Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
WARNING: This is work in progress. The APIs will remain in flux until 1.0.0. Suggestions welcome!
Want to learn more? Check out our homepage at pgre.st and the wiki.
PostgreSQL 9.0 is required; we recommend using 9.2 or later.
You need to install the plv8js
extension for PostgreSQL. If you're on OS X, Postgres.app comes with it pre-installed. Otherwise, see Installation for details.
Once the extension is installed, simply use npm
to install pgrest:
% npm i -g pgrest
When installing from git checkout, make sure you do npm i
before npm i -g .
% psql test
test=# CREATE TABLE foo (id int, info json);
CREATE TABLE
test=# INSERT INTO foo VALUES (1, '{"f1":1,"f2":true,"f3":"Hi I''m \"Daisy\""}');
INSERT 0 1
% pgrest --db test
Serving `test` on http://127.0.0.1:3000/collections
You can now access foo content at http://127.0.0.1:3000/collections/foo
curl http://127.0.0.1:3000/collections/foo?q={"id":1}
The parameter is similar to MongoLab's REST API for listing documents.
echo '{"id": 5,"info": {"counter":5} }' | curl -D - -H 'Content-Type: application/json' -X POST -d @- http://localhost:3000/collections/foo
createdb test
export TESTDBUSERNAME=postgres # optional
export TESTDBNAME=test
npm i
npm run test
In addition to the bundled pgrest
frontend, you can also use the following frontend:
ngx_postgres
(experimental)FAQs
enable REST in postgres
The npm package pgrest receives a total of 0 weekly downloads. As such, pgrest popularity was classified as not popular.
We found that pgrest demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.