Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
node-red-node-sqlite
Advanced tools
Readme
A Node-Red node to read and write a local sqlite database.
Run the following command in your Node-RED user directory - typically ~/.node-red
npm i --unsafe-perm node-red-node-sqlite
Notes:
Version 1.x requires nodejs v12 or greater.
The install process requires a compile of native code. This can take 15-20 minutes on devices like a Raspberry Pi - please be prepared to wait a long time. Also if node.js is upgraded at any point you will need to rebuild the native part manually, for example.
cd ~/.node-red npm rebuild
Allows access to a SQLite database.
SQL Query sets how the query is passed to the node.
SQL Query Via msg.topic and Fixed Statement uses the db.all operation against the configured database. This does allow INSERTS, UPDATES and DELETES. By its very nature it is SQL injection... so be careful out there...
SQL Type Prepared Statement also uses db.all but sanitizes parameters passed, eliminating the possibility of SQL injection.
SQL Type Batch without response uses db.exec which runs all SQL statements in the provided string. No result rows are returned.
When using Via msg.topic or Batch without response msg.topic must hold the query for the database.
When using Via msg.topic, parameters can be passed in the query using a msg.payload array. Ex:
msg.topic = `INSERT INTO user_table (name, surname) VALUES ($name, $surname)`
msg.payload = ["John", "Smith"]
return msg;
When using Normal or Prepared Statement, the query must be entered in the node config.
Pass in the parameters as an object in msg.params for Prepared Statement. Ex:
msg.params = {
$id:1,
$name:"John Doe"
}
Parameter object names must match parameters set up in the Prepared Statement. If you get the error SQLITE_RANGE: bind or column index out of range be sure to include $ on the parameter object key. The SQL query for the example above could be: insert into user_table (user_id, user) VALUES ($id, $name);
Using any SQL Query, the result is returned in msg.payload
Typically the returned payload will be an array of the result rows, (or an error).
You can load SQLite extensions by inputting a msg.extension property containing the full path and filename.
The reconnect timeout in milliseconds can be changed by adding a line to settings.js
sqliteReconnectTime: 20000,
FAQs
A sqlite node for Node-RED
The npm package node-red-node-sqlite receives a total of 817 weekly downloads. As such, node-red-node-sqlite popularity was classified as not popular.
We found that node-red-node-sqlite demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.