Installations
npm install objectionDeveloper Guide
Typescript
Yes
Module System
CommonJS
Min. Node Version
>=14.0.0
Node Version
20.12.2
NPM Version
10.5.0
Score
71
Supply Chain
86
Quality
81.9
Maintenance
100
Vulnerability
99.3
License
Releases
Unable to fetch releases
Contributors
Languages
JavaScript (95.47%)
TypeScript (4.25%)
PEG.js (0.27%)
Shell (0.01%)
Developer
Download Statistics
Total Downloads
31,610,844
Last Day
4,421
Last Week
80,045
Last Month
516,150
Last Year
6,748,139
GitHub Statistics
7,285 Stars
2,204 Commits
639 Forks
78 Watching
14 Branches
160 Contributors
Maintainers
Package Meta Information
Latest Version
3.1.5
Package Id
objection@3.1.5
Unpacked Size
629.45 kB
Size
133.49 kB
File Count
181
NPM Version
10.5.0
Node Version
20.12.2
Publised On
25 Sept 2024
Total Downloads
Cumulative downloads
Total Downloads
31,610,844
Last day
-81.3%
4,421
Compared to previous day
Last week
-34.5%
80,045
Compared to previous week
Last month
-5.3%
516,150
Compared to previous month
Last year
-1.5%
6,748,139
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
3
Peer Dependencies
1
Objection.js
Objection.js is an ORM for Node.js that aims to stay out of your way and make it as easy as possible to use the full power of SQL and the underlying database engine while still making the common stuff easy and enjoyable.
Even though ORM is the best commonly known acronym to describe objection, a more accurate description is to call it a relational query builder. You get all the benefits of an SQL query builder but also a powerful set of tools for working with relations.
Objection.js is built on an SQL query builder called knex. All databases supported by knex are supported by objection.js. SQLite3, Postgres and MySQL are thoroughly tested.
What objection.js gives you:
- An easy declarative way of defining models and relationships between them
- Simple and fun way to fetch, insert, update and delete objects using the full power of SQL
- Powerful mechanisms for eager loading, inserting and upserting object graphs
- Easy to use transactions
- Official TypeScript support
- Optional JSON schema validation
- A way to store complex documents as single rows
What objection.js doesn't give you:
- A fully object oriented view of your database With objection you don't work with entities. You work with queries. Objection doesn't try to wrap every concept with an object oriented equivalent. The best attempt to do that (IMO) is Hibernate, which is excellent, but it has 800k lines of code and a lot more concepts to learn than SQL itself. The point is, writing a good traditional ORM is borderline impossible. Objection attempts to provide a completely different way of working with SQL.
- A custom query DSL. SQL is used as a query language. This doesn't mean you have to write SQL strings though. A query builder based on knex is used to build the SQL. However, if the query builder fails you for some reason, raw SQL strings can be easily written using the raw helper function.
- Automatic database schema creation and migration from model definitions. For simple things it is useful that the database schema is automatically generated from the model definitions, but usually just gets in your way when doing anything non-trivial. Objection.js leaves the schema related things to you. knex has a great migration tool that we recommend for this job. Check out the example project.
The best way to get started is to clone our example project and start playing with it. There's also a typescript version available.
Check out this issue to see who is using objection and what they think about it.
Shortcuts:
Stable Version
Stable Version
3.1.5
CRITICAL
1
9.8/10
Summary
objection.js Prototype Pollution vulnerability
Affected Versions
< 2.2.16
Patched Versions
2.2.16
Reason
no vulnerabilities detected
Reason
license file detected
Details
- Info: : LICENSE:1
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
dependency not pinned by hash detected -- score normalized to 9
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/Vincit/objection.js/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/Vincit/objection.js/test.yml/master?enable=pin
- Info: Third-party GitHubActions are pinned
- Info: Dockerfile dependencies are pinned
- Info: no insecure (not pinned by hash) dependency downloads found in Dockerfiles
- Info: no insecure (not pinned by hash) dependency downloads found in shell scripts
Reason
GitHub code reviews found for 6 commits out of the last 30 -- score normalized to 2
Details
- Warn: no reviews found for commit: 8f8896584281c87773fab33025061cddab2ebc3f
- Warn: no reviews found for commit: 6ab6dd87cd89081dc2bff804a4cd989a32136905
- Warn: no reviews found for commit: f5ad7b9b2739b8e958e20680338fcdd9a8e7ed34
- Warn: no reviews found for commit: 8d018f4afdb9925735f5d2fe582db3eec383ff3a
- Warn: no reviews found for commit: 2dda08390a6eb2bf49ca92cbc9201a4b6d9dcb05
- Warn: no reviews found for commit: 4c802958f713e30dce3de1c9b690354e7b7eb69a
- Warn: no reviews found for commit: 139c59427465f3e62f4a3a027393adc87f862326
- Warn: no reviews found for commit: 5de9e2af404b6ebcbde3852124db00541f215b38
- Warn: no reviews found for commit: 9a66f2160820d6fe4c4121c13b65591b35f2a108
- Warn: no reviews found for commit: 0ececc74b4c7121d52b358b4e2854c15689f7300
- Warn: no reviews found for commit: cef73c4525edcbb48399785756fecefb050d01bd
- Warn: no reviews found for commit: d8ca98a1d85fb6cf8b1b293650fbf0f4cf43d284
- Warn: no reviews found for commit: 5ddccc499fc8dabbb7d1ab86952380ec1f58e81b
- Warn: no reviews found for commit: f626133e911cebef50e572320410230b2b5e9f27
- Warn: no reviews found for commit: 493364988899fbb684f60558519febdb5804a7a6
- Warn: no reviews found for commit: 8f44dd584315380ca029f181cb0fb89420ccda38
- Warn: no reviews found for commit: 7116382c0e2b3e54fb00d9281ffd3ae0dc42d6d7
- Warn: no reviews found for commit: 90350f4492c2168ec288dbd897e6ff4fcc47edf2
- Warn: no reviews found for commit: e51974d1cd2137c8180eca1d9c59f47390aa932f
- Warn: no reviews found for commit: eedbad04aba439d434f86043ebb0b6b557e9f7d3
- Warn: no reviews found for commit: 707e561f323e26b419fc006c0cb908adc42e8db6
- Warn: no reviews found for commit: aef27c11e4bff99356254423963dc3652b619a94
- Warn: no reviews found for commit: 23ce2af9efa1f75ba2d5a1c0f3fcd14de857553d
- Warn: no reviews found for commit: 7c8a2825343d59c1bb32881fffb0806c8118c97b
Reason
0 commit(s) out of 30 and 0 issue activity out of 30 found in the last 90 days -- score normalized to 0
Reason
no badge detected
Reason
non read-only tokens detected in GitHub workflows
Details
- Warn: no topLevel permission defined: .github/workflows/test.yml:1: update your workflow using https://app.stepsecurity.io/secureworkflow/Vincit/objection.js/test.yml/master?enable=permissions
Reason
security policy file not detected
Reason
project is not fuzzed
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Score
4.5
/10
Last Scanned on 2022-08-15
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn MoreOther packages similar to objection
@tsed/objection
Objection.js package for Ts.ED framework
objection-filter
A filter module for objection.js
@bitovi/objection-querystring-parser
This library builds on top of [`@bitovi/querystring-parser`](https://github.com/bitovi/querystring-parser/tree/main/packages/querystring-parser#readme) to transform CRUD-related querystrings into structured data for the [Objection ORM](https://vincit.gith
objection-visibility
Objectionjs plugin to whitelist/blacklist model properties