Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Queueing jobs in Postgres from Node.js like a boss.
async function readme() {
const PgBoss = require('pg-boss');
const boss = new PgBoss('postgres://user:pass@host/database');
boss.on('error', console.error)
await boss.start()
const queue = 'readme-queue'
await boss.createQueue(queue)
const id = await boss.send(queue, { arg1: 'read me' })
console.log(`created job ${id} in queue ${queue}`)
await boss.work(queue, async ([ job ]) => {
console.log(`received job ${job.id} with data ${JSON.stringify(job.data)}`)
})
}
readme()
.catch(err => {
console.log(err)
process.exit(1)
})
pg-boss is a job queue built in Node.js on top of PostgreSQL in order to provide background processing and reliable asynchronous execution to Node.js applications.
pg-boss relies on SKIP LOCKED, a feature built specifically for message queues to resolve record locking challenges inherent with relational databases. This provides exactly-once delivery and the safety of guaranteed atomic commits to asynchronous job processing.
This will likely cater the most to teams already familiar with the simplicity of relational database semantics and operations (SQL, querying, and backups). It will be especially useful to those already relying on PostgreSQL that want to limit how many systems are required to monitor and support in their architecture.
# npm
npm install pg-boss
# yarn
yarn add pg-boss
To setup a development environment for this library:
git clone https://github.com/timgit/pg-boss.git
npm install
To run the test suite, linter and code coverage:
npm run cover
The test suite will try and create a new database named pgboss. The config.json file has the default credentials to connect to postgres.
FAQs
Queueing jobs in Postgres from Node.js like a boss
The npm package pg-boss receives a total of 33,122 weekly downloads. As such, pg-boss popularity was classified as popular.
We found that pg-boss demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.