Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the production-dependencies group with 1 update #31

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 11, 2024

Bumps the production-dependencies group with 1 update: mongodb.

Updates mongodb from 6.3.0 to 6.4.0

Release notes

Sourced from mongodb's releases.

v6.4.0

6.4.0 (2024-02-29)

The MongoDB Node.js team is pleased to announce version 6.4.0 of the mongodb package!

Release Notes

Server selection will use a different Mongos on retry

When retrying reads or writes on a sharded cluster, the driver will attempt to select a different mongos for the retry if multiple are present. This should heuristically avoid encountering the original error that caused the need to retry the operation.

Caching AWS credentials provider per client

Instead of creating a new AWS provider for each authentication, we cache the AWS credentials provider per client to prevent overwhelming the auth endpoint and ensure that cached credentials are not shared with other clients.

BSON upgraded to ^6.4.0

BSON has had a number of performance increases in the last two releases (6.3.0 and 6.4.0). Small basic latin (ASCII) only strings, small memory allocations (ObjectId and Decimal128) and numeric parsing operations (int32, doubles, and longs) have all had optimizations applied to them.

For details check out the release notes here: BSON 6.3.0 and BSON 6.4.0 🐎

ExceededTimeLimit was made a retryable reads error

Read operations will be retried after receiving an error with the ExceededTimeLimit label.

Fixed unresolved request issue in KMS requester

Internal to the field-level encryption machinery is a helper that opens a TLS socket to the KMS provider endpoint and submits a KMS request. The code neglected to add a 'close' event listener to the socket, which had the potential to improperly leave the promise pending indefinitely if no error was encountered.

The base64 padding is now preserved in the saslContinue command

The authentication was rejected by the saslContinue command from mongosh due to missing "=" padding from the client. We fixed the way we parse payload to preserve trailing "="s.

countDocuments now types the filter using the collection Schema

Previously, countDocuments had a weakly typed Document type for the filter allowing any JS object as input. The filter is now typed as Filter<Schema> to enable autocompletion, and, hopefully, catch minor bugs.

Thank you to @​pashok88895 for contributing to this improvement.

The type error with $addToSet in bulkWrite was fixed

Previously the following code sample would show a type error:

interface IndexSingatureTestDocument extends Document {
    readonly myId: number;
    readonly mySet: number[];
  }
const indexSingatureCollection = undefined as unknown as Collection<IndexSingatureTestDocument>;
indexSingatureCollection.bulkWrite([
</tr></table> 

... (truncated)

Changelog

Sourced from mongodb's changelog.

6.4.0 (2024-02-29)

Features

  • NODE-3449: Add serverConnectionId to Command Monitoring Spec (735f7aa)
  • NODE-3470: retry selects another mongos (#3963) (84959ee)
  • NODE-3689: require hello command for connection handshake to use OP_MSG disallowing OP_QUERY (#3938) (ce7df0f)
  • NODE-4686: Add log messages to CLAM (#3955) (e3bfa30)
  • NODE-4687: Add logging to server selection (#3946) (7f3ce0b)
  • NODE-4719: add SDAM Logging Spec (#3940) (a3c0298)
  • NODE-4847: Add config error handling to logging (#3970) (8f7bb59)
  • NODE-5717: make ExceededTimeLimit retryable reads error (#3947) (106ab09)
  • NODE-5885: upgrade BSON to ^6.3.0 (#3983) (9401d09)
  • NODE-5939: Implement 6.x: cache the AWS credentials provider in the MONGODB-AWS auth logic (#3991) (e0a37e5)
  • NODE-5978: upgrade BSON to ^6.4.0 (#4007) (90f2f70)

Bug Fixes

  • NODE-5127: implement reject kmsRequest on server close (#3964) (568e05f)
  • NODE-5609: node driver omits base64 padding in sasl-continue command (#3975) (b7d28d3)
  • NODE-5765: change type for countDocuments (#3932) (22cae0f)
  • NODE-5791: type error with $addToSet in bulkWrite (#3953) (b93d405)
  • NODE-5818: Add feature flagging to server selection logging (#3974) (55203ef)
  • NODE-5839: support for multibyte code-points in stringifyWithMaxLen (#3979) (aed1cf0)
  • NODE-5840: heartbeat duration includes socket creation (#3973) (a42039b)
  • NODE-5901: propagate errors to transformed stream in cursor (#3985) (ecfc615)
  • NODE-5944: make AWS session token optional (#4002) (f26de76)

Performance Improvements

  • NODE-5771: improve new connection (#3948) (a4776cf)
  • NODE-5854: Conditional logger instantiation and precompute willLog perf fix (#3984) (a63fbc2)
  • NODE-5928: consolidate signal use and abort promise wrap (#3992) (38742c2)
Commits
  • 9ac2e38 chore(main): release 6.4.0 [skip-ci] (#3935)
  • 5f62f56 docs: generate docs from latest main [skip-ci] (#3977)
  • 90f2f70 feat(NODE-5978): upgrade BSON to ^6.4.0 (#4007)
  • 99a0059 test(NODE-5731): add serverless proxy testing (#4003)
  • 1ca6269 test(NODE-5929): convert txn legacy spec tests (#3987)
  • f26de76 fix(NODE-5944): make AWS session token optional (#4002)
  • 09c9b0b chore(NODE-5972): specify TS 5.0 in package.json and package-lock (#4004)
  • eb5e2ab chore(NODE-5829): update driver dependencies (#3994)
  • 233a2e0 refactor(NODE-5964): clean up prepareHandshakeDocument (#4001)
  • ff8b5f5 refactor(NODE-5912): make server.command an async function (#3986)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the production-dependencies group with 1 update: [mongodb](https://github.com/mongodb/node-mongodb-native).


Updates `mongodb` from 6.3.0 to 6.4.0
- [Release notes](https://github.com/mongodb/node-mongodb-native/releases)
- [Changelog](https://github.com/mongodb/node-mongodb-native/blob/main/HISTORY.md)
- [Commits](mongodb/node-mongodb-native@v6.3.0...v6.4.0)

---
updated-dependencies:
- dependency-name: mongodb
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 11, 2024
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 18, 2024

Looks like mongodb is updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Mar 18, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/master/production-dependencies-e5c255a536 branch March 18, 2024 14:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants