The MongoDB Node.js team is pleased to announce version 6.0.0 of the bson package!
Release Notes
In this major version update, we focused on removing deprecated or otherwise difficult to use APIs and fixing impactful bugs.
[!Important]
The BSON_MAJOR_VERSION has been bumped to 6. Only BSON objects that have this major version can be serialized with this version of the library. Mismatched objects will throw a BSONVersionError when attempting to serialize.
[!Important]
The minimum supported Node.js version is now v16.20.1. We strive to keep our minimum supported Node.js version in sync with the runtime's release cadence to keep up with the latest security updates and modern language features.
Decimal128 constructor now throws when detecting loss of precision
Prior to this release, Decimal128 would round numbers with more than 34 significant digits and lose precision. Now, on detecting loss of precision, Decimal128's constructor and Decimal128.fromString will throw a BSONError. This behaviour should have been the default as the Decimal128 class was always intended to be high-precision floating point value. As such, silently rounding is undesirable behaviour as it can potentially result in data loss.
// previous behaviour
> new Decimal128('10000000000000000000000000000000001')
new Decimal128("1.000000000000000000000000000000000E+34")
// new behaviour
> new Decimal128('10000000000000000000000000000000001')
Uncaught:
BSONError: "10000000000000000000000000000000001" is not a valid Decimal128 string - inexact rounding
at invalidErr (bson/lib/bson.cjs:1402:11)
at Decimal128.fromString (bson/lib/bson.cjs:1555:21)
at new Decimal128 (bson/lib/bson.cjs:1411:37)
Note a separate method with corrected rounding behaviour will be available in the next minor version of this library. Additionally a fix for this bug and the aforementioned new method with corrected rounding will be added in the next minor release of v5 of this library.
Strings of length 12 can no longer make an ObjectId
(From String.length): [The String length] property returns the number of code units in the string. JavaScript uses UTF-16 encoding, where each Unicode character may be encoded as one or two code units, so it's possible for the value returned by length to not match the actual number of Unicode characters in the string.
The ObjectId constructor erroneously interpreted a string with length of 12 as UTF8 bytes that could be converted to an ObjectId. This is unexpected for at least two reasons. The first is that a legacy approach (pre- Uint8Arrays) to handling binary data was to pass around "binary strings", where each character represents a single byte, this is not the same as interpreting a sting as UTF8, which has restrictions on how each byte can be formatted. The second is that a string of length 12 does not result in 12 bytes of data when converted to utf8 (ex. '🐶🐶🐶🐶🐶🐶'.length === 12, but as UTF8 bytes this is a 24-byte sequence).
Despite the bugginess of the behavior discussed above, the right string in the right context does create the proper byte sequence, so we are considering this a breaking change and removing it in this major release.
Removed ISO-8859-1 string format from Binary (a.k.a 'latin1', 'binary')
The Binary BSON type no longer accepts a string as a constructor argument nor can write() be invoked with a string argument. Both methods interpreted strings as binary sequences rather than UTF-8 or base64 which are much more common and expected formats. If there is a string representation of your data it is now expected that the logic that interprets the string format exists outside the Binary class to avoid misinterpreting data. Additionally, .value() only returns a Uint8Array/Buffer that is properly sized to the data. Internally Binary may maintain a .buffer property larger than the the actual data that will be written to BSON bytes. Use .value() to obtain only the bytes relevant to your Binary data.
new Binary(Buffer.from('ÿÿ', 'binary'));
</tr></table>
This version was pushed to npm by dbx-node, a new releaser for bson since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps bson from 4.6.0 to 6.0.0.
Release notes
Sourced from bson's releases.
... (truncated)
Changelog
Sourced from bson's changelog.
... (truncated)
Commits
7b98403
chore(main): release 6.0.0 [skip-ci] (#596)1384cee
fix(NODE-5546): decimal 128 fromString performs inexact rounding (#613)06f1774
chore(NODE-5580): add release alpha action (#616)0664840
fix(NODE-5559): account for quotes when inspecting Code and BSONSymbol (#612)db2fc68
chore(NODE-5543): fix duplicate PR highlights (#610)bcc9211
chore(release): 6.0.0-alpha.04ec5484
docs(NODE-5525): add nodejs driver version compat table (#609)28d3652
chore(NODE-5447): update bson dependencies (#608)e2674c6
fix(NODE-5509): Allow undefined or null params in ObjectId.equals (#607)9615902
feat(NODE-5504)!: bump bson major version (#605)Maintainer changes
This version was pushed to npm by dbx-node, a new releaser for bson since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show