Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
mongodb-core
Advanced tools
Core MongoDB driver functionality, no bells and whistles and meant for integration not end applications
The mongodb-core package is a low-level driver for MongoDB that provides the core functionality for interacting with MongoDB databases. It is used internally by the higher-level mongodb package but can be used directly for more fine-grained control over MongoDB operations.
Connecting to MongoDB
This feature allows you to establish a connection to a MongoDB server. The code sample demonstrates how to create a new MongoClient instance and connect to a MongoDB server running on localhost.
const MongoClient = require('mongodb-core').MongoClient;
const client = new MongoClient('mongodb://localhost:27017');
client.connect((err) => {
if (err) throw err;
console.log('Connected to MongoDB');
client.close();
});
Performing CRUD Operations
This feature allows you to perform CRUD (Create, Read, Update, Delete) operations on a MongoDB database. The code sample demonstrates how to insert a document into a collection.
const MongoClient = require('mongodb-core').MongoClient;
const client = new MongoClient('mongodb://localhost:27017');
client.connect((err) => {
if (err) throw err;
const db = client.db('test');
const collection = db.collection('documents');
collection.insertOne({ a: 1 }, (err, result) => {
if (err) throw err;
console.log('Document inserted');
client.close();
});
});
Handling Replication
This feature allows you to handle MongoDB replication. The code sample demonstrates how to connect to a MongoDB replica set.
const ReplSet = require('mongodb-core').ReplSet;
const replSet = new ReplSet([{ host: 'localhost', port: 27017 }], { setName: 'rs0' });
replSet.on('connect', () => {
console.log('Connected to replica set');
replSet.destroy();
});
replSet.connect();
The mongodb package is a higher-level driver for MongoDB that builds on top of mongodb-core. It provides a more user-friendly API and additional features such as connection pooling, schema validation, and more. It is the recommended package for most users.
Mongoose is an Object Data Modeling (ODM) library for MongoDB and Node.js. It provides a higher-level abstraction over the MongoDB driver, including schema-based data validation, middleware, and more. It is ideal for applications that require a structured data model.
Monk is a minimalistic wrapper around the MongoDB driver that provides a simple and easy-to-use API for interacting with MongoDB. It is less feature-rich than mongoose but offers a more straightforward approach for basic CRUD operations.
The MongoDB Core driver is the low level part of the 2.0 or higher MongoDB driver and is meant for library developers not end users. It does not contain any abstractions or helpers outside of the basic management of MongoDB topology connections, CRUD operations and authentication.
what | where |
---|---|
documentation | http://mongodb.github.io/node-mongodb-native/ |
apidoc | http://mongodb.github.io/node-mongodb-native/ |
source | https://github.com/mongodb-js/mongodb-core |
mongodb | http://www.mongodb.org/ |
Think you’ve found a bug? Want to see a new feature in node-mongodb-native? Please open a case in our issue management tool, JIRA:
Bug reports in JIRA for all driver projects (i.e. NODE, PYTHON, CSHARP, JAVA) and the Core Server (i.e. SERVER) project are public.
http://jira.mongodb.org/browse/NODE
The quick start guide will show you how to set up a simple application using Core driver and MongoDB. It scope is only how to set up the driver and perform the simple crud operations. For more inn depth coverage we encourage reading the tutorials.
Let's create a directory where our application will live. In our case we will put this under our projects directory.
mkdir myproject
cd myproject
Create a package.json using your favorite text editor and fill it in.
{
"name": "myproject",
"version": "1.0.0",
"description": "My first project",
"main": "index.js",
"repository": {
"type": "git",
"url": "git://github.com/christkv/myfirstproject.git"
},
"dependencies": {
"mongodb-core": "~1.0"
},
"author": "Christian Kvalheim",
"license": "Apache 2.0",
"bugs": {
"url": "https://github.com/christkv/myfirstproject/issues"
},
"homepage": "https://github.com/christkv/myfirstproject"
}
Save the file and return to the shell or command prompt and use NPM to install all the dependencies.
npm install
You should see NPM download a lot of files. Once it's done you'll find all the downloaded packages under the node_modules directory.
Let's boot up a MongoDB server instance. Download the right MongoDB version from MongoDB, open a new shell or command line and ensure the mongod command is in the shell or command line path. Now let's create a database directory (in our case under /data).
mongod --dbpath=/data --port 27017
You should see the mongod process start up and print some status information.
Let's create a new app.js file that we will use to show the basic CRUD operations using the MongoDB driver.
First let's add code to connect to the server. Notice that there is no concept of a database here and we use the topology directly to perform the connection.
var Server = require('mongodb-core').Server
, assert = require('assert');
// Set up server connection
var server = new Server({
host: 'localhost'
, port: 27017
, reconnect: true
, reconnectInterval: 50
});
// Add event listeners
server.on('connect', function(_server) {
console.log('connected');
test.done();
});
server.on('close', function() {
console.log('closed');
});
server.on('reconnect', function() {
console.log('reconnect');
});
// Start connection
server.connect();
To connect to a replicaset we would use the ReplSet
class and for a set of Mongos proxies we use the Mongos
class. Each topology class offer the same CRUD operations and you operate on the topology directly. Let's look at an example exercising all the different available CRUD operations.
var Server = require('mongodb-core').Server
, assert = require('assert');
// Set up server connection
var server = new Server({
host: 'localhost'
, port: 27017
, reconnect: true
, reconnectInterval: 50
});
// Add event listeners
server.on('connect', function(_server) {
console.log('connected');
// Execute the ismaster command
_server.command('system.$cmd', {ismaster: true}, function(err, result) {
// Perform a document insert
_server.insert('myproject.inserts1', [{a:1}, {a:2}], {
writeConcern: {w:1}, ordered:true
}, function(err, results) {
assert.equal(null, err);
assert.equal(2, results.result.n);
// Perform a document update
_server.update('myproject.inserts1', [{
q: {a: 1}, u: {'$set': {b:1}}
}], {
writeConcern: {w:1}, ordered:true
}, function(err, results) {
assert.equal(null, err);
assert.equal(1, results.result.n);
// Remove a document
_server.remove('myproject.inserts1', [{
q: {a: 1}, limit: 1
}], {
writeConcern: {w:1}, ordered:true
}, function(err, results) {
assert.equal(null, err);
assert.equal(1, results.result.n);
// Get a document
var cursor = _server.cursor('integration_tests.inserts_example4', {
find: 'integration_tests.example4'
, query: {a:1}
});
// Get the first document
cursor.next(function(err, doc) {
assert.equal(null, err);
assert.equal(2, doc.a);
// Execute the ismaster command
_server.command("system.$cmd"
, {ismaster: true}, function(err, result) {
assert.equal(null, err)
_server.destroy();
});
});
});
});
test.done();
});
});
server.on('close', function() {
console.log('closed');
});
server.on('reconnect', function() {
console.log('reconnect');
});
// Start connection
server.connect();
The core driver does not contain any helpers or abstractions only the core crud operations. These consist of the following commands.
insert
, Insert takes an array of 1 or more documents to be inserted against the topology and allows you to specify a write concern and if you wish to execute the inserts in order or out of order.update
, Update takes an array of 1 or more update commands to be executed against the server topology and also allows you to specify a write concern and if you wish to execute the updates in order or out of order.remove
, Remove takes an array of 1 or more remove commands to be executed against the server topology and also allows you to specify a write concern and if you wish to execute the removes in order or out of order.cursor
, Returns you a cursor for either the 'virtual' find
command, a command that returns a cursor id or a plain cursor id. Read the cursor tutorial for more inn depth coverage.command
, Executes a command against MongoDB and returns the result.auth
, Authenticates the current topology using a supported authentication scheme.The Core Driver is a building block for library builders and is not meant for usage by end users as it lacks a lot of features the end user might need such as automatic buffering of operations when a primary is changing in a replicaset or the db and collections abstraction.
The next step is to get more in depth information about how the different aspects of the core driver works and how to leverage them to extend the functionality of the cursors. Please view the tutorials for more detailed information.
FAQs
Core MongoDB driver functionality, no bells and whistles and meant for integration not end applications
We found that mongodb-core demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.