnectionPolicy.

- Minor fix for case sensitive file systems.

- This SDK version requires the latest version of Azure Cosmos DB Emulator available for download from https://aka.ms/cosmosdb-emulator.

- Adds supports for resource link with leading and trailing slashes (and corresponding tests).

- Fixed bug in executeStoredProcedure where documents involved had special unicode characters (LS, PS).

- Fixed bug in handling documents with unicode characters in partition key.

- Fixed support for creating collection with name media (github #114).

- Fixed support for permission authorization token (github #178).

- Added support for Request Unit per Minute (RU/m) feature.

- Added support for a new consistency level called ConsistentPrefix.

- Fixed the unicode support bug (github #171)

- Added the support for aggregation queries (COUNT, MIN, MAX, SUM, and AVG).

- Added the option for controlling degree of parallelism for cross partition queries.

- Added the option for disabling SSL verification when running against Emulator.

- Lowered minimum throughput on partitioned collections from 10,100 RU/s to 2500 RU/s.

- Fixed the continuation token bug for single partition collection (github #107).

- Fixed the executeStoredProcedure bug in handling 0 as single param (github #155).

- Fixed user-agent header to include the SDK version.

- Disabling SSL verification when using the SDK to target the emulator(hostname=localhost).

- Added support for enabling script logging during stored procedure execution.

- Added support for cross partition parallel queries.

- Added support for TOP/ORDER BY queries for partitioned collections.

- Added retry policy support for throttled requests. (Throttled requests receive a request rate too large exception, error code 429.)

  By default, DocumentClient retries nine times for each request when error code 429 is encountered, honoring the retryAfter time in the response header.

  A fixed retry interval time can now be set as part of the RetryOptions property on the ConnectionPolicy object if you want to ignore the retryAfter time returned by server between the retries.

  DocumentClient now waits for a maximum of 30 seconds for each request that is being throttled (irrespective of retry count) and returns the response with error code 429.

  This time can also be overriden in the RetryOptions property on ConnectionPolicy object.

- DocumentClient now returns x-ms-throttle-retry-count and x-ms-throttle-retry-wait-time-ms as the response headers in every request to denote the throttle retry count and the cummulative time the request waited between the retries.

- The RetryOptions class was added, exposing the RetryOptions property on the ConnectionPolicy class that can be used to override some of the default retry options.

- Added the support for geo-replicated database accounts.

- Added the support for TimeToLive(TTL) feature for documents.

Permission is hereby granted, free of charge, to any person obtaining a copy

of this software and associated documentation files (the "Software"), to deal

in the Software without restriction, including without limitation the rights

to use, copy, modify, merge, publish, distribute, sublicense, and/or sell

copies of the Software, and to permit persons to whom the Software is

furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all

copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR

IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,

FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE

AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER

LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,

OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE

        Javascript: "application/x-javascript",

        OctetStream: "application/octet-stream",

        QueryJson: "application/query+json",

        ContentEncoding: "Content-Encoding",

        IfModifiedSince: "If-Modified-Since",

        AcceptEncoding: "Accept-Encoding",

        TransferEncoding: "Transfer-Encoding",

        ContentLanguage: "Content-Language",

        ContentLocation: "Content-Location",

        AcceptLanguage: "Accept-Language",

        IfUnmodifiedSince: "If-Unmodified-Since",

        ProxyAuthorization: "Proxy-Authorization",

        ProxyAuthenticate: "Proxy-Authenticate",

        WwwAuthenticate: "Www-Authenticate",

        AccessControlAllowOrigin: "Access-Control-Allow-Origin",

        AccessControlAllowHeaders: "Access-Control-Allow-Headers",

        KeyValueEncodingFormat: "application/x-www-form-urlencoded",

        WrapAssertionFormat: "wrap_assertion_format",

        DefaultVirtualNodesPerCollection: 128

        TrimLeftSlashes: new RegExp("^[/]+"),

        TrimRightSlashes: new RegExp("[/]+$"),

        IllegalResourceIdCharacters: new RegExp("[/\\\\?#]")

        PermissionsPathSegment: "permissions",

        StoredProceduresPathSegment: "sprocs",

        UserDefinedFunctionsPathSegment: "udfs",

        ConflictsPathSegment: "conflicts",

        AttachmentsPathSegment: "attachments",

        PartitionKeyRangesPathSegment: "pkranges",

        DatabaseAccountPathSegment: "databaseaccount"

    , Constants = require("../constants")

    , PriorityQueue = require("priorityqueuejs")

    , SmartRoutingMapProvider = require("../routing/smartRoutingMapProvider")

    , InMemoryCollectionRoutingMap = require("../routing/inMemoryCollectionRoutingMap")

    , DocumentProducer = require("./documentProducer")

    , PartitionedQueryExecutionContextInfoParser = require("./partitionedQueryExecutionContextInfoParser")

    , bs = require("binary-search-bounds")

		@@ -0,1 +1,4 @@
		## Changes in 1.15.3
		- Bug with undefined variable during partition key refresh

		## Changes in 1.15.2
		@@ -2,0 +5,0 @@ - Adds additional logging and hardening. This includes additional error/warn/info logs which have information about the https.agent state + all errors are now logged

		@@ -193,3 +193,3 @@ /*
		SDKName: "documentdb-nodejs-sdk",
		SDKVersion: "1.15.2",
		SDKVersion: "1.15.3",

		@@ -196,0 +196,0 @@ DefaultPrecisions: {

		@@ -99,3 +99,3 @@ /*
		// release the lock
		log.debug("[_onTargetPartitionRanges] semaphore released. Count before release: %d", sem.queue.length);
		log.debug("[_onTargetPartitionRanges] semaphore released. Count before release: %d", that.sem.queue.length);
		that.sem.leave();
		@@ -102,0 +102,0 @@ return;

		@@ -14,3 +14,3 @@ {
		],
		"version": "1.15.2",
		"version": "1.15.3",
		"author": "Microsoft Corporation",
		@@ -17,0 +17,0 @@ "main": "./index.js",

New alerts

Fixed alerts

Improved metrics