DEV.co
Open-Source Databases · dresende

node-orm2

node-orm2 is a Node.js ORM library that maps JavaScript objects to relational database tables, supporting MySQL, PostgreSQL, SQLite, and MongoDB. The project is no longer actively maintained since 2016, though the repository receives occasional updates.

Source: GitHub — github.com/dresende/node-orm2
3k
GitHub stars
369
Forks
JavaScript
Primary language
MIT
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositorydresende/node-orm2
Ownerdresende
Primary languageJavaScript
LicenseMIT — OSI-approved
Stars3k
Forks369
Open issues218
Latest releasev3.1.0 (2016-05-09)
Last updated2025-03-13
Sourcehttps://github.com/dresende/node-orm2

What node-orm2 is

Callback-based ORM providing model definition, associations, validation, instance caching, and query builders for multiple DBMS backends. Uses connection pooling and supports custom hooks, middleware integration, and plugin extensions.

Quickstart

Get the node-orm2 source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/dresende/node-orm2.gitcd node-orm2# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Legacy Node.js applications (v4–v13)

Suitable for existing projects running older Node.js versions where migration effort outweighs modernization. Database schema already designed around callback patterns.

Simple CRUD operations with light validation

Small projects with straightforward model-per-table mapping, basic relationships, and no complex transaction or aggregation requirements.

Multi-database prototypes

Quick proof-of-concept applications needing to switch between MySQL, PostgreSQL, or SQLite without major code changes.

Implementation considerations

  • Callback-based API requires careful error handling and can lead to callback hell; consider wrapping with Promise utilities.
  • Node.js version support capped at tested ranges; untested on modern Node.js LTS without risk.
  • Model instance caching (identity cache) can cause unexpected behavior if not properly configured or understood.
  • MongoDB support is beta and broken on Node.js >= 8; SQL databases are the primary focus.
  • Plugin ecosystem exists but depends on third-party maintainers; no guarantee of compatibility.

When to avoid it — and what to weigh

  • Starting a new production project — README explicitly recommends TypeORM or Sequelize for new projects due to active maintenance and community support. node-orm2 is deprecated.
  • Node.js >= 14 with PostgreSQL — Requires pg driver >= 8.1; v7 causes test timeouts. Compatibility constraints signal maintenance debt.
  • Complex queries or aggregations — MongoDB support is beta-only; advanced aggregation features are missing. Limited support for modern async/await or promise-based workflows.
  • High-security or compliance-critical applications — No active security patches since 2016. Dependency vulnerabilities unlikely to be addressed. Requires manual audit of dependencies.

License & commercial use

MIT License. Permits commercial use, modification, and distribution with attribution. No patent grants or warranty provided.

MIT is permissive and allows commercial use. However, given the project is unmaintained since 2016, commercial deployment carries significant risk. No active vendor, no SLA, and security patches are unlikely. Recommend legal/compliance review and budget for migration or internal maintenance.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceStale
DocumentationAdequate
License clarityClear
Deployment complexityLow
DEV.co fitPossible
Assessment confidenceHigh
Security considerations

No active security updates since 2016. Dependencies are likely outdated and may contain known vulnerabilities. SQL injection risk depends on driver version and proper parameterized query use (not verified here). No security policy or audit trail. Recommend dependency scanning and penetration testing before production use.

Alternatives to consider

TypeORM

Actively maintained, TypeScript-first, supports multiple databases, modern async/await API, and stronger type safety. Explicitly recommended in node-orm2 README.

Sequelize

Mature, widely adopted, promise-based, comprehensive documentation, and active development. Recommended in node-orm2 README as a modern alternative.

Prisma

Modern schema-driven ORM with auto-generated types, excellent documentation, built-in migrations, and active community. No callback hell; production-ready.

Software development agency

Build on node-orm2 with DEV.co software developers

This library is no longer actively maintained. We recommend TypeORM or Sequelize for new projects. Contact us to assess your codebase and plan a migration strategy.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

node-orm2 FAQ

Can I use node-orm2 in production?
Not recommended. The project is unmaintained since 2016. README explicitly advises new projects to use TypeORM or Sequelize. Consider it for legacy systems only and budget for eventual migration.
Does node-orm2 support MongoDB?
Yes, but only in beta. It does not work with Node.js >= 8 and lacks aggregation features. SQL databases (MySQL, PostgreSQL, SQLite) are the primary and stable focus.
Is node-orm2 secure?
No known active security updates since 2016. Dependencies are likely outdated. Recommend dependency scanning and manual code audit before any production use.
What Node.js versions are supported?
Officially 4.0+. Node.js >= 14 with PostgreSQL requires pg driver >= 8.1. Modern LTS versions (18, 20) are untested; compatibility is unknown.

Custom software development services

DEV.co is a software development agency delivering custom software development services to companies building on open source. Our software developers and web developers design, integrate, and ship production systems — spanning web development, APIs, AI, data, and cloud. If node-orm2 is part of your open-source databases roadmap, our team can implement, customize, migrate, and maintain it.

Evaluating node-orm2 for your project?

This library is no longer actively maintained. We recommend TypeORM or Sequelize for new projects. Contact us to assess your codebase and plan a migration strategy.