Security News
CVE Volume Surges Past 48,000 in 2025 as WordPress Plugin Ecosystem Drives Growth
CVE disclosures hit a record 48,185 in 2025, driven largely by vulnerabilities in third-party WordPress plugins.
By Sarah Gooding - Jan 09, 2026
mongo-query
Advanced tools
mongo-query
Component that implements the complete MongoDB query JSON API to operate on individual documents.
mongo-query
Component that implements the complete MongoDB query JSON API to operate on individual documents.
Example
var query = require('mongo-query');
// our sample document
var obj = {
name: 'Tobi',
age: 8,
location: { country: 'Canada', zip: 123 }
likes: [{ id: 1, name: 'Food' }, { id: 2, name: 'Stuff' }]
};
// run an operation and get changes
var changes = query(obj, { $set: { 'location.country': 'US' } });
Features
- Transactional. If an op fails, the others are rolled back.
- Precise modification logs. Ops return an array of
changeobjects.- Noops are excluded.
- Before/after values are provided.
- Whether the op triggered the creation of a new array.
- Error messages almost exactly match MongoDB's.
- Query support. Allows for support of the positional operator.
- Wide test coverage.
API
query(obj, filter, modifier, opts)
- Executes the
modifieronobjprovided they matchfilter. - Returns an array of change objects (see below). If the modifier does not alter the object the array will be empty.
- Options:
strictif true, only modifies iffilterhas a match (false).
query.filter(query)
Returns a Query object to perform tests on.
Example: query.filter({ a: { $gt: 3 } }).test({ a: 1 }). For the
complete filter API refer to
filtr.
query.get(obj, key)
Gets the key from the given obj, which can use dot
notation.
Example: query.get(obj, 'some.key').
query.set(obj, key, val)
Sets the key on obj with the given val. Key can use dot
notation.
change
All change objects contain:
key: the key that was affected. If the positional operator was used, the key is rewritten with dot notation (eg:comments.3.date).op: the type of operation that was performed
Depending on the type of operation they can contain extra fields.
$set
valuethat we set
$inc
valuevalue that we increment by
$pop
valuevalue that was poppedshiftif true, it was a shift instead of a pop
$rename
valuenew name
$push
valuevalue that was pushed
$pushAll
valuearray of values that were pushed
$pull
valuearray of values that were pulled
$pullAll
valuearray of values that were pulled
$unset
value(undefined)
$addToSet
valuearray of values that were added
FAQs
Component that implements the complete MongoDB query JSON API to operate on individual documents.
The npm package mongo-query receives a total of 141 weekly downloads. As such, mongo-query popularity was classified as not popular.
We found that mongo-query demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 12 Mar 2015
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Insecure Agents Podcast: Certified Patches, Supply Chain Security, and AI Agents
Socket CEO Feross Aboukhadijeh joins Insecure Agents to discuss CVE remediation and why supply chain attacks require a different security approach.
By Sarah Gooding - Jan 08, 2026
Security News
Tailwind CSS Announces 75% Layoffs as LLMs Reshape OSS Business Models
Tailwind Labs laid off 75% of its engineering team after revenue dropped 80%, as LLMs redirect traffic away from documentation where developers discover paid products.
By Sarah Gooding - Jan 08, 2026