Automattic/mongoose: Grade B (89/100)

Automattic/mongoose Scan another repoNew scan

89/ 100 · B

A top-tier open source project. Docs, tests, and CI are all in excellent shape.

MongoDB object modeling designed to work in an asynchronous environment.

JavaScript27,485 starsMITupdated 2d ago

repo-grade-iota.vercel.app/report/Automattic/mongoose

DocumentationREADME, setup, examples, license

EngineeringTests, CI, linting, lockfiles

Project healthDescription, activity, stars, deps

What to fix first

The highest-impact improvements for this repo.

1
CI/CD
EngineeringInfo
Add `tsc --noEmit`, `mypy`, or `cargo check` to catch type errors before they merge.
2
CI/CD
EngineeringInfo
Upload coverage to Codecov, Coveralls, or report it with `--coverage` flags.
3
Install and run instructions
DocumentationWarning
Add a section showing how to start or use the project.

Detailed breakdown

Documentation

README100
- README is present.
- README is well structured with multiple sections.
- README includes screenshots or visuals. Great for first impressions.
- README has code examples.
- README links to a live demo or deployed app.
- README includes status badges.
Install and run instructions45
- README documents how to install the project.
- No run or usage instructions found (−45 pts).Add a section showing how to start or use the project.
- If your project uses environment variables, add a .env.example listing them (+10 pts).Add a .env.example listing all required environment variables so contributors know what to set up.
License100
- Licensed under MIT.
Contributing guide85
- Contributing guide is detailed and thorough.
- Contributing guide includes setup/install instructions.
- Contributing guide lacks a code style section (−8 pts).Describe your linting/formatting rules and how to run them (e.g. npm run lint, ruff check .).
- Contributing guide explains how to run tests.
- Contributing guide describes the PR/review workflow.
- Contributing guide has no code examples (−5 pts).Add code blocks showing example commands for setup, running tests, and submitting a PR.
- Optional: add a Code of Conduct (+5 pts).A CODE_OF_CONDUCT.md signals that your project is welcoming. GitHub has a template you can add in one click.

Engineering

Tests100
- Test files detected (.mocharc.yml).
CI/CD100
Not applicable?
- CI is configured (.github/workflows/test.yml).
- CI workflow runs tests.
- CI runs on pull requests, not just on pushes to main.
- CI workflow runs a lint or format check.
- Optional: add type checking to CI.Add `tsc --noEmit`, `mypy`, or `cargo check` to catch type errors before they merge.
- Optional: report test coverage in CI.Upload coverage to Codecov, Coveralls, or report it with `--coverage` flags.
- CI caches dependencies for faster runs.
- CI tests across multiple environments or versions.
Linting and formatting95
- Linter or formatter configured (eslint.config.mjs).
- Lint script wired into package.json.
- tsconfig.json has `strict: true`. Full TypeScript type safety enabled.
Reproducibility20
- No dependency lockfile found (−70 pts).Commit a lockfile (package-lock.json, poetry.lock, uv.lock, etc.) so installs produce the same result everywhere.
- No Dockerfile or runtime version pin found. Adding one earns +10 pts.Add a Dockerfile, .nvmrc, or .python-version to pin the runtime version and make the environment reproducible.
- Dependabot covers 2 ecosystems (npm, github-actions). Dependencies stay current.
Issue and PR templates100
- Issue or PR templates present.
- Security policy present.

Project health

Dependency manifest90
- Dependency manifest found (package.json).
- package.json has a description field.
- package.json links back to the repository.
- package.json has no build script (−10 pts).Add a `build` script to package.json so the project can be compiled with `npm run build`.
Repository metadata100
- Repository has a description.
- Primary language detected: JavaScript.
- package.json metadata is complete (description, keywords, repository).
Activity100
- Actively maintained (pushed within the last month).
- 27,485 stars.
Housekeeping100
- .gitignore present.

Repository files29 root entries

.github
Good: CI is configured (.github/workflows/test.yml).
Good: Dependabot covers 2 ecosystems (npm, github-actions). Dependencies stay current.
Good: Issue or PR templates present.
benchmarks
docs
lib
scripts
test
tools
types
.gitignore
Good: .gitignore present.
.markdownlint-cli2.cjs
.mocharc.yml
Good: Test files detected (.mocharc.yml).
.npmignore
.npmrc
CHANGELOG.md
Good: Contributing guide is detailed and thorough.
Good: Contributing guide includes setup/install instructions.
Info: Contributing guide lacks a code style section (−8 pts).Fix: Describe your linting/formatting rules and how to run them (e.g. npm run lint, ruff check .).
Good: Contributing guide explains how to run tests.
Good: Contributing guide describes the PR/review workflow.
Info: Contributing guide has no code examples (−5 pts).Fix: Add code blocks showing example commands for setup, running tests, and submitting a PR.
CNAME
CONTRIBUTING.md
eslint.config.mjs
Good: Linter or formatter configured (eslint.config.mjs).
History.md
index.js
index.pug
lgtm.yml
LICENSE.md
Good: Licensed under MIT.
migrating_to_5.md
package.json
Good: Dependency manifest found (package.json).
README.md
Good: README is present.
Good: README is well structured with multiple sections.
Good: README includes screenshots or visuals. Great for first impressions.
Good: README has code examples.
Good: README links to a live demo or deployed app.
Good: README includes status badges.
Good: README documents how to install the project.
Warning: No run or usage instructions found (−45 pts).Fix: Add a section showing how to start or use the project.
release-items.md
SECURITY.md
Good: Security policy present.
tsconfig.json
tstyche.json