Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
sequelastic
Advanced tools
:warning: this only works with sequelize-typescript@2.x.x, in order to use this package with sequelize-typescript@1.x.x run:
npm install sequelastic@0.0.7
in order to install sequelastic on your project just run:
npm install sequelastic
first of all import and instantiate the utility:
import Sequelastic from "sequelastic";
import { model1, model2 } from "./sequelize-typescript-models";
const sequelastic = new Sequelastic({
node: "https://elastiSearchSevice.example:9200",
models: [model1, model2],
});
then sync your database with the elasticSearch service:
sequelastic
.sync()
.then((success) => {
if (success) {
console.log("Database synced correctly");
} else {
console.log("Something went wrong");
}
})
.catch((err) => {
console.error(err);
});
now you are ready to search whatever you want with sequelastic:
sequelastic
.search("foo", "bar", { fuzzy: true, fuzziness: "AUTO" })
.then((results) => {
console.log(results);
})
.catch((err) => {
console.error(err);
});
create new Sequelastic instance
new Sequelastic(config: SequelasticContructorProps) => Sequelastic
property | type | description | default |
---|---|---|---|
config | SequelasticConstructorProps | config object | none |
Sync SQL database
this function will sync your database with the elasticSearch service using the following method:
sequelastic.sync() => Promise<boolean>
property | type | description | default |
---|---|---|---|
options | SequelasticSyncOptions | config object | none |
Search in indices something
this function will search in elasticSearch using the search type query_string
sequelastic.search(query: string, index: string, options:SequelasticSearchOptions) => Promise<[{[key: string]: any}]> // options.wholeResponse = false
sequelastic.search(query: string, index:string, options: SequelizeSearchOptions) => Promise<elasticSearch.ApiResponse<Record<string, any>, Record<string, unknown>>> // options.wholeResponse = true
property | type | description | default |
---|---|---|---|
query | string | the elasticSearch query string | none |
index | string | the index where search for something | "*" |
options | SequelasticSearchOptions | search options | undefined |
use a custom body for the elasticSearch _search
sequelastic.customSearch(params: elasticSearch.RequestParams.Search) => Promise<
elasticSearch.ApiResponse<Record<string, any>, Record<string, unknown>>
>
property | type | description | default |
---|---|---|---|
params | elasicSearch.RequestParams.Search | the custom search parameter | none |
Make a search on different indices with a single request
this function makes a multiple search on elasticSearch adding using the same query, you can choose, for each index, the fuzziness and the pagination
sequelastic.searchInIndices(query: string, options: SequelasticMultipleSearchOptions) => Promise<
elasticSearch.ApiResponse<Record<string, any>, Record<string, unknown>>
>
property | type | description | default |
---|---|---|---|
query | string | the search query, you can also use operators | none |
options | SequelasticMultipleSearchOptions | the search options | undefined |
Get all indices in the cluster
sequelastic.allIndices() => Promise<string[]>
key | type | description | default |
---|---|---|---|
node | string | elasticsearch service endpoint | http://localhost:9200 |
models | (Model | SequelasticModelType)[] | list of all the models to index | [] |
exclude (optional) | string[] | list of the model's fields to globally exclude from index | undefined |
key | type | description |
---|---|---|
model | Model | sequelize model to be indexed |
attributes (optional) | string[] | {exclude: string[]} | fields to include or exclude in index |
include (optional) | (string | SequelasticModelType)[] | object to eventually specify models to include in index |
key | type | description | default |
---|---|---|---|
refresh | boolean | use refresh in elasticSearch bulk method | false |
key | type | description | default |
---|---|---|---|
fuzzy (optional) | boolean | use fuzzy search | false |
fuzziness (optional) | "AUTO" | number | search fuzziness | "AUTO" |
wholeResponse (optional) | boolean | get as return the whole search response or only the hits | false |
from (optional) | number | offset from the first result | 0 |
size (optional) | number | maximum amount of hits to be returned | 10 |
key | type | description | default |
---|---|---|---|
indices (optional) | (string | SequelasticMultipleSearchIndex )[] | the indices where search for the query | all the indices |
fuzzy (optional) | boolean | use fuzzy search | false |
fuzziness (optional) | "AUTO" | number | search fuzziness | "AUTO" |
from (optional) | number | offset from the first result | 0 |
size (optional) | number | maximum amount of hits to be returned | 10 |
key | type | description | default |
---|---|---|---|
index | string | index where search for the query | none |
fuzzy (optional) | boolean | use fuzzy search | false |
fuzziness (optional) | "AUTO" | number | search fuzziness | "AUTO" |
from (optional) | number | offset from the first result | 0 |
size (optional) | number | maximum amount of hits to be returned | 10 |
FAQs
bridge utility between sequelize-typescript and ElasticSearch
The npm package sequelastic receives a total of 24 weekly downloads. As such, sequelastic popularity was classified as not popular.
We found that sequelastic demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.