Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the npm_and_yarn group group with 2 updates #516

Open
wants to merge 1 commit into
base: beta
Choose a base branch
from
Open

chore(deps): bump the npm_and_yarn group group with 2 updates #516

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 2, 2024
edited
Loading

Bumps the npm_and_yarn group group with 2 updates: mongoose and mongodb.

Updates mongoose from 7.4.2 to 8.0.3

Release notes

Sourced from mongoose's releases.

8.0.3 / 2023-12-07

  • fix(schema): avoid creating unnecessary clone of schematype in nested array so nested document arrays use correct constructor #14128 #14101
  • docs(connections): add example of registering connection event handlers #14150
  • docs(populate): add example of using refPath and ref functions #14133 #13834
  • types: handle using BigInt global class in schema definitions #14160 #14147
  • types: make findOneAndDelete() without options return result doc, not ModifyResult #14153 #14130
  • types(model): add no-generic override for insertMany() with options #14152 #13999
  • types: add missing Type for applyDefaults #14159 jaypea

8.0.2 / 2023-11-28

  • fix(populate): set populated docs in correct order when populating virtual underneath doc array with justOne #14105
  • fix(populate): fix curPath to update appropriately #14099 #14098 csy1204
  • types: make property names show up in intellisense for UpdateQuery #14123 #14090
  • types(document): correct return type for doc.deleteOne() re: Mongoose 8 breaking change #14110 #14081
  • types: correct types for when includeResultMetadata: true is set #14078
  • types(models): allow specifying timestamps as inline option for bulkWrite() operations #14112 #14072
  • docs: fix rendering of 7.x server compatibility #14086 laupow
  • docs(source/api): fix "index.js" -> "mongoose.js" rename #14125
  • docs(README): update breaking change version #14126

8.0.1 / 2023-11-15

  • fix: retain key order with aliases when creating indexes with alias #14042 meabed
  • fix: handle nonexistent collection with diffIndexes #14029 #14010
  • types(model+query): correctly remove count from TypeScript types to reflect removal of runtime support #14076 #14067 #14062
  • types: correct this parameter for methods and statics #14028 #14027 ruxxzebre
  • types(model+query): unpack arrays in distinct return type #14047 #14026
  • types: add missing Types.UUID typings #14023 #13103 k725
  • docs: add mongoose 8 to mongodb server compatibility guide #14064
  • docs: fix typo in queries.md #14065 MuhibAhmed

8.0.0 / 2023-10-31

  • docs: add version support notes for Mongoose 8, including EOL date for Mongoose 6

8.0.0-rc0 / 2023-10-24

  • BREAKING CHANGE: use MongoDB node driver 6, drop support for rawResult option and findOneAndRemove() #13753
  • BREAKING CHANGE: apply minimize by default when updating document #13843
  • BREAKING CHANGE: remove id setter #13784
  • BREAKING CHANGE: remove overwrite option for updateOne(), findOneAndUpdate(), etc. #13989 #13578
  • BREAKING CHANGE: make model.prototype.deleteOne() return query, not promise #13660 #13369
  • BREAKING CHANGE: remove Model.count(), Query.prototype.count() #13618 #13598
  • BREAKING CHANGE: allow null values for string enum #13620 #3044
  • BREAKING CHANGE: make base schema paths come before discriminator schema paths when running setters, validators, etc. #13846 #13794
  • BREAKING CHANGE: make Model.validate() use Model.castObject() to cast, and return casted copy of object instead of modifying in place #13287 #12668
  • BREAKING CHANGE: make internal file names all camelCase #13950 #13909 #13308
  • BREAKING CHANGE: make create() wait for all documents to finish inserting or error out before throwing an error if ordered = false #13621 #4628

... (truncated)

Changelog

Sourced from mongoose's changelog.

8.0.3 / 2023-12-07

  • fix(schema): avoid creating unnecessary clone of schematype in nested array so nested document arrays use correct constructor #14128 #14101
  • docs(connections): add example of registering connection event handlers #14150
  • docs(populate): add example of using refPath and ref functions #14133 #13834
  • types: handle using BigInt global class in schema definitions #14160 #14147
  • types: make findOneAndDelete() without options return result doc, not ModifyResult #14153 #14130
  • types(model): add no-generic override for insertMany() with options #14152 #13999
  • types: add missing Type for applyDefaults #14159 jaypea

7.6.7 / 2023-12-06

  • fix: avoid minimizing single nested subdocs if they are required #14151 #14058
  • fix(populate): allow deselecting discriminator key when populating #14155 #3230
  • fix: allow adding discriminators using Schema.prototype.discriminator() to subdocuments after defining parent schema #14131 #14109
  • fix(schema): avoid creating unnecessary clone of schematype in nested array so nested document arrays use correct constructor #14128 #14101
  • fix(populate): call transform object with single id instead of array when populating a justOne path under an array #14135 #14073
  • types: add back mistakenly removed findByIdAndRemove() function signature #14136 #14132

8.0.2 / 2023-11-28

  • fix(populate): set populated docs in correct order when populating virtual underneath doc array with justOne #14105
  • fix(populate): fix curPath to update appropriately #14099 #14098 csy1204
  • types: make property names show up in intellisense for UpdateQuery #14123 #14090
  • types(document): correct return type for doc.deleteOne() re: Mongoose 8 breaking change #14110 #14081
  • types: correct types for when includeResultMetadata: true is set #14078
  • types(models): allow specifying timestamps as inline option for bulkWrite() operations #14112 #14072
  • docs: fix rendering of 7.x server compatibility #14086 laupow
  • docs(source/api): fix "index.js" -> "mongoose.js" rename #14125
  • docs(README): update breaking change version #14126

7.6.6 / 2023-11-27

  • perf: avoid double-running setter logic when calling push() #14120 #11380
  • fix(populate): set populated docs in correct order when populating virtual underneath doc array with justOne #14105 #14018
  • fix: bump mongodb driver -> 5.9.1 #14084 #13829 lorand-horvath
  • types: allow defining document array using [{ prop: String }] syntax #14095 #13424
  • types: correct types for when includeResultMetadata: true is set #14078 #13987 prathamVaidya
  • types(query): base filters and projections off of RawDocType instead of DocType so autocomplete doesn't show populate #14118 #14077
  • types: make property names show up in intellisense for UpdateQuery #14123 #14090
  • types(model): support calling Model.validate() with pathsToSkip option #14088 #14003
  • docs: remove "DEPRECATED" warning mistakenly added to read() tags param #13980

8.0.1 / 2023-11-15

  • fix: retain key order with aliases when creating indexes with alias #14042 meabed
  • fix: handle nonexistent collection with diffIndexes #14029 #14010
  • types(model+query): correctly remove count from TypeScript types to reflect removal of runtime support #14076 #14067 #14062
  • types: correct this parameter for methods and statics #14028 #14027 ruxxzebre
  • types(model+query): unpack arrays in distinct return type #14047 #14026

... (truncated)

Commits

Updates mongodb from 5.7.0 to 5.9.2

Release notes

Sourced from mongodb's releases.

v5.9.2

5.9.2 (2023-11-16)

The MongoDB Node.js team is pleased to announce version 5.9.2 of the mongodb package!

Release Notes

Fix connection leak when serverApi is enabled

When enabling serverApi the driver's RTT mesurment logic (used to determine the closest node) still sent the legacy hello command "isMaster" causing the server to return an error. Unfortunately, the error handling logic did not correctly destroy the socket which would cause a leak.

Both sending the correct hello command and the error handling connection clean up logic are fixed in this change.

Bug Fixes

  • NODE-5750: RTTPinger always sends legacy hello (#3922) (8e56872)

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v5.9.1

5.9.1 (2023-10-18)

The MongoDB Node.js team is pleased to announce version 5.9.1 of the mongodb package!

Release Notes

insertedIds in bulk write now contain only successful insertions

Prior to this fix, the bulk write error's result.insertedIds property contained the _id of each attempted insert in a bulk operation.

Now, when a bulkwrite() or an insertMany() operation rejects one or more inserts, throwing an error, the error's result.insertedIds property will only contain the _id fields of successfully inserted documents.

Fixed edge case leak in findOne()

When running a findOne against a time series collection, the driver left the implicit session for the cursor un-ended due to the way the server returns the resulting cursor information. Now the cursor will always be cleaned up regardless of the outcome of the find operation.

Bug Fixes

  • NODE-5627: BulkWriteResult.insertedIds includes ids that were not inserted (#3870) (d766ae2)
  • NODE-5691: make findOne() close implicit session to avoid memory leak (#3889) (0d6c9cd)

Documentation

... (truncated)

Changelog

Sourced from mongodb's changelog.

5.9.2 (2023-11-16)

Bug Fixes

  • NODE-5750: RTTPinger always sends legacy hello (#3922) (8e56872)

5.9.1 (2023-10-18)

Bug Fixes

  • NODE-5627: BulkWriteResult.insertedIds includes ids that were not inserted (#3870) (d766ae2)
  • NODE-5691: make findOne() close implicit session to avoid memory leak (#3889) (0d6c9cd)

5.9.0 (2023-09-14)

Features

Bug Fixes

  • NODE-5550: set AWS region from environment variable for STSClient (#3851) (2fab06b)
  • NODE-5587: recursive calls to next cause memory leak (#3842) (f60f1b5)

5.8.1 (2023-08-23)

Bug Fixes

5.8.0 (2023-08-21)

Features

  • NODE-5399: use mongodb-js/saslprep instead of saslprep (#3818) (c0d3927)
  • NODE-5429: deprecate the AutoEncrypter interface (#3764) (9bb0d95)
  • NODE-5465,NODE-5538: lower @aws-sdk/credential-providers version to 3.188.0 and zstd to ^1.0.0 (#3821) (39ff81d)
  • NODE-5489: update kerberos dependency (8c25d6d)

Bug Fixes

  • NODE-5489: set kerberos compatibility to ^1.0.0 || ^2.0.0 (#3803) (c3b35b3)
  • NODE-5495: do not emit deprecation warning when tlsCertificateKeyFile is specified and tlsCertificateFile is not (#3810) (e81d4a2)

... (truncated)

Commits
  • 5047328 chore(5.x): release 5.9.2 [skip-ci] (#3925)
  • 8e56872 fix(NODE-5750): RTTPinger always sends legacy hello (#3922)
  • 6266734 test(NODE-5739): update data lake test scripts (#3918)
  • eecdb6b test(NODE-5737): update aws ecs task definition (#3917)
  • a58f8ee test(NODE-5733): remove at() usage (#3900)
  • 0c16582 chore(5.x): release 5.9.1 [skip-ci] (#3878)
  • 0d6c9cd fix(NODE-5691): make findOne() close implicit session to avoid memory leak (#...
  • df0780e test(NODE-5705): fix failing explain tests (#3894)
  • efb5e93 test(NODE-5695): update azure configuration (#3892)
  • 2ab2189 ci(NODE-5668): remove custom dep tests against master and fix prose test 14 (...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jan 2, 2024
@dependabot dependabot bot mentioned this pull request Jan 2, 2024
Closed
@dependabot
chore(deps): bump the npm_and_yarn group group with 2 updates
aa0bba9 
Bumps the npm_and_yarn group group with 2 updates: [mongoose](https://github.com/Automattic/mongoose) and [mongodb](https://github.com/mongodb/node-mongodb-native).


Updates `mongoose` from 7.4.2 to 8.0.3
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md)
- [Commits](Automattic/mongoose@7.4.2...8.0.3)

Updates `mongodb` from 5.7.0 to 5.9.2
- [Release notes](https://github.com/mongodb/node-mongodb-native/releases)
- [Changelog](https://github.com/mongodb/node-mongodb-native/blob/v5.9.2/HISTORY.md)
- [Commits](mongodb/node-mongodb-native@v5.7.0...v5.9.2)

---
updated-dependencies:
- dependency-name: mongoose
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: mongodb
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn-security-group-5ec402e8f7 branch from 7439fc3 to aa0bba9 Compare January 2, 2024 17:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants