search

apiaryio / dredd-example

Example application using Dredd and CI
MIT License
85 stars 61 forks source link

chore(deps-dev): bump mongodb from 3.3.3 to 3.5.9 #101

Closed dependabot-preview[bot] closed 4 years ago

dependabot-preview[bot] commented 4 years ago

Bumps mongodb from 3.3.3 to 3.5.9.

Release notes

Sourced from mongodb's releases.

v3.5.9

The MongoDB Node.js team is pleased to announce version 3.5.9 of the driver

Release Highlights

Use duration of handshake if no previous roundTripTime exists

The default roundTripTime of a ServerDescription is -1, which means if that value is used we can potentially calculate a negative roundTripTime. Instead, if no previous roundTripTime exists, we use the duration of the initial handshake.

the options [maxIdleTimeMS] is not supported

A number of new options were added when the CMAP compliant connection pool was introduced in 3.5.x. Unfortunately, these options were not documented properly. Now they are mentioned in the MongoClient documentation, with a notice that they are only supported with the unified topology.

TypeError: Reduce of empty array with no initial value

A fix in 3.5.8 which ensured proper filtering of servers during server selection exposed an issue in max staleness calculations when the topology type is ReplicaSetNoPrimary and no servers are currently known. In order to estimate an upper bound of max staleness when there is no primary, the most stale known server is known to compare the others to - if there are no known servers, you can't reduce the array!

Server monitoring is prevented under heavy request load

In certain very high load fail-over scenarios the driver is unable to reschedule a monitoring check in order to update its view of the topology for retryability. This would result in a high number of failed operations, as they were unable to determine a new viable server.

Documentation

Reference: http://mongodb.github.io/node-mongodb-native/3.5/ API: http://mongodb.github.io/node-mongodb-native/3.5/api/ Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.5/HISTORY.md

We invite you to try the driver immediately, and report any issues to the NODE project.

Thanks very much to all the community members who contributed to this release!

Release Notes

Bug

  • [NODE-2637] - connection pool options support for MongoClient
  • [NODE-2641] - maxStalenessReducer fails on empty set of servers
  • [NODE-2643] - Server monitoring is prevented under heavy request load
  • [NODE-2652] - Use duration of initial handshake if no roundTripTime value exists for server

Improvement

  • [NODE-2651] - Use consistent means of measuring time
... (truncated)
Commits
  • 99681e1 chore(release): 3.5.9
  • c743217 test: two uncaught change stream test methods which leak sessions
  • ddfa41b fix: use duration of handshake if no previous roundTripTime exists
  • 76249cb refactor: use common methods for duration calculations
  • 6f3048c doc: document options supported by the new CMAP connection pool
  • 1f855a4 fix: use async interruptable interval for server monitoring
  • 9e12cd5 feat: introduce an interruptable async interval timer
  • 7baa85e test: fix a number of our most notorious flakey tests
  • 62d80e4 test: move wtfnode invocation to signal handlers on main test runner
  • be51347 fix: don't try to calculate sMax if there are no viable servers
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in the `.dependabot/config.yml` file in this repo: - Update frequency - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)
dependabot-preview[bot] commented 4 years ago

Superseded by #103.