![Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack](https://cdn.sanity.io/images/cgdhsj6q/production/6af25114feaaac7179b18127c83327568ff592d1-1024x1024.webp?w=800&fit=max&auto=format)
Security News
Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
nukak
Advanced tools
Readme
Learn more of nukak
on its website https://nukak.org
nukak
is a flexible and efficient ORM
, with declarative JSON
syntax and really smart type-safety.
The nukak
queries can be safely written in the frontend (browser/mobile) and sent to the backend; or only use nukak
in the backend, or even in a mobile app with an embedded database (like sqlite
).
JSON
(serializable) syntax for all the queries.TypeScript
to get smart type-safety everywhere.$project
, $filter
, $sort
, $limit
works at multiple levels (including deep relations and their fields).transactions
.connection pooling
.Postgres
, MySQL
, MariaDB
, SQLite
, MongoDB
.nukak
core package:npm install nukak --save
or
yarn add nukak
Database | Package |
---|---|
MySQL | mysql2 |
PostgreSQL | pg |
MariaDB | mariadb |
MongoDB | mongodb |
SQLite | sqlite3 |
E.g. use pg
driver for Postgres
DB
npm install pg --save
or with yarn
yarn add pg
tsconfig.json
may need the following flags:"target": "es2020",
"experimentalDecorators": true,
"emitDecoratorMetadata": true
A default querier-pool can be set in any of the bootstrap files of your app (e.g. in the server.ts
).
import { setQuerierPool } from 'nukak';
import { PgQuerierPool } from 'nukak/postgres';
const querierPool = new PgQuerierPool(
{
host: 'localhost',
user: 'theUser',
password: 'thePassword',
database: 'theDatabase',
},
// a logger can optionally be passed so the SQL queries are logged
console.log
);
setQuerierPool(querierPool);
Take any dump class (aka DTO) and annotate it with the decorators from 'nukak/entity'
.
import { v4 as uuidv4 } from 'uuid';
import { Field, ManyToOne, Id, OneToMany, Entity, OneToOne, ManyToMany } from 'nukak/entity';
@Entity()
export class Profile {
/**
* primary-key.
* the `onInsert` callback can be used to specify a custom mechanism for auto-generating
* the default value of a field when inserting a new record.
*/
@Id({ onInsert: uuidv4 })
id?: string;
@Field()
picture?: string;
/**
* foreign-keys are really simple to specify.
*/
@Field({ reference: () => User })
creatorId?: string;
}
@Entity()
export class User {
@Id({ onInsert: uuidv4 })
id?: string;
@Field()
name?: string;
@Field()
email?: string;
@Field()
password?: string;
/**
* `mappedBy` can be a callback or a string (callback is useful for auto-refactoring).
*/
@OneToOne({ entity: () => Profile, mappedBy: (profile) => profile.creatorId, cascade: true })
profile?: Profile;
}
@Entity()
export class MeasureUnitCategory {
@Id({ onInsert: uuidv4 })
id?: string;
@Field()
name?: string;
@OneToMany({ entity: () => MeasureUnit, mappedBy: (measureUnit) => measureUnit.category })
measureUnits?: MeasureUnit[];
}
@Entity()
export class MeasureUnit {
@Id({ onInsert: uuidv4 })
id?: string;
@Field()
name?: string;
@Field({ reference: () => MeasureUnitCategory })
categoryId?: string;
@ManyToOne({ cascade: 'persist' })
category?: MeasureUnitCategory;
}
import { getQuerier } from 'nukak';
import { Transactional, InjectQuerier } from 'nukak/querier';
import { User } from './shared/models.js';
export class UserService {
@Transactional()
async getUsers(@InjectQuerier() querier?: Querier): Promise<User[]> {
return querier.findMany(User, {
$project: { id: true, email: true, profile: ['picture'] },
$filter: { email: { $iendsWith: '@google.com' } },
$sort: { createdAt: -1 },
$limit: 100,
});
}
}
See more in https://nukak.org :high_brightness:
FAQs
flexible and efficient ORM, with declarative JSON syntax and smart type-safety
The npm package nukak receives a total of 8 weekly downloads. As such, nukak popularity was classified as not popular.
We found that nukak demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.
Security News
A JavaScript library maintainer is under fire after merging a controversial PR to support legacy versions of Node.js.