Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
API-driven framework for building realtime apps, using MVC conventions (based on Express and Socket.io)
Sails.js is a web framework that makes it easy to build custom, enterprise-grade Node.js apps. It is designed to resemble the MVC architecture from frameworks like Ruby on Rails, but with support for the more modern, data-oriented style of web app & API development. It's especially good for building realtime features like chat.
Since version 1.0, Sails supports await
out of the box. This replaces nested callbacks (and the commensurate error handling) with simple, familiar usage:
var orgs = await Organization.find();
# Get the latest stable release of Sails
$ npm install sails -g
Upgrading from an earlier version of Sails?
Upgrade guides for all major releases since 2013 are available on the Sails website under Upgrading.
Create a new app:
# Create the app
sails new my-app
Lift sails:
# cd into the new folder
cd my-app
# fire up the server
sails lift
For the most up-to-date introduction to Sails, get started here.
Sails is built on Node.js, Express, and Socket.io.
Sails actions are compatible with Connect middleware, so in most cases, you can paste code into Sails from an existing Express project and everything will work-- plus you'll be able to use WebSockets to talk to your API, and vice versa.
The ORM, Waterline, has a well-defined adapter system for supporting all kinds of datastores. Officially supported databases include MySQL, PostgreSQL, MongoDB, Redis, and local disk / memory. Community adapters exist for CouchDB, neDB, SQLite, Oracle, MSSQL, DB2, ElasticSearch, Riak, neo4j, OrientDB, Amazon RDS, DynamoDB, Azure Tables, RethinkDB and Solr; for various 3rd-party REST APIs like Quickbooks, Yelp, and Twitter, including a configurable generic REST API adapter; plus some eclectic projects.
For the latest core adapters and notable community adapters, see Available Adapters.
Need help or have a question?
Please read the submission guidelines and code of conduct before opening a new issue. Click here to search/post issues in this repository.
There are many different ways you can contribute to Sails:
Please carefully read our contribution guide and check the build status for the relevant branch before submitting a pull request with code changes.
Sails is actively maintained with the help of many amazing contributors. Our core team consists of:
Mike McNeil | Kelvin Omereshone | Eric Shaw |
Our company designs/builds Node.js websites and apps for startups and enterprise customers. After building a few applications and taking them into production, we realized that the Node.js development landscape was very much still the Wild West. Over time, after trying lots of different methodologies, we decided to crystallize all of our best practices into this framework. Six years later, Sails is now one of the most widely-used web application frameworks in the world. I hope it saves you some time! :)
MIT License Copyright © 2012-present, Mike McNeil
Sails is built around so many great open-source technologies that it would never have crossed our minds to keep it proprietary. We owe huge gratitude and props to Ryan Dahl (@ry), TJ Holowaychuk (@tj), Doug Wilson (@dougwilson) and Guillermo Rauch (@rauchg) for the work they've done, as well as the stewards of all the other open-source modules we use. Sails could never have been developed without your tremendous contributions to the JavaScript community.
FAQs
API-driven framework for building realtime apps, using MVC conventions (based on Express and Socket.io)
We found that sails demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.