
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
easiermongo
Advanced tools
For additional information please visit our website
Easiermongo is a simple NodeJS library for begginers with MongoDB. It has a very object-oriented approach which makes your code cleaner and easier to read. The main goals of this library is not 100% cover the MongoDB API but instead cover in the easiest way possible the basics.
npm i easiermongo
Open a connection to your database
const { MongoClient } = require('easiermongo');
const client = new MongoClient({ uri: 'your-uri-here' });
client.on('ready', () => {
console.log(`Connected to ${client.database.name}!`);
});
client.connect();
There are two ways to register a schema, adding them manually or adding them via the file system.
Register manually
const { SchemaBuilder } = require('easiermongo');
const mySchema = new SchemaBuilder()
.addField((field) => field.setName('myField').setType('STRING'))
.addField((field) => field.setName('mySecondField').setType('NUMBER').setDefault(0));
//Register your schema
client.database.schemas.addSchema('mySchemaName', mySchema);
Register vie File System Download this example.
Once connected and your schemas are registered you may start performing actions
const mySchema = client.database.schemas.collection.get('your-schema-name').model;
//You may also get your schema like this: const mySchema = client.database.schemas.SCHEMA_NAME_HERE;
const result = await mySchema.get('some-id');
console.log(result);
Click here to download the first example and click here for the example using the file system.
FAQs
Easily connect & use your mongo database with easiermongo!
We found that easiermongo demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
Application Security
/Research
/Security News
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.