devconcept / multer-gridfs-storage

🍃 GridFS storage engine for Multer to store uploaded files directly to MongoDb
MIT License
237 stars 67 forks source link

Bump mongodb from 3.6.11 to 4.4.0 #441

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps mongodb from 3.6.11 to 4.4.0.

Release notes

Sourced from mongodb's releases.

v4.4.0

The MongoDB Node.js team is pleased to announce version 4.4.0 of the mongodb package!

Release Highlights

This release includes a few new features described below.

KMIP

KMIP can now be configured as a KMS provider for CSFLE by providing the KMIP endpoint in the kmsProviders option.

Example:

new MongoClient(uri, { autoEncryption: { kmsProviders: { kmip: { endpoint: 'host:port' }}}})

CSFLE TLS

Custom TLS options can now be provided for connection to the KMS servers on a per KMS provider basis.

Example:

new MongoClient(uri, { autoEncryption: { tlsOptions: { aws: { tlsCAFile: 'path/to/file' }}}})

Valid options are tlsCAFile, tlsCertificateKeyFile, tlsCertificateKeyFilePassword and all accept strings as values: a string path to a certificate location on the file system or a string password.

Kerberos

Hostname canonicalization when using GSSAPI authentication now accepts 'none', 'forward', and 'forwardAndReverse' as auth mechanism properties. 'none' will perform no canonicalization (default), 'forward' will perform a forward cname lookup, and 'forwardAndReverse' will perform a forward lookup followed by a reverse PTR lookup on the IP address. Previous boolean values are still accepted and map to false -> 'none' and true -> 'forwardAndReverse'.

Example:

new MongoClient('mongodb://user:pass@host:port/db?authMechanism=GSSAPI&authMechanismProperties=CANONICALIZE_HOST_NAME=forward');

For cases when the service host name differs from the connection’s host name (most likely when creating new users on localhost), a SERVICE_HOST auth mechanism property may now be provided.

Example:

new MongoClient('mongodb://user:pass@host:port/db?authMechanism=GSSAPI&authMechanismProperties=SERVICE_HOST:example.com')

⚠️ collection.count() and cursor.count()

In the 4.0.0 release of the driver, the deprecated collection.count() method was inadvertently changed to behave like collection.countDocuments(). In this release, we have updated the collection.count() behavior to match the legacy behavior:

  • If a query is passed in, collection.count will behave the same as collection.countDocuments and perform a collection scan.
  • If no query is passed in, collection.count will behave the same as collection.estimatedDocumentCount and rely on collection metadata.

We also deprecated the cursor.count() method and will remove it in the next major version along with collection.count(); please use collection.estimatedDocumentCount() or collection.countDocuments() instead.

Features

... (truncated)

Changelog

Sourced from mongodb's changelog.

Changes in 4.x (and how to migrate!)

Hello dear reader, thank you for adopting version 4.x of the MongoDB Node.js driver, from the bottom of our developer hearts we thank you so much for taking the time to upgrade to our latest and greatest offering of a stunning database experience. We hope you enjoy your upgrade experience and this guide gives you all the answers you are searching for. If anything, and we mean anything, hinders your upgrade experience please let us know via JIRA. We know breaking changes are hard but they are sometimes for the best. Anyway, enjoy the guide, see you at the end!

Key Changes

Typescript

We've migrated the driver to Typescript! Users can now harness the power of type hinting and intellisense in editors that support it to develop their MongoDB applications. Even pure JavaScript projects can benefit from the type definitions with the right linting setup. Along with the type hinting there's consistent and helpful docs formatting that editors should be able to display while developing. Recently we migrated our BSON library to TypeScript as well, this version of the driver pulls in that change.

Community Types users (@​types/mongodb)

If you are a user of the community types (@​types/mongodb) there will likely be compilation errors while adopting the types from our codebase. Unfortunately we could not achieve a one to one match in types due to the details of writing the codebase in Typescript vs definitions for the user layer API along with the breaking changes of this major version. Please let us know if there's anything that is a blocker to upgrading on JIRA.

Node.js Version

We now require node 12.9 or greater for version 4 of the driver. If that's outside your support matrix at this time, that's okay! Bug fix support for our 3.x branch will not be ending until summer 2022, which has support going back as far as Node.js v4!

CRUD results

Our CRUD operations now return the drivers-wide spec-compliant results which are defined here:

For example, insertOne() used to return an object that was shaped like:

interface LegacyInsertOneResult {
    insertedCount: number;
    ops: InsertedDocument[];
    insertedId: ObjectId;
    connection: Connection;
    result: { ok: number; n: number };
}

and now returns:

</tr></table> 

... (truncated)

Commits
  • b578d89 chore(release): 4.4.0
  • d0390d0 feat(NODE-2939): add new hostname canonicalization opts (#3131)
  • aa069f1 chore(NODE-3719): spec compliance review wrap up (#3145)
  • b192493 fix(NODE-3917): Throw an error when directConnection is set with multiple hos...
  • 3e7b894 fix(NODE-3813): unexpected type conversion of read preference tags (#3138)
  • 9242de5 test(NODE-3860): improve skipReason reporting for disabled 'auth' tests (#3137)
  • 46d5821 feat(NODE-2938): add service host mechanism property (#3130)
  • 541e939 fix: fix csfle imports (#3142)
  • 489e05b test(NODE-3733): Make retryable write test error labels behave consistently w...
  • 3807d01 test(NODE-3885): update spec tests to remove legacy language (#3139)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 2 years ago

Superseded by #449.