This release includes support for both stapled and non-stapled OCSP verification. The driver will perform OCSP verification on all stapled responses and will also reach out to OCSP responders via HTTP requests if any are present in the server’s TLS certificate and there is no OCSP response. The driver does soft-fail verification, so a connection is rejected if and only if the certificate’s OCSP status is Revoked. If the driver is unable to retrieve a response or the response status is Unknown, the connection will be accepted.
By default, the driver will send HTTP requests to OCSP responders if there is no stapled response. If the responder is not reachable from the driver and this would add unnecessary latency to an application, the tlsDisableOCSPEndpointCheck=true URI option may be used to disable this. In this case, the driver will perform OCSP verification for stapled responses if they exist and will continue the connection without further verification otherwise.
This release adds context to errors encountered during BSON unmarshalling. For example, if the document {x: {y: {z: 1}}} was unmarshalled into a struct where field Z is a string, the driver would return this error: error decoding key x.y.z: cannot decode 32-bit integer into a string type.
Go 1.13 introduced the errors.Is and errors.As helpers. This release adds proper Unwrap functions to various driver error types, which allow them to be used with the language helpers. For example, context-related timeout errors can now be accurately checked with errors.Is(err, context.DeadlineExceeded).
For a full list of tickets included in this release, please see the links below:
The MongoDB Go driver team is pleased to release 1.4.0-rc0 of the official Go driver.
This release contains support for the upcoming MongoDB 4.4 server release as well as driver-specific improvements. This is a release candidate and there may be changes made for bugfixes before v1.4.0 is officially released.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps go.mongodb.org/mongo-driver from 1.0.4 to 1.4.0.
Release notes
Sourced from go.mongodb.org/mongo-driver's releases.
Commits
f10b419
Update version to v1.4.0d3ceaf3
GODRIVER-1695 always use heartbeatTimeout for heartbeat connection (#470)35c4b30
GODRIVER-1489 Ensure server check is cancelled for network errors during hand...612412d
GODRIVER-1699 Fix flaky tests (#468)ff5ea94
Resync CRUD tests to use transactions test format (#459)7872942
GODRIVER-1688 Remove UnixNano call from NewDateTimeFromTime (#463)49e0fa5
GODRIVER-1690 always check topologyVersion in sdam spec tests (#455)0bab0c1
GODRIVER-1669 fix flaky pool test (#439)a1ef15e
Update version to v1.4.0+prereleasecfc0cb9
Update version to v1.4.0-rc0Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)