search

seppevs / migrate-mongo

A database migration tool for MongoDB in Node
MIT License
931 stars 166 forks source link

Bump mongodb from 3.3.3 to 3.5.0 #163

Closed dependabot-preview[bot] closed 4 years ago

dependabot-preview[bot] commented 4 years ago

Bumps mongodb from 3.3.3 to 3.5.0.

Release notes

Sourced from mongodb's releases.

v3.5.0

The MongoDB Node.js team is pleased to announce version 3.5.0 of the driver

Release Highlights

CMAP-compliant Connection Pool

This release introduces a modern replacement for the driver's connection pool, available only with the unified topology. A major effort was made in early 2019 to fully specifiy connection pools for MongoDB drivers (see: CMAP specification), and this release brings the Node.js driver in line with that specification.

Traceability

The new pool supports monitoring for all aspects of its behavior. This allows deep introspection into the operation of the connection pool, as well as an ability to profile the lifetime of an operation when used in conjunction with command monitoring.

Stream-first Connection Design

The Connection class was completely rewritten for the new pool adopting a stream-first mentality. All wire message processing and compression is handled in a duplex stream called the MessageStream, and that stream is connected bidirectionally to the underlaying TCP socket. The result is a connection which gains the general benefit of streams: better performance, less memory pressure, backpressure support. It also opens the possiblity of supporting non-TCP/UDP streams as a transport for the driver.

waitQueueTimeoutMS

The new connection pool has a concept of a "wait queue", which allows operation requests to buffer waiting for a connection to execute against. There is no timeout by default, but users can now specify a new value waitQueueTimeoutMS in their connection string or MongoClient options to proactively cancel operations that have waited too long.

Remember that the new connection pool is only available for the "Unified Topology", so remember to pass useUnifiedTopology: true to your MongoClient constructor to use it!

Dedicated monitoring thread

Both the legacy and unified SDAM implementations have until now executed monitoring checks as priority messages in the legacy Pool implementation. This means that monitoring (ismaster) operations were prioritized over other queued operations, but also means that monitoring could be indefinitely blocked, in particular during failover or blackhole scenarios. The default socket timeout is null (read: Infinity), so if the pool was completely saturated with operations, there may be no ability to execute a monitoring check and determine that the connection to a server was no longer valid. This version of the driver introduces a new Monitor class which manages its own dedicated monitoring socket to each known node.

Server selection errors

In v3.3.0 of the driver we introduced a new MongoTimeoutError for all errors covered by the server selection loop, leading to a spike in bug reports with a title similar to Server selection timed out after 30000ms. Even though the error type itself had an attached reason field, we still feel it was easy to miss why the selection had failed. As a result we have introduced a new type MongoServerSelectionError which will use the originating error (reason) for its message, better informing users what caused a selection error, while still also conveying it is an error in server selection.

... (truncated)
Commits
  • 8991285 chore(release): 3.5.0
  • ea56625 chore: waitQueueTimeoutMS is a valid connection string option
  • a630389 refactor: wait until server destroyed before stopping event relay
  • c04a520 doc: add basic documentation for CMAP event monitoring
  • c01bf50 refactor: don't encode type name into public CMAP event types
  • 1aea4de feat: relay all CMAP events to MongoClient
  • ed8c9d4 refactor: warn on use of deprecated SDAM events in unified mode
  • 7e64df7 test: reduce flakiness of objectid test which checks by time
  • 0715a36 doc: add documentation for CMAP events and errors
  • 9bd360c feat: include connectionId for APM with new CMAP connection pool
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)
coveralls commented 4 years ago

Coverage Status

Coverage remained the same at 100.0% when pulling 5bfaa6cbadbc744aa006d6e4905dafb0786b8745 on dependabot/npm_and_yarn/mongodb-3.5.0 into 9866d65ad6462fdc6144aafff441d90b5f6733e3 on master.

dependabot-preview[bot] commented 4 years ago

Superseded by #165.