Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
sql-bricks
Advanced tools
Readme
SQL Bricks.js is a transparent, schemaless library for building and composing SQL statements.
SELECT
, INSERT
, UPDATE
and DELETE
(with the exception of asc/desc/collate options for orderBy()
, see #73)
Comparison with other SQL-generation JS libraries:
library | lines | files | schema | other notes |
---|---|---|---|---|
Knex | 20k | ~50 | schema | transactions, migrations, promises, connection pooling |
Squel | 1.7k | 1 | schemaless | |
node-sql | 2.6k | ~60 | schema | |
mongo-sql | 1.7k | ~50 | schemaless | |
sql-bricks | 1.1k | 1 | schemaless |
INSERT ... ON DUPLICATE KEY UPDATE ...
INSERT IGNORE ...
LIMIT (SELECT / UPDATE / DELETE)
OFFSET
ORDER BY (UPDATE / DELETE)
LIMIT
and OFFSET
OR REPLACE
, OR ABORT
, OR ROLLBACK
, OR FAIL
LIMIT
and OFFSET
RETURNING
UPDATE ... FROM
DELETE ... USING
FROM VALUES
In the browser:
var select = SqlBricks.select;
In node:
var select = require('sql-bricks').select;
A simple select via .toString()
and .toParams()
:
select().from('person').where({last_name: 'Rubble'}).toString();
// "SELECT * FROM person WHERE last_name = 'Rubble'"
select().from('person').where({last_name: 'Rubble'}).toParams();
// {"text": "SELECT * FROM person WHERE last_name = $1", "values": ["Rubble"]}
While toString()
is slightly easier, toParams()
is recommended because:
The SQLBricks API is comprehensive, supporting all of SQL-92 for select/insert/update/delete. It is also quite flexible; in most places arguments can be passed in a variety of ways (arrays, objects, separate arguments, etc). That said, here are some of the most common operations:
// convenience variables (for node; for the browser: "var sql = SqlBricks;")
var sql = require('sql-bricks');
var select = sql.select, insert = sql.insert, update = sql.update;
var or = sql.or, like = sql.like, lt = sql.lt;
// WHERE: (.toString() is optional; JS will call it automatically in most cases)
select().from('person').where({last_name: 'Rubble'}).toString();
// SELECT * FROM person WHERE last_name = 'Rubble'
// JOINs:
select().from('person').join('address').on({'person.addr_id': 'address.id'});
// SELECT * FROM person INNER JOIN address ON person.addr_id = address.id
// Nested WHERE criteria:
select('*').from('person').where(or(like('last_name', 'Flint%'), {'first_name': 'Fred'}));
// SELECT * FROM person WHERE last_name LIKE 'Flint%' OR first_name = 'Fred'
// GROUP BY / HAVING
select('city', 'max(temp_lo)').from('weather')
.groupBy('city').having(lt('max(temp_lo)', 40))
// SELECT city, max(temp_lo) FROM weather
// GROUP BY city HAVING max(temp_lo) < 40
// INSERT
insert('person', {'first_name': 'Fred', 'last_name': 'Flintstone'});
// INSERT INTO person (first_name, last_name) VALUES ('Fred', 'Flintstone')
// UPDATE
update('person', {'first_name': 'Fred', 'last_name': 'Flintstone'});
// UPDATE person SET first_name = 'Fred', last_name = 'Flintstone'
// Parameterized SQL
update('person', {'first_name': 'Fred'}).where({'last_name': 'Flintstone'}).toParams();
// {"text": "UPDATE person SET first_name = $1 WHERE last_name = $2", "values": ["Fred", "Flintstone"]}
// SQLite-style params
update('person', {'first_name': 'Fred'}).where({'last_name': 'Flintstone'}).toParams({placeholder: '?%d'});
// {"text": "UPDATE person SET first_name = ?1 WHERE last_name = ?2", "values": ["Fred", "Flintstone"]}
// MySQL-style params
update('person', {'first_name': 'Fred'}).where({'last_name': 'Flintstone'}).toParams({placeholder: '?'});
// {"text": "UPDATE person SET first_name = ? WHERE last_name = ?", "values": ["Fred", "Flintstone"]}
Full documentation: https://csnw.github.io/sql-bricks
License: MIT
FAQs
Transparent, Schemaless SQL Generation
The npm package sql-bricks receives a total of 22,155 weekly downloads. As such, sql-bricks popularity was classified as popular.
We found that sql-bricks demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.