mongodb/node-mongodb-nativeNew scan
83/ 100 · B

Popular and well-maintained. A little polish away from elite status.

The official MongoDB Node.js driver

TypeScript10,180 starsApache-2.0updated 4d ago
DocumentationREADME, setup, examples, license
73
EngineeringTests, CI, linting, lockfiles
85
Project healthDescription, activity, stars, deps
97

What to fix first

The highest-impact improvements for this repo.

  1. 1
    CI/CD
    EngineeringWarning

    Add a step like `run: npm test`, `run: pytest`, or `run: tox` to your workflow file.

  2. 2
    CI/CD
    EngineeringInfo

    Add a lint step (e.g. `npm run lint`, `ruff check .`, `cargo clippy`) to catch style issues automatically.

  3. 3
    CI/CD
    EngineeringInfo

    Add `tsc --noEmit`, `mypy`, or `cargo check` to catch type errors before they merge.

Detailed breakdown

Documentation

73
  • README70
    • README is present.
    • README is well structured with multiple sections.
    • No screenshots or images in the README (−20 pts).Add a GIF, screenshot, or logo image. It is the fastest way to show what your project does.
    • README has code examples.
    • README links to a live demo or deployed app.
    • No status badges in the README (−10 pts).Add CI/build status badges from shields.io or your CI provider to signal project health.
  • Install and run instructions45
    • README documents how to install the project.
    • No run or usage instructions found (−45 pts).Add a section showing how to start or use the project.
    • If your project uses environment variables, add a .env.example listing them (+10 pts).Add a .env.example listing all required environment variables so contributors know what to set up.
  • License100
    • Licensed under Apache-2.0.
  • Contributing guide95
    • Contributing guide is detailed and thorough.
    • Contributing guide includes setup/install instructions.
    • Contributing guide describes code style expectations.
    • Contributing guide lacks a testing section (−8 pts).Show contributors how to run the test suite (e.g. npm test, pytest, cargo test).
    • Contributing guide describes the PR/review workflow.
    • Contributing guide includes code examples.
    • Code of conduct present.

Engineering

85
  • Tests100
    • Test files detected (.mocharc.js).
  • CI/CD57

    Not applicable?

    • CI is configured (.github/workflows/build_and_commit_docs.yml).
    • The CI workflow does not appear to run any tests (−28 pts).Add a step like `run: npm test`, `run: pytest`, or `run: tox` to your workflow file.
    • CI runs on pull requests, not just on pushes to main.
    • CI does not appear to run a linter (−15 pts).Add a lint step (e.g. `npm run lint`, `ruff check .`, `cargo clippy`) to catch style issues automatically.
    • Optional: add type checking to CI.Add `tsc --noEmit`, `mypy`, or `cargo check` to catch type errors before they merge.
    • Optional: report test coverage in CI.Upload coverage to Codecov, Coveralls, or report it with `--coverage` flags.
  • Linting and formatting95
    • Linter or formatter configured (.eslintrc.json).
    • Lint script wired into package.json.
    • tsconfig.json has `strict: true`. Full TypeScript type safety enabled.
  • Reproducibility90
    • Lockfile present (package-lock.json). Installs are reproducible.
    • No Dockerfile or runtime version pin found. Adding one earns +10 pts.Add a Dockerfile, .nvmrc, or .python-version to pin the runtime version and make the environment reproducible.
    • Dependabot covers 3 ecosystems (gitsubmodule, github-actions, npm). Dependencies stay current.
  • Issue and PR templates90
    • Issue or PR templates present.
    • Optional: add a SECURITY.md.A SECURITY.md explains how to responsibly disclose vulnerabilities. Worth adding once the project has real users.

Project health

97
  • Dependency manifest90
    • Dependency manifest found (package.json).
    • package.json has a description field.
    • package.json links back to the repository.
    • package.json has no build script (−10 pts).Add a `build` script to package.json so the project can be compiled with `npm run build`.
  • Repository metadata100
    • Repository has a description.
    • Primary language detected: TypeScript.
    • package.json metadata is complete (description, keywords, repository).
  • Activity100
    • Actively maintained (pushed within the last month).
    • 10,180 stars.
  • Housekeeping100
    • .gitignore present.
Repository files35 root entries
  • .evergreen
  • .github
    Good: CI is configured (.github/workflows/build_and_commit_docs.yml).
    Good: Dependabot covers 3 ecosystems (gitsubmodule, github-actions, npm). Dependencies stay current.
    Good: Issue or PR templates present.
  • docs
  • etc
  • src
  • test
  • .dockerignore
  • .eslintignore
  • .eslintrc.json
    Good: Linter or formatter configured (.eslintrc.json).
  • .gitignore
    Good: .gitignore present.
  • .gitmodules
  • .mocharc.js
    Good: Test files detected (.mocharc.js).
  • .npmignore
  • .nycrc.json
  • .prettierrc.json
  • .release-please-manifest.json
  • AGENTS.md
  • api-extractor.json
  • CLAUDE.md
  • CODE_OF_CONDUCT.md
    Good: Code of conduct present.
  • CONTRIBUTING.md
    Good: Contributing guide is detailed and thorough.
    Good: Contributing guide includes setup/install instructions.
    Good: Contributing guide describes code style expectations.
    Info: Contributing guide lacks a testing section (−8 pts).Fix: Show contributors how to run the test suite (e.g. npm test, pytest, cargo test).
    Good: Contributing guide describes the PR/review workflow.
    Good: Contributing guide includes code examples.
  • CONTRIBUTORS.md
  • drivers-evergreen-tools
  • global.d.ts
  • HISTORY.md
  • LICENSE.md
    Good: Licensed under Apache-2.0.
  • package-lock.json
    Good: Lockfile present (package-lock.json). Installs are reproducible.
  • package.json
    Good: Dependency manifest found (package.json).
  • README.md
    Good: README is present.
    Good: README is well structured with multiple sections.
    Warning: No screenshots or images in the README (−20 pts).Fix: Add a GIF, screenshot, or logo image. It is the fastest way to show what your project does.
    Good: README has code examples.
    Good: README links to a live demo or deployed app.
    Info: No status badges in the README (−10 pts).Fix: Add CI/build status badges from shields.io or your CI provider to signal project health.
    Good: README documents how to install the project.
    Warning: No run or usage instructions found (−45 pts).Fix: Add a section showing how to start or use the project.
  • release-please-config.json
  • sbom.json
  • THIRD-PARTY-NOTICES
  • tsconfig.json
  • tsdoc.json
  • typedoc.json