Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade mongodb from 3.7.3 to 4.3.1 #7

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade mongodb from 3.7.3 to 4.3.1 #7

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

@snyk-bot snyk-bot commented Mar 3, 2022

Snyk has created this PR to upgrade mongodb from 3.7.3 to 4.3.1.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

  • The recommended version is 19 versions ahead of your current version.
  • The recommended version was released a month ago, on 2022-01-18.
Release notes
Package name: mongodb
  • 4.3.1 - 2022-01-18

    The MongoDB Node.js team is pleased to announce version 4.3.1 of the mongodb package!

    Release Highlights

    In this patch release, we address the limitation introduced in 4.3.0 with the dot notation Typescript improvements and recursive types.
    Namely, this fix removes compilation errors for self-referential types.

    Note that this fix still has the following limitations:

    • type checking defaults to any after the first level of recursion for self-referential types
    interface Node {
    next: Node | null;
    }

    declare const collection: Collection<Node>;

    // no error here even though next is of type Node | null
    collection.find({
    next: {
    next: 'asdf'
    }
    });

    • indirectly self-referential types are still not supported
    interface A {
    b: B;
    }

    interface B {
    a: A;
    }

    declare const mutuallyRecursive: Collection<A>;

    // this will throw an error because there is indirect recursion
    // between types (A depends on B which depends on A and so on)
    mutuallyRecursive.find({});

    Bug Fixes

    Documentation

    We invite you to try the mongodb library immediately, and report any issues to the NODE project.

  • 4.3.0 - 2022-01-06

    The MongoDB Node.js team is pleased to announce version 4.3.0 of the mongodb package!

    Release Highlights

    This release includes SOCKS5 support and a couple of other important features and bug fixes that we hope will improve your experience with the node driver.

    The SOCKS5 options can be configured via the proxyHost, proxyPort, proxyPassword and proxyUsername options in the connection string passed to the MongoClient instance. Big thanks to @ addaleax for helping with this feature!

    The other notable features address performance and TypeScript as detailed below.

    Performance

    The original release of the 4.x driver relied on a new version of the BSON library that enables UTF-8 validation by default, resulting in noticeable performance degradation over the 3.x driver when processing over string data. This release introduces an option to opt out of this validation by specifying enableUtf8Validation: false at the client, database, collection, or individual operation level.

    For example:

    // disable UTF-8 validation globally on the MongoDB client
    const client = new MongoClient('mongodb://localhost:27017', { enableUtf8Validation: false });

    // disable UTF-8 validation for a particular operation
    const client = new MongoClient('mongodb://localhost:27017');
    const db = client.db('database name');
    const collection = db.collection('collection name');

    await collection.find({ name: 'John Doe'}, { enableUtf8Validation: false });

    TypeScript

    Type inference for nested documents

    Thanks to an amazing contribution from @ avaly we now have support for key auto-completion and type hinting on nested documents! MongoDB permits using dotted keys to reference nested keys or specific array indexes within your documents as a shorthand for getting at keys beneath the top layer. Typescript's Template Literal types allow us to take the interface defined on a collection and calculate at compile time the nested keys and indexes available.

    For example:

    interface Human {
    name: string;
    age: number;
    }

    interface Pet {
    name: string
    bestFriend: Human
    }

    const pets = client.db().collection<Pet>('pets');
    await pets.findOne({ 'bestFriend.age': 'young!' }) // typescript error!

    Here's what autocomplete suggests in VSCode:
    Screen Shot 2022-01-06 at 5 29 17 PM

    WARNING: There is a known shortcoming to this feature: recursive types can no longer be used in your schema. For example, an interface that references itself or references another schema that references back to the root schema cannot be used on our Collection generic argument. Unlike at runtime where a "recursive" shaped document has an eventual stopping point we don't have the tools within the language to declare a base case enumerating nested keys. We hope this does not cause friction when upgrading driver versions: please do not hesitate to reach out with any feedback you have about this feature.

    Consistent type inference for the _id type

    We have also enhanced the type inference for the _id type. Now, when performing operations on a collection, the following holds true based on the type of the schema:

    • If no _id is specified on the schema, it is inferred to be of type ObjectId and is optional on inserts.
    • If an _id is specified on the schema as required, then the _id type is inferred to be of the specified type and is required on inserts.
    • If an _id is specified on the schema as optional, it is inferred to be of the specified type and is optional on inserts: this format is intended to be used with the pkFactory option in order to ensure a consistent _id is assigned to every new document.

    Features

    Bug Fixes

    Documentation

    We invite you to try the mongodb library immediately, and report any issues to the NODE project.

  • 4.2.2 - 2021-12-13

    The MongoDB Node.js team is pleased to announce version 4.2.2 of the mongodb package!

    Bug Fixes

    Documentation

    We invite you to try the mongodb library immediately, and report any issues to the NODE project.

  • 4.2.1 - 2021-11-30

    The MongoDB Node.js team is pleased to announce version 4.2.1 of the mongodb package!

    Release Highlights

    This release fixes an issue with the dbName being overridden by the authSource option. Additionally, we have ensured that cursors re-run server selection when fetching additional batches, which should reduce issues encountered in long running function as a service environments.

    Bug Fixes

    Documentation

    We invite you to try the mongodb library immediately, and report any issues to the NODE project.

  • 4.2.0 - 2021-11-17
    Read more
  • 4.1.4 - 2021-11-03
    Read more
  • 4.1.3 - 2021-10-05
    Read more
  • 4.1.2 - 2021-09-14
    Read more
  • 4.1.1 - 2021-08-24
  • 4.1.0 - 2021-08-03
  • 4.0.1 - 2021-07-20
  • 4.0.0 - 2021-07-13
  • 4.0.0-beta.6 - 2021-07-01
  • 4.0.0-beta.5 - 2021-05-26
  • 4.0.0-beta.4 - 2021-05-18
  • 4.0.0-beta.3 - 2021-04-06
  • 4.0.0-beta.2 - 2021-03-16
  • 4.0.0-beta.1 - 2021-02-02
  • 4.0.0-beta.0 - 2021-01-19
  • 3.7.3 - 2021-10-20
    Read more
from mongodb GitHub release notes
Commit messages
Package name: mongodb
  • 8970ac1 chore(release): 4.3.1
  • 63168b4 chore: update dependencies (#3108)
  • fa03df8 chore(NODE-3717): test reorg - the conclusion (#3105)
  • dd5195a fix(NODE-3852,NODE-3854,NODE-3856): Misc typescript fixes for 4.3.1 (#3102)
  • 2adc7cd test(NODE-3787): sync preferring error codes over messages (#3104)
  • b3d9fb8 chore(NODE-3717): test reorg penultimate part (#3103)
  • 8e2b0cc fix(NODE-3792): remove offensive language throughout the codebase (#3091)
  • c3256c4 chore(NODE-3717): move tests p-z (#3098)
  • 91c108e chore: improve test filtering to use mocha hooks (#3095)
  • 3f668bd docs: update Evergreen CLI example command (#3099)
  • 88c103b chore(NODE-3717): test reorg part a-c (#3097)
  • c343776 docs: update api link to point to api home page instead of specific version (#3096)
  • e58fbf2 chore(release): 4.3.0
  • 00be68f refactor(NODE-3717): Test reorg part 7 (#3093)
  • d5ff074 chore(gridfs): improve error message when overrunning file length (#3094)
  • b701d5d refactor(NODE-3717): test reorganization part 6 (#3090)
  • 7bb9e37 fix(gridfs): make `GridFSBucketWriteStream.prototype.end()` return `this` for compat with @ types/[email protected] (#3088)
  • 54f2352 refactor(NODE-3717): reorganize tests pt5
  • 451627a feat(NODE-3633): add Socks5 support (#3041)
  • 76fff97 feat(NODE-3589): support dot-notation attributes in Filter (#2972)
  • 91a67e0 feat(NODE-3793): Remove offensive language from code and tests (#3082)
  • 8a3bab7 test(NODE-3713): skip/fix failing evergreen tests (#3069)
  • 55d1c5f refactor(NODE-3717): test reorg part 4 (#3086)
  • df8ac73 refactor(NODE-3790): Remove oppressive language from test files (#3071)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot