Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Fast & simple storage - a Node.js-style LevelDB wrapper (a convenience package bundling LevelUP & LevelDOWN)
The 'level' npm package is a fast and simple key-value storage library for Node.js. It provides a persistent storage solution that is easy to use and integrates well with other Node.js modules. It is built on top of LevelDB, a fast key-value storage library developed by Google.
Basic CRUD Operations
This feature allows you to perform basic Create, Read, Update, and Delete (CRUD) operations on the database. The code sample demonstrates how to put a key-value pair, retrieve a value by key, and delete a key-value pair.
const level = require('level');
const db = level('./mydb');
// Put a key-value pair
await db.put('name', 'Alice');
// Get a value by key
const value = await db.get('name');
console.log(value); // 'Alice'
// Delete a key-value pair
await db.del('name');
Batch Operations
Batch operations allow you to perform multiple operations in a single atomic action. The code sample demonstrates how to use the batch method to put and delete multiple key-value pairs in one go.
const level = require('level');
const db = level('./mydb');
// Perform batch operations
await db.batch()
.put('name', 'Alice')
.put('age', 30)
.del('name')
.write();
Streams
Streams provide a way to read and write data in a continuous flow. The code sample demonstrates how to create a read stream to iterate over all key-value pairs in the database.
const level = require('level');
const db = level('./mydb');
// Create a read stream
const stream = db.createReadStream();
stream.on('data', ({ key, value }) => {
console.log(`${key} = ${value}`);
});
NeDB is a lightweight, in-memory database that provides a MongoDB-like API. It is suitable for small projects and can be used as an embedded database. Unlike Level, NeDB stores data in memory by default, which can be less performant for large datasets.
SQLite3 is a self-contained, serverless, and zero-configuration SQL database engine. It is more feature-rich compared to Level, offering SQL query capabilities. However, it may be overkill for simple key-value storage needs.
PouchDB is an open-source JavaScript database inspired by CouchDB. It is designed to run in the browser and Node.js, providing a NoSQL database solution. PouchDB offers more advanced features like synchronization with CouchDB, which Level does not provide.
Fast & simple storage. A Node.js-style
LevelDB
wrapper.
A convenience package that:
levelup instance
when invokedlevelup
and leveldown
encoding-down
Use this package to avoid having to explicitly install leveldown
when you just want plain old LevelDB
from levelup
.
Note that level
only supports Node.js. There is ongoing work to make it work in both Node.js and in the browser. In the meantime, we suggest you to use level-browserify
.
If you are upgrading: please see UPGRADING.md
.
var level = require('level')
// 1) Create our database, supply location and options.
// This will create or open the underlying LevelDB store.
var db = level('./mydb')
// 2) Put a key & value
db.put('name', 'Level', function (err) {
if (err) return console.log('Ooops!', err) // some kind of I/O error
// 3) Fetch by key
db.get('name', function (err, value) {
if (err) return console.log('Ooops!', err) // likely the key was not found
// Ta da!
console.log('name=' + value)
})
})
level()
db.open()
db.close()
db.put()
db.get()
db.del()
db.batch()
(array form)db.batch()
(chained form)db.isOpen()
db.isClosed()
db.createReadStream()
db.createKeyStream()
db.createValueStream()
See levelup
and leveldown
for more details.
const db = level(location[, options[, callback]])
The main entry point for creating a new levelup
instance.
location
path to the underlying LevelDB
.options
is passed on to the underlying store.options.keyEncoding
and options.valueEncoding
are passed to encoding-down
, default encoding is 'utf8'
Calling level('./db')
will also open the underlying store. This is an asynchronous operation which will trigger your callback if you provide one. The callback should take the form function (err, db) {}
where db
is the levelup
instance. If you don't provide a callback, any read & write operations are simply queued internally until the store is fully opened.
This leads to two alternative ways of managing a levelup
instance:
level(location, options, function (err, db) {
if (err) throw err
db.get('foo', function (err, value) {
if (err) return console.log('foo does not exist')
console.log('got foo =', value)
})
})
Versus the equivalent:
// Will throw if an error occurs
const db = level(location, options)
db.get('foo', function (err, value) {
if (err) return console.log('foo does not exist')
console.log('got foo =', value)
})
The constructor function has a .errors
property which provides access to the different error types from level-errors
. See example below on how to use it:
level('./db', { createIfMissing: false }, function (err, db) {
if (err instanceof level.errors.OpenError) {
console.log('failed to open database')
}
})
db.open([callback])
Opens the underlying store. In general you should never need to call this method directly as it's automatically called by levelup()
.
However, it is possible to reopen the store after it has been closed with close()
, although this is not generally advised.
If no callback is passed, a promise is returned.
db.close([callback])
close()
closes the underlying store. The callback will receive any error encountered during closing as the first argument.
You should always clean up your levelup
instance by calling close()
when you no longer need it to free up resources. A store cannot be opened by multiple instances of levelup
simultaneously.
If no callback is passed, a promise is returned.
db.put(key, value[, options][, callback])
put()
is the primary method for inserting data into the store. Both key
and value
can be of any type as far as levelup
is concerned.
options
is passed on to the underlying store.
If no callback is passed, a promise is returned.
db.get(key[, options][, callback])
get()
is the primary method for fetching data from the store. The key
can be of any type. If it doesn't exist in the store then the callback or promise will receive an error. A not-found err object will be of type 'NotFoundError'
so you can err.type == 'NotFoundError'
or you can perform a truthy test on the property err.notFound
.
db.get('foo', function (err, value) {
if (err) {
if (err.notFound) {
// handle a 'NotFoundError' here
return
}
// I/O or other error, pass it up the callback chain
return callback(err)
}
// .. handle `value` here
})
options
is passed on to the underlying store.
If no callback is passed, a promise is returned.
db.del(key[, options][, callback])
del()
is the primary method for removing data from the store.
db.del('foo', function (err) {
if (err)
// handle I/O or other error
});
options
is passed on to the underlying store.
If no callback is passed, a promise is returned.
db.batch(array[, options][, callback])
(array form)batch()
can be used for very fast bulk-write operations (both put and delete). The array
argument should contain a list of operations to be executed sequentially, although as a whole they are performed as an atomic operation inside the underlying store.
Each operation is contained in an object having the following properties: type
, key
, value
, where the type is either 'put'
or 'del'
. In the case of 'del'
the value
property is ignored. Any entries with a key
of null
or undefined
will cause an error to be returned on the callback
and any type: 'put'
entry with a value
of null
or undefined
will return an error.
If key
and value
are defined but type
is not, it will default to 'put'
.
const ops = [
{ type: 'del', key: 'father' },
{ type: 'put', key: 'name', value: 'Yuri Irsenovich Kim' },
{ type: 'put', key: 'dob', value: '16 February 1941' },
{ type: 'put', key: 'spouse', value: 'Kim Young-sook' },
{ type: 'put', key: 'occupation', value: 'Clown' }
]
db.batch(ops, function (err) {
if (err) return console.log('Ooops!', err)
console.log('Great success dear leader!')
})
options
is passed on to the underlying store.
If no callback is passed, a promise is returned.
db.batch()
(chained form)batch()
, when called with no arguments will return a Batch
object which can be used to build, and eventually commit, an atomic batch operation. Depending on how it's used, it is possible to obtain greater performance when using the chained form of batch()
over the array form.
db.batch()
.del('father')
.put('name', 'Yuri Irsenovich Kim')
.put('dob', '16 February 1941')
.put('spouse', 'Kim Young-sook')
.put('occupation', 'Clown')
.write(function () { console.log('Done!') })
batch.put(key, value)
Queue a put operation on the current batch, not committed until a write()
is called on the batch.
This method may throw
a WriteError
if there is a problem with your put (such as the value
being null
or undefined
).
batch.del(key)
Queue a del operation on the current batch, not committed until a write()
is called on the batch.
This method may throw
a WriteError
if there is a problem with your delete.
batch.clear()
Clear all queued operations on the current batch, any previous operations will be discarded.
batch.length
The number of queued operations on the current batch.
batch.write([callback])
Commit the queued operations for this batch. All operations not cleared will be written to the underlying store atomically, that is, they will either all succeed or fail with no partial commits.
If no callback is passed, a promise is returned.
db.isOpen()
A levelup
instance can be in one of the following states:
isOpen()
will return true
only when the state is "open".
db.isClosed()
See isOpen()
isClosed()
will return true
only when the state is "closing" or "closed", it can be useful for determining if read and write operations are permissible.
db.createReadStream([options])
Returns a Readable Stream of key-value pairs. A pair is an object with key
and value
properties. By default it will stream all entries in the underlying store from start to end. Use the options described below to control the range, direction and results.
db.createReadStream()
.on('data', function (data) {
console.log(data.key, '=', data.value)
})
.on('error', function (err) {
console.log('Oh my!', err)
})
.on('close', function () {
console.log('Stream closed')
})
.on('end', function () {
console.log('Stream ended')
})
You can supply an options object as the first parameter to createReadStream()
with the following properties:
gt
(greater than), gte
(greater than or equal) define the lower bound of the range to be streamed. Only entries where the key is greater than (or equal to) this option will be included in the range. When reverse=true
the order will be reversed, but the entries streamed will be the same.
lt
(less than), lte
(less than or equal) define the higher bound of the range to be streamed. Only entries where the key is less than (or equal to) this option will be included in the range. When reverse=true
the order will be reversed, but the entries streamed will be the same.
reverse
(boolean, default: false
): stream entries in reverse order. Beware that due to the way that stores like LevelDB work, a reverse seek can be slower than a forward seek.
limit
(number, default: -1
): limit the number of entries collected by this stream. This number represents a maximum number of entries and may not be reached if you get to the end of the range first. A value of -1
means there is no limit. When reverse=true
the entries with the highest keys will be returned instead of the lowest keys.
keys
(boolean, default: true
): whether the results should contain keys. If set to true
and values
set to false
then results will simply be keys, rather than objects with a key
property. Used internally by the createKeyStream()
method.
values
(boolean, default: true
): whether the results should contain values. If set to true
and keys
set to false
then results will simply be values, rather than objects with a value
property. Used internally by the createValueStream()
method.
Legacy options:
start
: instead use gte
end
: instead use lte
db.createKeyStream([options])
Returns a Readable Stream of keys rather than key-value pairs. Use the same options as described for createReadStream
to control the range and direction.
You can also obtain this stream by passing an options object to createReadStream()
with keys
set to true
and values
set to false
. The result is equivalent; both streams operate in object mode.
db.createKeyStream()
.on('data', function (data) {
console.log('key=', data)
})
// same as:
db.createReadStream({ keys: true, values: false })
.on('data', function (data) {
console.log('key=', data)
})
db.createValueStream([options])
Returns a Readable Stream of values rather than key-value pairs. Use the same options as described for createReadStream
to control the range and direction.
You can also obtain this stream by passing an options object to createReadStream()
with values
set to true
and keys
set to false
. The result is equivalent; both streams operate in object mode.
db.createValueStream()
.on('data', function (data) {
console.log('value=', data)
})
// same as:
db.createReadStream({ keys: false, values: true })
.on('data', function (data) {
console.log('value=', data)
})
level
ships with native Promise
support out of the box.
Each function taking a callback also can be used as a promise, if the callback is omitted. This applies for:
db.get(key[, options])
db.put(key, value[, options])
db.del(key[, options])
db.batch(ops[, options])
db.batch().write()
The only exception is the level
constructor itself, which if no callback is passed will lazily open the underlying store in the background.
Example:
const db = level('./my-db')
db.put('foo', 'bar')
.then(function () { return db.get('foo') })
.then(function (value) { console.log(value) })
.catch(function (err) { console.error(err) })
Or using async/await
:
const main = async () => {
const db = level('./my-db')
await db.put('foo', 'bar')
console.log(await db.get('foo'))
}
levelup
is an EventEmitter
and emits the following events.
Event | Description | Arguments |
---|---|---|
put | Key has been updated | key, value (any) |
del | Key has been deleted | key (any) |
batch | Batch has executed | operations (array) |
opening | Underlying store is opening | - |
open | Store has opened | - |
ready | Alias of open | - |
closing | Store is closing | - |
closed | Store has closed. | - |
For example you can do:
db.on('put', function (key, value) {
console.log('inserted', { key, value })
})
level
is an OPEN Open Source Project. This means that:
Individuals making significant and valuable contributions are given commit-access to the project to contribute as they see fit. This project is more like an open wiki than a standard guarded open source project.
See the CONTRIBUTING.md
file for more details.
This project exists thanks to all the people who contribute. Contribute.
Thank you to all our backers! 🙏 Become a backer
Support this project by becoming a sponsor. Your logo will show up here with a link to your website.
Copyright (c) 2012-2018 level
contributors.
level
is licensed under the MIT license. All rights not explicitly granted in the MIT license are reserved. See the included LICENSE.md
file for more details.
[3.0.1] - 2018-05-05
standard
to ^11.0.0
(@ralphtheninja)FAQs
Universal abstract-level database for Node.js and browsers
The npm package level receives a total of 522,673 weekly downloads. As such, level popularity was classified as popular.
We found that level demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.