refactor: upgrade mongodb from 3.6.11 to 4.1.1

[snyk-bot]

Snyk has created this PR to upgrade mongodb from 3.6.11 to 4.1.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 14 versions ahead of your current version.
• The recommended version was released a month ago, on 2021-08-24.

Release notes

Package name: mongodb

• 4.1.1 - 2021-08-24
  

  The MongoDB Node.js team is pleased to announce version 4.1.1 of the mongodb package!

  Release Highlights

  Error handling

  We introduced better organization and consistency to our existing errors in an effort to provide more detailed error types that can help identify issues clearly and quickly. Our readme has a new section that describes how to handle errors thrown by the driver and defines our approach to semver in the context of errors. Notably, we recommend only using instanceof checks to filter for a given error class as we do not guarantee error messages or names will be preserved between patch releases, only the subclass hierarchy.

  Thanks so much to our summer interns @ andymina and @ W-A-James for undertaking this effort!

  Notable fixes

  • This version of the driver brings in the latest BSON release which includes deserialization performance improvements.
  • The snappy package recently released a major version bump (v7) that makes use of a rust implementation of Snappy compression. Our driver can now make use of this version (while maintaining compatibility with the previous v6).
  • findOne() once again correctly returns null when no match is found instead of undefined. This change was unintentional and not consistent with our other APIs. It slipped through testing due to the nature of undefined and null being nearly (==) but not actually (===) equal. We apologize if this results in the need for any code changes.

  This release also addresses some Typescript issues that require further explanation, let's dive in:

  TypeScript support

  Projections

  Starting in MongoDB 4.4 projections can accept aggregation expressions and aggregation syntax.
  This empowers users to create some pretty amazing and complex data model transformations on the database side.
  Unfortunately, our initial release of typescript typing for projections was too narrow to allow these use cases and still pass the compiler checks.
  Now projections are generic objects and the result of a cursor with a projection is typed as a generic object by default.

  The recommended usage for projections alongside typescript is as follows:

  interface Pet {
  name: string;
  buddies: Pet[];
  }
  interface PetBuddyCount {
  name: string;
  buddyCount: number;
  }

  const pets = db.collection<Pet>('pets');

  const petBuddyCounts = await pets.find().project<PetBuddyCount>({
  name: 1,
  buddyCount: { $size: '$buddies' },
  }).toArray();

  By using a parameterized .project call you can now get the correct type information on the petBuddyCounts array.
  You will need to build the projection type yourself based on the projection you define for your query, but this has the benefit of constraining your results to precisely your type expectations.

  Generics in find/findOne

  In our initial typescript release the find and findOne methods accepted a generic parameter that was passed to the filter argument of the API.

  find<T>(f: Filter<T>): FindCursor<T>

  Due to how typescript automatically resolves the types of generics, one could run into an issue when specifying a filter that was incorrectly typed.
  The code below should be a Typescript error, TS hints to us the name is a string so it should only allow an array of string for $in.

  // (using the same pets collection from the last example)
  pets.find({ name: { $in: [1, 2] } });
  // instead of the expected FindCursor<Pet> type TS was resolving to:
  const res: FindCursor<{name: {$in: number[]}}> = pets.find(/* same arg as above */);

  It uses the incorrectly typed filter that does not match the schema of Filter<TSchema> to automatically resolve a crazy return type.
  The function definition has now been updated to be:

  find<T>(f: Filter<TSchema>): FindCursor<T>

  So the Filter argument will no longer be automatically resolved to the passed in type, giving us the typescript compiler errors we love so much!

  Bug Fixes

  • NODE-3454: projection types are too narrow (#2924) (48d6da9)
  • NODE-3468: remove generic overrides from find (#2935) (74bd7bd)
  • NODE-3511: deprecate fullResponse and remove associated buggy code paths (#2943) (dfc39d1)
  • NODE-3528: add support for snappy 7 (#2939) (0f7f300)
  • NODE-3546: revert findOne not found result type to null (#2945) (1c576e9)

  Refactoring

  • NODE-3404 implement MongoRuntimeError children (#2912) (e69d99257)
  • NODE-3405 implement MongoRuntimeError children (#2913) (e69d99257)

  Documentation

  • Reference: https://docs.mongodb.com/drivers/node
  • API: https://mongodb.github.io/node-mongodb-native/4.0
  • Changelog: https://github.com/mongodb/node-mongodb-native/blob/4.1/HISTORY.md

  We invite you to try the mongodb library immediately, and report any issues to the NODE project.

• 4.1.0 - 2021-08-03
  

  The MongoDB Node.js team is pleased to announce version 4.1.0 of the mongodb package!

  Release Highlights

  This release includes load balancer support, intended for use with the beta Serverless platform. When using the driver with Serverless, the SRV URI will automatically put the driver into this mode. When wanting to use a non-SRV URI one must add the loadBalanced=true option to the URI to put the driver into this mode. Being in this mode enables the driver to properly route transactions and cursors to the correct service behind the load balancer.

  The release also fixes an important bug where the original release of the v4 driver enabled command monitoring by default, which caused many reported observations of performance degradation when upgrading from v3 of the driver. Command monitoring is now once again disabled by default and must be enabled by passing in { monitorCommands: true } to the client if desired.

  Features

  • NODE-2843: implement sessions advanceClusterTime method (#2920) (1fd0244)
  • NODE-3011: Load Balancer Support (#2909) (c554a7a)

  Bug Fixes

  • NODE-2883: Aggregate Operation should not require parent parameter (#2918) (dc6e2d6)
  • NODE-3058: accept null or undefined anywhere we permit nullish values (#2921) (b42a1b4)
  • NODE-3441: fix typings for createIndexes (#2915) (f87f376)
  • NODE-3442: AsyncIterator has incorrect return type (#2916) (4a10389)
  • NODE-3452: readonly filters not permitted by typings (#2927) (ce51e78)
  • NODE-3510: omit incorrect | void in declaration of Promise overload of rename() (#2922) (58c1e84)
  • NODE-3513: default command monitoring to off (#2926) (3c60245)

  Documentation

  • Reference: https://docs.mongodb.com/drivers/node
  • API: https://mongodb.github.io/node-mongodb-native/4.0
  • Changelog: https://github.com/mongodb/node-mongodb-native/blob/4.0/HISTORY.md

  We invite you to try the mongodb library immediately, and report any issues to the NODE project.

• 4.0.1 - 2021-07-20
  

  The MongoDB Node.js team is pleased to announce version 4.0.1 of the mongodb package!

  Release Highlights

  This release fixes two small but important bugs from our 4.0.0 release:

  • Webpack will no longer throw an error when trying to bundle the driver
  • Snapshot sessions will now correctly apply the snapshot time when initiated with a distinct operation

  We hope this improves your upgrade experience!

  Bug Fixes

  • NODE-3199: unable to bundle driver due to uncaught require (#2904) (9e48bbd)
  • NODE-3393: snapshot time not applied if distinct executed first (#2908) (7aa3008)
  • NODE-3417: allow calling db() before MongoClient is connected (#2889) (51ea86d)

  Documentation

  • Reference: https://docs.mongodb.com/drivers/node
  • API: https://mongodb.github.io/node-mongodb-native/4.0
  • Changelog: https://github.com/mongodb/node-mongodb-native/blob/4.0/HISTORY.md

  We invite you to try the mongodb library immediately, and report any issues to the NODE project.

• 4.0.0 - 2021-07-13
  Read more
• 4.0.0-beta.6 - 2021-07-01
  Read more
• 4.0.0-beta.5 - 2021-05-26
  Read more
• 4.0.0-beta.4 - 2021-05-18
• 4.0.0-beta.3 - 2021-04-06
• 4.0.0-beta.2 - 2021-03-16
• 4.0.0-beta.1 - 2021-02-02
• 4.0.0-beta.0 - 2021-01-19
• 3.7.1 - 2021-09-14
• 3.7.0 - 2021-08-31
• 3.6.12 - 2021-08-30
• 3.6.11 - 2021-08-05
  Read more

from mongodb GitHub release notes

Commit messages

Package name: mongodb

• cb7b8ed chore(release): 4.1.1
• 3cafc09 docs(NODE-3569): describe the error API based on instanceof check (Help Debugging main.js syntax issues after migration #2948)
• 1c576e9 fix(NODE-3546): revert findOne not found result type to null (Heroku Cloud Code Access #2945)
• 74bd7bd fix(NODE-3468): remove generic overrides from find (Adds ability to update a subscription #2935)
• 0dc9b45 docs: describe CRUD spec compliance (Feature request: Soft delete #2944)
• 0f7f300 fix(NODE-3528): add support for snappy 7 (afterDelete hook (on about to be deleted object) not being called from afterDelete hook? #2939)
• dfc39d1 fix(NODE-3511): deprecate fullResponse and remove associated buggy code paths (Experiencing a significant performance problem #2943)
• 8fc9ae1 refactor(NODE-3554): Prune MongoDriverError instances (Don't require all keys to be configured to enable key checks (#2816) #2941)
• 90f28fc docs(NODE-3509): Update error documentation (beforeSave and afterSave conflict #2938)
• 75c9e67 chore(NODE-3451): bump min bson version for performance fix (plz support save email faild on log in with Oath types #2942)
• b93300f test(NODE-3072): serverless testing (When do we migrate Parse files on S3? #2905)
• 2cdbc08 refactor(NODE-3337): unwrap WriteConcernError (Update request to version 2.76.0 🚀 #2932)
• ead5fa6 test(NODE-3468): Add tests for a strongly-typed Db (Suggestion: before/after get triggers #2937)
• fb0b27d refactor(NODE-3405): implement MongoRuntimeError children (use column value as comparison in query #2913)
• 7785e07 docs(NODE-3481): deprecate unref
• d6c201e test(NODE-3461): refactor lb manual to full test run (/GET /users/me triggers handler for /GET /users/:objectId as well #2933)
• e69d992 refactor(NODE-3404): implement MongoRuntimeError children (Try to retrieve schema from all schemas cache if not found in individual cache #2912)
• 12eec9a refactor(NODE-3519): remove force unpinning and simplify findOne (request.user is "undefined" in the "beforeSave" function in the Cloud code #2929)
• e588d21 test(NODE-3435): topology check for unified runner distinct hack (Push Notify WindownPhone #2931)
• 2467b82 docs(NODE-3492): Deprecate CloseCursorOptions (Update babel-core to version 6.18.0 🚀 #2925)
• 48d6da9 fix(NODE-3454): projection types are too narrow (Update babel-cli to version 6.18.0 🚀 #2924)
• 4ecaa37 chore(release): 4.1.0
• ce51e78 fix(NODE-3452): readonly filters not permitted by typings (Update babel-preset-es2015 to version 6.18.0 🚀 #2927)
• c554a7a feat(NODE-3011): Load Balancer Support (Parse Cloud Jobs #2909)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[parse-github-assistant]

Thanks for opening this pull request!

• ❌ Please edit your post and use the provided template when creating a new pull request. This helps everyone to understand your post better and asks for essential information to quicker review the pull request.

[codecov]

Codecov Report

Merging #7586 (2680bf9) into master (80bf578) will decrease coverage by 7.60%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master    #7586      +/-   ##
==========================================
- Coverage   93.98%   86.37%   -7.61%     
==========================================
  Files         181      181              
  Lines       13354    13354              
==========================================
- Hits        12551    11535    -1016     
- Misses        803     1819    +1016     

Impacted Files	Coverage Δ
src/Adapters/Storage/Mongo/MongoCollection.js	4.76% <0.00%> (-92.86%)	⬇️
src/Adapters/Storage/Mongo/MongoStorageAdapter.js	12.04% <0.00%> (-80.65%)	⬇️
src/Adapters/Cache/RedisCacheAdapter.js	12.28% <0.00%> (-75.44%)	⬇️
src/Adapters/Files/GridFSBucketAdapter.js	10.65% <0.00%> (-68.86%)	⬇️
...rc/Adapters/Storage/Mongo/MongoSchemaCollection.js	37.07% <0.00%> (-60.68%)	⬇️
src/Adapters/Storage/Mongo/MongoTransform.js	51.61% <0.00%> (-37.21%)	⬇️
src/Adapters/Files/GridStoreAdapter.js	13.04% <0.00%> (-33.34%)	⬇️
src/Routers/SessionsRouter.js	65.71% <0.00%> (-25.72%)	⬇️
src/GraphQL/transformers/mutation.js	68.47% <0.00%> (-25.00%)	⬇️
src/GraphQL/transformers/query.js	70.45% <0.00%> (-12.50%)	⬇️
... and 19 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 80bf578...2680bf9. Read the comment docs.

[mtrezza]

Closing, as upgrade was made via #7794.