Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): bump mongodb and mongoose in /migration #1

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Oct 8, 2024

Bumps mongodb to 5.9.2 and updates ancestor dependency mongoose. These dependencies need to be updated together.

Updates mongodb from 5.5.0 to 5.9.2

Release notes

Sourced from mongodb's releases.

v5.9.2

5.9.2 (2023-11-16)

The MongoDB Node.js team is pleased to announce version 5.9.2 of the mongodb package!

Release Notes

Fix connection leak when serverApi is enabled

When enabling serverApi the driver's RTT mesurment logic (used to determine the closest node) still sent the legacy hello command "isMaster" causing the server to return an error. Unfortunately, the error handling logic did not correctly destroy the socket which would cause a leak.

Both sending the correct hello command and the error handling connection clean up logic are fixed in this change.

Bug Fixes

  • NODE-5750: RTTPinger always sends legacy hello (#3922) (8e56872)

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v5.9.1

5.9.1 (2023-10-18)

The MongoDB Node.js team is pleased to announce version 5.9.1 of the mongodb package!

Release Notes

insertedIds in bulk write now contain only successful insertions

Prior to this fix, the bulk write error's result.insertedIds property contained the _id of each attempted insert in a bulk operation.

Now, when a bulkwrite() or an insertMany() operation rejects one or more inserts, throwing an error, the error's result.insertedIds property will only contain the _id fields of successfully inserted documents.

Fixed edge case leak in findOne()

When running a findOne against a time series collection, the driver left the implicit session for the cursor un-ended due to the way the server returns the resulting cursor information. Now the cursor will always be cleaned up regardless of the outcome of the find operation.

Bug Fixes

  • NODE-5627: BulkWriteResult.insertedIds includes ids that were not inserted (#3870) (d766ae2)
  • NODE-5691: make findOne() close implicit session to avoid memory leak (#3889) (0d6c9cd)

Documentation

... (truncated)

Changelog

Sourced from mongodb's changelog.

5.9.2 (2023-11-16)

Bug Fixes

  • NODE-5750: RTTPinger always sends legacy hello (#3922) (8e56872)

5.9.1 (2023-10-18)

Bug Fixes

  • NODE-5627: BulkWriteResult.insertedIds includes ids that were not inserted (#3870) (d766ae2)
  • NODE-5691: make findOne() close implicit session to avoid memory leak (#3889) (0d6c9cd)

5.9.0 (2023-09-14)

Features

Bug Fixes

  • NODE-5550: set AWS region from environment variable for STSClient (#3851) (2fab06b)
  • NODE-5587: recursive calls to next cause memory leak (#3842) (f60f1b5)

5.8.1 (2023-08-23)

Bug Fixes

5.8.0 (2023-08-21)

Features

  • NODE-5399: use mongodb-js/saslprep instead of saslprep (#3818) (c0d3927)
  • NODE-5429: deprecate the AutoEncrypter interface (#3764) (9bb0d95)
  • NODE-5465,NODE-5538: lower @aws-sdk/credential-providers version to 3.188.0 and zstd to ^1.0.0 (#3821) (39ff81d)
  • NODE-5489: update kerberos dependency (8c25d6d)

Bug Fixes

  • NODE-5489: set kerberos compatibility to ^1.0.0 || ^2.0.0 (#3803) (c3b35b3)
  • NODE-5495: do not emit deprecation warning when tlsCertificateKeyFile is specified and tlsCertificateFile is not (#3810) (e81d4a2)

... (truncated)

Commits
  • 5047328 chore(5.x): release 5.9.2 [skip-ci] (#3925)
  • 8e56872 fix(NODE-5750): RTTPinger always sends legacy hello (#3922)
  • 6266734 test(NODE-5739): update data lake test scripts (#3918)
  • eecdb6b test(NODE-5737): update aws ecs task definition (#3917)
  • a58f8ee test(NODE-5733): remove at() usage (#3900)
  • 0c16582 chore(5.x): release 5.9.1 [skip-ci] (#3878)
  • 0d6c9cd fix(NODE-5691): make findOne() close implicit session to avoid memory leak (#...
  • df0780e test(NODE-5705): fix failing explain tests (#3894)
  • efb5e93 test(NODE-5695): update azure configuration (#3892)
  • 2ab2189 ci(NODE-5668): remove custom dep tests against master and fix prose test 14 (...
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by dbx-node, a new releaser for mongodb since your current version.


Updates mongoose from 7.2.1 to 7.8.2

Release notes

Sourced from mongoose's releases.

7.6.3 / 2023-10-17

  • fix(populate): handle multiple spaces when specifying paths to populate using space-delimited paths #13984 #13951
  • fix(update): avoid applying defaults on query filter when upserting with empty update #13983 #13962
  • fix(model): add versionKey to bulkWrite when inserting or upserting #13981 #13944
  • docs: fix typo in timestamps docs #13976 danielcoker

7.6.2 / 2023-10-13

  • perf: avoid storing a separate entry in schema subpaths for every element in an array #13953 #13874
  • fix(document): avoid triggering setter when initializing Model.prototype.collection to allow defining collection as a schema path name #13968 #13956
  • fix(model): make bulkSave() save changes in discriminator paths if calling bulkSave() on base model #13959 #13907
  • fix(document): allow calling $model() with no args for TypeScript #13963 #13878
  • fix(schema): handle embedded discriminators defined using Schema.prototype.discriminator() #13958 #13898
  • types(model): make InsertManyResult consistent with return type of insertMany #13965 #13904
  • types(models): add cleaner type definitions for insertMany() with no generics to prevent errors when using insertMany() in generic classes #13964 #13957
  • types(schematypes): allow defining map path using type: 'Map' in addition to type: Map #13960 #13755

7.6.1 / 2023-10-09

7.6.0 / 2023-10-06

7.5.4 / 2023-10-04

  • fix: avoid stripping out id property when _id is set #13933 #13892 #13867
  • fix(QueryCursor): avoid double-applying schema paths so you can include select: false fields with + projection using cursors #13932 #13773
  • fix(query): allow deselecting discriminator key using - syntax #13929 #13760
  • fix(query): handle $round in $expr as array #13928 #13881
  • fix(document): call pre('validate') hooks when modifying a path underneath triply nested subdoc #13912 #13876
  • fix(mongoose): correctly handle global applyPluginsToChildSchemas option #13911 #13887
  • types: add insertMany array overload with options #13931 t1bb4r
  • docs(compatibility): add Mongoose 7 support to compatibility matrix #13875
  • docs: amend some awkward FAQ wording #13925 peteboere

7.5.3 / 2023-09-25

  • fix(document): handle MongoDB Long when casting BigInts #13869 #13791
  • fix(model): make bulkSave() persist changes that happen in pre('save') middleware #13885 #13799
  • fix: handle casting $elemMatch underneath $not underneath another $elemMatch #13893 #13880
  • fix(model): make bulkWrite casting respect global setDefaultsOnInsert #13870 #13823
  • fix(document): handle default values for discriminator key with embedded discriminators #13891 #13835

... (truncated)

Changelog

Sourced from mongoose's changelog.

7.8.2 / 2024-09-25

  • fix(projection): avoid setting projection to unknown exclusive/inclusive if elemMatch on a Date, ObjectId, etc. #14894 #14893

8.6.3 / 2024-09-17

  • fix: make getters convert uuid to string when calling toObject() and toJSON() #14890 #14869
  • fix: fix missing Aggregate re-exports for ESM #14886 wongsean
  • types(document): add generic param to depopulate() to allow updating properties #14891 #14876

6.13.2 / 2024-09-12

  • fix(document): make set() respect merge option on deeply nested objects #14870 #14878

8.6.2 / 2024-09-11

8.6.1 / 2024-09-03

  • fix(document): avoid unnecessary clone() in applyGetters() that was preventing getters from running on 3-level deep subdocuments #14844 #14840 #14835
  • fix(model): throw error if bulkSave() did not insert or update any documents #14837 #14763
  • fix(cursor): throw error in ChangeStream constructor if changeStreamThunk() throws a sync error #14846
  • types(query): add $expr to RootQuerySelector #14845
  • docs: update populate.md to fix missing match: { } #14847 makhoulshbeeb

8.6.0 / 2024-08-28

  • feat: upgrade mongodb -> 6.8.0, handle throwing error on closed cursor in Mongoose with MongooseError instead of MongoCursorExhaustedError #14813
  • feat(model+query): support options parameter for distinct() #14772 #8006
  • feat(QueryCursor): add getDriverCursor() function that returns the raw driver cursor #14745
  • types: change query selector to disallow unknown top-level keys by default #14764 alex-statsig
  • types: make toObject() and toJSON() not generic by default to avoid type widening #14819 #12883
  • types: avoid automatically inferring lean result type when assigning to explicitly typed variable #14734

8.5.5 / 2024-08-28

  • fix(populate): fix a couple of other places where Mongoose gets the document's _id with getters #14833 #14827 #14759
  • fix(discriminator): shallow clone Schema.prototype.obj before merging schemas to avoid modifying original obj #14821
  • types: fix schema type based on timestamps schema options value #14829 #14825 ark23CIS

8.5.4 / 2024-08-23

  • fix: add empty string check for collection name passed #14806 Shubham2552
  • docs(model): add 'throw' as valid strict value for bulkWrite() and add some more clarification on throwOnValidationError #14809

7.8.1 / 2024-08-19

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [mongodb](https://github.com/mongodb/node-mongodb-native) to 5.9.2 and updates ancestor dependency [mongoose](https://github.com/Automattic/mongoose). These dependencies need to be updated together.


Updates `mongodb` from 5.5.0 to 5.9.2
- [Release notes](https://github.com/mongodb/node-mongodb-native/releases)
- [Changelog](https://github.com/mongodb/node-mongodb-native/blob/v5.9.2/HISTORY.md)
- [Commits](mongodb/node-mongodb-native@v5.5.0...v5.9.2)

Updates `mongoose` from 7.2.1 to 7.8.2
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md)
- [Commits](Automattic/mongoose@7.2.1...7.8.2)

---
updated-dependencies:
- dependency-name: mongodb
  dependency-type: indirect
- dependency-name: mongoose
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Oct 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants