Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
jsonapi-server
Advanced tools
A config driven NodeJS framework implementing json:api
and GraphQL
. You define the resources, it provides the api.
This framework solves the challenges of json:api and GraphQL without coupling us to any one ORM solution. Every other module out there is either tightly coupled to a database implementation, tracking an old version of the json:api spec, or is merely a helper library for a small feature. If you're building an API and your use case only involves reading and writing to a data store... well count yourself lucky. For everyone else, this framework provides the flexibility to provide a complex API without being confined to any one technology.
A config driven approach to building an API enables:
Ultimately, the only things you as a user of this framework need to care about are:
handler
for:
create
ing a resourcedelete
ing a resourcesearch
ing for many resourcesfind
ing a specific resourceupdate
ing a specific resourceWe've created handler
s to automatically map our config over to database solutions help people get off the ground:
jsonapi-server
and powers the core test suite.jsonapi-server
. More info can be found heresequelize
to support PostgreSQL, MySQL, MSSQL, MariaDB and SQLite.We've also written a library to ease the consumption of a json:api compliant service, if GraphQL isn't your thing:
You can have a complete json:api server providing a photos
resource with just this:
var jsonApi = require("jsonapi-server");
jsonApi.setConfig({
port: 16006,
graphiql: true
});
jsonApi.define({
resource: "photos",
handlers: new jsonApi.MemoryHandler(),
attributes: {
title: jsonApi.Joi.string(),
url: jsonApi.Joi.string().uri(),
height: jsonApi.Joi.number().min(1).max(10000).precision(0),
width: jsonApi.Joi.number().min(1).max(10000).precision(0)
}
});
jsonApi.start();
Your new API will be alive at http://localhost:16006/
and your photos
resources will be at http://localhost:16006/photos
. The GraphiQL interface will be available at http://localhost:16006/
.
Fire up an example json:api
server using the resources mentioned in the official spec via:
$ git clone https://github.com/holidayextras/jsonapi-server.git
$ npm install
$ npm start
then browse to the JSON:API endpoints:
http://localhost:16006/rest/photos
or, for GraphQL:
http://localhost:16006/rest/
the example implementation can be found here
FAQs
A config driven NodeJS framework implementing json:api
The npm package jsonapi-server receives a total of 153 weekly downloads. As such, jsonapi-server popularity was classified as not popular.
We found that jsonapi-server demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.