-
Notifications
You must be signed in to change notification settings - Fork 253
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(NODE-4932): remove .0 suffix from double extended json values #553
Conversation
The hex strings and stringified doubles are generated by nodejs (using buffer.writeDoubleBE)
The tests can be run by putting the following into a file and redirecting it into jshell $ jshell < ./double_test.jsh Updated: Jan 9th 2pm EST with new tests from double_test.js JShell testsimport java.nio.ByteBuffer;
void assertEquals(String a, String b) throws Exception {
if (!a.equals(b)) {
throw new Exception(a + "does not equal" + b);
}
}
char[] HEX_ARRAY = "0123456789ABCDEF".toCharArray();
String bytesToHex(byte[] bytes) {
char[] hexChars = new char[bytes.length * 2];
for (int j = 0; j < bytes.length; j++) {
int v = bytes[j] & 0xFF;
hexChars[j * 2] = HEX_ARRAY[v >>> 4];
hexChars[j * 2 + 1] = HEX_ARRAY[v & 0x0F];
}
return new String(hexChars);
}
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("0.0" ) ).array() ) , "0000000000000000")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("-0.0" ) ).array() ) , "8000000000000000")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("-0.0" ) ).array() ) , "8000000000000000")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("3.0" ) ).array() ) , "4008000000000000")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("-3.0" ) ).array() ) , "C008000000000000")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("3.4" ) ).array() ) , "400B333333333333")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("2.220446049250313e-16" ) ).array() ) , "3CB0000000000000")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("123450000000.0" ) ).array() ) , "423CBE3182800000")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("1234.5" ) ).array() ) , "40934A0000000000")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("-1234.5" ) ).array() ) , "C0934A0000000000")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("Infinity" ) ).array() ) , "7FF0000000000000")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("-Infinity" ) ).array() ) , "FFF0000000000000")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("NaN" ) ).array() ) , "7FF8000000000000")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("1.7976931348623157e+308" ) ).array() ) , "7FEFFFFFFFFFFFFF")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("5e-324" ) ).array() ) , "0000000000000001")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("-1.7976931348623157e+308") ).array() ) , "FFEFFFFFFFFFFFFF")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("-5e-324" ) ).array() ) , "8000000000000001")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("2.2250738585072014e-308" ) ).array() ) , "0010000000000000")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("2.225073858507201e-308" ) ).array() ) , "000FFFFFFFFFFFFF")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("5e-324" ) ).array() ) , "0000000000000001")
assertEquals( bytesToHex( ByteBuffer.allocate(8).putDouble( Double.valueOf("1000000000000000128.0" ) ).array() ) , "43ABC16D674EC801")
/exit |
test/node/double_tests.js
Outdated
{ input: new Double(Infinity), output: { $numberDouble: 'Infinity' } }, | ||
{ input: new Double(-Infinity), output: { $numberDouble: '-Infinity' } }, | ||
{ input: new Double(NaN), output: { $numberDouble: 'NaN' } } | ||
{ input: 0, output: { $numberDouble: '0.0' } }, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
there's a lot of test cases here now, I think it's worthwhile to add descriptions? The context
field could be used in the first it
block to provide more meaningful test output.
{ input: 0, output: { $numberDouble: '0.0' } }, | |
{ input: 0, output: { $numberDouble: '0.0' }, context: 'positive zero' }, |
I'd like this change because it's not clear why each test is necessary.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
added titles
test/node/double_tests.js
Outdated
// Note: calling toString on this integer returns 1000000000000000100, so toFixed is more precise | ||
input: '1000000000000000128', | ||
output: { $numberDouble: '1000000000000000128.0' } | ||
} | ||
]; | ||
|
||
for (const test of tests) { | ||
const input = test.input; | ||
const output = test.output; | ||
const title = `returns ${inspect(output)} when Double is ${input}`; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
a context block around both tests here would make the output of the tests a lot more understandable
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure, with what differentiating information? (Is this still relevant with the added titles?)
test/node/double_tests.js
Outdated
{ input: new Double(NaN), output: { $numberDouble: 'NaN' } } | ||
{ input: 0, output: { $numberDouble: '0.0' } }, | ||
{ input: -0, output: { $numberDouble: '-0.0' } }, | ||
{ input: '-0.0', output: { $numberDouble: '-0.0' } }, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What value does this test provide?
The constructor of Double
only supports numbers ( according to Typescript ).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not true according to runtime, we do support string inputs, should we make that fix here or in another ticket?
As for the test I was just ensuring the decimal point (.0) doesn't break things here.
test/node/double_tests.js
Outdated
{ | ||
// https://262.ecma-international.org/13.0/#sec-number.prototype.tofixed | ||
// Note: calling toString on this integer returns 1000000000000000100, so toFixed is more precise | ||
input: '1000000000000000128', | ||
output: { $numberDouble: '1000000000000000128.0' } | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
while this is interesting, I'm not sure this provides any additional value. We already have tests that show that both positive and negative integer numbers serialize to numbers with a decimal.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is an integer that's beyond the precision that an 8 byte float can hold (hence why toString loses the 28), it confirms that we still output a string that preserves it if that was the input. (Basically, asserts that toFixed is being used for ints).
if (!Number.isNaN(inputAsDouble.value)) { | ||
expect(Number(inputAsDouble.toExtendedJSON({ relaxed: false }).$numberDouble)).to.equal( | ||
inputAsDouble.value | ||
); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm confused why the if-block and second assertion are necessary. We should already be checking for numeric equality of $numberDouble
in the preceding line (expect(..).to.deep.equal(..)
).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not exactly, the $numberDouble
property is a string. This check converts it back to a number and checks that the string conversion did not loose the original value (within JavaScript).
test/node/double_tests.js
Outdated
} | ||
}); | ||
|
||
it(`input ${typeof input}: ${input} creates the same bytes after stringification`, () => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
iiuc, the important aspect of this test is that the value of the double is preserved through ejson stringification. we just happen to test this by asserting that the byte representations are equal. Right?
If so, I propose we adjust the title to reflect what we're actually testing, and add a comment explaining that we determine that we're comparing bytes to assert that no loss of precision occurs.
it(`input ${typeof input}: ${input} creates the same bytes after stringification`, () => { | |
it(`preserves the precision of the number after stringification`, () => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Precision is related but more so that the string is acting as a correct data transfer format, we want to know that the same bytes can be reconstructed from the generated string, sometimes the string changes "4.9406564584124654e-324" -> "5e-324" but both represent the same ieee754 double bytes.
test/node/bson_corpus.spec.test.js
Outdated
@@ -165,6 +165,11 @@ describe('BSON Corpus', function () { | |||
describe('valid-extjson', function () { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it's unclear to me why the changes in this file are necessary. reverting to what's currently in main
doesn't make any tests fail. could you explain why we're modifying the test runner?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
With toFixed(1) reintroduced we don't need to skip the multi-type test anymore, I put that back, but it is senitive to changes in string format as opposed to value equivalence.
The changes here are meant to raise issue in the future if there's a change to the output format that would break round tripping the string into a numeric value for all doubles. Since the if stmt on main filtered only for the '1.2345678921232E+18'
case we did not need the extra handling for the NaN and -0 cases. The second section which tests round tripping through BSON needs to handle the cases where EJSON automatically converts values to int/long/double based on size and fraction.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
from discussion - we'll clean up the tests in a follow up PR but for the purposes of the fix we won't worry about test cleanup
<h3>Snyk has created this PR to upgrade bson from 4.7.1 to 4.7.2.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/> - The recommended version is **1 version** ahead of your current version. - The recommended version was released **21 days ago**, on 2023-01-10. <details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>bson</b></summary> <ul> <li> <b>4.7.2</b> - <a href="https://snyk.io/redirect/github/mongodb/js-bson/releases/tag/v4.7.2">2023-01-10</a></br><p>The MongoDB Node.js team is pleased to announce version v4.7.2 of the bson package!</p> <h3>Bug Fixes</h3> <ul> <li><strong><a class="issue-link js-issue-link notranslate" rel="noopener noreferrer nofollow" href="https://jira.mongodb.org/browse/NODE-4932">NODE-4932</a>:</strong> remove .0 suffix from double extended json values (<a href="https://snyk.io/redirect/github/mongodb/js-bson/issues/553" data-hovercard-type="pull_request" data-hovercard-url="/mongodb/js-bson/pull/553/hovercard">#553</a>) (<a href="https://snyk.io/redirect/github/mongodb/js-bson/commit/a298d22173e7e07789d86051f95f76153f29e10a">a298d22</a>)</li> </ul> <h2>Documentation</h2> <ul> <li>API: <a href="https://snyk.io/redirect/github/mongodb/js-bson#readme">https://github.com/mongodb/js-bson#readme</a></li> <li>Changelog: <a href="https://snyk.io/redirect/github/mongodb/js-bson/blob/4.0/HISTORY.md#change-log">https://github.com/mongodb/js-bson/blob/4.0/HISTORY.md#change-log</a></li> </ul> <p>We invite you to try the bson library immediately, and report any issues to the <a href="https://jira.mongodb.org/projects/NODE" rel="nofollow">NODE project</a>.</p> </li> <li> <b>4.7.1</b> - <a href="https://snyk.io/redirect/github/mongodb/js-bson/releases/tag/v4.7.1">2023-01-05</a></br><p>The MongoDB Node.js team is pleased to announce version v4.7.1 of the bson package!</p> <h3>Bug Fixes</h3> <ul> <li><strong><a class="issue-link js-issue-link notranslate" rel="noopener noreferrer nofollow" href="https://jira.mongodb.org/browse/NODE-4905">NODE-4905</a>:</strong> double precision accuracy in canonical EJSON (<a href="https://snyk.io/redirect/github/mongodb/js-bson/issues/549" data-hovercard-type="pull_request" data-hovercard-url="/mongodb/js-bson/pull/549/hovercard">#549</a>) (<a href="https://snyk.io/redirect/github/mongodb/js-bson/commit/d86bd52661e7f5d26479f6b63acac7950f505d69">d86bd52</a>)</li> </ul> <h2>Documentation</h2> <ul> <li>API: <a href="https://snyk.io/redirect/github/mongodb/js-bson#readme">https://github.com/mongodb/js-bson#readme</a></li> <li>Changelog: <a href="https://snyk.io/redirect/github/mongodb/js-bson/blob/4.0/HISTORY.md#change-log">https://github.com/mongodb/js-bson/blob/4.0/HISTORY.md#change-log</a></li> </ul> <p>We invite you to try the bson library immediately, and report any issues to the <a href="https://jira.mongodb.org/projects/NODE" rel="nofollow">NODE project</a>.</p> </li> </ul> from <a href="https://snyk.io/redirect/github/mongodb/js-bson/releases">bson GitHub release notes</a> </details> </details> <details> <summary><b>Commit messages</b></summary> </br> <details> <summary>Package name: <b>bson</b></summary> <ul> <li><a href="https://snyk.io/redirect/github/mongodb/js-bson/commit/c3fc5dfa2ebc399a4bf7e80210405f86a360f642">c3fc5df</a> chore(release): 4.7.2</li> <li><a href="https://snyk.io/redirect/github/mongodb/js-bson/commit/a298d22173e7e07789d86051f95f76153f29e10a">a298d22</a> fix(NODE-4932): remove .0 suffix from double extended json values (#553)</li> </ul> <a href="https://snyk.io/redirect/github/mongodb/js-bson/compare/5465c33b356ceaed05c1759007acdf3ab077ee33...c3fc5dfa2ebc399a4bf7e80210405f86a360f642">Compare</a> </details> </details> <hr/> **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI2NzRhMWMwYS0wY2ZjLTQ0YzYtYmJkZS0xNTgwYjM4MzM4ZDYiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjY3NGExYzBhLTBjZmMtNDRjNi1iYmRlLTE1ODBiMzgzMzhkNiJ9fQ==" width="0" height="0"/> 🧐 [View latest project report](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?pkg=bson&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades) <!--- (snyk:metadata:{"prId":"674a1c0a-0cfc-44c6-bbde-1580b38338d6","prPublicId":"674a1c0a-0cfc-44c6-bbde-1580b38338d6","dependencies":[{"name":"bson","from":"4.7.1","to":"4.7.2"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"852e6e4f-be96-45c8-b370-1060f5ebee55","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2023-01-10T20:47:50.442Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]}) ---> --------- Co-authored-by: snyk-bot <snyk-bot@snyk.io>
<h3>Snyk has created this PR to upgrade bson from 4.7.1 to 4.7.2.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/> - The recommended version is **1 version** ahead of your current version. - The recommended version was released **21 days ago**, on 2023-01-10. <details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>bson</b></summary> <ul> <li> <b>4.7.2</b> - <a href="https://snyk.io/redirect/github/mongodb/js-bson/releases/tag/v4.7.2">2023-01-10</a></br><p>The MongoDB Node.js team is pleased to announce version v4.7.2 of the bson package!</p> <h3>Bug Fixes</h3> <ul> <li><strong><a class="issue-link js-issue-link notranslate" rel="noopener noreferrer nofollow" href="https://jira.mongodb.org/browse/NODE-4932">NODE-4932</a>:</strong> remove .0 suffix from double extended json values (<a href="https://snyk.io/redirect/github/mongodb/js-bson/issues/553" data-hovercard-type="pull_request" data-hovercard-url="/mongodb/js-bson/pull/553/hovercard">mongodb#553</a>) (<a href="https://snyk.io/redirect/github/mongodb/js-bson/commit/a298d22173e7e07789d86051f95f76153f29e10a">a298d22</a>)</li> </ul> <h2>Documentation</h2> <ul> <li>API: <a href="https://snyk.io/redirect/github/mongodb/js-bson#readme">https://github.com/mongodb/js-bson#readme</a></li> <li>Changelog: <a href="https://snyk.io/redirect/github/mongodb/js-bson/blob/4.0/HISTORY.md#change-log">https://github.com/mongodb/js-bson/blob/4.0/HISTORY.md#change-log</a></li> </ul> <p>We invite you to try the bson library immediately, and report any issues to the <a href="https://jira.mongodb.org/projects/NODE" rel="nofollow">NODE project</a>.</p> </li> <li> <b>4.7.1</b> - <a href="https://snyk.io/redirect/github/mongodb/js-bson/releases/tag/v4.7.1">2023-01-05</a></br><p>The MongoDB Node.js team is pleased to announce version v4.7.1 of the bson package!</p> <h3>Bug Fixes</h3> <ul> <li><strong><a class="issue-link js-issue-link notranslate" rel="noopener noreferrer nofollow" href="https://jira.mongodb.org/browse/NODE-4905">NODE-4905</a>:</strong> double precision accuracy in canonical EJSON (<a href="https://snyk.io/redirect/github/mongodb/js-bson/issues/549" data-hovercard-type="pull_request" data-hovercard-url="/mongodb/js-bson/pull/549/hovercard">mongodb#549</a>) (<a href="https://snyk.io/redirect/github/mongodb/js-bson/commit/d86bd52661e7f5d26479f6b63acac7950f505d69">d86bd52</a>)</li> </ul> <h2>Documentation</h2> <ul> <li>API: <a href="https://snyk.io/redirect/github/mongodb/js-bson#readme">https://github.com/mongodb/js-bson#readme</a></li> <li>Changelog: <a href="https://snyk.io/redirect/github/mongodb/js-bson/blob/4.0/HISTORY.md#change-log">https://github.com/mongodb/js-bson/blob/4.0/HISTORY.md#change-log</a></li> </ul> <p>We invite you to try the bson library immediately, and report any issues to the <a href="https://jira.mongodb.org/projects/NODE" rel="nofollow">NODE project</a>.</p> </li> </ul> from <a href="https://snyk.io/redirect/github/mongodb/js-bson/releases">bson GitHub release notes</a> </details> </details> <details> <summary><b>Commit messages</b></summary> </br> <details> <summary>Package name: <b>bson</b></summary> <ul> <li><a href="https://snyk.io/redirect/github/mongodb/js-bson/commit/c3fc5dfa2ebc399a4bf7e80210405f86a360f642">c3fc5df</a> chore(release): 4.7.2</li> <li><a href="https://snyk.io/redirect/github/mongodb/js-bson/commit/a298d22173e7e07789d86051f95f76153f29e10a">a298d22</a> fix(NODE-4932): remove .0 suffix from double extended json values (mongodb#553)</li> </ul> <a href="https://snyk.io/redirect/github/mongodb/js-bson/compare/5465c33b356ceaed05c1759007acdf3ab077ee33...c3fc5dfa2ebc399a4bf7e80210405f86a360f642">Compare</a> </details> </details> <hr/> **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI2NzRhMWMwYS0wY2ZjLTQ0YzYtYmJkZS0xNTgwYjM4MzM4ZDYiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjY3NGExYzBhLTBjZmMtNDRjNi1iYmRlLTE1ODBiMzgzMzhkNiJ9fQ==" width="0" height="0"/> 🧐 [View latest project report](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?pkg=bson&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades) <!--- (snyk:metadata:{"prId":"674a1c0a-0cfc-44c6-bbde-1580b38338d6","prPublicId":"674a1c0a-0cfc-44c6-bbde-1580b38338d6","dependencies":[{"name":"bson","from":"4.7.1","to":"4.7.2"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"852e6e4f-be96-45c8-b370-1060f5ebee55","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2023-01-10T20:47:50.442Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]}) ---> --------- Co-authored-by: snyk-bot <snyk-bot@snyk.io>
<h3>Snyk has created this PR to upgrade bson from 4.7.1 to 4.7.2.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/> - The recommended version is **1 version** ahead of your current version. - The recommended version was released **21 days ago**, on 2023-01-10. <details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>bson</b></summary> <ul> <li> <b>4.7.2</b> - <a href="https://snyk.io/redirect/github/mongodb/js-bson/releases/tag/v4.7.2">2023-01-10</a></br><p>The MongoDB Node.js team is pleased to announce version v4.7.2 of the bson package!</p> <h3>Bug Fixes</h3> <ul> <li><strong><a class="issue-link js-issue-link notranslate" rel="noopener noreferrer nofollow" href="https://jira.mongodb.org/browse/NODE-4932">NODE-4932</a>:</strong> remove .0 suffix from double extended json values (<a href="https://snyk.io/redirect/github/mongodb/js-bson/issues/553" data-hovercard-type="pull_request" data-hovercard-url="/mongodb/js-bson/pull/553/hovercard">mongodb#553</a>) (<a href="https://snyk.io/redirect/github/mongodb/js-bson/commit/a298d22173e7e07789d86051f95f76153f29e10a">a298d22</a>)</li> </ul> <h2>Documentation</h2> <ul> <li>API: <a href="https://snyk.io/redirect/github/mongodb/js-bson#readme">https://github.com/mongodb/js-bson#readme</a></li> <li>Changelog: <a href="https://snyk.io/redirect/github/mongodb/js-bson/blob/4.0/HISTORY.md#change-log">https://github.com/mongodb/js-bson/blob/4.0/HISTORY.md#change-log</a></li> </ul> <p>We invite you to try the bson library immediately, and report any issues to the <a href="https://jira.mongodb.org/projects/NODE" rel="nofollow">NODE project</a>.</p> </li> <li> <b>4.7.1</b> - <a href="https://snyk.io/redirect/github/mongodb/js-bson/releases/tag/v4.7.1">2023-01-05</a></br><p>The MongoDB Node.js team is pleased to announce version v4.7.1 of the bson package!</p> <h3>Bug Fixes</h3> <ul> <li><strong><a class="issue-link js-issue-link notranslate" rel="noopener noreferrer nofollow" href="https://jira.mongodb.org/browse/NODE-4905">NODE-4905</a>:</strong> double precision accuracy in canonical EJSON (<a href="https://snyk.io/redirect/github/mongodb/js-bson/issues/549" data-hovercard-type="pull_request" data-hovercard-url="/mongodb/js-bson/pull/549/hovercard">mongodb#549</a>) (<a href="https://snyk.io/redirect/github/mongodb/js-bson/commit/d86bd52661e7f5d26479f6b63acac7950f505d69">d86bd52</a>)</li> </ul> <h2>Documentation</h2> <ul> <li>API: <a href="https://snyk.io/redirect/github/mongodb/js-bson#readme">https://github.com/mongodb/js-bson#readme</a></li> <li>Changelog: <a href="https://snyk.io/redirect/github/mongodb/js-bson/blob/4.0/HISTORY.md#change-log">https://github.com/mongodb/js-bson/blob/4.0/HISTORY.md#change-log</a></li> </ul> <p>We invite you to try the bson library immediately, and report any issues to the <a href="https://jira.mongodb.org/projects/NODE" rel="nofollow">NODE project</a>.</p> </li> </ul> from <a href="https://snyk.io/redirect/github/mongodb/js-bson/releases">bson GitHub release notes</a> </details> </details> <details> <summary><b>Commit messages</b></summary> </br> <details> <summary>Package name: <b>bson</b></summary> <ul> <li><a href="https://snyk.io/redirect/github/mongodb/js-bson/commit/c3fc5dfa2ebc399a4bf7e80210405f86a360f642">c3fc5df</a> chore(release): 4.7.2</li> <li><a href="https://snyk.io/redirect/github/mongodb/js-bson/commit/a298d22173e7e07789d86051f95f76153f29e10a">a298d22</a> fix(NODE-4932): remove .0 suffix from double extended json values (mongodb#553)</li> </ul> <a href="https://snyk.io/redirect/github/mongodb/js-bson/compare/5465c33b356ceaed05c1759007acdf3ab077ee33...c3fc5dfa2ebc399a4bf7e80210405f86a360f642">Compare</a> </details> </details> <hr/> **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI2NzRhMWMwYS0wY2ZjLTQ0YzYtYmJkZS0xNTgwYjM4MzM4ZDYiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjY3NGExYzBhLTBjZmMtNDRjNi1iYmRlLTE1ODBiMzgzMzhkNiJ9fQ==" width="0" height="0"/> 🧐 [View latest project report](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?pkg=bson&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades) <!--- (snyk:metadata:{"prId":"674a1c0a-0cfc-44c6-bbde-1580b38338d6","prPublicId":"674a1c0a-0cfc-44c6-bbde-1580b38338d6","dependencies":[{"name":"bson","from":"4.7.1","to":"4.7.2"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"852e6e4f-be96-45c8-b370-1060f5ebee55","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2023-01-10T20:47:50.442Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]}) ---> --------- Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Description
What is changing?
Removes the logic for integer-like doubles
What is the motivation for this change?
Fixes an output incompatibility with other languages
Double check the following
npm run lint
script<type>(NODE-xxxx)<!>: <description>