Update mongodb: 3.5.4 → 3.5.5 (patch)

[depfu]

Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.

What changed?

✳️ mongodb (3.5.4 → 3.5.5) · Repo · Changelog

Release Notes

3.5.5

The MongoDB Node.js team is pleased to announce version 3.5.5 of the driver

Release Highlights

Regression in hasNext when using a cursor with a limit

@peterbroadhurst helped point out a regression introduced in v3.5.4 where using hasNext
on a cusor with a limit would not return the full set of results.

Ignored topology updates cause servers to fall out of latency window

A change introduced across all MongoDB drivers, and in particular v3.5.0 of the Node.js
driver, attempted to prevent needless duplicate topologyDescriptionChanged topology events
by introducing a ServerDescription equality operator. Since equality does not take the
lastUpdateTime and lastWriteDate fields of an ismaster into account, the driver could
eventually consider servers non-suitable for server selection, since they would fall out
of the latency window.
All updates are considered viable for topology updates now, and only event emission is
gated by ServerDescription equality.

Memory leaks with Node.js v12+

The legacy topology types (in particular if you were connected to a replic set) used a
custom Timeout class to wrap a timer. Unfortunately, the class depended on an undocumented,
private variable _called, which was removed in Node.js v12. This would lead to the driver
thinking the timeout never occurred, and therefore never releasing the object for garbage
collection. We recommend users of the legacy topology types immediately update to this
version of the driver, or use the Unified Topology which is unaffected by this bug.

TypeError: Cannot read property 'Symbol(cancelled)' of undefined

@erfanium and @Paic helped us identify an issue in rare failover events where multiple
requests to process the server selection queue would result in an attempted property
access of an undefined variable.

promiseLibrary not respected by newly introduced maybePromise helper

@TobyEalden pointed out that an internal refactor to use a helper to optionally
return a Promise for top level API methods was not, in fact, using a custom
promise library if one was provided!

Thanks very much to all the community members who contributed to this release!

Release Notes

Bug

• [NODE-2460] - Memory Leak with ReplSet and NodeJS v12
• [NODE-2472] - TypeError on server available with useUnifiedTopology: true
• [NODE-2474] - Server_Description update with lastUpdateTime / lastWriteDate fields is ignored in topology
• [NODE-2480] - TypeError after reconnecting
• [NODE-2483] - Regression using hasNext on cursor with limit
• [NODE-2490] - promiseLibrary option is not honoured

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 11 commits:

• chore(release): 3.5.5
• fix: multiple concurrent attempts to process the queue may fail
• fix: pass optional promise lib to maybePromise
• NODE-2474: update equal server description (#2260)
• test: ensure mock server is setup before continuing with tests
• fix: correctly use template string for connection string error message
• test: use a reduced `minHeartbeatFrequencyMS` for spec test runner
• fix(cursor): hasNext consumes documents on cursor with limit
• docs: update community links to use MongoDB Community forums
• docs: fix typo and formatting of bulletted lists
• fix: don't depend on private node api for `Timeout` wrapper

---

Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with @depfu rebase.

All Depfu comment commands

@​depfu rebase

Rebases against your default branch and redoes this update

@​depfu recreate

Recreates this PR, overwriting any edits that you've made to it

@​depfu merge

Merges this PR once your tests are passing and conflicts are resolved

@​depfu close

Closes this PR and deletes the branch

@​depfu reopen

Restores the branch and reopens this PR (if it's closed)

@​depfu pause

Ignores all future updates for this dependency and closes this PR

@​depfu pause [minor|major]

Ignores all future minor/major updates for this dependency and closes this PR

@​depfu resume

Future versions of this dependency will create PRs again (leaves this PR as is)

[depfu]

Closed in favor of #132.