Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Motor is a full-featured, non-blocking MongoDB driver for Python asyncio and Tornado applications. Motor presents a coroutine-based API for non-blocking access to MongoDB.
"We use Motor in high throughput environments, processing tens of thousands of requests per second. It allows us to take full advantage of modern hardware, ensuring we utilise the entire capacity of our purchased CPUs. This helps us be more efficient with computing power, compute spend and minimises the environmental impact of our infrastructure as a result."
--David Mytton, Server Density
"We develop easy-to-use sensors and sensor systems with open source software to ensure every innovator, from school child to laboratory researcher, has the same opportunity to create. We integrate Motor into our software to guarantee massively scalable sensor systems for everyone."
--Ryan Smith, inXus Interactive
For issues with, questions about, or feedback for PyMongo, please look into our support channels. Please do not email any of the Motor developers directly with issues or questions - you're more likely to get an answer on the StackOverflow (using a "mongodb" tag).
Think you've found a bug? Want to see a new feature in Motor? Please open a case in our issue management tool, JIRA:
Bug reports in JIRA for all driver projects (i.e. MOTOR, CSHARP, JAVA) and the Core Server (i.e. SERVER) project are public.
Please include all of the following information when opening an issue:
Detailed steps to reproduce the problem, including full traceback, if possible.
The exact python version used, with patch level:
python -c "import sys; print(sys.version)"
python -c "import motor; print(motor.version)"
python -c "import pymongo; print(pymongo.version); print(pymongo.has_c())"
python -c "import tornado; print(tornado.version)"
If you've identified a security vulnerability in a driver or any other MongoDB project, please report it according to the instructions here.
Motor can be installed with pip:
pip install motor
Motor works in all the environments officially supported by Tornado or by asyncio. It requires:
Optional dependencies:
Motor supports same optional dependencies as PyMongo. Required dependencies can be installed along with Motor.
GSSAPI authentication requires gssapi
extra dependency. The correct
dependency can be installed automatically along with Motor:
pip install "motor[gssapi]"
similarly,
MONGODB-AWS authentication requires aws
extra dependency:
pip install "motor[aws]"
Support for mongodb+srv:// URIs requires srv
extra dependency:
pip install "motor[srv]"
OCSP requires ocsp
extra dependency:
pip install "motor[ocsp]"
Wire protocol compression with snappy requires snappy
extra
dependency:
pip install "motor[snappy]"
Wire protocol compression with zstandard requires zstd
extra
dependency:
pip install "motor[zstd]"
Client-Side Field Level Encryption requires encryption
extra
dependency:
pip install "motor[encryption]"
You can install all dependencies automatically with the following command:
pip install "motor[gssapi,aws,ocsp,snappy,srv,zstd,encryption]"
See requirements for details about compatibility.
See the examples on ReadTheDocs.
Motor's documentation is on ReadTheDocs.
Build the documentation with Python 3.8+. Install
sphinx, Tornado,
and aiohttp, and do
cd doc; make html
.
Run python setup.py test
. Tests are located in the test/
directory.
FAQs
Non-blocking MongoDB driver for Tornado or asyncio
We found that motor demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.