Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
eriksen
Advanced tools
Readme
Eriksen is a model factory that makes it easy to write model code that retrieves or saves data to multiple, configurable places. It's main job is to Marshal reads & writes to a configurable and swappable backend, allowing for a separation that preserves an interface even when the backend data storage system changes.
npm i eriksen
Eriksen is useful when you're writing code that may change database backends, or if you're currently changing code to move from one backend to another. Since it concerns itself with only the db interactions from your code, it allows your data access code to be more modularized within a codebase. And since Eriksen acts as the coding interface, you should not need to change any other code unless expectations change as db backends switch in or out.
Because Eriksen sits between the code that accesses a backend storage system, this allows for Eriksen to log failures for a non-primary backend in the background.
This example creates two models in different databases and configures eriksen to use cassandra as the primary and dynamodb as the secondary. It calls the getAllOfTheThings method with cassandra as the primary, meaning if the getAllOfTheThings fails in dynamo, it just logs out the errors, does not fail the call. If the primary fails it will throw an error.
// cassandra model
const cassandraMapper = {
getAllOfTheThings: (name) => {
return cassandra.query("SELECT ...");
}
}
// dynamo model
const dynamoMapper = {
getAllOfTheThings: (name) => {
return aws.dynamodb.DocumentClient(...);
}
}
const Eriksen = require('eriksen');
const model = new Eriksen('allThings');
model.addModel('cassandra', cassandraMapper);
model.addModel('dynamodb', dynamoMapper);
model.configure({
primary: cassandraMapper,
secondary: dynamoMapper
});
function retrieveAllOfTheThings(thingName) {
return model.proxy.getAllOfTheThings(name);
}
// calling function that calls the eriksen instance to marshall calls
retrieveAllOfTheThings('allMyThings')
.then((things) => {
console.log('list of my things', things);
})
.catch((err) => {
console.log(`it failed ${err.message}`);
});
FAQs
A model-marshalling library for dual-write/single-read data migrations
We found that eriksen demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.