Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
The PyMongo distribution contains tools for interacting with MongoDB
database from Python. The bson
package is an implementation of the
BSON format for Python. The pymongo
package is
a native Python driver for MongoDB. The gridfs
package is a
gridfs
implementation on top of pymongo
.
PyMongo supports MongoDB 3.6, 4.0, 4.2, 4.4, 5.0, 6.0, 7.0, and 8.0.
For issues with, questions about, or feedback for PyMongo, please look into our support channels. Please do not email any of the PyMongo developers directly with issues or questions - you're more likely to get an answer on StackOverflow (using a "mongodb" tag).
Think you've found a bug? Want to see a new feature in PyMongo? Please open a case in our issue management tool, JIRA:
Bug reports in JIRA for all driver projects (i.e. PYTHON, CSHARP, JAVA) and the Core Server (i.e. SERVER) project are public.
Please include all of the following information when opening an issue:
Detailed steps to reproduce the problem, including full traceback, if possible.
The exact python version used, with patch level:
python -c "import sys; print(sys.version)"
python -c "import pymongo; print(pymongo.version); print(pymongo.has_c())"
The operating system and version (e.g. Windows 7, OSX 10.8, ...)
Web framework or asynchronous network library used, if any, with version (e.g. Django 1.7, mod_wsgi 4.3.0, gevent 1.0.1, Tornado 4.0.2, ...)
If you've identified a security vulnerability in a driver or any other MongoDB project, please report it according to the instructions here.
PyMongo can be installed with pip:
python -m pip install pymongo
You can also download the project source and do:
pip install .
Do not install the "bson" package from pypi. PyMongo comes with its own bson package; running "pip install bson" installs a third-party package that is incompatible with PyMongo.
PyMongo supports CPython 3.8+ and PyPy3.9+.
Required dependencies:
Support for mongodb+srv://
URIs requires dnspython
Optional dependencies:
GSSAPI authentication requires pykerberos on Unix or WinKerberos on Windows. The correct dependency can be installed automatically along with PyMongo:
python -m pip install "pymongo[gssapi]"
MONGODB-AWS authentication requires pymongo-auth-aws:
python -m pip install "pymongo[aws]"
OCSP (Online Certificate Status Protocol) requires PyOpenSSL, requests, service_identity and may require certifi:
python -m pip install "pymongo[ocsp]"
Wire protocol compression with snappy requires python-snappy:
python -m pip install "pymongo[snappy]"
Wire protocol compression with zstandard requires zstandard:
python -m pip install "pymongo[zstd]"
Client-Side Field Level Encryption requires pymongocrypt and pymongo-auth-aws:
python -m pip install "pymongo[encryption]"
You can install all dependencies automatically with the following command:
python -m pip install "pymongo[gssapi,aws,ocsp,snappy,zstd,encryption]"
Additional dependencies are:
Here's a basic example (for more see the examples section of the docs):
>>> import pymongo
>>> client = pymongo.MongoClient("localhost", 27017)
>>> db = client.test
>>> db.name
'test'
>>> db.my_collection
Collection(Database(MongoClient('localhost', 27017), 'test'), 'my_collection')
>>> db.my_collection.insert_one({"x": 10}).inserted_id
ObjectId('4aba15ebe23f6b53b0000000')
>>> db.my_collection.insert_one({"x": 8}).inserted_id
ObjectId('4aba160ee23f6b543e000000')
>>> db.my_collection.insert_one({"x": 11}).inserted_id
ObjectId('4aba160ee23f6b543e000002')
>>> db.my_collection.find_one()
{'x': 10, '_id': ObjectId('4aba15ebe23f6b53b0000000')}
>>> for item in db.my_collection.find():
... print(item["x"])
...
10
8
11
>>> db.my_collection.create_index("x")
'x_1'
>>> for item in db.my_collection.find().sort("x", pymongo.ASCENDING):
... print(item["x"])
...
8
10
11
>>> [item["x"] for item in db.my_collection.find().limit(2).skip(1)]
[8, 11]
Documentation is available at pymongo.readthedocs.io.
Documentation can be generated by running pip install hatch; hatch run doc:build. Generated
documentation can be found in the doc/build/html/
directory.
The easiest way to run the tests is to run hatch run test:test* in the root of the distribution. For example,
pip install hatch
hatch run test:test
FAQs
Python driver for MongoDB <http://www.mongodb.org>
We found that pymongo demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.