Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
While many features are functional, this project is still under active development and is not production ready.
Orma is a light-weight declarative ORM for sql databases.
Orma uses json syntax to represent queries and mutations. Queries are objects specifying which fields to query. Only fields which are requested will be selected. Symbols with a $ are called macros and are used to represent abstractions to the sql AST. Sql keywords can be accessed with the $ prefix and snake case. (eg $group_by, $limit, $where)
Orma performs a single pass toposort to decompose requests into the minimum number of sql queries. Orma will group requests such that they are as parallel as possible while ensuring parents get created before children, so that foreign key references can inserted into children tables.
Key Features
npm i orma // Or yarn add orma
The orma schema contains column and foreign keys which are needed for queries and mutations. Databases can be introspected at runtime or saved as json.
import { orma_introspect } from 'orma'
import mysql from 'mysql2'
// Using a promise pool
const pool = mysql
.createPool({
host: env.host,
port: env.port,
user: env.user,
password: env.password,
database: env.database,
multipleStatements: true
})
.promise()
// Setup a function which given sql strings can return an array of results
const pool_query = async sql_strings => {
const results = await pool
.query(sql_strings.join(';'))
.then(res => (sql_strings.length === 1 ? [res[0]] : res[0]))
return results
}
const orma_schema = await orma_introspect(env.database, pool_query)
In the following scenario, a users table and and an addresses table are present. Each address has a user_id. A nested query would be constructed as follows:
const query = {
users: {
id: true,
first_name: true,
last_name: true,
addresses: {
id: true
}
}
}
const results = await orma_query(query, orma_schema, pool_query)
To inserting and updating records is achieved by providing an array of objects. Nesting will be normalised, upon insertion.
// Another snippet
// How to run a long lived transaction
// How to batch insert nested tables
// How to query for table1 where table2 matches a criteria
// How to query all table1 including table2 when table2 matches a criteria
// How to use any/all for hierarcy queries eg permissions
// How to use $op cascading
FAQs
A declarative relational syncronous orm
The npm package orma receives a total of 74 weekly downloads. As such, orma popularity was classified as not popular.
We found that orma demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.