avanelli / mern-todolist

MIT License
1 stars 0 forks source link

build(deps): bump mongodb from 4.13.0 to 6.3.0 in /server #173

Closed dependabot[bot] closed 7 months ago

dependabot[bot] commented 11 months ago

Bumps mongodb from 4.13.0 to 6.3.0.

Release notes

Sourced from mongodb's releases.

v6.3.0

6.3.0 (2023-11-15)

The MongoDB Node.js team is pleased to announce version 6.3.0 of the mongodb package!

Release Notes

New client option serverMonitoringMode

For users that want to control the behaviour of the monitoring connection between each node in the topology, a new option, serverMonitoringMode, has been added. This defaults to auto but can be forced into a specific mode by providing a value of poll or stream. When the setting is auto the monitoring mode will be determined by the environment the driver is running in, specifically, FaaS environments prefer "polling" mode and all others prefer "streaming".

A polling monitor periodically issues a hello command to the node at an interval of heartbeatFrequencyMS. A streaming monitor sends an initial hello and then will automatically get a response from the Node when a change in server configuration occurs or at a maximum time of heartbeatFrequencyMS. The value of that option defaults to 10000 milliseconds.

This new option can be provided in the connection string or as an option to the MongoClient.

// In the connection string.
new MongoClient('mongodb://127.0.0.1:27017/?serverMonitoringMode=stream');

// In the options new MongoClient('mongodb://127.0.0.1:27017/', { serverMonitoringMode: 'stream' });

Fix connection leak when serverApi is enabled

When enabling serverApi the driver's RTT measurement logic (used to determine the closest node) still sent the legacy hello command "isMaster" causing the server to return an error. Unfortunately, the error handling logic did not correctly destroy the socket which would cause a leak.

Both sending the correct hello command and the error handling connection clean-up logic are fixed in this change.

GridFS fields deprecated

The GridFS contentType and aliases options are deprecated. According to the GridFS spec, applications wishing to store contentType and aliases should add a corresponding field to the metadata document instead.

Remove deprecation warning about punycode

The mongodb-connection-string-url package which parses connection strings relied on Node's punycode module, the package now imports the community package removing the deprecation warning on Node.js 20+.

Features

  • NODE-3881: require hello command + OP_MSG when 'loadBalanced=True' (#3907) (fd58eec)
  • NODE-5197: add server monitoring mode (#3899) (ae4c94a)
  • NODE-5590: deprecate GridFS fields (#3905) (d2225da)

Bug Fixes

  • NODE-4863: do not use RetryableWriteError for non-server errors (#3914) (08c9fb4)
  • NODE-5709: bump mongodb-connection-string-url to 3.0.0 (#3909) (1c3dc02)
  • NODE-5749: RTTPinger always sends legacy hello (#3921) (ebbfb8a)

Documentation

... (truncated)

Changelog

Sourced from mongodb's changelog.

6.3.0 (2023-11-15)

Features

  • NODE-3881: require hello command + OP_MSG when 'loadBalanced=True' (#3907) (fd58eec)
  • NODE-4849: Add Typescript support for log path in client options (#3886) (f495abb)
  • NODE-4878: Add remaining log configurable client options (#3908) (54adc9f)
  • NODE-5197: add server monitoring mode (#3899) (ae4c94a)
  • NODE-5452: Logging Cosmos Document DB Info Message (#3902) (bb5fa43)
  • NODE-5590: deprecate GridFS fields (#3905) (d2225da)

Bug Fixes

  • NODE-4863: do not use RetryableWriteError for non-server errors (#3914) (08c9fb4)
  • NODE-5709: bump mongodb-connection-string-url to 3.0.0 (#3909) (1c3dc02)
  • NODE-5749: RTTPinger always sends legacy hello (#3921) (ebbfb8a)

6.2.0 (2023-10-19)

Features

Bug Fixes

  • NODE-5496: remove client-side collection and database name check validation (#3873) (98550c6)
  • NODE-5628: bulkWriteResult.insertedIds does not filter out _ids that are not actually inserted (#3867) (09f2a67)
  • NODE-5706: make findOne() close implicit session to avoid memory leak (#3897) (995d138)

6.1.0 (2023-09-14)

Features

Bug Fixes

  • NODE-5551: set AWS region from environment variable for STSClient (#3831) (e9a5079)
  • NODE-5588: recursive calls to next cause memory leak (#3841) (9a8fdb2)

6.0.0 (2023-08-28)

... (truncated)

Commits
  • a837036 chore(main): release 6.3.0 [skip-ci] (#3904)
  • ebbfb8a fix(NODE-5749): RTTPinger always sends legacy hello (#3921)
  • ae4c94a feat(NODE-5197): add server monitoring mode (#3899)
  • 08c9fb4 fix(NODE-4863): do not use RetryableWriteError for non-server errors (#3914)
  • 54adc9f feat(NODE-4878): Add remaining log configurable client options (#3908)
  • c0506b1 docs(NODE-5730): update load balancer docs (#3910)
  • b602162 refactor(NODE-5696): add async-iterator based socket helpers (#3896)
  • 89cb092 test(NODE-5732): update data lake test scripts (#3913)
  • fd58eec feat(NODE-3881): require hello command + OP_MSG when 'loadBalanced=True' (#3907)
  • bb5fa43 feat(NODE-5452): Logging Cosmos Document DB Info Message (#3902)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by dbx-node, a new releaser for mongodb since your current version.


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dependabot[bot] commented 7 months ago

Superseded by #214.