[Snyk] Upgrade mongodb from 3.6.5 to 3.6.6 #3
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade mongodb from 3.6.5 to 3.6.6. See this package in npm: https://www.npmjs.com/package/mongodb See this project in Snyk: https://app.snyk.io/org/giovanivrech/project/afcc0e7e-b649-4e56-9460-dedde6f4d1e3?utm_source=github&utm_medium=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade mongodb from 3.6.5 to 3.6.6.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Release notes
Package name: mongodb
-
3.6.6 - 2021-04-06
- [NODE-2995] - Sharing a MongoClient for metadata lookup can lead to deadlock in drivers using automatic encryption
- [NODE-3050] - Infinite loop on Windows due to a bug in require_optional package
- [NODE-3120] - TypeError: Cannot read property 'roundTripTime' of undefined
- [NODE-3122] - Pipelining an upload stream of GridFSBucket never finishes on Node v14
- [NODE-3129] - Collection () .. .setReadPreference() not routing query to secondaries
- [NODE-3133] - autoEncryption produces serverHeartbeatFailed - with MongoError typemismatch
- [NODE-3070] - Define error handling behavior of writeErrors and writeConcernError on Mongos
- Reference: http://mongodb.github.io/node-mongodb-native/3.6
- API: http://mongodb.github.io/node-mongodb-native/3.6/api
- Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md
-
3.6.5 - 2021-03-16
- session support detection spec compliance (#2732) (9baec71)
- [NODE-3100] - startSession fails intermittently on servers that support sessions
- [NODE-3066] - Accessing non-existent property 'MongoError' of module exports inside circular dependency
- [NODE-3114] - Incorrect warning: Top-level use of w, wtimeout, j, and fsync is deprecated
- [NODE-3119] - Node 14.5.4, mongo 3.6.4 Circular warnings
from mongodb GitHub release notesThe MongoDB Node.js team is pleased to announce version 3.6.6 of the driver
Release Highlights
This patch addresses a number of bugs listed below.
Most notably, for client side encryption users upgrading to this version of the driver along with the new version of [email protected] will alleviate the potential deadlock case if your connection pool was fully utilized. There will now be an internal MongoClient that will be used for metadata look ups (e.g,
listCollections) when the pool size is under certain constraints. The events generated from this client are forwarded to the client instance you initialize so it is possible to monitor all events.Bug
Improvement
Documentation
We invite you to try the driver immediately, and report any issues to the NODE project.
Thanks very much to all the community members who contributed to this release!
The MongoDB Node.js team is pleased to announce version 3.6.5 of the driver!
Notable Fixes
In this patch there is a fix surrounding an issue some users were encountering in serverless environments when using the Unified Topology. If the nodejs process went unused for a great amount of time there was an intermittent issue that would cause
startSessionto fail, however, issuing a dummy read request would resolve the problem. The session support check is now done after server selection meaning the driver has the most up to date information about the MongoDB deployment before utilizing sessions. We encourage any user's that implemented workarounds to updated their driver and make use of this fix.In addition, the previous release of our driver added a warning about an upcoming change in the v4 version of the driver about how users can specify their write concern options. We've updated the driver to use nodejs's
process.emitWarningAPI in nearly all cases where the driver prints something out, as well as limit most warning messages to only be printed once.Bug
Commit messages
Package name: mongodb
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs