Skip to content
This repository was archived by the owner on Aug 5, 2025. It is now read-only.

Update dependency mongodb to v5 #173

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update dependency mongodb to v5 #173

wants to merge 1 commit into from

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Mar 25, 2023
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
mongodb 3.5.11 -> 5.9.2 age confidence

Release Notes

mongodb/node-mongodb-native (mongodb)

v5.9.2

Compare Source

The MongoDB Node.js team is pleased to announce version 5.9.2 of the mongodb package!

Release Notes

Fix connection leak when serverApi is enabled

When enabling serverApi the driver's RTT mesurment logic (used to determine the closest node) still sent the legacy hello command "isMaster" causing the server to return an error. Unfortunately, the error handling logic did not correctly destroy the socket which would cause a leak.

Both sending the correct hello command and the error handling connection clean up logic are fixed in this change.

Bug Fixes

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v5.9.1

Compare Source

The MongoDB Node.js team is pleased to announce version 5.9.1 of the mongodb package!

Release Notes

insertedIds in bulk write now contain only successful insertions

Prior to this fix, the bulk write error's result.insertedIds property contained the _id of each attempted insert in a bulk operation.

Now, when a bulkwrite() or an insertMany() operation rejects one or more inserts, throwing an error, the error's result.insertedIds property will only contain the _id fields of successfully inserted documents.

Fixed edge case leak in findOne()

When running a findOne against a time series collection, the driver left the implicit session for the cursor un-ended due to the way the server returns the resulting cursor information. Now the cursor will always be cleaned up regardless of the outcome of the find operation.

Bug Fixes
  • NODE-5627: BulkWriteResult.insertedIds includes ids that were not inserted (#​3870) (d766ae2)
  • NODE-5691: make findOne() close implicit session to avoid memory leak (#​3889) (0d6c9cd)

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v5.9.0

Compare Source

The MongoDB Node.js team is pleased to announce version 5.9.0 of the mongodb package!

Release Notes

Bumped bson version to make use of new Decimal128 behaviour

In this release, we have adopted the changes made to Decimal128 in bson version 5.5. The Decimal128 constructor and fromString() methods now throw when detecting a loss of precision (more than 34 significant digits). We also expose a new fromStringWithRounding() method which restores the previous rounding behaviour.

See the bson v5.5.0 release notes for more information.

Use region settings for STS AWS credentials request

When using IAM AssumeRoleWithWebIdentity AWS authentication the driver uses the @​aws-sdk/credential-providers package to contact the Security Token Service API for temporary credentials. AWS recommends using Regional AWS STS endpoints instead of the global endpoint to reduce latency, build-in redundancy, and increase session token validity. Unfortunately, environment variables AWS_STS_REGIONAL_ENDPOINTS and AWS_REGION do not directly control the region the SDK's STS client contacts for credentials.

The driver now has added support for detecting these variables and setting the appropriate options when calling the SDK's API: fromNodeProviderChain().

[!IMPORTANT]
The driver will only set region options if BOTH environment variables are present. AWS_STS_REGIONAL_ENDPOINTS MUST be set to either 'legacy' or 'regional', and AWS_REGION must be set.

Fix memory leak with ChangeStreams

In a previous release, 5.7.0, we refactored cursor internals from callbacks to async/await. In particular, the next function that powers cursors was written with callbacks and would recursively call itself depending on the cursor type. For ChangeStreams, this function would call itself if there were no new changes to return to the user. After converting that code to async/await each recursive call created a new promise that saved the current async context. This would slowly build up memory usage if no new changes came in to unwind the recursive calls.

The function is now implemented as a loop, memory leak be gone!

Features
Bug Fixes
  • NODE-5550: set AWS region from environment variable for STSClient (#​3851) (2fab06b)
  • NODE-5587: recursive calls to next cause memory leak (#​3842) (f60f1b5)

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v5.8.1

Compare Source

The MongoDB Node.js team is pleased to announce version 5.8.1 of the mongodb package!

Release Notes

Import of saslprep updated to correct library.

Fixes the import of saslprep to be the correct @mongodb-js/saslprep library.

Bug Fixes

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v5.8.0

Compare Source

The MongoDB Node.js team is pleased to announce version 5.8.0 of the mongodb package!

Release Notes

The AutoEncrypter interface has been deprecated

The AutoEncrypter interface was used internally but accidentally made public in the 4.x version of the driver. It is now deprecated and will be made internal in the next major release.

Kerberos support for 1.x and 2.x

Moves the kerberos dependency back to ^1.0.0 || ^2.0.0 to indicate support for both 1.x and 2.x. Support for 1.x is removed in 6.0.

Fixed accidental deprecation warning

Because of internal options handling, a deprecation was emitted for tlsCertificateFile when using tlsCertificateKeyFile. That has been corrected.

Remove credential availability on ConnectionPoolCreatedEvent

In order to avoid mistakenly printing credentials the ConnectionPoolCreatedEvent will replace the credentials option with an empty object. The credentials are still accessble via MongoClient options: client.options.credentials.

Features
  • NODE-5399: use mongodb-js/saslprep instead of saslprep (#​3818) (c0d3927)
  • NODE-5429: deprecate the AutoEncrypter interface (#​3764) (9bb0d95)
  • NODE-5465,NODE-5538: lower @aws-sdk/credential-providers version to 3.188.0 and zstd to ^1.0.0 (#​3821) (39ff81d)
Bug Fixes
  • NODE-5489: set kerberos compatibility to ^1.0.0 || ^2.0.0 (#​3803) (c3b35b3)
  • NODE-5495: do not emit deprecation warning when tlsCertificateKeyFile is specified and tlsCertificateFile is not (#​3810) (e81d4a2)
  • NODE-5537: remove credentials from ConnectionPoolCreatedEvent options (#​3813) (4cf1e96)

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v5.7.0

Compare Source

Features
Bug Fixes
  • NODE-4977: load snappy lazily (#​3726) (865e658)
  • NODE-5102: listDatabases nameOnly setting is sent as NaN (#​3742) (b97132e)
  • NODE-5289: prevent scram auth from throwing TypeError if saslprep is not a function (#​3727) (e006347)
  • NODE-5374: do not apply cursor transform in Cursor.hasNext (#​3746) (0668cd8)

v5.6.0

Compare Source

Features
Bug Fixes
  • NODE-5249: remove strict flag from create collection options (#​3677) (be8faaf)
  • NODE-5296: construct error messages for AggregateErrors in Node16+ (#​3682) (e03178e)

v5.5.0

Compare Source

Features
Bug Fixes
  • NODE-5260: AWS Lambda metadata detection logic is too permissive (#​3663) (d74d3f9)

v5.4.0

Compare Source

Features
Bug Fixes
  • NODE-4977: load snappy lazily (#​3726) (865e658)
  • NODE-5102: listDatabases nameOnly setting is sent as NaN (#​3742) (b97132e)
  • NODE-5289: prevent scram auth from throwing TypeError if saslprep is not a function (#​3727) (e006347)
  • NODE-5374: do not apply cursor transform in Cursor.hasNext (#​3746) (0668cd8)

v5.3.0

Compare Source

Features
Bug Fixes
  • NODE-5042: relax SRV record validation to account for a dot suffix (#​3633) (ad15881)
  • NODE-5171: allow upsertedId to be null in UpdateResult (#​3631) (4b5be21)
  • NODE-5201: prevent warning when default value for deprecation option is used (#​3646) (e7f6e4e)

v5.2.0

Compare Source

Features
Bug Fixes
  • NODE-3998: metadata duplication in handshake (#​3615) (6d894d6)
  • NODE-4518: error message with invalid authMechanism is provided (#undefined) (1a16b7e)
  • NODE-4854: set timeout on write and reset on message (#​3582) (4a7b5ec)
  • NODE-5106: prevent multiple mongo client connect()s from leaking topology (#​3596) (eb836bb)
  • NODE-5126: find operations fail when passed an ObjectId as filter (#​3604) (2647b61)

v5.1.0

Compare Source

Features
Bug Fixes
  • NODE-5044: Write Concern 0 Must Not Affect Read Operations (#​3541) (#​3575) (10146a4)
  • NODE-5052: prevent cursor and changestream close logic from running more than once (#​3562) (71d0d79)
  • NODE-5064: consolidate connection cleanup logic and ensure socket is always closed (#​3572) (e544d88)
5.0.1 (2023-02-07)
Bug Fixes
  • NODE-5027: revert "ensure that MessageStream is destroyed when connections are destroyed" (#​3552) (2d178d0)

v5.0.1

Compare Source

Features
Bug Fixes
  • NODE-5044: Write Concern 0 Must Not Affect Read Operations (#​3541) (#​3575) (10146a4)
  • NODE-5052: prevent cursor and changestream close logic from running more than once (#​3562) (71d0d79)
  • NODE-5064: consolidate connection cleanup logic and ensure socket is always closed (#​3572) (e544d88)
5.0.1 (2023-02-07)
Bug Fixes
  • NODE-5027: revert "ensure that MessageStream is destroyed when connections are destroyed" (#​3552) (2d178d0)

v5.0.0

Compare Source

Features
Bug Fixes
  • NODE-5044: Write Concern 0 Must Not Affect Read Operations (#​3541) (#​3575) (10146a4)
  • NODE-5052: prevent cursor and changestream close logic from running more than once (#​3562) (71d0d79)
  • NODE-5064: consolidate connection cleanup logic and ensure socket is always closed (#​3572) (e544d88)
5.0.1 (2023-02-07)
Bug Fixes
  • NODE-5027: revert "ensure that MessageStream is destroyed when connections are destroyed" (#​3552) (2d178d0)

v4.17.2

Compare Source

The MongoDB Node.js team is pleased to announce version 4.17.2 of the mongodb package!

Release Notes

Fix connection leak when serverApi is enabled

When enabling serverApi the driver's RTT mesurment logic (used to determine the closest node) still sent the legacy hello command "isMaster" causing the server to return an error. Unfortunately, the error handling logic did not correctly destroy the socket which would cause a leak.

Both sending the correct hello command and the error handling connection clean up logic are fixed in this change.

Bug Fixes

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v4.17.1

Compare Source

The MongoDB Node.js team is pleased to announce version 4.17.1 of the mongodb package!

Release Notes

Import of saslprep updated to correct library.

Fixes the import of saslprep to be the correct @mongodb-js/saslprep library.

Bug Fixes

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v4.17.0

Compare Source

The MongoDB Node.js team is pleased to announce version 4.17.0 of the mongodb package!

Release Notes

mongodb-js/saslprep is now installed by default

Until v6, the driver included the saslprep package as an optional dependency for SCRAM-SHA-256 authentication. saslprep breaks when bundled with webpack because it attempted to read a file relative to the package location and consequently the driver would throw errors when using SCRAM-SHA-256 if it were bundled.

The driver now depends on mongodb-js/saslprep, a fork of saslprep that can be bundled with webpack because it includes the necessary saslprep data in memory upon loading. This will be installed by default but will only be used if SCRAM-SHA-256 authentication is used.

Remove credential availability on ConnectionPoolCreatedEvent

In order to avoid mistakenly printing credentials the ConnectionPoolCreatedEvent will replace the credentials option with an empty object. The credentials are still accessble via MongoClient options: client.options.credentials.

Features
Bug Fixes
  • NODE-5262: AWS Lambda metadata detection logic is too permissive (#​3683) (c0c3d99)
  • NODE-5311: construct error messages for AggregateErrors in Node16+ (#​3683) (98b7bdf)
  • NODE-5316: prevent parallel topology creation in MongoClient.connect (#​3696) (e13038d)
    • Thank you @​clemclx for contributing this fix! 🎉
  • NODE-5356: prevent scram auth from throwing TypeError if saslprep is not a function (#​3732) (2d028af)
  • NODE-5536: remove credentials from ConnectionPoolCreatedEvent options (#​3812) (2910dca)

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v4.16.0

Compare Source

The MongoDB Node.js team is pleased to announce version 4.16.0 of the mongodb package!

Features
  • NODE-5159: add FaaS env information to client metadata (#​3639) (e0b20f1)
  • NODE-5199: add alternative runtime detection to client metadata (#​3647) (fba16ad)
Bug Fixes
  • NODE-5161: metadata duplication in handshake (#​3628) (b790142)
  • NODE-5200: relax SRV record validation to account for a dot suffix (#​3640) (4272c43)

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v4.15.0

Compare Source

The MongoDB Node.js team is pleased to announce version 4.15.0 of the mongodb package!

Features
  • NODE-5054: add AssumeRoleWithWebIdentity support to 4x driver (#​3566) (8a8c386)
Bug Fixes
  • NODE-5097: set timeout on write and reset on message (#​3590) (2d3576b)

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v4.14.0

Compare Source

The MongoDB Node.js team is pleased to announce version 4.14.0 of the mongodb package!

Deprecations
  • NODE-4992: Deprecate methods and options that reference legacy logger (#​3532) (6c94b4a)
Bug Fixes
  • NODE-4999: Write Concern 0 Must Not Affect Read Operations (#​3541) (ddfc2b9)
  • NODE-5026: revert "ensure that MessageStream is destroyed when connections are destroyed" (#​3551) (c4da623)

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v4.13.0

Compare Source

Features
Bug Fixes
  • NODE-4447: disable causal consistency in implicit sessions (#​3479) (6566fb5)
  • NODE-4834: ensure that MessageStream is destroyed when connections are destroyed (#​3482) (8338bae)
4.12.1 (2022-11-23)
Bug Fixes

v4.12.1

Compare Source

Features
Bug Fixes
  • NODE-4447: disable causal consistency in implicit sessions (#​3479) (6566fb5)
  • NODE-4834: ensure that MessageStream is destroyed when connections are destroyed (#​3482) (8338bae)
4.12.1 (2022-11-23)
Bug Fixes

v4.12.0

Compare Source

Features
Bug Fixes
  • NODE-4447: disable causal consistency in implicit sessions (#​3479) (6566fb5)
  • NODE-4834: ensure that MessageStream is destroyed when connections are destroyed (#​3482) (8338bae)
4.12.1 (2022-11-23)
Bug Fixes

v4.11.0

Compare Source

Features
Bug Fixes
  • NODE-3712,NODE-4546: electionId should be ordered before setVersion (#​3174) (ca51fec)
  • NODE-3921: error on invalid TLS option combinations (#​3405) (1a550df)
  • NODE-4186: accept ReadPreferenceLike in TransactionOptions type (#​3425) (dc62bcb)
  • NODE-4475: make interrupted message more specific (#​3437) (5f37cb6)
  • NODE-4608: prevent parallel monitor checks (#​3404) (78bcfe4)
  • NODE-4647: improve error message (#​3409) (0d3c02e)
  • NODE-4649: use SDAM handling for errors from min pool size population (#​3424) (ef3b55d)

v4.10.0

Compare Source

Features
  • NODE-4385: add cmap pool pausing functionality (#​3321) (335ee55)
  • NODE-4484: add experimental support for disambiguatedPaths in change stream documents (#​3365) (846365a)
  • NODE-4519: deprecate promiseLibrary and PromiseProvider (#​3403) (5c322b6)
  • NODE-4547: mark all callback APIs as deprecated (#​3388) (a983f14)
  • NODE-4607: add exports needed by legacy client (#​3396) (972f760)
  • NODE-4634: add support for bulk FindOperators.hint() (#​3408) (8758890)
Bug Fixes

@renovate renovate bot force-pushed the renovate/mongodb-5.x branch from c6789cb to 2e5b110 Compare April 17, 2023 10:44
@renovate renovate bot force-pushed the renovate/mongodb-5.x branch 2 times, most recently from c219278 to ead6185 Compare June 3, 2023 18:29
@renovate renovate bot force-pushed the renovate/mongodb-5.x branch from ead6185 to b49a1ec Compare July 8, 2023 21:28
@renovate renovate bot force-pushed the renovate/mongodb-5.x branch 2 times, most recently from bce5a18 to b0ac9d3 Compare August 25, 2023 21:17
@renovate renovate bot force-pushed the renovate/mongodb-5.x branch from b0ac9d3 to ad78b1d Compare September 17, 2023 00:25
@renovate renovate bot force-pushed the renovate/mongodb-5.x branch from ad78b1d to a10fdb6 Compare October 22, 2023 15:42
@renovate
Update dependency mongodb to v5
12925bf 
Dependency update (patch)
@renovate renovate bot force-pushed the renovate/mongodb-5.x branch from a10fdb6 to 12925bf Compare December 7, 2023 18:24
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant