Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
By Kush Pandya - Jun 06, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
mongodb-language-model
Advanced tools
mongodb-language-model
Parses MongoDB query language and returns an abstract syntax tree
mongodb-language-model
Parses a MongoDB query and creates an abstract syntax tree (AST) with part of speech tagging. Currently, only strict extended json syntax is supported (which means keys have to be surrounded by double quotes and values have to match the strict syntax of the extended-json format.);
Usage
The main module exposes two functions: accepts(queryStr) and parse(queryStr).
accepts(queryStr)
The accepts(queryStr) function takes a query string and returns true if the
string is a valid MongoDB query, false otherwise.
Example:
var accepts = require('mongodb-language-model').accepts;
var assert = require('assert');
assert.ok(accepts('{"foo": 1}'));
assert.ok(accepts('{"age": {"$gt": 35}}'));
assert.ok(accepts('{"$or": [{"email": {"$exists": true}}, {"phone": {"$exists": true}}]}'));
assert.equal(accepts('{"$invalid": "key"}'), false);
parse(queryStr)
The parse(queryStr) function takes a query string and returns an abstract
syntax tree (AST) as a javascript object, if the query is valid. If the
query is not valid, the function throws a pegjs.SyntaxError with a message
explaining the failure.
Example:
var parse = require('mongodb-language-model').parse;
var assert = require('assert');
var pegjs = require('pegjs');
var ast = parse('{"foo": "bar"}');
assert.deepEqual(ast, {
'pos': 'expression',
'clauses': [
{
'pos': 'leaf-clause',
'key': 'foo',
'value': {
'pos': 'leaf-value',
'value': 'bar'
}
}
]
});
UML diagram
This is the hierarchical model that is created when a query is parsed:
Installation
npm install --save mongodb-language-model
Testing
npm test
FAQs
Parses MongoDB query language and returns an abstract syntax tree
The npm package mongodb-language-model receives a total of 5,529 weekly downloads. As such, mongodb-language-model popularity was classified as popular.
We found that mongodb-language-model demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 28 open source maintainers collaborating on the project.
Package last updated on 11 Aug 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket Now Supports pylock.toml Files
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
By Trevor Norris - Jun 05, 2025
Security News
Research
Destructive npm Packages Disguised as Utilities Enable Remote System Wipe
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.
By Kush Pandya - Jun 05, 2025