renovate[bot]
commented
1 year ago ⚠ Artifact update problem
Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.
♻ Renovate will retry this branch, including artifacts, only when one of the following happens:
- any of the package files in this branch needs updating, or
- the branch becomes conflicted, or
- you click the rebase/retry checkbox if found above, or
- you rename this PR's title to start with "rebase!" to trigger it manually
The artifact failure details are included below:
File name: islanders-server/yarn.lock
[08:36:56.095] INFO (10): Installing tool node v18.17.1...
v18.17.1
9.6.7
0.18.0
[08:36:58.641] INFO (10): Installed tool node in 2.5s.
[08:36:59.344] INFO (46): Installing tool yarn v1.22.19...
2.4.0
[08:37:00.551] INFO (46): Installed tool yarn in 1.2s.
Unknown Syntax Error: Unsupported option name ("--ignore-platform").
$ yarn install [--json] [--immutable] [--immutable-cache] [--check-cache] [--inline-builds] [--skip-builds]
This PR contains the following updates:
3.6.4->3.6.10GitHub Vulnerability Alerts
CVE-2021-32050
Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are executed.
Without due care, an application may inadvertently expose this sensitive information, e.g., by writing it to a log file. This issue only arises if an application enables the command listener feature (this is not enabled by default).
This issue affects the MongoDB C Driver 1.0.0 prior to 1.17.7, MongoDB PHP Driver 1.0.0 prior to 1.9.2, MongoDB Swift Driver 1.0.0 prior to 1.1.1, MongoDB Node.js Driver 3.6 prior to 3.6.10, MongoDB Node.js Driver 4.0 prior to 4.17.0 and MongoDB Node.js Driver 5.0 prior to 5.8.0. This issue also affects users of the MongoDB C++ Driver dependent on the C driver 1.0.0 prior to 1.17.7 (C++ driver prior to 3.7.0).
Release Notes
mongodb/node-mongodb-native (mongodb)
### [`v3.6.10`](https://togithub.com/mongodb/node-mongodb-native/releases/tag/v3.6.10) [Compare Source](https://togithub.com/mongodb/node-mongodb-native/compare/v3.6.9...v3.6.10) The MongoDB Node.js team is pleased to announce version 3.6.10 of the mongodb package! #### Release Highlights This patch addresses a few bugs listed below. Notably the `bsonRegExp` option is now respected by the underlying BSON library, you can use this to decode regular expressions that contain syntax not permitted in native JS RegExp objects. Take a look at this example: ```javascript await collection.insertOne({ a: new BSONRegExp('(?-i)AA_') }) await collection.findOne({ a: new BSONRegExp('(?-i)AA_') }, { bsonRegExp: true }) // { _id: ObjectId, a: BSONRegExp { pattern: '(?-i)AA_', options: '' } } ``` Also there was an issue with `Cursor.forEach` where user defined forEach callbacks that throw errors incorrectly handled catching errors. Take a look at the comments in this example: ```javascript collection.find({}).forEach(doc => { if(doc.bad) throw new Error('bad document!'); }).catch(error => { // now this is called! and error is `bad document!` }) // before this fix the `bad document!` error would be thrown synchronously // and have to be caught with try catch out here ``` ##### Bug Fixes - **NODE-2035:** Exceptions thrown from awaited cursor forEach do not propagate ([#2852](https://togithub.com/mongodb/node-mongodb-native/issues/2852)) ([a917dfa](https://togithub.com/mongodb/node-mongodb-native/commit/a917dfada67859412344ed238796cf3bee243f5f)) - **NODE-3150:** added bsonRegExp option for v3.6 ([#2843](https://togithub.com/mongodb/node-mongodb-native/issues/2843)) ([e4a9a57](https://togithub.com/mongodb/node-mongodb-native/commit/e4a9a572427666fd1a89576dadf50b9c452e1659)) - **NODE-3358:** Command monitoring objects hold internal state references ([#2858](https://togithub.com/mongodb/node-mongodb-native/issues/2858)) ([750760c](https://togithub.com/mongodb/node-mongodb-native/commit/750760c324ddedb72491befde9f7aff1ceec009c)) - **NODE-3380:** perform retryable write checks against server ([#2861](https://togithub.com/mongodb/node-mongodb-native/issues/2861)) ([621677a](https://togithub.com/mongodb/node-mongodb-native/commit/621677a42772e0b26aa13883f57d7e42f86df43f)) - **NODE-3397:** report more helpful error with unsupported authMechanism in initial handshake ([#2876](https://togithub.com/mongodb/node-mongodb-native/issues/2876)) ([3ce148d](https://togithub.com/mongodb/node-mongodb-native/commit/3ce148d8fb37faea1ee056f6e9331e5282e65cd0)) #### Documentation - Reference: https://docs.mongodb.com/drivers/node/current/ - API: http://mongodb.github.io/node-mongodb-native/3.6/api - Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md We invite you to try the mongodb package immediately, and report any issues to the [NODE project](https://jira.mongodb.org/projects/NODE). ### [`v3.6.9`](https://togithub.com/mongodb/node-mongodb-native/releases/tag/v3.6.9) [Compare Source](https://togithub.com/mongodb/node-mongodb-native/compare/v3.6.8...v3.6.9) The MongoDB Node.js team is pleased to announce version 3.6.9 of the driver! #### Release Highlights This release fixes a major performance bug in bulk write operations, which was inadvertently introduced by an incomplete code change in the previous release. The bug resulted in redundant array iterations and caused exponential increases in bulk operation completion times. Thank you Jan Schwalbe for bringing this to our attention! ##### Bug Fixes - **NODE-3309:** remove redundant iteration of bulk write result ([#2815](https://togithub.com/mongodb/node-mongodb-native/issues/2815)) ([fac9610](https://togithub.com/mongodb/node-mongodb-native/commit/fac961086eafa0f7437576fd6af900e1f9fe22ed)) - **NODE-3234:** fix url parsing for a mongodb+srv url that has commas in the database name ([#2789](https://togithub.com/mongodb/node-mongodb-native/issues/2789)) ([58c4e69](https://togithub.com/mongodb/node-mongodb-native/commit/58c4e693cc3a717254144d5f9bdddd8414217e97)) #### Documentation - Reference: https://docs.mongodb.com/drivers/node/current/ - API: http://mongodb.github.io/node-mongodb-native/3.6/api - Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md We invite you to try the mongodb package immediately, and report any issues to the [NODE project](https://jira.mongodb.org/projects/NODE). ### [`v3.6.8`](https://togithub.com/mongodb/node-mongodb-native/releases/tag/v3.6.8) [Compare Source](https://togithub.com/mongodb/node-mongodb-native/compare/v3.6.7...v3.6.8) The MongoDB Node.js team is pleased to announce version 3.6.8 of the mongodb package! #### Release Highlights Thanks to the quick adoption of the previous new patch by the mongoose package ([https://github.com/Automattic/mongoose/pull/10265](https://togithub.com/Automattic/mongoose/pull/10265)) a small bug was identified when connections to mongodb would timeout causing unnecessary clean up operations to run. Thank you [@vkarpov15](https://togithub.com/vkarpov15)! ##### Bug Fixes - **NODE-3305:** undo flipping of `beforeHandshake` flag for timeout errors ([#2813](https://togithub.com/mongodb/node-mongodb-native/issues/2813)) ([6e3bab3](https://togithub.com/mongodb/node-mongodb-native/commit/6e3bab32204ea905ab9b949edccb68556b50d382)) #### Documentation - Reference: https://docs.mongodb.com/drivers/node/current/ - API: http://mongodb.github.io/node-mongodb-native/3.6/api - Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md We invite you to try the mongodb package immediately, and report any issues to the [NODE project](https://jira.mongodb.org/projects/NODE). ### [`v3.6.7`](https://togithub.com/mongodb/node-mongodb-native/releases/tag/v3.6.7) [Compare Source](https://togithub.com/mongodb/node-mongodb-native/compare/v3.6.6...v3.6.7) The MongoDB Node.js team is pleased to announce version 3.6.7 of the driver #### Release Highlights This patch addresses a number of bug fixes. Notably, there was an interesting javascript related issue with sorting documents. It **only** impacts users using numerical keys in their documents. ```javascript > { a: 'asc', [23]: 'asc' } { [23]: 'asc', a: 'asc' } // numbers come first ``` In javascript, [numerical keys are always iterated first](https://262.ecma-international.org/9.0/#sec-ordinaryownpropertykeys) when looping over the keys of an object followed by the chronological specification of each string key. This effectively changes the ordering of a sort document sent to mongodb. However our driver does accept sort specification in a variety of ways and one way to avoid this problem is passing an array of tuples: ```javascript [['a', 'asc'], ['23', 'asc']] ``` This ensures that mongodb is sent the `'a'` key as the first sort key and `'23'` as the second. #### Bug Fixes - **NODE-3159:** removing incorrect apm docs ([#2793](https://togithub.com/mongodb/node-mongodb-native/issues/2793)) ([971259a](https://togithub.com/mongodb/node-mongodb-native/commit/971259a868a8018e90ebc2f28d151eb7af3dd50a)) - **NODE-3173:** Preserve sort key order for numeric string keys ([#2790](https://togithub.com/mongodb/node-mongodb-native/issues/2790)) ([730f43a](https://togithub.com/mongodb/node-mongodb-native/commit/730f43af6d9e53603af998353b720d8161426d8c)) - **NODE-3176:** handle errors from MessageStream ([#2774](https://togithub.com/mongodb/node-mongodb-native/issues/2774)) ([f1afcc4](https://togithub.com/mongodb/node-mongodb-native/commit/f1afcc4efbc41ce436812a6bfa22843e939ab5cf)) - **NODE-3192:** check clusterTime is defined before access ([#2806](https://togithub.com/mongodb/node-mongodb-native/issues/2806)) ([6ceace6](https://togithub.com/mongodb/node-mongodb-native/commit/6ceace6b245c42b8498fb1b13e7c37a97a46946d)) - **NODE-3252:** state transistion from DISCONNECTED ([#2807](https://togithub.com/mongodb/node-mongodb-native/issues/2807)) ([5d8f649](https://togithub.com/mongodb/node-mongodb-native/commit/5d8f6493a0ba4b525434c0868e2ae12315b4c249)) - **NODE-3219:** topology no longer causes close event ([#2791](https://togithub.com/mongodb/node-mongodb-native/issues/2791)) ([16e7064](https://togithub.com/mongodb/node-mongodb-native/commit/16e70642f25954a03b91a2c2991cea96b8356de7)) - invalid case on writeconcern makes skip check fail ([#2773](https://togithub.com/mongodb/node-mongodb-native/issues/2773)) ([b1363c2](https://togithub.com/mongodb/node-mongodb-native/commit/b1363c26db5da5003f9db43be7e8d6e9007d45bd)) #### Documentation - Reference: http://mongodb.github.io/node-mongodb-native/3.6 - API: http://mongodb.github.io/node-mongodb-native/3.6/api - Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md We invite you to try the driver immediately, and report any issues to the [NODE project](https://jira.mongodb.org/projects/NODE). Thanks very much to all the community members who contributed to this release! ### [`v3.6.6`](https://togithub.com/mongodb/node-mongodb-native/releases/tag/v3.6.6) [Compare Source](https://togithub.com/mongodb/node-mongodb-native/compare/v3.6.5...v3.6.6) The MongoDB Node.js team is pleased to announce version 3.6.6 of the driver #### Release Highlights This patch addresses a number of bugs listed below. Most notably, for client side encryption users upgrading to this version of the driver along with the new version of [mongodb-client-encryption@1.2.3](https://www.npmjs.com/package/mongodb-client-encryption) will alleviate the potential deadlock case if your connection pool was fully utilized. There will now be an internal MongoClient that will be used for metadata look ups (e.g, `listCollections`) when the pool size is under certain constraints. The events generated from this client are forwarded to the client instance you initialize so it is possible to monitor all events. #### Bug - \[[NODE-2995](https://jira.mongodb.org/browse/NODE-2995)] - Sharing a MongoClient for metadata lookup can lead to deadlock in drivers using automatic encryption - \[[NODE-3050](https://jira.mongodb.org/browse/NODE-3050)] - Infinite loop on Windows due to a bug in require_optional package - \[[NODE-3120](https://jira.mongodb.org/browse/NODE-3120)] - TypeError: Cannot read property 'roundTripTime' of undefined - \[[NODE-3122](https://jira.mongodb.org/browse/NODE-3122)] - Pipelining an upload stream of GridFSBucket never finishes on Node v14 - \[[NODE-3129](https://jira.mongodb.org/browse/NODE-3129)] - Collection () .. .setReadPreference() not routing query to secondaries - \[[NODE-3133](https://jira.mongodb.org/browse/NODE-3133)] - autoEncryption produces serverHeartbeatFailed - with MongoError typemismatch #### Improvement - \[[NODE-3070](https://jira.mongodb.org/browse/NODE-3070)] - Define error handling behavior of writeErrors and writeConcernError on Mongos #### Documentation - Reference: http://mongodb.github.io/node-mongodb-native/3.6 - API: http://mongodb.github.io/node-mongodb-native/3.6/api - Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md We invite you to try the driver immediately, and report any issues to the NODE project. Thanks very much to all the community members who contributed to this release! ### [`v3.6.5`](https://togithub.com/mongodb/node-mongodb-native/releases/tag/v3.6.5) [Compare Source](https://togithub.com/mongodb/node-mongodb-native/compare/v3.6.4...v3.6.5) The MongoDB Node.js team is pleased to announce version 3.6.5 of the driver! #### Notable Fixes In this patch there is a fix surrounding an issue some users were encountering in serverless environments when using the Unified Topology. If the nodejs process went unused for a great amount of time there was an intermittent issue that would cause `startSession` to fail, however, issuing a dummy read request would resolve the problem. The session support check is now done after server selection meaning the driver has the most up to date information about the MongoDB deployment before utilizing sessions. We encourage any user's that implemented workarounds to updated their driver and make use of this fix. In addition, the previous release of our driver added a warning about an upcoming change in the v4 version of the driver about how users can specify their write concern options. We've updated the driver to use nodejs's `process.emitWarning` API in nearly all cases where the driver prints something out, as well as limit most warning messages to only be printed once. #### Bug - session support detection spec compliance ([#2732](https://togithub.com/mongodb/node-mongodb-native/issues/2732)) ([9baec71](https://togithub.com/mongodb/node-mongodb-native/commit/9baec7128f612f2d9c290c85d24e33602f911499)) - \[[NODE-3100](https://jira.mongodb.org/browse/NODE-3100)] - startSession fails intermittently on servers that support sessions - \[[NODE-3066](https://jira.mongodb.org/browse/NODE-3066)] - Accessing non-existent property 'MongoError' of module exports inside circular dependency - \[[NODE-3114](https://jira.mongodb.org/browse/NODE-3114)] - Incorrect warning: Top-level use of w, wtimeout, j, and fsync is deprecated - \[[NODE-3119](https://jira.mongodb.org/browse/NODE-3119)] - Node 14.5.4, mongo 3.6.4 Circular warningsConfiguration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.