Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: update dependency mongodb to ^3.7.4 (5.x) #707

Open
wants to merge 1 commit into
base: 5.x
Choose a base branch
from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jun 27, 2022

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
mongodb ^3.2.4 -> ^3.7.4 age adoption passing confidence

Release Notes

mongodb/node-mongodb-native (mongodb)

v3.7.4

Compare Source

The MongoDB Node.js team is pleased to announce version 3.7.4 of the mongodb package!

Release Highlights

This release fixes a bug that throws a type error when SCRAM-SHA-256 is used with saslprep in a webpacked environment.

3.7.4 (2023-06-21)
Bug Fixes
Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v3.7.3

Compare Source

The MongoDB Node.js team is pleased to announce version 3.7.3 of the mongodb package!

What's Changed

Full Changelog: mongodb/node-mongodb-native@v3.7.2...v3.7.3

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v3.7.2

Compare Source

The MongoDB Node.js team is pleased to announce version 3.7.2 of the mongodb package!

Release Highlights

This release contains a fix for optional require of dependencies on yarn berry.

Bug Fixes
  • NODE-3622: bump optional-require for additional yarn berry pnp support (#​2989) (ec23d6302)

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v3.7.1

Compare Source

The MongoDB Node.js team is pleased to announce version 3.7.1 of the mongodb package!

Release Highlights

This release contains an internal improvement that makes our monitor utilize the new hello handshake for monitoring when available.

Features

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v3.7.0

Compare Source

The MongoDB Node.js team is pleased to announce version 3.7.0 of the mongodb package!

Release Highlights

Versioned API

Versioned API is a new feature in MongoDB 5.0 that allows user-selectable API versions, subsets of MongoDB server semantics, to be declared on a client. During communication with a server, clients with a declared API version will force the server to behave in a manner compatible with the API version. Declaring an API version on a client can be used to ensure consistent responses from a server, providing long term API stability for an application. The declared API version is applied to all commands run through the client, including those sent through the generic RunCommand helper. Specifying versioned API options in the command document AND declaring an API version on the client is not supported and will lead to undefined behavior.

Declare an API version on a client
// Declare API version "1" for the client
client = new MongoClient(uri, { serverApi: { version: '1' } });

cursor = client.db('database').collection('coll').find(...);
Strict mode

Declaring a strict API version will cause the MongoDB server to reject all commands that are not part of the declared API version. This includes command options and aggregation pipeline stages. For example, the following find call would fail because the tailable option is not part of version 1:

// Declare API version "1" for the client, with strict on
client = new MongoClient(uri, { serverApi: { version: '1', strict: true } });

// Fails with an error
cursor = client.db('database').collection('coll').find({ ... }, { tailable: true });
Deprecation Errors

The deprecationErrors option can be used to enable command failures when using functionality that is deprecated from version 1. Note that at the time of this writing, no deprecations in version 1 exist.

// Declare API version "1" for the client, with deprecationErrors on
client = new MongoClient(uri, { serverApi: { version: '1', deprecationErrors: true } });

// Note: since API version "1" is the initial version, there are no deprecated commands to provide as an example yet.
Features
Bug Fixes

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v3.6.12

Compare Source

The MongoDB Node.js team is pleased to announce version 3.6.12 of the mongodb package!

Bug Fixes

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v3.6.11

Compare Source

The MongoDB Node.js team is pleased to announce version 3.6.11 of the mongodb package!

Release Highlights

This patch addresses a few bugs listed below.
Notably, we fixed an issue with the way we imported one of our optional dependencies that blocked webpack bundling.

If you are a webpack user you will still get warnings for our optional dependencies (if you don't use them).
You can hush the warnings by adding this option to your webpack config:

{
    // ...
    externals: [
        'mongodb-client-encryption',
        'aws4',
        'saslprep',
        'kerberos',
        'snappy',
        'bson-ext',
    ],
    // ...
}

It is important to note that this will leave the imports in place and not pull in the code to your bundle. If you later do adopt using these dependencies you'll want to revert the relevant setting.

Bug Fixes
  • NODE-1843: bulk operations ignoring provided sessions (#​2898) (9244b17)
  • NODE-3199: unable to bundle driver due to uncaught require (#​2903) (60efe9d)

Documentation

We invite you to try the mongodb package immediately, and report any issues to the NODE project.

v3.6.10

Compare Source

The MongoDB Node.js team is pleased to announce version 3.6.10 of the mongodb package!

Release Highlights

This patch addresses a few bugs listed below. Notably the bsonRegExp option is now respected by the underlying BSON library, you can use this to decode regular expressions that contain syntax not permitted in native JS RegExp objects. Take a look at this example:

await collection.insertOne({ a: new BSONRegExp('(?-i)AA_') })
await collection.findOne({ a: new BSONRegExp('(?-i)AA_') }, { bsonRegExp: true })
// { _id: ObjectId,  a: BSONRegExp { pattern: '(?-i)AA_', options: '' } }

Also there was an issue with Cursor.forEach where user defined forEach callbacks that throw errors incorrectly handled catching errors. Take a look at the comments in this example:

collection.find({}).forEach(doc => {
    if(doc.bad) throw new Error('bad document!');
}).catch(error => {
    // now this is called! and error is `bad document!`
})
// before this fix the `bad document!` error would be thrown synchronously
// and have to be caught with try catch out here
Bug Fixes
  • NODE-2035: Exceptions thrown from awaited cursor forEach do not propagate (#​2852) (a917dfa)
  • NODE-3150: added bsonRegExp option for v3.6 (#​2843) (e4a9a57)
  • NODE-3358: Command monitoring objects hold internal state references (#​2858) (750760c)
  • NODE-3380: perform retryable write checks against server (#​2861) (621677a)
  • NODE-3397: report more helpful error with unsupported authMechanism in initial handshake (#​2876) (3ce148d)

Documentation

We invite you to try the mongodb package immediately, and report any issues to the NODE project.

v3.6.9

Compare Source

The MongoDB Node.js team is pleased to announce version 3.6.9 of the driver!

Release Highlights

This release fixes a major performance bug in bulk write operations, which was inadvertently introduced by an incomplete code change in the previous release. The bug resulted in redundant array iterations and caused exponential increases in bulk operation completion times. Thank you Jan Schwalbe for bringing this to our attention!

Bug Fixes
  • NODE-3309: remove redundant iteration of bulk write result (#​2815) (fac9610)
  • NODE-3234: fix url parsing for a mongodb+srv url that has commas in the database name (#​2789) (58c4e69)

Documentation

We invite you to try the mongodb package immediately, and report any issues to the NODE project.

v3.6.8

Compare Source

The MongoDB Node.js team is pleased to announce version 3.6.8 of the mongodb package!

Release Highlights

Thanks to the quick adoption of the previous new patch by the mongoose package (https://github.com/Automattic/mongoose/pull/10265) a small bug was identified when connections to mongodb would timeout causing unnecessary clean up operations to run. Thank you @​vkarpov15!

Bug Fixes
  • NODE-3305: undo flipping of beforeHandshake flag for timeout errors (#​2813) (6e3bab3)

Documentation

We invite you to try the mongodb package immediately, and report any issues to the NODE project.

v3.6.7

Compare Source

The MongoDB Node.js team is pleased to announce version 3.6.7 of the driver

Release Highlights

This patch addresses a number of bug fixes. Notably, there was an interesting javascript related issue with sorting documents. It only impacts users using numerical keys in their documents.

> { a: 'asc', [23]: 'asc' }
{ [23]: 'asc', a: 'asc' } // numbers come first

In javascript, numerical keys are always iterated first when looping over the keys of an object followed by the chronological specification of each string key. This effectively changes the ordering of a sort document sent to mongodb. However our driver does accept sort specification in a variety of ways and one way to avoid this problem is passing an array of tuples:

[['a', 'asc'], ['23', 'asc']]

This ensures that mongodb is sent the 'a' key as the first sort key and '23' as the second.

Bug Fixes

Documentation

We invite you to try the driver immediately, and report any issues to the NODE project.

Thanks very much to all the community members who contributed to this release!

v3.6.6

Compare Source

The MongoDB Node.js team is pleased to announce version 3.6.6 of the driver

Release Highlights

This patch addresses a number of bugs listed below.
Most notably, for client side encryption users upgrading to this version of the driver along with the new version of [email protected] will alleviate the potential deadlock case if your connection pool was fully utilized. There will now be an internal MongoClient that will be used for metadata look ups (e.g, listCollections) when the pool size is under certain constraints. The events generated from this client are forwarded to the client instance you initialize so it is possible to monitor all events.

Bug

  • [NODE-2995] - Sharing a MongoClient for metadata lookup can lead to deadlock in drivers using automatic encryption
  • [NODE-3050] - Infinite loop on Windows due to a bug in require_optional package
  • [NODE-3120] - TypeError: Cannot read property 'roundTripTime' of undefined
  • [NODE-3122] - Pipelining an upload stream of GridFSBucket never finishes on Node v14
  • [NODE-3129] - Collection () .. .setReadPreference() not routing query to secondaries
  • [NODE-3133] - autoEncryption produces serverHeartbeatFailed - with MongoError typemismatch

Improvement

  • [NODE-3070] - Define error handling behavior of writeErrors and writeConcernError on Mongos

Documentation

We invite you to try the driver immediately, and report any issues to the NODE project.

Thanks very much to all the community members who contributed to this release!

v3.6.5

Compare Source

The MongoDB Node.js team is pleased to announce version 3.6.5 of the driver!

Notable Fixes

In this patch there is a fix surrounding an issue some users were encountering in serverless environments when using the Unified Topology. If the nodejs process went unused for a great amount of time there was an intermittent issue that would cause startSession to fail, however, issuing a dummy read request would resolve the problem. The session support check is now done after server selection meaning the driver has the most up to date information about the MongoDB deployment before utilizing sessions. We encourage any user's that implemented workarounds to updated their driver and make use of this fix.

In addition, the previous release of our driver added a warning about an upcoming change in the v4 version of the driver about how users can specify their write concern options. We've updated the driver to use nodejs's process.emitWarning API in nearly all cases where the driver prints something out, as well as limit most warning messages to only be printed once.

Bug

  • session support detection spec compliance (#​2732) (9baec71)
  • [NODE-3100] - startSession fails intermittently on servers that support sessions
  • [NODE-3066] - Accessing non-existent property 'MongoError' of module exports inside circular dependency
  • [NODE-3114] - Incorrect warning: Top-level use of w, wtimeout, j, and fsync is deprecated
  • [NODE-3119] - Node 14.5.4, mongo 3.6.4 Circular warnings

v3.6.4

Compare Source

MongoDB Driver v3.6.4

The MongoDB Node.js team is pleased to announce version 3.6.4 of the driver

Release Highlights

Explain Support

The full set of $explain verbosity settings are now supported:

  • queryPlanner
  • queryPlannerExtended
  • executionStats
  • allPlansExecution

In the following commands:

  • aggregate() (MDB 3.0+)
  • find() (MDB 3.0+)
  • remove() (MDB 3.0+)
  • update() (MDB 3.0+)
  • distinct() (MDB 3.2+)
  • findAndModify() (MDB 3.2+)
  • mapReduce() (MDB 4.4+)

You can get a lot of insight into the performance of a query or optimization using these fine grained reports.
To learn more about how to use explain read here.

Direct Connection Issue Revert

We removed automatic direct connection for the unified topology in the 3.6.3 release of the driver. This change was preparatory for the 4.0 version of the driver, where we'll always perform automatic discovery. To avoid making this kind of change in a patch release, this version restores automatic direct connection when connecting to a single host using the unified topology without a specified replicaSet and without directConnection: false, in line with previous 3.6 releases.

NOTE: In the next major version the unifiedTopology is the only Topology and it is required to either specify a replicaSet name or enable directConnection in order to connect to single nodes in a replica set.

Support Azure and GCP keystores in FLE

There are no functional changes to the driver to support using Azure and GCP keystores but a new mongodb-client-encryption release (v1.2.0) can be found here which prominently features support for these key stores.

Documentation

We invite you to try the driver immediately, and report any issues to the NODE project.

Thanks very much to all the community members who contributed to this release!

Release Notes

Bug
  • [NODE-2355] - GridFSBucketWriteStream doesn't implement stream.Writable properly
  • [NODE-2828] - noCursorTimeout does not seem to for find()
  • [NODE-2874] - Setting connectionTimeoutMS to 0 will result in a disconnection every heartbeatFrequencyMS
  • [NODE-2876] - Race condition when resetting server monitor
  • [NODE-2916] - Legacy topology hangs with unlimited socket timeout
  • [NODE-2945] - ignoreUndefined not works on findOneAndUpdate when { upsert: true }
  • [NODE-2965] - MongoClient.readPreference returns "primary" ignoring readPref from connection string
  • [NODE-2966] - Unified topology: server selection fails when trying to connect to a remote replica set with a member whose 'host' attribute resolves to 'localhost'
  • [NODE-2977] - Query parameters with path in connection string not working on windows
  • [NODE-2986] - MongoError: pool destroyed
Features
  • [NODE-2762] - Comprehensive Support for Explain
  • [NODE-2852] - Add explain support to non-cursor commands
  • [NODE-2853] - Add explain support to cursor-based commands
Improvement
  • [NODE-1726] - Deprecate Topology events in Db
  • [NODE-2825] - Support Azure and GCP keystores in FLE
  • [NODE-2880] - Improve stack traces in the session leak checker
  • [NODE-2895] - Update AggregateCursor "unwind" method to match the native driver
  • [NODE-2995] - Sharing a MongoClient for metadata lookup can lead to deadlock in drivers using automatic encryption

v3.6.3

Compare Source

The MongoDB Node.js team is pleased to announce version 3.6.3 of the driver

Release Highlights

MongoError: not master when running createIndex

A regression introduced in v3.6.2 meant that createIndex operations would not be executed with a fixed
primary read preference. This resulted in the driver selecting any server for the operation, which would
fail if a non-primary was selected.

Performance issues on AWS Lambda

The driver periodically monitors members of the replicaset for changes in the topology, but ensures that
the "monitoring thread" is never woken sooner than 500ms. Measuring this elapsed time depends on a
stable clock, which is not available to us in some virtualized environments like AWS Lambda. The result
was that periodically operations would think there were no available servers, and the driver would force
a wait of heartbeatFrequencyMS (10s by default) before reaching out to servers again for a new
monitoring check. The internal async interval timer has been improved to account for these environments

GSSAPI AuthProvider reuses single kerberos client

A regression introduced in v3.6.0 forced the driver to reuse a single kerberos client for all
authentication attempts. This would result in incomplete authentication flows, and occaisionally even
a crash in the kerberos module. The driver has been reverted to creating a kerberos client per
authentication attempt.

Performance regression due to use of setImmediate

A change introduced in v3.6.1 switched all our usage of process.nextTick in the connection pool with
setImmediate per Node.js core recommendation. This was observed to introduce noticeable latency when the event loop
was experiencing pressure, so the change was reverted for this release pending further investigation.

Community Contributions
  • @​jswangjunsheng submitted a fix for a rare scenario when wait queue members time out before connection establishment
  • @​through-a-haze submitted a fix for incorrect construction of an X509 authentication message
  • @​andreialecu helped us indicate peer optional dependencies in our package.json for stricter package managers (pnpm, yarn2)

Documentation

Reference: http://mongodb.github.io/node-mongodb-native/3.6/
API: http://mongodb.github.io/node-mongodb-native/3.6/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md

We invite you to try the driver immediately, and report any issues to the NODE project.

Thanks very much to all the community members who contributed to this release!

Release Notes

Bug

  • [NODE-2172] - Change stream breaks on disconnection when there&#​39;s something piped into it.
  • [NODE-2784] - MongoError: Not Master when running createIndex in 3.6.0
  • [NODE-2807] - MongoClient.readPreference always returns primary
  • [NODE-2827] - Connecting to single mongos makes driver think it is connected to a standalone
  • [NODE-2829] - MongoDB Driver 3.6+ Performance issues on AWS Lambda
  • [NODE-2835] - Remove default timeout for read operations
  • [NODE-2859] - GSSAPI AuthProvider causing crashes in Compass
  • [NODE-2861] - Performance Regression for usage of mongodb connections (queries, inserts, ...)
  • [NODE-2865] - Connections can be leaked if wait queue members are cancelled
  • [NODE-2869] - Invalid assignment of X509 username makes authentication impossible

Improvement

  • [NODE-2834] - Remove deprecation of AggregationCursor#geoNear
  • [NODE-2867] - Use peerDependenciesMeta field to mark peer optional dependencies

v3.6.2

Compare Source

The MongoDB Node.js team is pleased to announce version 3.6.2 of the driver

Release Highlights

Updated bl dependency due to CVE-2020-8244

See this link for more details: GHSA-pp7h-53gx-mx7r

Connection pool wait queue processing is too greedy

The logic for processing the wait queue in our connection pool ran the risk of
starving the event loop. Calls to process the wait queue are now wrapped in a
setImmediate to prevent starvation

Documentation

Reference: http://mongodb.github.io/node-mongodb-native/3.6/
API: http://mongodb.github.io/node-mongodb-native/3.6/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md

We invite you to try the driver immediately, and report any issues to the NODE project.

Thanks very much to all the community members who contributed to this release!

Release Notes

Bug

  • [NODE-2798] - Update version of dependency "bl" due to vulnerability
  • [NODE-2803] - Connection pool wait queue processing is too greedy

v3.6.1

Compare Source

The MongoDB Node.js team is pleased to announce version 3.6.1 of the driver

Release Highlights

Kerberos

A bug in introducing the new CMAP Connection prevented some users from properly authenticating with the kerberos module.

Index options are not respected with createIndex

The logic for building the createIndex command was changed in v3.6.0 to use an allowlist rather than a blocklist, but omitted a number of index types in that list. This release reintroduces all supported index types to the allowlist.

Remove strict mode for createCollection

Since v3.6.0 createCollection will no longer returned a cached Collection instance if a collection already exists in the database, rather it will return a server error stating that the collection already exists. This is the same behavior provided by the strict option for createCollection, so that option has been removed from documentation.

Documentation

Reference: http://mongodb.github.io/node-mongodb-native/3.6/
API: http://mongodb.github.io/node-mongodb-native/3.6/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md

We invite you to try the driver immediately, and report any issues to the NODE project.

Thanks very much to all the community members who contributed to this release!

Release Notes

Bug

  • [NODE-2731] - CMAP Connection type does not provide host/port properties
  • [NODE-2755] - "language_override" option support for text index is broken

Improvement

  • [NODE-2730] - Move MongoAuthProcess into the driver source tree
  • [NODE-2746] - Strict mode for `createCollection` should be removed

v3.6.0

Compare Source

The MongoDB Node.js team is pleased to announce version 3.6.0 of the driver

NOTE: This version begins our official support for MongoDB 4.4

Release Highlights

Streaming topology changes

MongoDB drivers maintain a local view of the topology they are connected to, and ensure the accuracy of that view by polling connected nodes on average every ~10s. In MongoDB 4.4, drivers are now able to receive push notifications about topology updates, effectively reducing the time for client recovery in failover scenarios to the time it takes for the server to make the election and report the outcome.

This feature is enabled by default when connecting to MongoDB 4.4, no changes are needed for user code.

Authentication
MONGODB-AWS authentication mechanism

The MONGODB-AWS authentication mechanism uses your Amazon Web Services Identity and Access Management (AWS IAM) credentials to authenticate users on MongoDB 4.4+. Please read more about this new authentication mechanism in our documentation.

Performance improvements

There were two projects to transparently improve performance of authentication in MongoDB 4.4:

  • A driver can now include the first saslStart command in its initial handshake with server. This so-called "speculative authentication" allows us to reduce one roundtrip to the server for authentication a connection. This feature is only support for X.509, SCRAM-SHA-1 and SCRAM-SHA-256 (default) authentication mechanisms.

  • The SCRAM conversation between driver and server can now skip one of it's empty exchanges which also serves to reduce the roundtrips during a SCRAM authentication.

Changes in behavior of Db.prototype.createCollection

The createCollection helper used to internally run a listCollections command in order to see if a collection already existed before running the command. If it determined a collection with the same name existed, it would skip running the command and return an instance of Collection. This behavior was changed in v3.6.0 to avoid potentially serious bugs, specifically that the driver was not considering options passed into createCollection as part of the collection equality check. Imagine the following scenario:

const client = new MongoClient('...');
await client.connect();
 
await client.db('foo').collection('bar').insert({ importantField: 'llamas' });
await client.db('foo').createCollection('bar', {
  validator: { $jsonSchema: {
    bsonType: 'object',
    required: ['importantField'],
    properties: { name: { bsonType: 'boolean' } }
  }
});

The createCollection call which defines a JSON schema validator would be completely bypassed because of the existence of bar, which was implicitly created in the first command. Our policy is strictly adhere to semver, but in rare cases like this where we feel there is potential for a data corrupting bug, we make breaking behavioral changes to protect the user.

Documentation

Reference: http://mongodb.github.io/node-mongodb-native/3.6/
API: http://mongodb.github.io/node-mongodb-native/3.6/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md

We invite you to try the driver immediately, and report any issues to the NODE project.

Thanks very much to all the community members who contributed to this release!

Release Notes

Epic

New Feature

  • [NODE-2434] - Reduce Client Time To Recovery On Topology Changes
  • [NODE-2288] - MONGODB-AWS Support
  • [NODE-2289] - Support for allowDiskUse on find operations
  • [NODE-2290] - Allow passing hint to findAndModify update and replace operations
  • [NODE-2291] - Improve testing around default writeConcern
  • [NODE-2295] - Collection and index creation in multi-doc txns
  • [NODE-2427] - OCSP Support
  • [NODE-2487] - Support speculative authentication attempts in isMaster
  • [NODE-2301] - Support shorter SCRAM conversation
  • [NODE-2269] - Add support for validate command "background" option

Improvement

  • [NODE-2175] - Avoid using readConcern snapshot in sharded transaction tests
  • [NODE-2176] - Resync bson-corpus array.json to fix duplicate test names
  • [NODE-2393] - Change uri_options/auth-options spec test to enable conditional tests
  • [NODE-2394] - Verify max set version and max election id on topologies in SDAM spec tests
  • [NODE-2422] - Validate that mongocryptd is not spawned if bypassAutoEncryption=true
  • [NODE-2430] - Raise error if hint specified for unacknowledged update using OP_MSG or OP_UPDATE
  • [NODE-2431] - Reduce floating point precision required of extended json implementations
  • [NODE-2432] - Clarify behavior when "me" field doesn&#​39;t match any values in "hosts" array
  • [NODE-2477] - Allow hinting the delete command
  • [NODE-2504] - Add SDAM test for incompatible server becoming compatible
  • [NODE-2506] - Ensure that the WriteConcernError "errInfo" object is propagated
  • [NODE-2538] - Add RetryableWriteError error labels to retryable transaction tests
  • [NODE-2546] - Deprecate geoHaystack and geoSearch
  • [NODE-2559] - Reduce race conditions in SDAM error handling
  • [NODE-2560] - Make &#​39;reIndex&#​39; a standalone-only command
  • [NODE-2564] - Clarify how a driver must handle wrong set name in single topology
  • [NODE-2569] - &#​39;CommitQuorum&#​39; option support for &#​39;createIndexes’ command on MongoDB 4.4
  • [NODE-2576] - Raise error when hint option is provided on unacknowledged writes against any server version
  • [NODE-2592] - Update documentation for Text Search
  • [NODE-2594] - Do not add the RetryableWriteError label to errors that occur during a write within a transaction (excepting commitTransaction and abortTransaction)
  • [NODE-2622] - allowDiskUse option for find should be documented as only being supported in 4.4+
  • [NODE-2627] - Reduce default keepalive time to align with Azure defaults
  • [NODE-2659] - Drivers should retry replSetStepDown after "Unable to acquire X lock" error
  • [NODE-2661] - Define behavior of connectTimeoutMS=0 with streaming protocol
  • [NODE-2675] - Test that ElectionInProgress is not resumed
  • [NODE-2682] - Treat CursorNotFound as a resumable change stream error
  • [NODE-2150] - Bump wire protocol version for 4.4
  • [NODE-2379] - Expand use of error labels for RetryableWrites
  • [NODE-2423] - Deprecate oplogReplay find command option from CRUD spec
  • [NODE-2426] - Make ExceededTimeLimit retryable writes error
  • [NODE-2429] - GridFS index checking should support indexes created in the shell
  • [NODE-2433] - Lift restriction on authSource without credentials
  • [NODE-2452] - Unify behavior around configuration for replica set discovery
  • [NODE-2510] - Driver support for server Hedged Reads
  • [NODE-2516] - Update comment in Transactions withTxn examples for the manual.
  • [NODE-2557] - Remove replicaset from tests that perform reIndex command

Bug

  • [NODE-2416] - Confusing documentation for collection.aggregate collation option
  • [NODE-2502] - replaceOne example in test/examples/update_documents.js incorrect
  • [NODE-2537] - createCollection helper should not run listIndexes outside of strict mode
  • [NODE-2567] - Fix qs dependency for older node
  • [NODE-2616] - SDAM test typo "compatible"
  • [NODE-2623] - Gridfs doesn&#​39;t allow to catch exception with length that exceeds file size
  • [NODE-2660] - Throw an error if bulk update documents don&#​39;t contain update operator expressions
  • [NODE-2711] - Monitoring should not be immediately scheduled on streaming failure

v3.5.11

Compare Source

The MongoDB Node.js team is pleased to announce version 3.5.11 of the driver

Release Highlights

Kerberos

A bug in introducing the new CMAP Connection prevented some users from properly
authenticating with the kerberos module.

Updated bl dependency due to CVE-2020-8244

See this link for more details: GHSA-pp7h-53gx-mx7r

Documentation

Reference: http://mongodb.github.io/node-mongodb-native/3.5/
API: http://mongodb.github.io/node-mongodb-native/3.5/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.5/HISTORY.md

We invite you to try the driver immediately, and report any issues to the NODE project.

Thanks very much to all the community members who contributed to this release!

Release Notes

Bug

  • [NODE-2731] - CMAP Connection type does not provide host/port properties
  • [NODE-2798] - Update version of dependency "bl" due to vulnerability

v3.5.10

Compare Source

The MongoDB Node.js team is pleased to announce version 3.5.10 of the driver

NOTE: This will be the final release in the 3.5.x branch, please consider upgrading to 3.6.0

Release Highlights

TypeError: Cannot read property 'documents' of null

@​adrian-gierakowski helped us identify a bug with our ChangeStreamCursor, specifically when the cursor
was complete it would not return a valid document but instead a null value.

Command helper not respecting server selection specification rules

The server selection specification indicates that the "runCommand" helper should act
as a read operation for the purposes of server selection, and that it should use a default read
preference of "primary" which can only be overridden by the helper itself. The driver had a bug
where it would inherit the read preference from its "parent" type (Collection, Db, MongoClient)
which is at odds with the specified behavior.

mongodb+srv invalid IPv6 support

Due to a bug in how we referred to ipv6 addresses internal to the driver, if a mongodb+srv
connection string was provided with an ipv6 address the driver would never be able to connect
and would result in a the following error RangeError: Maximum call stack size exceeded.

maxStalenessSeconds not accepted when provided via options

There was a bug in our connection string and MongoClient options parsing where a value provided
for maxStalenessSeconds would not end up being reflected in the ReadPreference used internal
to the driver.

Sessions are prohibited with unacknowledged writes

MongoDB can provide no guarantees around unacknowledged writes when used within a session. The
driver will now silently remove the lsid field from all writes issued with { w: 0 }, and
will return an error in these situations in the upcoming 4.0 major release.

Documentation

Reference: http://mongodb.github.io/node-mongodb-native/3.5/
API: http://mongodb.github.io/node-mongodb-native/3.5/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.5/HISTORY.md

We invite you to try the driver immediately, and report any issues to the NODE project.

Thanks very much to all the community members who contributed to this release!

Release Notes

Bug

  • [NODE-2626] - initialising change stream results in: TypeError: Cannot read property &#​39;documents&#​39; of null
  • [NODE-2649] - Driver 3.5.x with useUnifiedTopology sends admin commands to secondary
  • [NODE-2671] - ipv6 is not supported when using dns service discovering
  • [NODE-2678] - ReadPreference.fromOptions doesn&#​39;t pull "maxStalenessSeconds" from options

Improvement

  • [NODE-1341] - Prohibit using unacknowledged writes with explicit sessions

v3.5.9

Compare Source

The MongoDB Node.js team is pleased to announce version 3.5.9 of the driver

Release Highlights

Use duration of handshake if no previous roundTripTime exists

The default roundTripTime of a ServerDescription is -1, which means if that value is used we can potentially calculate a negative roundTripTime. Instead, if no previous roundTripTime exists, we use the duration of the initial handshake.

the options [maxIdleTimeMS] is not supported

A number of new options were added when the CMAP compliant connection pool was introduced in 3.5.x. Unfortunately, these options were not documented properly. Now they are mentioned in the MongoClient documentation, with a notice that they are only supported with the unified topology.

TypeError: Reduce of empty array with no initial value

A fix in 3.5.8 which ensured proper filtering of servers during server selection exposed an issue in max staleness calculations when the topology type is ReplicaSetNoPrimary and no servers are currently known. In order to estimate an upper bound of max staleness when there is no primary, the most stale known server is known to compare the others to - if there are no known servers, you can't reduce the array!

Server monitoring is prevented under heavy request load

In certain very high load fail-over scenarios the driver is unable to reschedule a monitoring check in order to update its view of the topology for retryability. This would result in a high number of failed operations, as they were unable to determine a new viable server.

Documentation

Reference: http://mongodb.github.io/node-mongodb-native/3.5/
API: http://mongodb.github.io/node-mongodb-native/3.5/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.5/HISTORY.md

We invite you to try the driver immediately, and report any issues to the NODE project.

Thanks very much to all the community members who contributed to this release!

Release Notes

Bug

  • [NODE-2637] - connection pool options support for MongoClient
  • [NODE-2641] - maxStalenessReducer fails on empty set of servers
  • [NODE-2643] - Server monitoring is prevented under heavy request load
  • [NODE-2652] - Use duration of initial handshake

@renovate renovate bot requested a review from dhmlau as a code owner June 27, 2022 01:57
@renovate renovate bot force-pushed the renovate/5.x-mongodb-3.x branch 4 times, most recently from e30548f to f7ac970 Compare August 28, 2022 15:37
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate renovate bot changed the title chore: update dependency mongodb to ^3.7.3 (5.x) chore: update dependency mongodb to ^3.7.4 (5.x) Jun 21, 2023
@renovate renovate bot force-pushed the renovate/5.x-mongodb-3.x branch from f7ac970 to 2da5dcc Compare June 21, 2023 14:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants