vscode-extension VS @databases

4. Spectral

Securing web applications is fast becoming a business goal for organizations as data breaches can create long-term repercussions. Web AppSec is a tremendous practice for you to protect your websites, databases, and applications. It involves developers taking charge of application security by continuously monitoring and testing their systems. Spectral empowers developers to simplify Web AppSec and make it a part of their everyday tasks.

Link: https://spectralops.io/

One method that is effective at keeping secrets hidden is by using vaults. SpectralOps provides such a vault that helps protect secrets by keeping them in a single place and encrypting them to control how they are accessed. We continuously map developer mistakes, access detail, and secret management detection with an ever-growing coverage using AI/ML and our proprietary tech. Check out an example here.

At Databases because you don't need ORM.

Depending on the complexity of your queries, Prisma might indeed not be the best abstraction for you. If you're proficient in SQL and don't want to sacrifice type-safety, there are really nice, low-level alternatives to Prisma such as Zapatos, Slonik or atdatabases. We're laying this out in our docs here: Should you use Prisma?

I built https://www.atdatabases.org to make this as easy as possible to get right when querying SQL databases with node.js

Depends a lot on the size of your database records. We’ve found that for a few tables with big JSONB columns it can make a huge difference but for 90% of queries it makes very little difference. https://www.atdatabases.org with @databases/pg-typed or @databases/mysql-typed also keeps the types in sync with which columns you select.

Since the method is marked as async, you can use await to get the results of a query (if your database library supports promises. For example with https://www.atdatabases.org as your db library you could do

I found Prisma close but not quite there. That's part of what motivated me to keep working on https://www.atdatabases.org, which I think is already there as an enterprise ready ORM for node.js

I built https://www.atdatabases.org which has an ORM for node.js, but also supports writing SQL queries in a safe way. It is type safe, and has much simpler & more flexible transaction support than most node.js ORMs.

If you’re using TypeScript and don’t have untrusted user data, @databases can generate static types, which can be a good alternative to runtime validation.

Did either of you consider @databases? It has pretty much the same approach to SQL as Slonik. I’m curious if there’s any reason why Slonik is preferable?