Skip to content

[Snyk] Upgrade mongodb from 3.6.5 to 3.6.6 #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade mongodb from 3.6.5 to 3.6.6 #3

wants to merge 1 commit into from

Conversation

@snyk-bot
Copy link

@snyk-bot snyk-bot commented May 6, 2021

Snyk has created this PR to upgrade mongodb from 3.6.5 to 3.6.6.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released a month ago, on 2021-04-06.
Release notes
Package name: mongodb
  • 3.6.6 - 2021-04-06

    The MongoDB Node.js team is pleased to announce version 3.6.6 of the driver

    Release Highlights

    This patch addresses a number of bugs listed below.
    Most notably, for client side encryption users upgrading to this version of the driver along with the new version of mongodb-client-encryption@1.2.3 will alleviate the potential deadlock case if your connection pool was fully utilized. There will now be an internal MongoClient that will be used for metadata look ups (e.g, listCollections) when the pool size is under certain constraints. The events generated from this client are forwarded to the client instance you initialize so it is possible to monitor all events.

    Bug

    • [NODE-2995] - Sharing a MongoClient for metadata lookup can lead to deadlock in drivers using automatic encryption
    • [NODE-3050] - Infinite loop on Windows due to a bug in require_optional package
    • [NODE-3120] - TypeError: Cannot read property 'roundTripTime' of undefined
    • [NODE-3122] - Pipelining an upload stream of GridFSBucket never finishes on Node v14
    • [NODE-3129] - Collection () .. .setReadPreference() not routing query to secondaries
    • [NODE-3133] - autoEncryption produces serverHeartbeatFailed - with MongoError typemismatch

    Improvement

    • [NODE-3070] - Define error handling behavior of writeErrors and writeConcernError on Mongos

    Documentation

    We invite you to try the driver immediately, and report any issues to the NODE project.

    Thanks very much to all the community members who contributed to this release!

  • 3.6.5 - 2021-03-16

    The MongoDB Node.js team is pleased to announce version 3.6.5 of the driver!

    Notable Fixes

    In this patch there is a fix surrounding an issue some users were encountering in serverless environments when using the Unified Topology. If the nodejs process went unused for a great amount of time there was an intermittent issue that would cause startSession to fail, however, issuing a dummy read request would resolve the problem. The session support check is now done after server selection meaning the driver has the most up to date information about the MongoDB deployment before utilizing sessions. We encourage any user's that implemented workarounds to updated their driver and make use of this fix.

    In addition, the previous release of our driver added a warning about an upcoming change in the v4 version of the driver about how users can specify their write concern options. We've updated the driver to use nodejs's process.emitWarning API in nearly all cases where the driver prints something out, as well as limit most warning messages to only be printed once.

    Bug

    • session support detection spec compliance (#2732) (9baec71)
    • [NODE-3100] - startSession fails intermittently on servers that support sessions
    • [NODE-3066] - Accessing non-existent property 'MongoError' of module exports inside circular dependency
    • [NODE-3114] - Incorrect warning: Top-level use of w, wtimeout, j, and fsync is deprecated
    • [NODE-3119] - Node 14.5.4, mongo 3.6.4 Circular warnings
from mongodb GitHub release notes
Commit messages
Package name: mongodb
  • dfb03ad chore(release): 3.6.6
  • 5a0d706 chore: reintroduce nodejs fermium testing (#2775)
  • af49ba3 test(NODE-3070): Ensure that SDAM should ignore the writeErrors field (#2769)
  • 312ffef fix(NODE-3109): prevent servername from being IP (#2763)
  • 9256242 fix(NODE-2995): Add shared metadata MongoClient (#2760)
  • 91ba19e fix: ensure cursor readPreference is applied to find operations (#2751)
  • f2a4ff8 fix: no infinite loop on windows requiring optional deps
  • 86bddf1 fix(csfle): ensure that monitoring connections are not encrypted (#2749)
  • b94519b fix: ensure monitor has rtt pinger in when calculating rtt (#2757)
  • c976a01 fix: always close gridfs upload stream on finish (#2758)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@snyk-bot