{"id":19320245,"url":"https://github.com/jlyonsmith/mongo-bongo","last_synced_at":"2026-05-16T09:09:46.408Z","repository":{"id":57301563,"uuid":"130125614","full_name":"jlyonsmith/mongo-bongo","owner":"jlyonsmith","description":"An opinionated MongoDB administration tool","archived":false,"fork":false,"pushed_at":"2019-05-12T21:35:34.000Z","size":219,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-12-25T01:12:36.650Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jlyonsmith.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-04-18T21:48:00.000Z","updated_at":"2019-05-12T21:35:36.000Z","dependencies_parsed_at":"2022-09-03T11:11:27.071Z","dependency_job_id":null,"html_url":"https://github.com/jlyonsmith/mongo-bongo","commit_stats":null,"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"purl":"pkg:github/jlyonsmith/mongo-bongo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jlyonsmith%2Fmongo-bongo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jlyonsmith%2Fmongo-bongo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jlyonsmith%2Fmongo-bongo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jlyonsmith%2Fmongo-bongo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jlyonsmith","download_url":"https://codeload.github.com/jlyonsmith/mongo-bongo/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jlyonsmith%2Fmongo-bongo/sbom","scorecard":{"id":523732,"data":{"date":"2025-08-11","repo":{"name":"github.com/jlyonsmith/mongo-bongo","commit":"53bdf418f13d57243a07b22a050f1f4b04d9c05e"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":1.7,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":0,"reason":"Found 0/28 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":0,"reason":"59 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-6chw-6frg-f759","Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw","Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-w8qv-6jwh-64r5","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c","Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-8r6j-v8pm-fqw3","Warn: Project is vulnerable to: MAL-2023-462","Warn: Project is vulnerable to: GHSA-w457-6q6x-cgp9","Warn: Project is vulnerable to: GHSA-62gr-4qp9-h98f","Warn: Project is vulnerable to: GHSA-f52g-6jhx-586p","Warn: Project is vulnerable to: GHSA-2cf5-4w76-r9qv","Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8","Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65","Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh","Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44","Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988","Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj","Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37","Warn: Project is vulnerable to: GHSA-896r-f27r-55mw","Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h","Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp","Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695","Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw","Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9","Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3","Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m","Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h","Warn: Project is vulnerable to: GHSA-fhjf-83wg-r2j9","Warn: Project is vulnerable to: GHSA-8hfj-j24r-96c4","Warn: Project is vulnerable to: GHSA-wc69-rhjr-hc9g","Warn: Project is vulnerable to: GHSA-5fw9-fq32-wv5p","Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9","Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp","Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-4g88-fppr-53pp","Warn: Project is vulnerable to: GHSA-4jqc-8m5r-9rpr","Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9","Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw","Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc","Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh","Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p","Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-jgrx-mgxx-jf9v","Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3","Warn: Project is vulnerable to: GHSA-6fc8-4gx4-v693","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q","Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh","Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-20T03:46:34.520Z","repository_id":57301563,"created_at":"2025-08-20T03:46:34.520Z","updated_at":"2025-08-20T03:46:34.520Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33096609,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-16T04:41:52.686Z","status":"ssl_error","status_checked_at":"2026-05-16T04:41:52.009Z","response_time":115,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-10T01:27:59.238Z","updated_at":"2026-05-16T09:09:46.393Z","avatar_url":"https://github.com/jlyonsmith.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Mongo Bongo\n\nAn _opinionated_ tool for managing MongoDB databases. It allows you to easily:\n\n- Configure authenticated databases users\n- Manage user passwords\n- Perform backups and restores\n- Rename databases\n- Work with replica sets\n\nNote, this tool has been tested to work with [MongoDB 4.x(https://docs.mongodb.com/manual/), macOS with [Homebrew](https://brew.sh/), and Ubuntu 18.04.\n\n## Users\n\nIn an authenticated database, users are stored in the `admin` database. As far as this tool is concerned, there are two categories of users:\n\n- **Administrative Users:** `root`, `backup` and `restore`.\n- **Database Users:** `admin` and `user`.\n\n`root` user is only used to manage users across databases. `backup` and `restore` are used for backing up and restoring databases respectively.\n\nWithin a database `admin` users are used for things like re-indexing. The `user` is for everything else, and is the user that the an API process will connect as.\n\n### `admin` Database\n\nTo create an admin database and add the `root`, etc.. users you must first bind Mongo to `localhost` only and then disable security:\n\n```\nbongo mongo --no-auth --no-bind-all\n```\n\nNow add the `admin` database users:\n\n```\nbongo users admin\n```\n\nRunning the command when the users already exists just confirms their existence. You can change passwords in future by running:\n\n```\nbongo users admin --new-passwords\n```\n\nNow re-enable security (and optionally bind to all IP addresses):\n\n```\nbongo mongo --auth --bind-all\n```\n\n## Credentials File\n\nAfter running `bongo users admin` you will have a `~/.bongo/credentials.json5` file that contains the users passwords. Having this file makes it easy to find the appropriate passwords to add to your MongoDB URI's when configuring your API services.\n\n_NOTE: If this is alarming to you, realize that it is no different from that way the systems like AWS work when they store login credentials in `~/.aws/credentials` files. The file has the mode set to allow only the user that creates it to read and modify it. Just make sure that the security for account is good, by using only SSH authentication for example._\n\n## Other Databases\n\nTo create the approriate users for other databases, with security enabled:\n\n```\nbongo users \u003cdb\u003e\n```\n\nAnd to regenerate passwords run:\n\n```\nbongo users \u003cdb\u003e --new-passwords\n```\n\n## Backups\n\nTo backup a database run:\n\n```\nbongo backup \u003cdb\u003e\n```\n\nYou'll get a timestamped `.tar.gz` file in the current directory. Specify `--output \u003cdir\u003e` to change the output directory. This file only contains non-system collections and is moded to only be accessible to the current user. It's a standard, compressed `tar` file. You can specify `--output` to give a different directory for where the file will be placed, but the name will always include the database name and the date/time.\n\nSpecify `--port` to use a non-default `mongod` instance. Specify `--new-name` to rename the database when backing it up. This is about as easy and fast as a database rename operation gets in MongoDB.\n\n## Restorations\n\nTo restore a backup:\n\n```\nbongo restore \u003carchive\u003e\n```\n\nRestores the database, _dropping any existing collections with the same_. You can set the `admin` and `user` users with `bongo` as above if needed, or just copy over the `credentials.json` file manually.\n\nYou can specify `--port` for non-default `mongod` instances, e.g. replica sets.\n\n## Other\n\nThe tool generates cryptographically strong 16 character alphanumeric passwords that should not give any problems when used on the command line or in MongoDB URI's with passwords, e.g. `mongodb://user:zY99Ab8cddf8e01x@localhost:27107/db-name`.\n\nThe `bongo mongo` command reads the `mongod.conf` file as YAML and rewrites it _stripping any comments_ If comments in the `.conf` file are important to you then please submit a pull request to add that functionality.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjlyonsmith%2Fmongo-bongo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjlyonsmith%2Fmongo-bongo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjlyonsmith%2Fmongo-bongo/lists"}