Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
node-couchdb
Advanced tools
node-couchdb
package provides an easy way to interact with CouchDB using preferred cache layer:
npm install node-couchdb --save
node-couchdb
exports constructor, which accepts one object argument with properties host
(127.0.0.1 by default), port
(5984 by default), protocol
(http by default), cache
(one of plugins, null by default), auth
(object with properties {user, pass}
) and timeout
for all requests (5000 by default). All object fields are optional.
ES Module:
import NodeCouchDb from 'node-couchdb';
Common JS:
const NodeCouchDb = require('node-couchdb');
// node-couchdb instance with default options
const couch = new NodeCouchDb({
auth: {
user: AUTH_USER,
pass: AUTH_PASS
}
});
// node-couchdb instance with Memcached
const MemcacheNode = require('node-couchdb-plugin-memcached');
const couchWithMemcache = new NodeCouchDb({
cache: new MemcacheNode,
auth: {
user: AUTH_USER,
pass: AUTH_PASS
}
});
// node-couchdb instance talking to external service
const couchExternal = new NodeCouchDb({
host: 'couchdb.external.service',
protocol: 'https',
port: 6984,
auth: {
user: AUTH_USER,
pass: AUTH_PASS
}
});
All node-couchdb methods return Promise instances which resolve if everything works as expected and reject with Error instance which usually has code
and body
fields. See package source and tests for more info.
couch.createDatabase(dbName).then(() => {...}, err => {
// request error occured
});
couch.dropDatabase(dbName).then(() => {...}, err => {
// request error occured
});
couch.listDatabases().then(dbs => dbs.map(...), err => {
// request error occured
});
couch.get("databaseName", "some_document_id").then(({data, headers, status}) => {
// data is json response
// headers is an object with all response headers
// status is statusCode number
}, err => {
// either request error occured
// ...or err.code=EDOCMISSING if document is missing
// ...or err.code=EUNKNOWN if statusCode is unexpected
});
const dbName = "database";
const startKey = ["Ann"];
const endKey = ["George"];
const viewUrl = "_design/list/_view/by_firstname";
const queryOptions = {
startkey: startKey,
endkey: endKey
};
couch.get(dbName, viewUrl, queryOptions).then(({data, headers, status}) => {
// data is json response
// headers is an object with all response headers
// status is statusCode number
}, err => {
// either request error occured
// ...or err.code=EDOCMISSING if document is missing
// ...or err.code=EUNKNOWN if statusCode is unexpected
});
const dbName = "database";
const mangoQuery = {
selector: {
firstname: {
$gte: 'Ann',
$lt: 'George'
}
}
};
couch.mango(dbName, mangoQuery).then(({data, headers, status}) => {
// data is json response
// headers is an object with all response headers
// status is statusCode number
}, err => {
// either request error occured
// ...or err.code=EDOCMISSING if document is missing
// ...or err.code=EUNKNOWN if statusCode is unexpected
});
couch.insert("databaseName", {
_id: "document_id",
field: ["sample", "data", true]
}).then(({data, headers, status}) => {
// data is json response
// headers is an object with all response headers
// status is statusCode number
}, err => {
// either request error occured
// ...or err.code=EDOCCONFLICT if document with the same id already exists
});
// note that "doc" must have both "_id" and "_rev" fields
couch.update("databaseName", {
_id: "document_id",
_rev: "1-xxx"
field: "new sample data",
field2: 1
}).then(({data, headers, status}) => {
// data is json response
// headers is an object with all response headers
// status is statusCode number
}, err => {
// either request error occured
// ...or err.code=EFIELDMISSING if either _id or _rev fields are missing
});
couch.insertAttachment("databaseName", "document id", "attachment name", "attachment body", "doc revision").then(({data, headers, status}) => {
// data is json response
// headers is an object with all response headers
// status is statusCode number
}, err => {
// either request error occured
// ...or err.code=EFIELDMISSING if either _id or _rev fields are missing
});
// note that "doc" must have both "_id" and "_rev" fields
couch.update("databaseName", "document id", "attachment name", "doc revision").then(({data, headers, status}) => {
// data is json response
// headers is an object with all response headers
// status is statusCode number
}, err => {
// either request error occured
// ...or err.code=EFIELDMISSING if either _id or _rev fields are missing
});
couch.updateFunction("databaseName", "designDocument", "updateFunction", {optional query string}, "docid").then(({data, headers, status}) => {
// data is json response
// headers is an object with all response headers
// status is statusCode number
}, err => {
// either request error occured
// ...or err.code=EFIELDMISSING if either _id or _rev fields are missing
});
couch.del("databaseName", "some_document_id", "document_revision").then(({data, headers, status}) => {
// data is json response
// headers is an object with all response headers
// status is statusCode number
}, err => {
// either request error occured
// ...or err.code=EDOCMISSING if document does not exist
// ...or err.code=EUNKNOWN if response status code is unexpected
});
// get one unique id
couch.uniqid().then(ids => ids[0]);
// get N unique ids
couch.uniqid(N).then(ids => ids.map(...));
FAQs
ES2015-compatible package to interact with CouchDB
We found that node-couchdb demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.