node-mongodb-native
The official MongoDB Node.js driver
APACHE-2.0 License
Bot releases are hidden (Show)
The MongoDB Node.js team is pleased to announce version 3.6.3 of the driver
Release Highlights
MongoError: not master when running createIndex
A regression introduced in v3.6.2 meant that createIndex operations would not be executed with a fixed
primary read preference. This resulted in the driver selecting any server for the operation, which would
fail if a non-primary was selected.
Performance issues on AWS Lambda
The driver periodically monitors members of the replicaset for changes in the topology, but ensures that
the "monitoring thread" is never woken sooner than 500ms. Measuring this elapsed time depends on a
stable clock, which is not available to us in some virtualized environments like AWS Lambda. The result
was that periodically operations would think there were no available servers, and the driver would force
a wait of heartbeatFrequencyMS (10s by default) before reaching out to servers again for a new
monitoring check. The internal async interval timer has been improved to account for these environments
GSSAPI AuthProvider reuses single kerberos client
A regression introduced in v3.6.0 forced the driver to reuse a single kerberos client for all
authentication attempts. This would result in incomplete authentication flows, and occaisionally even
a crash in the kerberos module. The driver has been reverted to creating a kerberos client per
authentication attempt.
Performance regression due to use of setImmediate
A change introduced in v3.6.1 switched all our usage of process.nextTick in the connection pool with
setImmediate per Node.js core recommendation. This was observed to introduce noticeable latency when the event loop
was experiencing pressure, so the change was reverted for this release pending further investigation.
Community Contributions
- @jswangjunsheng submitted a fix for a rare scenario when wait queue members time out before connection establishment
- @through-a-haze submitted a fix for incorrect construction of an X509 authentication message
- @andreialecu helped us indicate peer optional dependencies in our
package.jsonfor stricter package managers (pnpm, yarn2)
Documentation
Reference: http://mongodb.github.io/node-mongodb-native/3.6/
API: http://mongodb.github.io/node-mongodb-native/3.6/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md
We invite you to try the driver immediately, and report any issues to the NODE project.
Thanks very much to all the community members who contributed to this release!
Release Notes
The MongoDB Node.js team is pleased to announce version 3.6.2 of the driver
Release Highlights
Updated bl dependency due to CVE-2020-8244
See this link for more details: https://github.com/advisories/GHSA-pp7h-53gx-mx7r
Connection pool wait queue processing is too greedy
The logic for processing the wait queue in our connection pool ran the risk of
starving the event loop. Calls to process the wait queue are now wrapped in a
setImmediate to prevent starvation
Documentation
Reference: http://mongodb.github.io/node-mongodb-native/3.6/
API: http://mongodb.github.io/node-mongodb-native/3.6/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md
We invite you to try the driver immediately, and report any issues to the NODE project.
Thanks very much to all the community members who contributed to this release!
Release Notes
The MongoDB Node.js team is pleased to announce version 3.5.11 of the driver
Release Highlights
Kerberos
A bug in introducing the new CMAP Connection prevented some users from properly
authenticating with the kerberos module.
Updated bl dependency due to CVE-2020-8244
See this link for more details: https://github.com/advisories/GHSA-pp7h-53gx-mx7r
Documentation
Reference: http://mongodb.github.io/node-mongodb-native/3.5/
API: http://mongodb.github.io/node-mongodb-native/3.5/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.5/HISTORY.md
We invite you to try the driver immediately, and report any issues to the NODE project.
Thanks very much to all the community members who contributed to this release!
Release Notes
The MongoDB Node.js team is pleased to announce version 3.6.1 of the driver
Release Highlights
Kerberos
A bug in introducing the new CMAP Connection prevented some users from properly authenticating with the kerberos module.
Index options are not respected with createIndex
The logic for building the createIndex command was changed in v3.6.0 to use an allowlist rather than a blocklist, but omitted a number of index types in that list. This release reintroduces all supported index types to the allowlist.
Remove strict mode for createCollection
Since v3.6.0 createCollection will no longer returned a cached Collection instance if a collection already exists in the database, rather it will return a server error stating that the collection already exists. This is the same behavior provided by the strict option for createCollection, so that option has been removed from documentation.
Documentation
Reference: http://mongodb.github.io/node-mongodb-native/3.6/
API: http://mongodb.github.io/node-mongodb-native/3.6/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md
We invite you to try the driver immediately, and report any issues to the NODE project.
Thanks very much to all the community members who contributed to this release!
Release Notes
The MongoDB Node.js team is pleased to announce version 3.6.0 of the driver
NOTE: This version begins our official support for MongoDB 4.4
Release Highlights
Streaming topology changes
MongoDB drivers maintain a local view of the topology they are connected to, and ensure the accuracy of that view by polling connected nodes on average every ~10s. In MongoDB 4.4, drivers are now able to receive push notifications about topology updates, effectively reducing the time for client recovery in failover scenarios to the time it takes for the server to make the election and report the outcome.
This feature is enabled by default when connecting to MongoDB 4.4, no changes are needed for user code.
Authentication
MONGODB-AWS authentication mechanism
The MONGODB-AWS authentication mechanism uses your Amazon Web Services Identity and Access Management (AWS IAM) credentials to authenticate users on MongoDB 4.4+. Please read more about this new authentication mechanism in our documentation.
Performance improvements
There were two projects to transparently improve performance of authentication in MongoDB 4.4:
-
A driver can now include the first
saslStartcommand in its initial handshake with server. This so-called "speculative authentication" allows us to reduce one roundtrip to the server for authentication a connection. This feature is only support for X.509, SCRAM-SHA-1 and SCRAM-SHA-256 (default) authentication mechanisms. -
The SCRAM conversation between driver and server can now skip one of it's empty exchanges which also serves to reduce the roundtrips during a SCRAM authentication.
Changes in behavior of Db.prototype.createCollection
The createCollection helper used to internally run a listCollections command in order to see if a collection already existed before running the command. If it determined a collection with the same name existed, it would skip running the command and return an instance of Collection. This behavior was changed in v3.6.0 to avoid potentially serious bugs, specifically that the driver was not considering options passed into createCollection as part of the collection equality check. Imagine the following scenario:
const client = new MongoClient('...');
await client.connect();
await client.db('foo').collection('bar').insert({ importantField: 'llamas' });
await client.db('foo').createCollection('bar', {
validator: { $jsonSchema: {
bsonType: 'object',
required: ['importantField'],
properties: { name: { bsonType: 'boolean' } }
}
});
The createCollection call which defines a JSON schema validator would be completely bypassed because of the existence of bar, which was implicitly created in the first command. Our policy is strictly adhere to semver, but in rare cases like this where we feel there is potential for a data corrupting bug, we make breaking behavioral changes to protect the user.
Documentation
Reference: http://mongodb.github.io/node-mongodb-native/3.6/
API: http://mongodb.github.io/node-mongodb-native/3.6/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.6/HISTORY.md
We invite you to try the driver immediately, and report any issues to the NODE project.
Thanks very much to all the community members who contributed to this release!
Release Notes
The MongoDB Node.js team is pleased to announce version 3.5.10 of the driver
NOTE: This will be the final release in the 3.5.x branch, please consider upgrading to 3.6.0
Release Highlights
TypeError: Cannot read property 'documents' of null
@adrian-gierakowski helped us identify a bug with our ChangeStreamCursor, specifically when the cursor
was complete it would not return a valid document but instead a null value.
Command helper not respecting server selection specification rules
The server selection specification indicates that the "runCommand" helper should act
as a read operation for the purposes of server selection, and that it should use a default read
preference of "primary" which can only be overridden by the helper itself. The driver had a bug
where it would inherit the read preference from its "parent" type (Collection, Db, MongoClient)
which is at odds with the specified behavior.
mongodb+srv invalid IPv6 support
Due to a bug in how we referred to ipv6 addresses internal to the driver, if a mongodb+srv
connection string was provided with an ipv6 address the driver would never be able to connect
and would result in a the following error RangeError: Maximum call stack size exceeded.
maxStalenessSeconds not accepted when provided via options
There was a bug in our connection string and MongoClient options parsing where a value provided
for maxStalenessSeconds would not end up being reflected in the ReadPreference used internal
to the driver.
Sessions are prohibited with unacknowledged writes
MongoDB can provide no guarantees around unacknowledged writes when used within a session. The
driver will now silently remove the lsid field from all writes issued with { w: 0 }, and
will return an error in these situations in the upcoming 4.0 major release.
Documentation
Reference: http://mongodb.github.io/node-mongodb-native/3.5/
API: http://mongodb.github.io/node-mongodb-native/3.5/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.5/HISTORY.md
We invite you to try the driver immediately, and report any issues to the NODE project.
Thanks very much to all the community members who contributed to this release!
Release Notes
The MongoDB Node.js team is pleased to announce version 3.5.9 of the driver
Release Highlights
Use duration of handshake if no previous roundTripTime exists
The default roundTripTime of a ServerDescription is -1, which means if that value is used we can potentially calculate a negative roundTripTime. Instead, if no previous roundTripTime exists, we use the duration of the initial handshake.
the options [maxIdleTimeMS] is not supported
A number of new options were added when the CMAP compliant connection pool was introduced in 3.5.x. Unfortunately, these options were not documented properly. Now they are mentioned in the MongoClient documentation, with a notice that they are only supported with the unified topology.
TypeError: Reduce of empty array with no initial value
A fix in 3.5.8 which ensured proper filtering of servers during server selection exposed an issue in max staleness calculations when the topology type is ReplicaSetNoPrimary and no servers are currently known. In order to estimate an upper bound of max staleness when there is no primary, the most stale known server is known to compare the others to - if there are no known servers, you can't reduce the array!
Server monitoring is prevented under heavy request load
In certain very high load fail-over scenarios the driver is unable to reschedule a monitoring check in order to update its view of the topology for retryability. This would result in a high number of failed operations, as they were unable to determine a new viable server.
Documentation
Reference: http://mongodb.github.io/node-mongodb-native/3.5/
API: http://mongodb.github.io/node-mongodb-native/3.5/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.5/HISTORY.md
We invite you to try the driver immediately, and report any issues to the NODE project.
Thanks very much to all the community members who contributed to this release!
Release Notes
The MongoDB Node.js team is pleased to announce version 3.5.8 of the driver
Release Highlights
Fixes for NEAREST latency window calculation
@adityapatadia helped uncover an issue with our server selection logic which
filtered out servers after evaluating whether they were in the latency window.
This meant that non-viable servers were considered during the window calculation
and would render certain viable servers unviable.
BulkWriteError writeErrors property
@vkarpov15 submitted a patch to always include writeErrors on a BulkWriteError.
We have logic to set the message of BulkWriteError to the message of the first
error encountered if there is only one error. Unfortunately, this logic removed
the writeErrors field when doing that, so users could be faced with an error
which conditionally changed shape.
Memory leak in timed out wait queue members
@dead-horse identified a memory leak in the new connection pool where wait queue
members which timed out might be left in the queue indefinitely under sufficient
load. The fix here was to ensure that all wait queue members are flushed during
wait queue processing before evaluating whether there were available sockets to
process new requests.
Implicit sessions cleanup improvements
Once @dead-horse was able to patch the connection pool memory leak, they also
identified a edge case where implicit sessions could be leaked in a very specific
error condition. The logic to release implicit sessions was simplified, preventing
this from happening in the future
Unordered bulk writes continue-on-error
A bug introduced last summer prevented unordered bulk write operations from
continuing after the first write error - one of the most important features of
being an unordered operation. We now properly support this feature again.
journal in connection string is ignored
@nknighter filed a report that the journal option was ignored when provided
via the connection string. The paramater j was supported both through the
connection string and explicit added to MongoClient options, but the official
documentation for connection strings support a journal option.
Documentation
Reference: http://mongodb.github.io/node-mongodb-native/3.5/
API: http://mongodb.github.io/node-mongodb-native/3.5/api/
Changelog: https://github.com/mongodb/node-mongodb-native/blob/3.5/HISTORY.md
We invite you to try the driver immediately, and report any issues to the NODE project.
Thanks very much to all the community members who contributed to this release!
Release Notes
The MongoDB Node.js team is pleased to announce version 3.5.7 of the driver
Release Highlights
Warning: Accessing non-existent property 'count' of module exports inside circular dependency
Work earlier this year left some dead code in our operations code, resulting in this warning message reported by multiple users. While we still have a few cycles in our codebase yet, this will quiet Node.js 14's circular dependency warnings.
Sessions are only acquired when operations are executed
Drivers use an implicit session for all operations where an explicit session is not provided. A subtle bug was introduced when session support was implemented where implicit sessions were created and assigned to operations even if they were about to sit in a queue waiting for execution. This results in the driver creating many sessions rather than reusing pooled ones. The fix is to ensure a session is only checked out of the pool when the operation is about to be written to a server.
Thanks very much to all the community members who contributed to this release!
Release Notes
The MongoDB Node.js team is pleased to announce version 3.5.6 of the driver
Release Highlights
Regression in map when cursor used as a stream
@dobesv helped identify a regression where a map function would be applied twice
if defined on a cursor, and that cursor was used to stream data.
TypeError: Cannot read property 'code' of undefined
User @linus-hologram originally reported an issue with a TypeError when the lambda
passed to the withTransaction helper rejected with a null value. @vkarpov15
submitted the fix.
readPreferenceTags interpreted as an array
A bug was fixed where readPreferenceTags with a single value in the connection
string was not properly interpreted as an array of tags. This prevented the
Use Analytics Nodes to Isolate Workload guidance from working
correctly.
Cannot set property 'isDirty' of null
User @sean-daley reported seeing this in an AWS Lambda environment, but has proven to
be somewhat of a heisenbug. We are rolling out a fix here that ensures sessions
(implicit or not) are not used after they have been explicitly ended.
Thanks very much to all the community members who contributed to this release!
Release Notes
The MongoDB Node.js team is pleased to announce version 3.5.5 of the driver
Release Highlights
Regression in hasNext when using a cursor with a limit
@peterbroadhurst helped point out a regression introduced in v3.5.4 where using hasNext
on a cusor with a limit would not return the full set of results.
Ignored topology updates cause servers to fall out of latency window
A change introduced across all MongoDB drivers, and in particular v3.5.0 of the Node.js
driver, attempted to prevent needless duplicate topologyDescriptionChanged topology events
by introducing a ServerDescription equality operator. Since equality does not take the
lastUpdateTime and lastWriteDate fields of an ismaster into account, the driver could
eventually consider servers non-suitable for server selection, since they would fall out
of the latency window.
All updates are considered viable for topology updates now, and only event emission is
gated by ServerDescription equality.
Memory leaks with Node.js v12+
The legacy topology types (in particular if you were connected to a replic set) used a
custom Timeout class to wrap a timer. Unfortunately, the class depended on an undocumented,
private variable _called, which was removed in Node.js v12. This would lead to the driver
thinking the timeout never occurred, and therefore never releasing the object for garbage
collection. We recommend users of the legacy topology types immediately update to this
version of the driver, or use the Unified Topology which is unaffected by this bug.
TypeError: Cannot read property 'Symbol(cancelled)' of undefined
@erfanium and @Paic helped us identify an issue in rare failover events where multiple
requests to process the server selection queue would result in an attempted property
access of an undefined variable.
promiseLibrary not respected by newly introduced maybePromise helper
@tobyealden pointed out that an internal refactor to use a helper to optionally
return a Promise for top level API methods was not, in fact, using a custom
promise library if one was provided!
Thanks very much to all the community members who contributed to this release!
Release Notes
The MongoDB Node.js team is pleased to announce version 3.5.4 of the driver
Release Highlights
Regression in hasNext when piping a cursor
Pierre Mallet and @Sintendo helped identify a regression with our cursors which did not
properly rewind a cursor when hasNext was called before the cursor was piped.
Regression in server selection queue processing
A change introduced in v3.5.3 converted the server selection loop from a loop with timers
to a queue of callbacks. A subtle bug was introduced to the code to process the quere where
the upper bound of a for loop was using a dynamically decreasing length, leading to some
operations being ignored, and ultimately timing out. Many thanks to Frederic Maillasson,
@paulrobinson, and @adityapatadia for helping uncover this issue
Only ensure minimum connection pool size if a size is specified
User @millerick submitted a PR short circuiting the background task for ensuring a minimum
pool size if no minimum size was set.
Release Notes
The MongoDB Node.js team is pleased to announce version 3.5.3 of the driver
Release Highlights
This patch release fixes one issue with command error handling during network errors, and one minor issue with multiple incoming wire messages not being properly processed.
Release Notes
The MongoDB Node.js team is pleased to announce version 3.5.2 of the driver
Release Highlights
This patch release corrects a regression introduced in the 4.2 timeframe which would
effectively disable retryable operations for connection to MongoDB 4.2+. Additionally,
the server selection loop has been converted to a queue of callbacks to improve
readability, as well as performance in certain scenarios.
Release Notes
The MongoDB Node.js team is pleased to announce version 3.5.1 of the driver
Release Highlights
This patch release fixes a few regressions introduced with new connection pool, primarily
around the ability to use custom TLS certificates.
Release Notes
The MongoDB Node.js team is pleased to announce version 3.5.0 of the driver
Release Highlights
CMAP-compliant Connection Pool
This release introduces a modern replacement for the driver's connection pool, available only with the
unified topology. A major effort was made in early 2019 to fully specifiy connection pools for MongoDB
drivers (see: CMAP specification), and this release brings the Node.js driver in line with that
specification.
Traceability
The new pool supports monitoring for all aspects of its behavior. This allows deep introspection into
the operation of the connection pool, as well as an ability to profile the lifetime of an operation
when used in conjunction with command monitoring.
Stream-first Connection Design
The Connection class was completely rewritten for the new pool adopting a stream-first mentality. All
wire message processing and compression is handled in a duplex stream called the MessageStream, and
that stream is connected bidirectionally to the underlaying TCP socket. The result is a connection which
gains the general benefit of streams: better performance, less memory pressure, backpressure support. It
also opens the possiblity of supporting non-TCP/UDP streams as a transport for the driver.
waitQueueTimeoutMS
The new connection pool has a concept of a "wait queue", which allows operation requests to buffer waiting
for a connection to execute against. There is no timeout by default, but users can now specify a new value
waitQueueTimeoutMS in their connection string or MongoClient options to proactively cancel operations
that have waited too long.
Remember that the new connection pool is only available for the "Unified Topology", so remember to pass
useUnifiedTopology: true to your MongoClient constructor to use it!
Dedicated monitoring connection
Both the legacy and unified SDAM implementations have until now executed monitoring checks as priority
messages in the legacy Pool implementation. This means that monitoring (ismaster) operations were
prioritized over other queued operations, but also means that monitoring could be indefinitely blocked,
in particular during failover or black hole scenarios. The default socket timeout is null (read: Infinity),
so if the pool was completely saturated with operations, there may be no ability to execute a monitoring
check and determine that the connection to a server was no longer valid. This version of the driver
introduces a new Monitor class which manages its own dedicated monitoring connection to each known
node.
Server selection errors
In v3.3.0 of the driver we introduced a new MongoTimeoutError for all errors covered by the server
selection loop, leading to a spike in bug reports with a title similar to Server selection timed out after 30000ms.
Even though the error type itself had an attached reason field, we still feel it was easy to miss why
the selection had failed. As a result we have introduced a new type MongoServerSelectionError which
will use the originating error (reason) for its message, better informing users what caused a
selection error, while still also conveying it is an error in server selection.
Release Notes
The MongoDB Node.js team is pleased to announce version 3.4.0 of the driver
Release Highlights
Client Side Field Level Encryption (CSFLE)
The major functionality introduced in this release, and indeed the reason for the minor version bump, is full support for MongoDB's Client Side Field Level Encryption. The bulk of the support comes through an addon module mongodb-client-encryption, please refer to the reference documentation for more details.
TLS Option Variants
This release also introduces a number of new connection string options related to TLS. In order to unify uri options across all MongoDB drivers, and to better signal the technology the driver is actually using, all ssl related options now have a corresponding tls variant. NOTE: your application will not break if you continue to use the ssl variants, but deprecation warnings will be introduced prior to the 4.x driver release.
@adityapatadia initially pointed out that these tls variants had no effect, now they do. Thank you @adityapatadia!
mongodb+srv
A critical bug was found by @ephemer with the recently introduced "mongos discovery", where a typo caused DNS polling to occur at very fast intervals.
Additionally, user @mpilar identified and fixed a bug with our mongodb+srv parsing, where user-provided client options were not overriding those provided by a TXT record lookup.
Thank you very much @ephemer and @mpilar!
server selection
@adityapatadia also helped find a bug in the server selection code which rendered selection with a nearest read preference non-functional. Thanks again @adityapatadia!
bulkWrite
A small bug was fixed causing errors in an unordered bulk write to be reported in incorrect order. If an error occurs in a bulk write now, then it will show up in the writeErrors field of the resulting BulkWriteError with an index that corresponds to the position the operation had in the initial input.
Release Notes
The MongoDB Node.js team is pleased to announce version 3.3.5 of the driver
Release Highlights
unified topology
This patch release includes additional fixes for the regression in the unified topology discovered in v3.3.2, expanding our testing infrastructure to include a simulated workload during failover testing. There was a bug when connecting to single-node replicasets which could result in a stack overflow which was corrected. Additionally, events and options which are incompatible with the unified topology will now emit a warning message.
mongodb+srv
The release also includes a fix submitted by @mpilar, who found an inconsistency in our implementation of the "Initial Seedlist Discovery" specification. An authSource specified in the options passed to MongoClient would be overridden by an authSource provided in the TXT record checked during initial seedlist discovery over SRV. Thank you very much Miguel!
bulkWrite
BulkWriteError is now exported at the top level of the module so that users can catch them easily. Additionally, a fix was made to ensure that the index of operations passed into an unordered bulk operation were preserved when reporting possible errors in the future.