On this page:

Description
- In what situation should you install this extension?
Function Point, Quality and Sizing support
- Comparison with existing support for JavaScript in CAST AIP
CAST AIP compatibility
Supported DBMS servers
Prerequisites
Dependencies with other extensions
Download and installation instructions
Packaging, delivering and analyzing your source code
What results can you expect?

Target audience:

Users of the extension providing Node.js support for Web applications.

Summary: This document provides basic information about the extension providing Node.js support for Web applications.

Description

This extension provides support for Node.js.

In what situation should you install this extension?

If your Web application contains Node.js source code and you want to view these object types and their links with other objects, then you should install this extension:

creates Node.js operations which represent entry-points of web services
creates Mongoose connections and models which represent access to mongoDB database.
- This declaration will create a mongoose connection:

mongoose.connect('mongodb://localhost/analyzerlauncher', function(err) {
   if (err) { throw err; }
});

This declaration will create a mongoose model:

userModel = mongoose.model('users', userSchema);

creates links from JavaScript functions to Mongoose objects (link types are useSelectLink, useUpdateLink, useInsertLink, useDeleteLink).
The HTML5/JavaScript extension creates links between Node.js operations and Mongoose objects.
These declarations will create a Node.js Get operation:

app.get('/login', function (req, res) {
    "use strict";
    console.log('login ' + req.url);
    console.log('login ' + req.query.pseudo);
    var currentSession = getSessionId(req, res);
    datab.userExists(currentSession, req.query.pseudo, res, cbLogin);
});

Node.js operations are called from client applications, using jQuery Ajax for example. Supported client frameworks are:

Function Point, Quality and Sizing support

This extension provides the following support:

Function Points (transactions): a green tick indicates that OMG Function Point counting and Transaction Risk Index are supported
Quality and Sizing: a green tick indicates that CAST can measure size and that a minimum set of Quality Rules exist

Function Points (transactions)	Quality and Sizing

Comparison with existing support for JavaScript in CAST AIP

CAST AIP has provided support for analyzing JavaScript via its J2EE and .NET analyzers (provided out of box in CAST AIP) for some time now. The HTML5/JavaScript extension (on which the Node.js extension depends) also provides support for JavaScript but with a focus on web applications. CAST highly recommends that you use this extension if your Application contains JavaScript and more specifically if you want to analyze a web application, however you should take note of the following:

You should ensure that you configure the extension to NOT analyze the back end web client part of a .NET or J2EE application.
You should ensure that you configure the extension to ONLY analyze the front end web application built with the HTML5/JavaScript that communicates with the back end web client part of a .NET or J2EE application.
If the back end web client part of a .NET or J2EE application is analyzed with the Node.js extension and with the native .NET/J2EE analyzers, then your results will reflect this - there will be duplicate objects and links (i.e. from the analyzer and from the extension) therefore impacting results and creating erroneous Function Point data.

CAST AIP compatibility

This extension is compatible with:

CAST AIP release	Supported
8.2.x
8.1.x
8.0.x
7.3.4 and all higher 7.3.x releases

Supported DBMS servers

This extension is compatible with the following DBMS servers:

CAST AIP release	CSS2	Oracle	Microsoft
All supported releases

Prerequisites

An installation of any compatible release of CAST AIP (see table above)

Dependencies with other extensions

Some CAST extensions require the presence of other CAST extensions in order to function correctly. The Node.js extension requires that the following other CAST extensions are also installed:

HTML5/JavaScript
Web services linker service (internal technical extension)

Note that when using the CAST Extension Downloader to download the extension and the Manage Extensions interface in CAST Server Manager to install the extension, any dependent extensions are automatically downloaded and installed for you. You do not need to do anything.

Download and installation instructions

Please see:

The latest release status of this extension can be seen when downloading it from the CAST Extend server.

Packaging, delivering and analyzing your source code

Please see: Node.js - Packaging, delivering and analyzing your source code

What results can you expect?

Once the analysis/snapshot generation has completed, you can view the results in the normal manner (for example via CAST Enlighten):

Objects

The following objects are displayed in CAST Enlighten:

Icon	Description
	JavaScript file
	HTML file (icon depends on default browser)
	Node.js JavaScript function object
	HTML 5 JavaScript Source Code object
	Node.js Delete Operation Service
	Node.js Get Operation Service
	Node.js Post Operation Service
	Node.js Put Operation Service
	Node.js Mongoose Connection
	Node.js Mongoose Model
	Node.js Port
	Node.js Service
	Node.js Unknown Database

Rules

List of rules is available here:

https://technologies.castsoftware.com/rules?rlH=AIP/extensions/com.castsoftware.nodejs/versions/1.0.0-funcrel/quality-rules

External link behaviour

Behaviour is different depending on the version of CAST AIP you are using the extension with:

From 7.3.6, SQL queries are sent to the external links exactly like standard CAST AIP analyzers.
From 7.3.4 and before 7.3.6, a degraded mode takes place: The Node.js extension analyzes the FROM clause to retrieve table names, then sends the table names only to external links.
For all versions, if no links are found via external links, unresolved objects are created (with type CAST_NodeJS_Unknown_Database_Table).
External links are created, thus producing links from JavaScript code to database tables for the following connectors:
- Oracle: "oracledb"

var oracledb = require('oracledb');
connection = oracledb.getConnection(
  {
    user          : "hr",
    password      : "welcome",
    connectString : "localhost/XE"
  }
);
connection.execute(
      "SELECT department_id, department_name FROM departments WHERE department_id < 70",
      function(err, result)
      {
        if (err) { console.error(err); return; }
        console.log(result.rows);
      }
  );

- Microsoft SQL Server: "node-sqlserver"

var sql = require('node-sqlserver');
//
var connStr = "Driver={SQL Server Native Client 11.0};Server=myySqlDb,1433;Database=DB;UID=Henry;PWD=cat;";
var query = "SELECT * FROM GAData WHERE TestID = 17";
sql.open(connStr, function(err,conn){
    if(err){
        return console.error("Could not connect to sql: ", err);
    }
    conn.queryRaw("SELECT TOP 10 FirstName, LastName FROM authors", function (err, results) {
        if (err) {
            console.log("Error running query!");
            return;
        }
        for (var i = 0; i < results.rows.length; i++) {
            console.log("FirstName: " + results.rows[i][0] + " LastName: " + results.rows[i][1]);
        }
    });
});
var match = "%crombie%";
sql.query(conn_str, "SELECT FirstName, LastName FROM titles WHERE LastName LIKE ?", [match], function (err, results) { 
    for (var i = 0; i < results.length; i++) {
        console.log("FirstName: " + results[i].FirstName + " LastName: " + results[i].LastName);
    }
});

- Microsoft SQL Server: "mssql"

var sql = require('mssql');
var config = {
    user: '...',
    password: '...',
    server: 'localhost', // You can use 'localhost\\instance' to connect to named instance 
    database: '...',
     
    options: {
        encrypt: true // Use this if you're on Windows Azure 
    }
}
  
var connection = new sql.Connection(config, function(err) {
    // ... error checks 
     
    // Query 
     
    var request = new sql.Request(connection); // or: var request = connection.request(); 
    request.query('select * from authors', function(err, recordset) {
        // ... error checks 
         
        console.dir(recordset);
    });
     
    // Stored Procedure 
     
    var request = new sql.Request(connection);
    request.input('input_parameter', sql.Int, 10);
    request.output('output_parameter', sql.VarChar(50));
    request.execute('procedure_name', function(err, recordsets, returnValue) {
        // ... error checks 
         
        console.dir(recordsets);
    });
     
});

- Postgres: "pg"

var pg = require("pg");
var conString = "pg://operator:CastAIP@localhost:2280/postgres";
var client = new pg.Client(conString);
client.connect();
var querySchemas = client.query("select nspname from pg_catalog.pg_namespace");
querySchemas.on("row", function (row, result) {
    "use strict";
    result.addRow(row);
});
querySchemas.on("end", function (result) {
    "use strict";
    console.log(result.rows);
    client.end();
});

Limitations

In this section we list the most significant functional limitations that may affect the analysis of applications using Node.js:

Only express framework for operations declaration is supported.
With regard to external links degraded mode, only statements with a FROM clause are correctly handled.

Node.js - 1.0