UK-Export-Finance / dtfs2

Digital Trade Finance
MIT License
11 stars 1 forks source link

chore(deps): bump mongodb from 4.17.2 to 6.9.0 in /dtfs-central-api #3615

Closed dependabot[bot] closed 4 weeks ago

dependabot[bot] commented 4 weeks ago

Bumps mongodb from 4.17.2 to 6.9.0.

Release notes

Sourced from mongodb's releases.

v6.9.0

6.9.0 (2024-09-06)

The MongoDB Node.js team is pleased to announce version 6.9.0 of the mongodb package!

Release Notes

Driver support of upcoming MongoDB server release

Increased the driver's max supported Wire Protocol version and server version in preparation for the upcoming release of MongoDB 8.0.

MongoDB 3.6 server support deprecated

[!WARNING] Support for 3.6 servers is deprecated and will be removed in a future version.

Support for explicit resource management

The driver now natively supports explicit resource management for MongoClient, ClientSession, ChangeStreams and cursors. Additionally, on compatible Node.js versions, explicit resource management can be used with cursor.stream() and the GridFSDownloadStream, since these classes inherit resource management from Node.js' readable streams.

This feature is experimental and subject to changes at any time. This feature will remain experimental until the proposal has reached stage 4 and Node.js declares its implementation of async disposable resources as stable.

To use explicit resource management with the Node driver, you must:

  • Use Typescript 5.2 or greater (or another bundler that supports resource management)
  • Enable tslib polyfills for your application
  • Either use a compatible Node.js version or polyfill Symbol.asyncDispose (see the TS 5.2 release announcement for more information).

Explicit resource management is a feature that ensures that resources' disposal methods are always called when the resources' scope is exited. For driver resources, explicit resource management guarantees that the resources' corresponding close method is called when the resource goes out of scope.

// before:
{
  try {
    const client = MongoClient.connect('<uri>');
    try {
      const session = client.startSession();
      const cursor = client.db('my-db').collection("my-collection").find({}, { session });
      try {
        const doc = await cursor.next();
      } finally {
        await cursor.close();
      }
    } finally {
      await session.endSession();
    }
  } finally {
    await client.close();
  }
}
</tr></table> 

... (truncated)

Changelog

Sourced from mongodb's changelog.

6.9.0 (2024-09-12)

Features

  • NODE-5459: add durations to connection pool events (#4166) (7295695)
  • NODE-5614: add support for explicit resource management (#4177) (b3f3987)
  • NODE-5754: allow auto select family options (#4185) (54efb7d)
  • NODE-5908: support range v2 (#4141) (de253a7)
  • NODE-6225: add property ownership check before referencing mongocryptdSpawnPath and mongocryptdSpawnArgs (#4151) (f48f8d3)
  • NODE-6244: Bump max supported wire version and server version (#4163) (45bc098)
  • NODE-6252: insertMany and bulkWrite permit readonly arrays (#4175) (4b219d3)
  • NODE-6278: deprecate 3.6 servers (#4178) (35d8840)
  • NODE-6309: Mark range API as stable (#4190) (f53e9d9)
  • NODE-6327: new client bulk write types and builders (#4205) (6d65ae7)
  • NODE-6365: pass through allowPartialTrustChain TLS flag (#4228) (d6c147d)

Bug Fixes

  • NODE-5720: on pre-4.4 sharded servers, the node driver uses error.writeConcern.code to determine retryability (#4155) (b26c328)
  • NODE-6241: allow Binary as local kms provider key for auto encryption (#4165) (d85f827)
  • NODE-6259: replace dynamically assigned length property with a static getter (#4173) (320dde0)
  • NODE-6276: preserve top level error code MongoWriteConcernError (#4183) (e902584)
  • NODE-6284: make sparsity and trimFactor optional (#4189) (8622545)
  • NODE-6355: respect utf8 validation options when iterating cursors (#4214) (8bfe187)
  • NODE-6362: cache cursor deserialization options across deserialize calls (#4221) (833eaa4)
  • NODE-6367: enable mixed use of iteration APIs (#4231) (08912c8)

Performance Improvements

  • NODE-5906: optimize toArray to use batches (#4171) (5565d50)

6.8.0 (2024-06-27)

Features

  • NODE-5718: add ReadConcernMajorityNotAvailableYet to retryable errors (#4154) (4f32dec)
  • NODE-5801: allow multiple providers providers per type (#4137) (4d209ce)
  • NODE-5853: support delegated KMIP data key option (#4129) (aa429f8)
  • NODE-6136: parse cursor responses on demand (#4112) (3ed6a2a)
  • NODE-6157: add signature to github releases (#4119) (f38c5fe)

Bug Fixes

  • NODE-5801: use more specific key typing for multiple KMS provider support (#4146) (465ffd9)
  • NODE-6085: add TS support for KMIP data key options (#4128) (f790cc1)

... (truncated)

Commits
  • 1dcf8b1 chore(main): release 6.9.0 [skip-ci] (#4164)
  • 210c572 docs: generate docs from latest main [skip-ci] (#4147)
  • 08912c8 fix(NODE-6367): enable mixed use of iteration APIs (#4231)
  • 8347db9 test(NODE-6323): add performance no-op baseline test (#4194)
  • 833eaa4 fix(NODE-6362): cache cursor deserialization options across deserialize calls...
  • d6c147d feat(NODE-6365): pass through allowPartialTrustChain TLS flag (#4228)
  • 91ceaf0 chore: specify branch when checking out GHA code (#4226)
  • 27fd8a0 chore: quote branch names to avoid numeric conversion (#4224)
  • 65e0e15 test(NODE-6317): fix test assertions and naming (#4217)
  • f53e9d9 feat(NODE-6309): Mark range API as stable (#4190)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
sonarcloud[bot] commented 4 weeks ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

dependabot[bot] commented 4 weeks ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.