The official MongoDB Node.js driver
APACHE-2.0 License
Bot releases are hidden (Show)
The MongoDB Node.js team is pleased to announce version 3.6.3 of the driver
MongoError: not master
when running createIndex
A regression introduced in v3.6.2 meant that createIndex
operations would not be executed with a fixed
primary read preference. This resulted in the driver selecting any server for the operation, which would
fail if a non-primary was selected.
The driver periodically monitors members of the replicaset for changes in the topology, but ensures that
the "monitoring thread" is never woken sooner than 500ms. Measuring this elapsed time depends on a
stable clock, which is not available to us in some virtualized environments like AWS Lambda. The result
was that periodically operations would think there were no available servers, and the driver would force
a wait of heartbeatFrequencyMS
(10s by default) before reaching out to servers again for a new
monitoring check. The internal async interval timer has been improved to account for these environments
A regression introduced in v3.6.0 forced the driver to reuse a single kerberos client for all
authentication attempts. This would result in incomplete authentication flows, and occaisionally even
a crash in the kerberos
module. The driver has been reverted to creating a kerberos client per
authentication attempt.
setImmediate
A change introduced in v3.6.1 switched all our usage of process.nextTick
in the connection pool with
setImmediate
per Node.js core recommendation. This was observed to introduce noticeable latency when the event loop
was experiencing pressure, so the change was reverted for this release pending further investigation.
package.json
for stricter package managers (pnpm, yarn2)Reference: http://mongodb.github.io/node-mongodb-native/3.6/
API: http://mongodb.github.io/node-mongodb-native/3.6/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md
We invite you to try the driver immediately, and report any issues to the NODE project.
Thanks very much to all the community members who contributed to this release!
The MongoDB Node.js team is pleased to announce version 3.6.2 of the driver
bl
dependency due to CVE-2020-8244See this link for more details: https://github.com/advisories/GHSA-pp7h-53gx-mx7r
The logic for processing the wait queue in our connection pool ran the risk of
starving the event loop. Calls to process the wait queue are now wrapped in a
setImmediate
to prevent starvation
Reference: http://mongodb.github.io/node-mongodb-native/3.6/
API: http://mongodb.github.io/node-mongodb-native/3.6/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md
We invite you to try the driver immediately, and report any issues to the NODE project.
Thanks very much to all the community members who contributed to this release!
The MongoDB Node.js team is pleased to announce version 3.5.11 of the driver
A bug in introducing the new CMAP Connection
prevented some users from properly
authenticating with the kerberos
module.
bl
dependency due to CVE-2020-8244See this link for more details: https://github.com/advisories/GHSA-pp7h-53gx-mx7r
Reference: http://mongodb.github.io/node-mongodb-native/3.5/
API: http://mongodb.github.io/node-mongodb-native/3.5/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.5/HISTORY.md
We invite you to try the driver immediately, and report any issues to the NODE project.
Thanks very much to all the community members who contributed to this release!
The MongoDB Node.js team is pleased to announce version 3.6.1 of the driver
A bug in introducing the new CMAP Connection
prevented some users from properly authenticating with the kerberos
module.
createIndex
The logic for building the createIndex
command was changed in v3.6.0 to use an allowlist rather than a blocklist, but omitted a number of index types in that list. This release reintroduces all supported index types to the allowlist.
createCollection
Since v3.6.0 createCollection
will no longer returned a cached Collection
instance if a collection already exists in the database, rather it will return a server error stating that the collection already exists. This is the same behavior provided by the strict
option for createCollection
, so that option has been removed from documentation.
Reference: http://mongodb.github.io/node-mongodb-native/3.6/
API: http://mongodb.github.io/node-mongodb-native/3.6/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md
We invite you to try the driver immediately, and report any issues to the NODE project.
Thanks very much to all the community members who contributed to this release!
The MongoDB Node.js team is pleased to announce version 3.6.0 of the driver
NOTE: This version begins our official support for MongoDB 4.4
MongoDB drivers maintain a local view of the topology they are connected to, and ensure the accuracy of that view by polling connected nodes on average every ~10s. In MongoDB 4.4, drivers are now able to receive push notifications about topology updates, effectively reducing the time for client recovery in failover scenarios to the time it takes for the server to make the election and report the outcome.
This feature is enabled by default when connecting to MongoDB 4.4, no changes are needed for user code.
The MONGODB-AWS authentication mechanism uses your Amazon Web Services Identity and Access Management (AWS IAM) credentials to authenticate users on MongoDB 4.4+. Please read more about this new authentication mechanism in our documentation.
There were two projects to transparently improve performance of authentication in MongoDB 4.4:
A driver can now include the first saslStart
command in its initial handshake with server. This so-called "speculative authentication" allows us to reduce one roundtrip to the server for authentication a connection. This feature is only support for X.509, SCRAM-SHA-1 and SCRAM-SHA-256 (default) authentication mechanisms.
The SCRAM conversation between driver and server can now skip one of it's empty exchanges which also serves to reduce the roundtrips during a SCRAM authentication.
Db.prototype.createCollection
The createCollection
helper used to internally run a listCollections
command in order to see if a collection already existed before running the command. If it determined a collection with the same name existed, it would skip running the command and return an instance of Collection
. This behavior was changed in v3.6.0 to avoid potentially serious bugs, specifically that the driver was not considering options passed into createCollection
as part of the collection equality check. Imagine the following scenario:
const client = new MongoClient('...');
await client.connect();
await client.db('foo').collection('bar').insert({ importantField: 'llamas' });
await client.db('foo').createCollection('bar', {
validator: { $jsonSchema: {
bsonType: 'object',
required: ['importantField'],
properties: { name: { bsonType: 'boolean' } }
}
});
The createCollection
call which defines a JSON schema validator would be completely bypassed because of the existence of bar
, which was implicitly created in the first command. Our policy is strictly adhere to semver, but in rare cases like this where we feel there is potential for a data corrupting bug, we make breaking behavioral changes to protect the user.
Reference: http://mongodb.github.io/node-mongodb-native/3.6/
API: http://mongodb.github.io/node-mongodb-native/3.6/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md
We invite you to try the driver immediately, and report any issues to the NODE project.
Thanks very much to all the community members who contributed to this release!
The MongoDB Node.js team is pleased to announce version 3.5.10 of the driver
NOTE: This will be the final release in the 3.5.x branch, please consider upgrading to 3.6.0
@adrian-gierakowski helped us identify a bug with our ChangeStreamCursor, specifically when the cursor
was complete it would not return a valid document but instead a null
value.
The server selection specification indicates that the "runCommand" helper should act
as a read operation for the purposes of server selection, and that it should use a default read
preference of "primary" which can only be overridden by the helper itself. The driver had a bug
where it would inherit the read preference from its "parent" type (Collection
, Db
, MongoClient
)
which is at odds with the specified behavior.
mongodb+srv
invalid IPv6 supportDue to a bug in how we referred to ipv6 addresses internal to the driver, if a mongodb+srv
connection string was provided with an ipv6 address the driver would never be able to connect
and would result in a the following error RangeError: Maximum call stack size exceeded
.
maxStalenessSeconds
not accepted when provided via optionsThere was a bug in our connection string and MongoClient
options parsing where a value provided
for maxStalenessSeconds
would not end up being reflected in the ReadPreference
used internal
to the driver.
MongoDB can provide no guarantees around unacknowledged writes when used within a session. The
driver will now silently remove the lsid
field from all writes issued with { w: 0 }
, and
will return an error in these situations in the upcoming 4.0 major release.
Reference: http://mongodb.github.io/node-mongodb-native/3.5/
API: http://mongodb.github.io/node-mongodb-native/3.5/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.5/HISTORY.md
We invite you to try the driver immediately, and report any issues to the NODE project.
Thanks very much to all the community members who contributed to this release!
The MongoDB Node.js team is pleased to announce version 3.5.9 of the driver
The default roundTripTime
of a ServerDescription
is -1, which means if that value is used we can potentially calculate a negative roundTripTime
. Instead, if no previous roundTripTime
exists, we use the duration of the initial handshake.
A number of new options were added when the CMAP compliant connection pool was introduced in 3.5.x. Unfortunately, these options were not documented properly. Now they are mentioned in the MongoClient
documentation, with a notice that they are only supported with the unified topology.
A fix in 3.5.8 which ensured proper filtering of servers during server selection exposed an issue in max staleness calculations when the topology type is ReplicaSetNoPrimary
and no servers are currently known. In order to estimate an upper bound of max staleness when there is no primary, the most stale known server is known to compare the others to - if there are no known servers, you can't reduce the array!
In certain very high load fail-over scenarios the driver is unable to reschedule a monitoring check in order to update its view of the topology for retryability. This would result in a high number of failed operations, as they were unable to determine a new viable server.
Reference: http://mongodb.github.io/node-mongodb-native/3.5/
API: http://mongodb.github.io/node-mongodb-native/3.5/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.5/HISTORY.md
We invite you to try the driver immediately, and report any issues to the NODE project.
Thanks very much to all the community members who contributed to this release!
The MongoDB Node.js team is pleased to announce version 3.5.8 of the driver
@adityapatadia helped uncover an issue with our server selection logic which
filtered out servers after evaluating whether they were in the latency window.
This meant that non-viable servers were considered during the window calculation
and would render certain viable servers unviable.
writeErrors
property
@vkarpov15 submitted a patch to always include writeErrors
on a BulkWriteError
.
We have logic to set the message
of BulkWriteError
to the message of the first
error encountered if there is only one error. Unfortunately, this logic removed
the writeErrors
field when doing that, so users could be faced with an error
which conditionally changed shape.
@dead-horse identified a memory leak in the new connection pool where wait queue
members which timed out might be left in the queue indefinitely under sufficient
load. The fix here was to ensure that all wait queue members are flushed during
wait queue processing before evaluating whether there were available sockets to
process new requests.
Once @dead-horse was able to patch the connection pool memory leak, they also
identified a edge case where implicit sessions could be leaked in a very specific
error condition. The logic to release implicit sessions was simplified, preventing
this from happening in the future
A bug introduced last summer prevented unordered bulk write operations from
continuing after the first write error - one of the most important features of
being an unordered operation. We now properly support this feature again.
journal
in connection string is ignored
@nknighter filed a report that the journal
option was ignored when provided
via the connection string. The paramater j
was supported both through the
connection string and explicit added to MongoClient
options, but the official
documentation for connection strings support a journal
option.
Reference: http://mongodb.github.io/node-mongodb-native/3.5/
API: http://mongodb.github.io/node-mongodb-native/3.5/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.5/HISTORY.md
We invite you to try the driver immediately, and report any issues to the NODE project.
Thanks very much to all the community members who contributed to this release!
The MongoDB Node.js team is pleased to announce version 3.5.7 of the driver
Work earlier this year left some dead code in our operations code, resulting in this warning message reported by multiple users. While we still have a few cycles in our codebase yet, this will quiet Node.js 14's circular dependency warnings.
Drivers use an implicit session for all operations where an explicit session is not provided. A subtle bug was introduced when session support was implemented where implicit sessions were created and assigned to operations even if they were about to sit in a queue waiting for execution. This results in the driver creating many sessions rather than reusing pooled ones. The fix is to ensure a session is only checked out of the pool when the operation is about to be written to a server.
Thanks very much to all the community members who contributed to this release!
The MongoDB Node.js team is pleased to announce version 3.5.6 of the driver
map
when cursor used as a stream@dobesv helped identify a regression where a map function would be applied twice
if defined on a cursor, and that cursor was used to stream data.
User @linus-hologram originally reported an issue with a TypeError when the lambda
passed to the withTransaction
helper rejected with a null
value. @vkarpov15
submitted the fix.
readPreferenceTags
interpreted as an arrayA bug was fixed where readPreferenceTags
with a single value in the connection
string was not properly interpreted as an array of tags. This prevented the
Use Analytics Nodes to Isolate Workload guidance from working
correctly.
User @sean-daley reported seeing this in an AWS Lambda environment, but has proven to
be somewhat of a heisenbug. We are rolling out a fix here that ensures sessions
(implicit or not) are not used after they have been explicitly ended.
Thanks very much to all the community members who contributed to this release!
The MongoDB Node.js team is pleased to announce version 3.5.5 of the driver
hasNext
when using a cursor with a limit@peterbroadhurst helped point out a regression introduced in v3.5.4 where using hasNext
on a cusor with a limit would not return the full set of results.
A change introduced across all MongoDB drivers, and in particular v3.5.0 of the Node.js
driver, attempted to prevent needless duplicate topologyDescriptionChanged
topology events
by introducing a ServerDescription
equality operator. Since equality does not take the
lastUpdateTime
and lastWriteDate
fields of an ismaster into account, the driver could
eventually consider servers non-suitable for server selection, since they would fall out
of the latency window.
All updates are considered viable for topology updates now, and only event emission is
gated by ServerDescription
equality.
The legacy topology types (in particular if you were connected to a replic set) used a
custom Timeout
class to wrap a timer. Unfortunately, the class depended on an undocumented,
private variable _called
, which was removed in Node.js v12. This would lead to the driver
thinking the timeout never occurred, and therefore never releasing the object for garbage
collection. We recommend users of the legacy topology types immediately update to this
version of the driver, or use the Unified Topology which is unaffected by this bug.
@erfanium and @Paic helped us identify an issue in rare failover events where multiple
requests to process the server selection queue would result in an attempted property
access of an undefined
variable.
promiseLibrary
not respected by newly introduced maybePromise
helper@tobyealden pointed out that an internal refactor to use a helper to optionally
return a Promise
for top level API methods was not, in fact, using a custom
promise library if one was provided!
Thanks very much to all the community members who contributed to this release!
The MongoDB Node.js team is pleased to announce version 3.5.4 of the driver
hasNext
when piping a cursorPierre Mallet and @Sintendo helped identify a regression with our cursors which did not
properly rewind a cursor when hasNext
was called before the cursor was piped.
A change introduced in v3.5.3 converted the server selection loop from a loop with timers
to a queue of callbacks. A subtle bug was introduced to the code to process the quere where
the upper bound of a for loop was using a dynamically decreasing length, leading to some
operations being ignored, and ultimately timing out. Many thanks to Frederic Maillasson,
@paulrobinson, and @adityapatadia for helping uncover this issue
User @millerick submitted a PR short circuiting the background task for ensuring a minimum
pool size if no minimum size was set.
The MongoDB Node.js team is pleased to announce version 3.5.3 of the driver
This patch release fixes one issue with command error handling during network errors, and one minor issue with multiple incoming wire messages not being properly processed.
The MongoDB Node.js team is pleased to announce version 3.5.2 of the driver
This patch release corrects a regression introduced in the 4.2 timeframe which would
effectively disable retryable operations for connection to MongoDB 4.2+. Additionally,
the server selection loop has been converted to a queue of callbacks to improve
readability, as well as performance in certain scenarios.
The MongoDB Node.js team is pleased to announce version 3.5.1 of the driver
This patch release fixes a few regressions introduced with new connection pool, primarily
around the ability to use custom TLS certificates.
The MongoDB Node.js team is pleased to announce version 3.5.0 of the driver
This release introduces a modern replacement for the driver's connection pool, available only with the
unified topology. A major effort was made in early 2019 to fully specifiy connection pools for MongoDB
drivers (see: CMAP specification), and this release brings the Node.js driver in line with that
specification.
The new pool supports monitoring for all aspects of its behavior. This allows deep introspection into
the operation of the connection pool, as well as an ability to profile the lifetime of an operation
when used in conjunction with command monitoring.
The Connection
class was completely rewritten for the new pool adopting a stream-first mentality. All
wire message processing and compression is handled in a duplex stream called the MessageStream
, and
that stream is connected bidirectionally to the underlaying TCP socket. The result is a connection which
gains the general benefit of streams: better performance, less memory pressure, backpressure support. It
also opens the possiblity of supporting non-TCP/UDP streams as a transport for the driver.
The new connection pool has a concept of a "wait queue", which allows operation requests to buffer waiting
for a connection to execute against. There is no timeout by default, but users can now specify a new value
waitQueueTimeoutMS
in their connection string or MongoClient
options to proactively cancel operations
that have waited too long.
Remember that the new connection pool is only available for the "Unified Topology", so remember to pass
useUnifiedTopology: true
to your MongoClient
constructor to use it!
Both the legacy and unified SDAM implementations have until now executed monitoring checks as priority
messages in the legacy Pool implementation. This means that monitoring (ismaster
) operations were
prioritized over other queued operations, but also means that monitoring could be indefinitely blocked,
in particular during failover or black hole scenarios. The default socket timeout is null
(read: Infinity),
so if the pool was completely saturated with operations, there may be no ability to execute a monitoring
check and determine that the connection to a server was no longer valid. This version of the driver
introduces a new Monitor
class which manages its own dedicated monitoring connection to each known
node.
In v3.3.0 of the driver we introduced a new MongoTimeoutError
for all errors covered by the server
selection loop, leading to a spike in bug reports with a title similar to Server selection timed out after 30000ms
.
Even though the error type itself had an attached reason
field, we still feel it was easy to miss why
the selection had failed. As a result we have introduced a new type MongoServerSelectionError
which
will use the originating error (reason
) for its message, better informing users what caused a
selection error, while still also conveying it is an error in server selection.
The MongoDB Node.js team is pleased to announce version 3.4.0 of the driver
The major functionality introduced in this release, and indeed the reason for the minor version bump, is full support for MongoDB's Client Side Field Level Encryption. The bulk of the support comes through an addon module mongodb-client-encryption, please refer to the reference documentation for more details.
This release also introduces a number of new connection string options related to TLS. In order to unify uri options across all MongoDB drivers, and to better signal the technology the driver is actually using, all ssl
related options now have a corresponding tls
variant. NOTE: your application will not break if you continue to use the ssl
variants, but deprecation warnings will be introduced prior to the 4.x driver release.
@adityapatadia initially pointed out that these tls
variants had no effect, now they do. Thank you @adityapatadia!
A critical bug was found by @ephemer with the recently introduced "mongos discovery", where a typo caused DNS polling to occur at very fast intervals.
Additionally, user @mpilar identified and fixed a bug with our mongodb+srv
parsing, where user-provided client options were not overriding those provided by a TXT record lookup.
Thank you very much @ephemer and @mpilar!
@adityapatadia also helped find a bug in the server selection code which rendered selection with a nearest
read preference non-functional. Thanks again @adityapatadia!
A small bug was fixed causing errors in an unordered bulk write to be reported in incorrect order. If an error occurs in a bulk write now, then it will show up in the writeErrors
field of the resulting BulkWriteError
with an index that corresponds to the position the operation had in the initial input.
The MongoDB Node.js team is pleased to announce version 3.3.5 of the driver
This patch release includes additional fixes for the regression in the unified topology discovered in v3.3.2, expanding our testing infrastructure to include a simulated workload during failover testing. There was a bug when connecting to single-node replicasets which could result in a stack overflow which was corrected. Additionally, events and options which are incompatible with the unified topology will now emit a warning message.
The release also includes a fix submitted by @mpilar, who found an inconsistency in our implementation of the "Initial Seedlist Discovery" specification. An authSource
specified in the options passed to MongoClient
would be overridden by an authSource
provided in the TXT record checked during initial seedlist discovery over SRV. Thank you very much Miguel!
BulkWriteError
is now exported at the top level of the module so that users can catch them easily. Additionally, a fix was made to ensure that the index of operations passed into an unordered
bulk operation were preserved when reporting possible errors in the future.