Skip to content

[Snyk] Upgrade bson from 4.0.1 to 4.2.2 #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade bson from 4.0.1 to 4.2.2 #5

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

@snyk-bot snyk-bot commented Jan 2, 2021

Snyk has created this PR to upgrade bson from 4.0.1 to 4.2.2.

merge advice
✨ Snyk has automatically assigned this pull request, set who gets assigned.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 7 versions ahead of your current version.
  • The recommended version was released a month ago, on 2020-12-01.
Release notes
Package name: bson
  • 4.2.2 - 2020-12-01

    The MongoDB Node.js team is pleased to announce version 4.2.2 of the bson module!

    This patch fixes a critical bug in the 4.2.1 release we recommend all users of 4.2.1 upgrade to this version immediately. There was an unintended dependency published on tslib without tslib being specified in our package.json.

    This patch includes additional 'inspect' methods on each BSON type class that makes printing out values consistent and readable.

    Bug

    Task

    • NODE-2844 - Add downlevel-dts to our BSON type definitions pipeline
    • NODE-2875 - Add correct inspect methods for BSON Types
    • NODE-2845 - Make Long class alias methods into methods rather than properties

    Documentation

    We invite you to try the bson library immediately, and report any issues to the NODE project.
    Thanks very much to all the community members who contributed to this release!

  • 4.2.1 - 2020-12-01

    Deprecated

    This version has a critical bug that prevents it from importing correctly. There was an unintended dependcy on tslib published without tslib being specified in our package.json. A workaround is installing tslib manually but we highly recommend users of this version should update to v4.2.2 instead.

    The MongoDB Node.js team is pleased to announce version 4.2.1 of the bson module!

    This patch includes additional 'inspect' methods on each BSON type class that makes printing out values consistent and readable.

    Bug

    Task

    • NODE-2844 - Add downlevel-dts to our BSON type definitions pipeline
    • NODE-2875 - Add correct inspect methods for BSON Types
    • NODE-2845 - Make Long class alias methods into methods rather than properties

    Documentation

    We invite you to try the bson library immediately, and report any issues to the NODE project.
    Thanks very much to all the community members who contributed to this release!

  • 4.2.0 - 2020-10-13

    The MongoDB Node.js team is pleased to announce version 4.2.0 of the bson module!

    Release Highlights

    Convert code base to Typescript

    Before this release we have converted the codebase to Typescript and you can find our bundled type definitions in the release.
    Converting to Typescript gave us an opportunity to fine tune our build pipeline, you should expect proper web bundle support with sourcemaps.
    If you were to ever encounter an issue or just want to get insight into the inner workings of the BSON library these sourcemaps will allow you to debug the original source code that is in typescript.

    If you’re curious about Typescript take a look here.

    A primary reason for converting to typescript is the first in class developer experience the language offers.
    It enables us to communicate APIs more succinctly to you the user and for you the user to benefit from excellent autocompletion and code intellisence while working with the BSON library.

    BigInt support

    BigInt is a new primitive type added to the ECMAScript specification, with this release you can use these new Long helpers to serialize BigInt(s) to BSON.

    class Long {
  // ...
  /**
   * Returns a Long representing the given value, provided that it is a finite number.  Otherwise, zero is returned.
   * @ param value - The number in question
   * @ param unsigned - Whether unsigned or not, defaults to signed
   * @ returns The corresponding Long value
   */
  static fromBigInt(value: bigint, unsigned?: boolean): Long;
  /** Converts the Long to a BigInt (arbitrary precision). */
  toBigInt(): bigint;
  // ...
}

    It is important to note that BigInt supports arbitrary precision values while Long’s are clamped to maximum and minimum 64-bit integer values.
    We do have an investigation into supporting BigInt directly as well as helpers for Decimal128 interop but for now this is a great stepping stone to get started using BigInt in your code today!

    FNV1A Hashing Removed

    A previous iteration of the ObjectId class utilized a Fowler–Noll–Vo hash function to generate a portion of the Id created on the client side.
    This had been unused for sometime and here we were able to remove this code improving bundle sizes but without any breaking changes.

    Documentation

    We invite you to try the bson library immediately, and report any issues to the NODE project.
    Thanks very much to all the community members who contributed to this release!

    Release Notes

    Epic

    Bug

    • [NODE-2240] - Following the "Browser (no bundling)" in the README leads to missing "global"
    • [NODE-2712] - Incorrect imports in ESM bundle
    • [NODE-2769] - Long integers serialize as doubles
    • [NODE-2770] - Fix crc32 function caching​

    Improvement

    • [NODE-1738] - Remove fnv1a from ObjectId
    • [NODE-2529] - Add support for BigInt
    • [NODE-2805] - Support parsing $uuid as extended JSON representation for subtype 4 binary
  • 4.1.0 - 2020-08-10

    chore(release): 4.1.0

  • 4.0.4 - 2020-03-26

    The MongoDB Node.js team is pleased to announce version 4.0.4 of the bson module!

    This patch release fixes a regression introduced in v2 of the module, preventing round tripping of the deprecated BSON symbol type. We don't expect any users are actually using this value, but it is something used in internal testing of the driver and as such was deemed high priority to fix.

    Release Notes

    Bug

    • [NODE-2518] - BSON loses type information when automatically upgrading symbols to strings
  • 4.0.3 - 2020-01-09

    chore(release): 4.0.3

  • 4.0.2 - 2019-03-08
  • 4.0.1 - 2018-12-06
from bson GitHub release notes
Commit messages
Package name: bson
  • b707f65 chore(release): 4.2.2
  • 2d9a8e6 fix: remove tslib usage and fix Long method alias (#415)
  • e5f0d7c chore(release): 4.2.1
  • 12169dc chore: make Long aliases into methods (#414)
  • 5167be2 fix: backwards compatibility with older BSON package versions (#411)
  • 50e4529 chore: expand inspect support of BSON types (#413)
  • a585a0c fix: make inspect method for ObjectId work (#412)
  • 203402f fix: Downlevel type definitions (#410)
  • 2df6b42 fix: remove stringify overloads
  • d685aa5 chore(release): 4.2.0
  • ace8647 fix: Correct API Extractor config to omit definition file from dist (#407)
  • 3752fdc docs: Add release tags and export symbols from entry point (#405)
  • b1b2a0e feat: add extended json parsing for $uuid
  • a48676b fix: Rework rollup config to output named and default exports (#404)
  • 43ff12e refactor: Remove util dependency (#402)
  • 5f0c8f2 refactor: Removes dead code paths from number serialization (#399)
  • 2dd54e5 fix: Throw on BigInt type values (#397)
  • b95f059 refactor: Remove unused FNV-1a hash function (#398)
  • 7f5f1a3 fix: adds interfaces for EJSON objects
  • f55eeed refactor: Consolidate code based on Buffer Presence (#394)
  • 992e2e0 fix: coverage
  • ea83bf5 fix: deprecate cacheFunctionsCrc32
  • c18ba71 fix: type issues with SerializeOptions and Long methods accepting Timestamp
  • ae9ae2d feat: Improve TS Typings (#389)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

👩‍💻 Set who automatically gets assigned

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot