dependabot-preview[bot]
commented
4 years ago Superseded by #87.
Closed dependabot-preview[bot] closed 4 years ago
dependabot-preview[bot]
commented
4 years ago Superseded by #87.
Bumps mongodb from 3.3.3 to 3.4.0.
Release notes
*Sourced from [mongodb's releases](https://github.com/mongodb/node-mongodb-native/releases).* > ## v3.4.0 > The MongoDB Node.js team is pleased to announce version 3.4.0 of the driver > > ## Release Highlights > > ### Client Side Field Level Encryption (CSFLE) > The major functionality introduced in this release, and indeed the reason for the minor version bump, is full support for MongoDB's [Client Side Field Level Encryption](https://docs.mongodb.com/manual/core/security-client-side-encryption/). The bulk of the support comes through an addon module [mongodb-client-encryption](https://www.npmjs.com/package/mongodb-client-encryption), please refer to the [reference documentation](https://mongodb.github.io/node-mongodb-native/3.3/reference/client-side-encryption/) for more details. > > ### TLS Option Variants > This release also introduces a number of new connection string options related to TLS. In order to unify uri options across all MongoDB drivers, and to better signal the technology the driver is _actually_ using, all `ssl` related options now have a corresponding `tls` variant. NOTE: your application will not break if you continue to use the `ssl` variants, but deprecation warnings will be introduced prior to the 4.x driver release. > > [@adityapatadia](https://github.com/adityapatadia) initially pointed out that these `tls` variants had no effect, now they do. Thank you [@adityapatadia](https://github.com/adityapatadia)! > > ### mongodb+srv > A critical bug was found by [@ephemer](https://github.com/ephemer) with the recently introduced "mongos discovery", where a typo caused DNS polling to occur at very fast intervals. > > Additionally, user [@mpilar](https://github.com/mpilar) identified and fixed a bug with our `mongodb+srv` parsing, where user-provided client options were not overriding those provided by a TXT record lookup. > > Thank you very much [@ephemer](https://github.com/ephemer) and [@mpilar](https://github.com/mpilar)! > > ### server selection > [@adityapatadia](https://github.com/adityapatadia) also helped find a bug in the server selection code which rendered selection with a `nearest` read preference non-functional. Thanks again [@adityapatadia](https://github.com/adityapatadia)! > > ### bulkWrite > A small bug was fixed causing errors in an unordered bulk write to be reported in incorrect order. If an error occurs in a bulk write now, then it will show up in the `writeErrors` field of the resulting `BulkWriteError` with an index that corresponds to the position the operation had in the initial input. > > ## Release Notes >Bug >
>>- [NODE-1547] - Default Port is not applied
>
> - [NODE-1991] - replaceOne() also returns the replacement document?
>
> - [NODE-2089] - Only apply TransientTransactionError label within a transaction
>
> - [NODE-2308] - Bulk write error returns incorrect index in WriteError for unordered writes
>
> - [NODE-2334] - Driver must error if autoEncryption is attempted against wire version < 8
>
> - [NODE-2335] - Node Driver does not follow Initial DNS Seedlist Discovery spec
>
> - [NODE-2353] - Timed out connections should not half-close on destroy
>
> - [NODE-2356] - nearest server is not selected when useUnifiedTopology is set
>
> - [NODE-2359] - tls option in connection URI has no effect
>
> - [NODE-2375] - Typo in `rescanIntervalSrvMS` causes spike in DNS lookups
>
> ... (truncated)
Commits
- [`ff95a2f`](https://github.com/mongodb/node-mongodb-native/commit/ff95a2f8bfad4bdd770f9c180df87cd8221ca6e4) chore(release): 3.4.0 - [`e6ff085`](https://github.com/mongodb/node-mongodb-native/commit/e6ff0850cfe17cbdb529e843c0fe64dc8a84a82e) test: only test CSFLE on LTS versions of node - [`13bb49c`](https://github.com/mongodb/node-mongodb-native/commit/13bb49c1de262656f23165e79606728d4c4c913f) chore: update `mongodb-client-encryption` to 1.0.0 in testing - [`8588e57`](https://github.com/mongodb/node-mongodb-native/commit/8588e574a281578fcc68fa885c08ed8a0ae4c3fc) style: correct linting issues introduced with prettier update - [`0e48300`](https://github.com/mongodb/node-mongodb-native/commit/0e48300c28489f2bae7454171bac2d4745356776) style: update to newest version of prettier - [`b573fe1`](https://github.com/mongodb/node-mongodb-native/commit/b573fe159605f0a8e3d52a330de6699534b48a90) refactor: translate modern tls options to ssl, update documentation - [`806cd62`](https://github.com/mongodb/node-mongodb-native/commit/806cd627741813e38d098c39f1c65694e34bb185) fix(scram): verify server digest, ensuring mutual authentication - [`cb107a8`](https://github.com/mongodb/node-mongodb-native/commit/cb107a8a5f65e639574c8fcfdf8e68c68a94477e) fix: add calculated duration to server as `roundTripTime` - [`faab9ad`](https://github.com/mongodb/node-mongodb-native/commit/faab9ad5f01dfa84dd8ed1c0fc109a5df5d90ce3) chore: fix name of atlas connectivity tests - [`afb125f`](https://github.com/mongodb/node-mongodb-native/commit/afb125f58fbc05bf493c2a1ba45bc87e1122fa68) fix(srv-poller): always provide a valid number for `intervalMS` - Additional commits viewable in [compare view](https://github.com/mongodb/node-mongodb-native/compare/v3.3.3...v3.4.0)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in the `.dependabot/config.yml` file in this repo: - Update frequency - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)