[Snyk] Upgrade mongodb from 3.6.9 to 3.6.12

[snyk-bot]

Snyk has created this PR to upgrade mongodb from 3.6.9 to 3.6.12.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 3 versions ahead of your current version.
• The recommended version was released 21 days ago, on 2021-08-30.

Release notes

Package name: mongodb

• 3.6.12 - 2021-08-30
  

  The MongoDB Node.js team is pleased to announce version 3.6.12 of the mongodb package!

  Bug Fixes

  • NODE-3487: check for nullish aws mechanism property (#2957) (5902b4c)
  • NODE-3528: add support for snappy v7 (#2947) (54f5c2d)

  Documentation

  • Reference: https://docs.mongodb.com/drivers/node/current/
  • API: https://mongodb.github.io/node-mongodb-native/3.6/api/
  • Changelog: https://github.com/mongodb/node-mongodb-native/blob/v3.6.12/HISTORY.md

  We invite you to try the mongodb library immediately, and report any issues to the NODE project.

• 3.6.11 - 2021-08-05
  

  The MongoDB Node.js team is pleased to announce version 3.6.11 of the mongodb package!

  Release Highlights

  This patch addresses a few bugs listed below.
  Notably, we fixed an issue with the way we imported one of our optional dependencies that blocked webpack bundling.

  If you are a webpack user you will still get warnings for our optional dependencies (if you don't use them).
  You can hush the warnings by adding this option to your webpack config:

  {
      // ...
      externals: [
          'mongodb-client-encryption',
          'aws4',
          'saslprep',
          'kerberos',
          'snappy',
          'bson-ext',
      ],
      // ...
  }

  It is important to note that this will leave the imports in place and not pull in the code to your bundle. If you later do adopt using these dependencies you'll want to revert the relevant setting.

  Bug Fixes

  • NODE-1843: bulk operations ignoring provided sessions (#2898) (9244b17)
  • NODE-3199: unable to bundle driver due to uncaught require (#2903) (60efe9d)

  Documentation

  • Reference: https://docs.mongodb.com/drivers/node/current/
  • API: http://mongodb.github.io/node-mongodb-native/3.6/api
  • Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md

  We invite you to try the mongodb package immediately, and report any issues to the NODE project.

• 3.6.10 - 2021-07-06
  

  The MongoDB Node.js team is pleased to announce version 3.6.10 of the mongodb package!

  Release Highlights

  This patch addresses a few bugs listed below. Notably the bsonRegExp option is now respected by the underlying BSON library, you can use this to decode regular expressions that contain syntax not permitted in native JS RegExp objects. Take a look at this example:

  await collection.insertOne({ a: new BSONRegExp('(?-i)AA_') })
  await collection.findOne({ a: new BSONRegExp('(?-i)AA_') }, { bsonRegExp: true })
  // { _id: ObjectId,  a: BSONRegExp { pattern: '(?-i)AA_', options: '' } }

  Also there was an issue with Cursor.forEach where user defined forEach callbacks that throw errors incorrectly handled catching errors. Take a look at the comments in this example:

  collection.find({}).forEach(doc => {
      if(doc.bad) throw new Error('bad document!');
  }).catch(error => {
      // now this is called! and error is `bad document!`
  })
  // before this fix the `bad document!` error would be thrown synchronously
  // and have to be caught with try catch out here

  Bug Fixes

  • NODE-2035: Exceptions thrown from awaited cursor forEach do not propagate (#2852) (a917dfa)
  • NODE-3150: added bsonRegExp option for v3.6 (#2843) (e4a9a57)
  • NODE-3358: Command monitoring objects hold internal state references (#2858) (750760c)
  • NODE-3380: perform retryable write checks against server (#2861) (621677a)
  • NODE-3397: report more helpful error with unsupported authMechanism in initial handshake (#2876) (3ce148d)

  Documentation

  • Reference: https://docs.mongodb.com/drivers/node/current/
  • API: http://mongodb.github.io/node-mongodb-native/3.6/api
  • Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md

  We invite you to try the mongodb package immediately, and report any issues to the NODE project.

• 3.6.9 - 2021-05-26
  

  The MongoDB Node.js team is pleased to announce version 3.6.9 of the driver!

  Release Highlights

  This release fixes a major performance bug in bulk write operations, which was inadvertently introduced by an incomplete code change in the previous release. The bug resulted in redundant array iterations and caused exponential increases in bulk operation completion times. Thank you Jan Schwalbe for bringing this to our attention!

  Bug Fixes

  • NODE-3309: remove redundant iteration of bulk write result (#2815) (fac9610)
  • NODE-3234: fix url parsing for a mongodb+srv url that has commas in the database name (#2789) (58c4e69)

  Documentation

  • Reference: https://docs.mongodb.com/drivers/node/current/
  • API: http://mongodb.github.io/node-mongodb-native/3.6/api
  • Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md

  We invite you to try the mongodb package immediately, and report any issues to the NODE project.

from mongodb GitHub release notes

Commit messages

Package name: mongodb

• ffcd6ba chore(release): 3.6.12
• 848f239 chore(NODE-3408): test against mongod 5.0 (#2958)
• 5902b4c fix(NODE-3487): check for nullish aws mechanism property (#2957)
• 54f5c2d fix(NODE-3528): add support for snappy v7 (#2947)
• cc0cc20 docs(NODE-3481): deprecate unref (#2936)
• fbdc7c8 chore(release): 3.6.11
• 60efe9d fix(NODE-3199): unable to bundle driver due to uncaught require (#2903)
• 9244b17 fix(NODE-1843): bulk operations ignoring provided sessions [PORT] (#2898)
• 6ee945e chore(NODE-3316): add author info and update bug url in package.json (#2887)
• ecc930b test(NODE-3381): command monitoring redaction tests (#2873)
• 1297cd1 chore(release): 3.6.10
• e9196ab refactor(NODE-3324): bump max wire version to 13 (#2875)
• 3ce148d fix(NODE-3397): report more helpful error with unsupported authMechanism in initial handshake (#2876)
• 558182f test(NODE-3307): unified runner does not assert identical keys (#2867)
• 621677a fix(NODE-3380): perform retryable write checks against server (#2861)
• e4a9a57 fix(NODE-3150): added bsonRegExp option for v3.6 (#2843)
• 750760c fix(NODE-3358): Command monitoring objects hold internal state references (#2858)
• a917dfa fix(NODE-2035): Exceptions thrown from awaited cursor forEach do not propagate (#2852)
• b98f206 refactor(NODE-3356): Update command monitoring logging (#2853)
• 68b4665 test(NODE-2856): ensure defaultTransactionOptions get used from session (#2845)
• 8c8b4c3 fix(NODE-3356): update redaction logic for command monitoring events (#2847)
• 2c5d440 test(NODE-3357): extend timeout for atlas connectivity (#2846)
• fd97808 test(NODE-3288): sync command-monitoring spec tests to 3.6 (#2838)
• bf8b21b docs: change links to use https (#2836)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[vercel]

This pull request is being automatically deployed with Vercel (learn more).
To see the status of your deployments, click below or on the icon next to each commit.

projectautenticationpasswordjs – ./

🔍 Inspect: https://vercel.com/manuelowsky/projectautenticationpasswordjs/7a9pWWhHW1HJocDYNrBZGVq21pnU
✅ Preview: https://projectautenticationpasswordjs-git-snyk-upgr-371666-manuelowsky.vercel.app

project-autentication-passwordjs – ./

🔍 Inspect: https://vercel.com/manuelowsky/project-autentication-passwordjs/CyeyKURwF5q1BoUJmH2eFuCMmAKJ
✅ Preview: https://project-autentication-passwordjs-git-snyk-up-c793a6-manuelowsky.vercel.app