Forem: BINIL THOMAS

MappingError: Class 'YourClass' is not mapped

BINIL THOMAS — Fri, 13 Oct 2023 20:30:26 +0000

When working with an Object-Relational Mapping (ORM) tool like SQLAlchemy in Python, encountering a MappingError stating that a particular class is not mapped can be frustrating.

Understanding the Issue
The error message might look something like this:

sqlalchemy.orm.exc.MappingError: Class 'YourClass' is not mapped

This indicates that SQLAlchemy is unable to locate a mapping for the specified class.

Potential Causes and Solutions

Check Class Inheritance: Ensure that your class inherits from db.Model or the appropriate base class used for SQLAlchemy models.
Import Statements: Confirm that your class is imported where needed. If your class definition is in a separate module, make sure you import it correctly in the module where you're working with the database.
Bind Metadata to Database: SQLAlchemy relies on metadata to map classes to database tables. Ensure that the metadata is bound to the database engine.
Check Database Initialization: Ensure that you initialize the database before working with models. This typically involves calling db.create_all().

Conclusion
A MappingError indicating that a class is not mapped is often a result of misconfigurations or oversights in the class definition, import statements, or metadata binding

RecursionError in SQLAlchemy SerializerMixin

BINIL THOMAS — Fri, 13 Oct 2023 20:17:18 +0000

The error, typically originating from the serializer.py file, specifically in lines such as:

File ".../sqlalchemy_serializer/serializer.py", line 120, in __call__
    return self.serialize(value)
File ".../sqlalchemy_serializer/serializer.py", line 171, in serialize
    if isinstance(value, types):

Decoding the Causes

Recursive Serialization Pitfalls
The SerializerMixin library aims to simplify the serialization of SQLAlchemy objects. However, if your data model involves circular relationships, the serialization process might unintentionally trigger an infinite recursion loop.
Misleading isinstance Check
The isinstance check in the serialize method could be misleading. It's paramount to ensure that this check aligns seamlessly with your model definitions and doesn't inadvertently lead to circular references.
Circular References in Model Architecture
Inspect your SQLAlchemy model definitions, such as those for User and Item. Circular references in relationships or hybrid properties can be a breeding ground for the recursion error.

Tactical Steps for Resolution

Scrutinize Serialization Logic
Dive into your serialization logic, especially within the serialize method. Detect any recursive calls or situations that might trigger an infinite loop.
Rigorous Model Definition Review
Conduct a meticulous review of your SQLAlchemy model definitions. Scrutinize relationships and hybrid properties to ensure they're configured correctly.
Dependency Check and Update
Verify that you're leveraging the latest versions of SQLAlchemy and SQLAlchemy SerializerMixin. Compatibility issues might be addressed by updating your dependencies.
Isolation Testing
Create a minimalistic test scenario where you attempt to serialize a basic object using SerializerMixin in isolation from your main application.

Conclusion
Understanding these common errors and their root causes is crucial for effective management of this error.

NPM Security Attacks

BINIL THOMAS — Mon, 03 Jul 2023 01:31:52 +0000

Introduction:
npm (Node Package Manager) allows developers to easily manage and install third-party libraries and tools, making it an crucial tool for building JavaScript applications.
Now-a days, Cyber attacks are taking advantages of these npm features and hence targeting users in various forms. In recent news, we have have come across many such attacks targeting many individuals and organizations.
Today, I want to highlight some of the common set of attacks and what steps can we take to protect ourselves from the same.

Types of Attacks:
Some common types of npm-related cyber attacks include:

Supply Chain Attacks

The attackers exploit vulnerabilities in the supply chain to gain unauthorized access or inject malicious code into the software or hardware.
It involves compromising the software supply chain to inject malicious code into legitimate packages. Attackers may target popular npm packages, leveraging their trust and wide usage to spread malicious code.

Prevention: Stay updated on security advisories, follow best practices for package selection, and regularly review the dependencies and code of the packages you use. Consider using tools like Snyk or npm audit to identify vulnerabilities in your project dependencies.

npm audit

Malware Infection

Malware can be introduced into npm packages. It can result in the distribution of malicious code that compromises the security of systems running the affected packages.

Prevention: Be extra cautious when installing packages from untrusted sources. We need to stick to reputable packages with a significant number of downloads and a reliable sources. Also, periodically update the packages to ensure we have the latest security patches.

Credential Theft

Attackers may target npm user accounts to steal login credentials, enabling them to gain unauthorized access to user repositories or publish malicious versions of packages in the user's name.

Prevention: Enable multi-factor authentication for your npm account. Use strong and unique passwords for your npm account.
Be cautious of phishing attempts and avoid clicking on any suspicious links.

Dependency Confusion

Dependency confusion occurs when an attacker uploads a malicious package to a public repository using the same name as an internal package used within an organization. This can lead to organizations unknowingly installing the malicious package instead of their internal one.

Prevention: Utilize private npm registries or package management solutions to store and manage internal packages securely. Configure your build systems to prioritize internal package sources and restrict access to public registries.

Conclusion:
To reduce the risks associated with npm cyber attacks, it is important to stay informed about the latest security vulnerabilities, cyber-attacks, regularly update packages, and follow best practices for secure development and deployment.
Additionally, monitoring security advisories, using package verification tools, and implementing secure coding practices can help safeguard against potential npm-related attacks.

Happy Safe Coding!!!!

Delete file from Git Repository

BINIL THOMAS — Mon, 15 May 2023 00:51:08 +0000

It is very common for new or learning developers to accidentally add files with large size or sensitive data to a Git repository. This can happen for a variety of reasons, such as not understanding how Git works, not knowing what files should be ignored, or not realizing that certain files contain sensitive information.

If you accidentally committed a file with sensitive data on GitHub, it is important to act quickly to remove the data from the repository.

Let us look at some scenarios for deletion of files from Git repository.

Delete File in Git Repository and Filesystem
Easiest way to delete a file from git repository is using git rm command. This will delete the file from Git Repository as well as the filesystem

git rm <filename>

git commit -m "Deleted the file from the git repository"

git push

After running the git rm command to delete a file from your Git repository, the file is removed from your local working directory, but it is not yet removed from the Git index. You need to commit your changes using the git commit command. This will create a new commit that reflects the deletion of the file. And finally do a git push.

Note: It's important to note that the git rm command can be dangerous if used improperly, as it can permanently delete files from your repository. Always make sure to double-check before running the command, and make sure you have a backup copy of any important files you want to delete.

Delete Files Recursively on Git

To delete files recursively on Git, you can use the git rm command with the -r option, which tells Git to recursively remove all files and directories inside the specified directory.
It will be deleted from local working directory as well as the Git repository.
Here's how you can delete files recursively on Git:

Use the git rm command followed by the -r option and the name of the directory to be deleted.

git rm -r <foldername>

git commit -m "Deleted the folder from the repository"

git push

Similar to git rm, you need to commit the changes followed by push command.

Note: Keep in mind that deleting files recursively on Git will permanently delete all files and directories inside the specified directory, and they cannot be recovered unless you have a backup copy of the files. Therefore, make sure to double-check before executing the git rm -r command, and take appropriate precautions to avoid accidentally deleting important files.

Delete Files on Git Repository only

In some cases, you want to delete files from the Git repository but not from the filesystem like if you accidentally committed a file that contains sensitive information such as passwords, API keys, or other confidential data. In this case, you want to remove the file from the Git repository to prevent the sensitive information from being accessed by others, but you want to keep the file on your local filesystem so that you can continue to use it OR when you have committed large files or files that are not necessary for the project but take up a lot of space. In this case, you want to remove the files from the Git repository to reduce the size of the repository and improve performance, but you want to keep the files on your local filesystem so that you can continue to work with them if needed.

By using the --cached option with the git rm command, you can remove the files from the Git repository without deleting them from the local filesystem. This allows you to maintain a clean Git history without losing any important files.

git rm --cached <filename>

git commit -m "Deleted file from repository only"

git push

Note: If there is any file which you don't want to be added to the Git Repository, then add it to the git ignore file.

touch .gitignore

# Content of the gitignore file

filename

Commit your gitignore file and you should be good to go!

Delete Files From Git History
There are several reasons why you may want to delete files from Git history:

To remove sensitive information
To reduce the repository size
To improve readability
To correct mistakes

In summary, deleting files from Git history can help keep the repository clean, improve performance, and protect sensitive information. However, it is essential to be cautious when deleting files from Git history, as it can affect the project's history and the work of other team members.

In order to delete file from Git history, you have to use the “git filter-branch” command and specify the command to be executed on all the branches of your Git history.

$ git filter-branch -f --prune-empty --index-filter "git rm -r --cached --ignore-unmatch <path of file>" HEAD

This command can take a while, if your history contains many files, but in the end, the deleted file won’t be in your Git history anymore.

After deleting a file from Git history, you can use the git log command to verify that the commits linked to the deleted file have been pruned.

To remove the commits that reference the deleted file, you need to run the git gc command to clean up the repository and remove any unreferenced objects. This command will prune the commits that no longer have any references in the repository.

After running git gc, you can use git log to verify that the commits linked to the deleted file have been pruned. If any of the commits are still present in the repository's history, you may need to run the git reflog expire command to expire the reflog entries that reference the deleted file. This command will ensure that the deleted file is no longer accessible from the repository's history.

Conclusion
So deleting a file from a Git repository is a straightforward process, and there are several ways to do it depending on your specific use case.

In any case, it's always a good idea to commit your changes after deleting a file from a Git repository to ensure that the change is permanent and recorded in the Git history.

My Journey as a Beginner in Full Stack Development

BINIL THOMAS — Sat, 13 May 2023 21:49:18 +0000

As someone who is new to the world of full stack development, I recently completed the Phase 1 Full Stack Development Course and wanted to share my experience. This course covered a wide range of topics, from front-end development to back-end development, and provided me with a solid foundation for building web applications.

What I Learned
Throughout the course, I learned the following key concepts and technologies:

HTML, CSS, JSON, and JavaScript
These are the fundamental building blocks of web development and are essential for creating dynamic and interactive web pages. HTML is used to structure content on the page, while CSS is used to style the content and give it visual appeal. JavaScript is used to add interactivity and functionality to the web page, such as responding to user input and manipulating the content on the page. JSON is a lightweight data interchange format that is commonly used to send and receive data between client and server.

During the course, I learned how to create basic HTML and CSS layouts, how to use JSON to exchange data between client and server, and how to use JavaScript to add interactivity and functionality to my web pages. I also learned about best practices for organizing and structuring my code, which helped me write more maintainable and scalable code.

Git and Github
Git is a popular version control system that allows developers to track changes to their code over time, collaborate with other developers, and maintain different versions of their code. Github is a web-based platform that provides hosting for Git repositories and offers a variety of collaboration and project management tools.

During the course, I learned how to use Git to track changes to my code, create branches, merge changes, and collaborate with other developers. I also learned how to use Github to host my code, collaborate with other developers, and manage project tasks and issues.

Slack, Piazza, and Canvas
Slack, Piazza, and Canvas are communication and collaboration tools commonly used in online courses and in the workplace. Slack is a messaging and collaboration platform that allows teams to communicate and collaborate in real-time. Piazza is a Q&A platform that allows students to ask and answer questions related to course material. Canvas is an online learning management system that provides course materials, assignments, and grades to students.

During the course, I learned how to use these tools to communicate with my classmates and instructors, ask and answer questions related to course material, and access course materials and assignments.

Conclusion
Overall, the Phase 1 Full Stack Development Course provided me with a solid foundation in front-end and back-end development, as well as important tools for collaboration and project management. I look forward to building on these skills in future courses and projects and share my knowledge.