{"library":"mongo-escape","type":"library","category":null,"description":"Lightweight npm package (v2.0.6, last updated 2016) for escaping $ and . characters in MongoDB query keys to prevent NoSQL injection attacks. Replaces $ with Unicode fullwidth dollar sign (＄) and . with Unicode fullwidth full stop (．). Only protects against keyword injection, not full JavaScript injection – mapReduce and $where are not safe. Works on strings and objects (keys escaped in-place, no clone). Supports escape and unescape functions, with optional recursion flag. Minimal dependencies, simple API. Suitable for legacy systems needing basic injection prevention; not actively maintained.","language":"javascript","status":"maintenance","version":"2.0.6","tags":["javascript","mongo","key","escape","sanitize","injection"],"last_verified":"Fri Jun 05","install":[{"cmd":"npm install mongo-escape","imports":["import { escape } from 'mongo-escape'","import { unescape } from 'mongo-escape'","import mongoEscape from 'mongo-escape'"]},{"cmd":"yarn add mongo-escape","imports":[]},{"cmd":"pnpm add mongo-escape","imports":[]}],"homepage":"https://github.com/timkuijsten/node-mongo-escape","github":"git://github.com/timkuijsten/node-mongo-escape","docs":null,"changelog":null,"pypi":null,"npm":"mongo-escape","openapi_spec":null,"status_page":null,"smithery":null,"compatibility":null}