refactor: Upgrade mongodb from 6.12.0 to 6.13.0 #9638
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade mongodb from 6.12.0 to 6.13.0. See this package in npm: mongodb See this project in Snyk: https://app.snyk.io/org/acinader/project/fe36ba29-7b23-4655-9807-441cf85f2203?utm_source=github&utm_medium=referral&page=upgrade-pr
|
I will reformat the title to use the proper commit message syntax. |
parse-github-assistant
bot
changed the title
|
🚀 Thanks for opening this pull request! |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## release-7.x.x #9638 +/- ##
==============================================
Coverage 93.52% 93.52%
==============================================
Files 186 186
Lines 14819 14819
==============================================
Hits 13860 13860
Misses 959 959 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade mongodb from 6.12.0 to 6.13.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 14 versions ahead of your current version.
The recommended version was released a month ago.
Release notes
Package name: mongodb
-
6.13.0 - 2025-01-30
- NODE-5672: support standardized logging (#4387) (d1b2453)
- NODE-6258: add signal support to find and aggregate (#4364) (73def18)
- NODE-6451: retry SRV and TXT lookup for DNS timeout errors (#4375) (fd902d3)
- NODE-6633: MongoClient.close closes active cursors (#4372) (654069f)
- NODE-5225: concurrent MongoClient.close() calls each attempt to close the client (#4376) (9419af7)
- NODE-6340: OIDC reauth uses caches speculative auth result (#4379) (8b2b7fd)
- NODE-6452: Optimize CommandStartedEvent and CommandSucceededEvent constructors (#4371) (41b066b)
- NODE-6616: shortcircuit logging ejson.stringify (#4377) (c1bcf0d)
- Reference
- API
- Changelog
-
6.13.0-dev.20250220.sha.0789dff0 - 2025-02-20
-
6.13.0-dev.20250215.sha.94122fb8 - 2025-02-15
-
6.13.0-dev.20250214.sha.d18108c5 - 2025-02-14
-
6.13.0-dev.20250213.sha.ba422064 - 2025-02-13
-
6.13.0-dev.20250212.sha.5f4500b8 - 2025-02-12
-
6.13.0-dev.20250211.sha.7bfce01e - 2025-02-11
-
6.13.0-dev.20250208.sha.a79a13d3 - 2025-02-08
-
6.13.0-dev.20250207.sha.057693e1 - 2025-02-07
-
6.13.0-dev.20250206.sha.1d0b2b44 - 2025-02-06
-
6.13.0-dev.20250205.sha.3a4edd51 - 2025-02-05
-
6.13.0-dev.20250204.sha.5d99661a - 2025-02-04
-
6.13.0-dev.20250201.sha.35c703e3 - 2025-02-01
-
6.13.0-dev.20250131.sha.e7898a4d - 2025-01-31
-
6.12.0 - 2024-12-10
- NODE-6593: add support for [email protected] (#4346) (ea8a33f)
- NODE-6605: add error message when invalidating primary (#4340) (37613f1)
- NODE-6583: upgrade to BSON v6.10.1 to remove internal unbounded type cache (#4338) (249c279)
- NODE-6600: set object mode correctly for message chunking in SizedMessageTransform (#4345) (5558573)
- NODE-6602: only wrap errors from SOCKS in network errors (#4347) (ed83f36)
- Reference
- API
- Changelog
from mongodb GitHub release notes6.13.0 (2025-01-30)
The MongoDB Node.js team is pleased to announce version 6.13.0 of the
mongodbpackage!Release Notes
MongoDB Standardized Logging 📝
The driver's standardized logger is now available! The primary goal of our driver's logger is to enable insight into database operations without code changes so enabling and configuring the logger are primarily done through our environment variables.
TL;DR Show me the logs!
Tip
If you are a CLI app developer (or otherwise take great care of your std outputs): The client options constructor argument takes precedence over environment variables, permitting you to disable or otherwise customize the logger so your app does not automatically respond to the current environment.
Check out the in-depth logging docs here: https://www.mongodb.com/docs/drivers/node/current/fundamentals/logging/
🚀 Improved command monitoring performance
Previously, when command monitoring was enabled, the driver would make deep copies of command and reply objects, which have the potential to be very large documents. These copies have been eliminated, providing a speed and memory efficiency bump to command monitoring.
Warning
Since we no longer make deep copies of commands/replies in Command Monitoring Events, directly modifying the command/reply objects on
CommandStartedEvents andCommandSucceededEvents may lead to undefined behaviour.🧪 Experimental AbortSignal support added to Find and Aggregate! 🚥
A
signalargument can now be passed to the following APIs:collection.find()&collection.findOne()collection.aggregate()&collection.countDocuments()In order to support field level encryption properly, also:
db.listCollections()db.command()When aborted, the signal will interrupt the execution of each of each of these APIs. For the cursor-based APIs, this will be observed when attempting to consume from the cursor via toArray(), next(), for-await, etc.
There is a known limitation: aborting a signal closes a perfectly healthy connection which can cause unnecessary connection reestablishment so we're releasing this as experimental for evaluation in use cases that can tolerate the shortcoming.
DNS SRV & TXT look up timeouts are retried
To mitigate the potentially transient DNS timeout error, the driver now catches and retries the DNS lookups upon resolving a
mongodb+srv://style connection string.MongoClient.close now closes any outstanding cursors
Previously, cursors could somewhat live beyond the client they came from. What this meant was that depending on timing you would learn of the client's (and by proxy, the cursor's) demise via an assertion that the associated session had expired. This only occurred if your cursor needed to use the session, which only happens when it is attempting to run a
getMoreoperation to obtain another batch of documents.Practically speaking a cursor that lives beyond a client is an exception waiting to happen, the connection pools are closed, the sessions are ended, last call has been served 🍻, it is only a matter of timing and event firing until the cursor learns of its fate and informs you by throwing an error via whatever API is being used (
.toArray(),for-await,.next()).To make the expected state of cursors clearer in this scenario the
MongoClientwill now close any associated cursors upon itsclose()-ing reducing the risk of leaving behind server-side resources.MongoClient.close() can be called concurrently
In the past, concurrent calls to
MongoClient.close()had poorly defined behavior depending on the exact timing of the second (or more) calls to close(). In some cases, this could also throw errors.With these changes, MongoClient.close() can be called concurrently safely and always returns the same promise.
Note
This is intended as a correctness fix - we don't recommend calling MongoClient.close() concurrently if it can be avoided.
MONGODB-OIDC now properly reauthenticates in speculative auth scenarios
When using MONGODB-OIDC authentication, if the initial handshake contained speculative authentication, the driver would not properly reauthenticate when the server would raise 391 errors. This is now fixed.
Features
Bug Fixes
Performance Improvements
Documentation
We invite you to try the
mongodblibrary immediately, and report any issues to the NODE project.6.12.0 (2024-12-10)
The MongoDB Node.js team is pleased to announce version 6.12.0 of the
mongodbpackage!Release Notes
[email protected] is now supported for zstd compression
The new @ mongodb-js/[email protected] release can now be used with the driver for zstd compression.
Populate
ServerDescription.errorfield when primary marked staleWe now attach an error to the newly created ServerDescription object when marking a primary as stale. This helps with debugging SDAM issues when monitoring SDAM events.
BSON upgraded to v6.10.1
See: https://github.com/mongodb/js-bson/releases/tag/v6.10.1
Socket read stream set to object mode
Socket data was being read with a stream set to buffer mode when it should be set to object mode to prevent inaccurate data chunking, which may have caused message parsing errors in rare cases.
SOCKS5: MongoNetworkError wrap fix
If the driver encounters an error while connecting to a socks5 proxy, the driver wraps the socks5 error in a MongoNetworkError. In some circumstances, this resulted in the driver wrapping MongoNetworkErrors inside MongoNetworkErrors.
The driver no longer double wraps errors in MongoNetworkErrors.
Features
Bug Fixes
Documentation
We invite you to try the
mongodblibrary immediately, and report any issues to the NODE project.Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: