> 2. ORMs do not hide SQL nastiness. This is certainly true! I mean: ORMs are now well known to "make the easy queries slightly more easy, while making intermediate queries really hard and complex queries impossible". I think the are of ORMs is over. It simply did not deliver. If a book on SQL is --say-- 100 pages, a book on Hibernate is 400 pages. So much to learn just to make the easy queries slightly easier to... - Source: Hacker News / about 2 months ago

Another strategy is to model access control declaratively and enforce it in the application layer. ZenStack (built above Prisma ORM) and Hasura are good examples of this approach. The following code shows how access policies are defined with ZenStack and how a secured CRUD API can be derived automatically. - Source: dev.to / 3 months ago

Today, this ecosystem is going strong with new providers like Hasura, AppWrite and Supabase powering millions of projects. There are a few reasons people choose this style of hosting, especially if they are more comfortable with frontend development. BaaS lets them set up a database in a secure way, expose some business logic on top of the data, and connect via a dev-friendly SDK from their app or website code to... - Source: dev.to / 4 months ago

Hi! If you’ve ever thought about something like using GraphQL for something like this.. You might like Hasura. (Obligatory I work for Hasura) We’ve got an OpenAPI import and you can setup cron-jobs or one-off jobs and do things like load in headers from the environment variables to pass through. There isn’t currently an easy journey for chaining multiple calls together without writing any code at all, but you can... - Source: Hacker News / 4 months ago

Hasura.io — Hasura extends your existing databases wherever it is hosted and provides an instant GraphQL API that can be securely accessed for web, mobile, and data integration workloads. Free for 1GB/month of data pass-through. - Source: dev.to / 4 months ago

Another option is to use a Dependency Firewall, such as Bytesafe, which allows you to quarantine unwanted open source packages with vulnerabilities or non-compliant licenses. The platform provides a policy engine where you define the open source usage and security rules and the Dependency Firewall does the enforcement. - Source: dev.to / over 1 year ago

There are a few companies in this space that are trying to do the "Security Seal of Approval" thing to various degrees. Tidelift is one company that has a bunch of "catalogs"[0] of packages. I'm not sure how their package metadata is generated though -- maybe semi-manually? There is also Bytesafe[1] which is supposed to help give you a way to "firewall" yourself from unapproved dependencies. I don't think they... - Source: Hacker News / almost 2 years ago

I was trying bytesafe.dev recently and it was good for me, as it would stop the npm install of any package that had a security issue. But now that I am out of the free trial, it is to limited for me without paying for an upgraded plan. And their support never replies to my requests. Source: about 2 years ago

These steps will let you get your own private repository using Bytesafe:. - Source: dev.to / over 2 years ago

When using private repositories from Bytesafe, public dependencies will be proxied, pulling any required (and allowed) version into your private Maven repository. Using public repositories like Maven Central as an upstream makes sure you can access your organization's required open source dependencies - while maintaining security and control. - Source: dev.to / over 2 years ago