Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
neo4j-bloom
Advanced tools
Neo4j Bloom is a business productivity application for interactive exploration of graph data.
Master | Build | Cross Version Tests |
---|---|---|
npm install -g yarn
yarn
yarn start
and point your web browser to http://localhost:8085
.
The Bloom running locally needs to connect to Neo4j Desktop (where the Neo4j DBMS lives). To do this, start Neo4j Desktop.
Once this is set up, start a DBMS in Desktop - Desktop will expose this active DBMS to the default port bolt://localhost:7687,and Bloom will use that default port for connecting to the instance.
The login credentials on the Bloom page is the same as the login credentials of the DBMS (note - the default username is neo4j
, the password can be reset for that DBMS in Desktop)
Neo4j Aura is the Neo4j database running in the cloud. In order to test Bloom against Aura, perform the following steps:
neo4j-insight/openssl/bloom-fake.neo4j.io.crt
in your system (on Mac, open keychain access, drag and drop the certificate, double click it and choose "Always trust")127.0.0.1 bloom-fake.neo4j.io
to a new lineyarn startSSL
https://bloom-fake.neo4j.io:8085?connectURL=neo4j%2Bs://{aura_dbms_id}.databases.neo4j.io:7687
where 'aura_dbms_id' can be found in the Connection URI in ur newly created Aura database (note: in Chrome, type thisisunsafe
in order to bypass the ssl checks).Peform the same steps as above for installing the certificate and editing the hosts file. Then Bloom can be hosted using serve with the below command:
npx serve -l tcp://bloom-fake.neo4j.io --ssl-cert={path_to_bloom}/neo4j-insight/openssl/bloom-fake.neo4j.io.crt --ssl-key={path_to_bloom}/neo4j-insight/openssl/bloom-fake.neo4j.io.key assets
Please have a look at this doc for setup instructions.
yarn test
to run a single unit test run. A linter will run first.yarn dev
to have continous unit testing on every file change.yarn run e2e {browserNames}
to run end-to-end tests with TestCafe (you can specify the browsers to run in a comma-separated list or type all
. More info is available in the TestCafe documentation and our testcafe README).The logging library loglevel is being applied under the hood, refer to the docs to see for further information or details if required.
To see all logging options, such as setting log levels, printing the logs or downloading log files, open the web browser's console and type bloom_help()
and hit enter. A list of options is presented.
All available levels and loggers are printed when entering
bloom_help()
in the web browser's console.Available loggers: ROOT, NEVADA, DRIVER, SSO, PERF
Available levels: trace, debug, info, warn, error, silent
There are also URL query parameters available to set the log levels of individual or all loggers.
LOGS_LEVEL=<level>
will set the logging level to level
for all loggers<LOGGER>_LEVEL=<level>
will set the logging level to level
for the logger <LOGGER>
Examples:
http://localhost:8085?ROOT_LEVEL=warn
set the logging level warn
for the logger ROOT
(the application logs)
http://localhost:8085?LOGS_LEVEL=debug
set the logging level debug
for the all loggers
http://localhost:8085?LOGS_LEVEL=error&DRIVER_LEVEL=debug&NEVADA_LEVEL=info
set the logging level error
for all loggers yet for the DRIVER
logger the level is set to debug
and for the NEVADA
logger the level is set to info
You are able to download all log files via the Experimental drawer or via a command outlined in bloom_help()
.
Meant for users:
URL query parameter | Example | Description |
---|---|---|
discoveryURL=url | discoveryURL=https://localhost:8083/discovery.json | See Bloom docs |
connectURL=url | connectURL=bolt://localhost:7687 | See Bloom docs |
search=term | search=Tom Hanks | See Bloom docs |
perspective=perspectiveName | perspective=perspective 12 | See Bloom docs |
run=boolean | run=true | See Bloom docs |
sso_redirect=idp_id | sso_redirect=keycloak-oidc | Use for the auto-redirect to a SSO provider login page |
LOGS_LEVEL=level | LOGS_LEVEL=warn | Set the logging level to level for all loggers |
LOGGER _LEVEL=level | DRIVER_LEVEL=debug | Set the logging level to level for the logger LOGGER |
Meant only for developers and application development:
URL query parameter | Example | Description |
---|---|---|
logout_timeout=seconds | logout_timeout=200 | Sets the logout timeout to seconds , meant only for E2E tests |
grid_layout=boolean | grid_layout=true | Sets the visualization layout type to a grid layout, meant only for E2E tests, Default: false |
ntid=uuid | ntid=jdsf-342-sdf-dfsdf | Tracking ID provided by Aura when launching Bloom from within the Aura console |
auth_flow_step=arg | auth_flow_step=redirect_uri | SSO: If the user arrives back to the client application with the URL param auth_flow_step=redirect_uri we know it's time to proceed in the SSO auth process |
idp_id=idp_id | idp_id=keycloak-oidc | SSO: The user should arrive with a URL param named idp_id that we can map to the information in the discovery data to figure out how to proceed |
Download these two chrome extensions:
FAQs
Neo4j Bloom is a business productivity application for interactive exploration of graph data.
The npm package neo4j-bloom receives a total of 815 weekly downloads. As such, neo4j-bloom popularity was classified as not popular.
We found that neo4j-bloom demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.