
Research
/Security News
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
= Bigrecord Driver
Bigrecord Driver uses JRuby to interact with Java databases through their native Java APIs, and connect with other Ruby (regular Ruby or JRuby) based applications through DRb.
Currently supported databases are:
The system that's running Bigrecord Driver will of course require JRuby and Java, however any other systems looking to access the databases require only Ruby and network access to the Bigrecord Driver server.
== Requirements
== Installation
(1) Install the latest Java Runtime for your operating system (or any version that's supported by JRuby. There are many resources online for this.
(2) Go to: http://jruby.org/getting-started and follow the instructions for installing the latest JRuby.
(3) Add the following environmental variable to your shell rc file (~/.bashrc or ~/.zshrc)
export JRUBY_HOME=/path/to/jruby
and then add $JRUBY_HOME/bin to your system PATH:
export PATH=$PATH:$JRUBY_HOME/bin
(4) Check that JRuby is installed correctly by typing in the following commands, and verifying that you get similar output:
> echo $JRUBY_HOME
/path/to/jruby
> jruby --version
jruby 1.3.1 [...]
(5) Install the Bigrecord Driver gem from gemcutter.org
> (sudo) gem install bigrecord-driver -s http://gemcutter.org/
== Usage
=== Starting the service
Once you have everything installed, you can start up a Bigrecord Driver DRb server for HBase with:
hbase-driver start -p [port]
Port will default to 40000 if none is specified. Remember this port, because it will be used in the bigrecord.yml configuration file.
=== Stopping the service
When you want to stop the server, simply run the command:
hbase-driver stop -p [port]
=== More options
Check out more usage options with:
hbase-driver
=== Database lib path
Bigrecord Driver comes packaged with the latest set of lib files needed to interact with the specified database. Since it might be necessary to include the lib files of a different version than the latest, specify the database install location using the -l argument.
hbase-driver start -p [port] -l [/path/to/hbase/install]
Bigrecord Driver will then use the /path/to/hbase/install folder and include the jar files needed to run so long as lib files weren't rearranged from the default configuration.
== Debugging
== License
Big Record is released under the MIT license.
== Links
FAQs
Unknown package
We found that bigrecord-driver demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.