![Maven Central Adds Sigstore Signature Validation](https://cdn.sanity.io/images/cgdhsj6q/production/7da3bc8a946cfb5df15d7fcf49767faedc72b483-1024x1024.webp?w=400&fit=max&auto=format)
Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
MongoX is an async python ODM (Object Document Mapper) for MongoDB which is built on top of Motor and Pydantic.
The main features include:
MongoX models are at the same time Pydantic models and have the same functionalitties, so you can use them with your existing Pydantic models.
Documentation: https://aminalaee.github.io/mongox
$ pip install mongox
You can define mongox
models the same way you define Pydantic models.
The difference is they should inherit from mongox.Model
now:
import asyncio
import mongox
client = mongox.Client("mongodb://localhost:27017")
db = client.get_database("test_db")
class Movie(mongox.Model, db=db, collection="movies"):
name: str
year: int
Now you can create some instances and insert them into the database:
movie = await Movie(name="Forrest Gump", year=1994).insert()
The returned result will be a Movie
instance, and mypy
will understand that this is a Movie
instance.
So you will have type hints and validations everywhere.
Now you can fetch some data from the database.
You can use the same pattern as PyMongo/Motor:
movie = await Movie.query({"name": "Forrest Gump"}).get()
Or you can use Movie
fields instead of dictionaries in the query (less room for bugs):
movie = await Movie.query({Movie.name: "Forrest Gump"}).get()
And finally you can use a more intuitive query (limited yet):
movie = await Movie.query(Movie.name == "Forrest Gump").get()
Notice how we omitted the dictionary and passed the Movie
fields in comparison.
Please refer to the documentation here or the full examples here.
FAQs
Python Mongodb ODM using Motor and Pydantic
We found that mongox demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
Security News
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
Research
Security News
Socket researchers uncovered a backdoored typosquat of BoltDB in the Go ecosystem, exploiting Go Module Proxy caching to persist undetected for years.