Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Mongoat is a MongoDB lightweight wrapper adding hooks (pre/post), automatic createdAt/updatedAt, in a native MongoDB experience. It is written on top of the mongodb npm package.
It does not provides any ODM, model specifications, validation, or things that would force you to use it in a specific way. Mongoat is designed to be used in a MongoDB way: your way.
npm install mongoat
var mongoat = require('mongoat'); //instead of require('mongodb');
And then your mongoat
object is to be used like the MongoDB native node.js driver. We just add some features on top of it, see below:
You can add multiple before and after hooks for insertions, updates and removals:
db.collection('collectionName').before('insert', function (docToInsert) {
// triggered when calling to insert()
});
db.collection('collectionName').before('update', function (docToUpdate) {
// triggered when calling to update() or findAndModify()
});
db.collection('collectionName').before('remove', function (docToRemove) {
// triggered when calling to remove()
});
db.collection('collectionName').after('insert', function (docToInsert) {
// triggered when calling to insert()
});
db.collection('collectionName').after('update', function (docToUpdate) {
// triggered when calling to update() or findAndModify()
});
db.collection('collectionName').after('remove', function (docToRemove) {
// triggered when calling to remove()
});
Enable datetime feature:
db.collection('collectionName').datetime(true); // Default is false
it will add a createdAt
field to all new inserted documents using:
db.collection('collectionName').insert(document, options);
or using one of the following method within the option upsert: ture
db.collection('collectionName').update(query, update, options);
db.collection('collectionName').findAndModify(query, sort, update, options);
it will add a updatedAt
field to all updated documents using:
db.collection('collectionName').update(query, update, options);
// or
db.collection('collectionName').findAndModify(query, sort, update, options);
Enable versioning feature:
db.collection('collectionName').version(true); // Default is false
Enabling this feature for a collection, so each time you perform an insert/update/remove it will create a document in the collection collectionName.vermongo and increment the version of the updated document. The _id
in this collection is a composite ID, { _id: _id, _version: _version }
.
The document in the MyCollection collection will also receive a _version field.
If we want to restore a version
db.collection('collectionName').restore(id, version);
db.collection('collectionName').restore(id, 0); // restore the last version
db.collection('collectionName').restore(id, -2); // restore the last version -2
more about versioning feature here
npm test
Or to show up code coverage npm run cover
it will generate ./coverage
folder
Please read our Contributing Guidlines before submitting a pull request or an issue !
The MIT License MIT
Copyright (c) 2015 Dial Once
FAQs
Mongoat is a MongoDb ODM
The npm package mongoat receives a total of 0 weekly downloads. As such, mongoat popularity was classified as not popular.
We found that mongoat demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.