Closed HKDataGeek closed 4 years ago
Since Mubsub appears to be no longer maintained the only way forward is probably to remove MongoDB support for now.
Thanks for the quick reply. Sorry to hear that MongoDB support would have to be removed.
Just as a quick side note / question: Monkey-patching mubsub to at least temporarily fix the issue seems to require only minor changes. I assume feathers wouldn't be interested in forking and maintaining mubsub under the feathers umbrella?
Thanks for reporting this!
I created a follow-up issue in #136. There appear to be several forks of mubsub but it was not easy to determine if they are maintained.
If someone wants to contribute a MongoDB adapter I gladly add it back but as mentioned in the other issue I am not using MongoDB at the moment and do not plan on addressing it at the moment.
Issue
feathers-sync
usesmubsub
to work with MongoDB.mubsub:^1.4.0
itself requiresmongodb: ^2.0.35
for which npm audit now reports a high risk security vulnerability.mubsub
itself has been archived.Question: Are there any plans on the feathers.js side to provide a feathers-sync version that works with MongoDB and that does not throw the security warning?
I have tried to force
mubsub
to usemongodb: 3.1.13
vianpm-force-resolutions
but that results in error messages because of breaking changes betweenmongodb
versions 2 and 3.Steps to reproduce
feathers-sync:^1.1.3
with a MongoDB connection in yourapp.ts
npm i && npm audit
feathers-sync > mubsub > mongodb
mubsub
to use version>=3.1.13
ofmongodb
(for example vianpm-force-resolutions
)Expected behavior
Actual behavior
System configuration
Tell us about the applicable parts of your setup.
Module versions (especially the part that's not working):
NodeJS version:
Operating System:
macOS High Sierra
Browser Version:
React Native Version:
Module Loader:
Does this refer to npm / yarn / etc.?