fix(connection): avoid calling connection.close() internally with force: Object#15534
Merged
fix(connection): avoid calling connection.close() internally with force: Object#15534
connection.close() internally with force: Object#15534Conversation
…force: Object` Fix #15531
Contributor
There was a problem hiding this comment.
Pull Request Overview
This pull request fixes issue #15531 by correcting the type of the force parameter when calling connection.close() internally. The issue was that an object was being passed as the force parameter when the method expects a boolean value.
- Extracts the boolean
forcevalue from an object parameter before passing it to internalclose()anddestroy()calls - Adds a test case to verify the fix works correctly with
useDb()method
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| lib/connection.js | Adds logic to extract boolean force value from object parameter in onClose() method |
| test/connection.test.js | Adds regression test for reopening connection after close with useDb() |
Comments suppressed due to low confidence (1)
lib/connection.js:1327
- [nitpick] The variable name
wasForceClosedis misleading as it suggests a past state, but it's actually extracting the current force value. Consider renaming toforceValueorforceBoolto better reflect its purpose.
const wasForceClosed = typeof force === 'object' && force !== null ? force.force : force;
hasezoey
approved these changes
Jul 16, 2025
mergify bot
added a commit
to reisene/HulajDusza-serwis
that referenced
this pull request
Aug 11, 2025
![snyk-io[bot]](https://badgen.net/badge/icon/snyk-io%5Bbot%5D/green?label=)  [<img width="16" alt="Powered by Pull Request Badge" src="https://user-images.githubusercontent.com/1393946/111216524-d2bb8e00-85d4-11eb-821b-ed4c00989c02.png">](https://pullrequestbadge.com/?utm_medium=github&utm_source=reisene&utm_campaign=badge_info)<!-- PR-BADGE: PLEASE DO NOT REMOVE THIS COMMENT -->  <h3>Snyk has created this PR to upgrade mongoose from 8.16.1 to 8.16.4.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/> - The recommended version is **3 versions** ahead of your current version. - The recommended version was released **21 days ago**. #### Issues fixed by the recommended upgrade: | | Issue | Score | Exploit Maturity | :-------------------------:|:-------------------------|:-------------------------|:-------------------------  | Regular Expression Denial of Service (ReDoS)<br/>[SNYK-JS-BRACEEXPANSION-9789073](https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073) | **57** | Proof of Concept  | Regular Expression Denial of Service (ReDoS)<br/>[SNYK-JS-BRACEEXPANSION-9789073](https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073) | **57** | Proof of Concept <details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>mongoose</b></summary> <ul> <li> <b>8.16.4</b> - <a href="https://redirect.github.com/Automattic/mongoose/releases/tag/8.16.4">2025-07-16</a></br><h1>8.16.4 / 2025-07-16</h1> <ul> <li>fix(connection): avoid calling connection.close() internally with force: Object <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3229728988" data-permission-text="Title is private" data-url="Automattic/mongoose#15534" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15534/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15534">#15534</a> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3228051020" data-permission-text="Title is private" data-url="Automattic/mongoose#15531" data-hovercard-type="issue" data-hovercard-url="/Automattic/mongoose/issues/15531/hovercard" href="https://redirect.github.com/Automattic/mongoose/issues/15531">#15531</a></li> <li>types(schema): handle required: string in schema definitions <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3233265778" data-permission-text="Title is private" data-url="Automattic/mongoose#15538" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15538/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15538">#15538</a> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3231854067" data-permission-text="Title is private" data-url="Automattic/mongoose#15536" data-hovercard-type="issue" data-hovercard-url="/Automattic/mongoose/issues/15536/hovercard" href="https://redirect.github.com/Automattic/mongoose/issues/15536">#15536</a></li> <li>types(document): allow calling $isDefault() with no args <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3219676033" data-permission-text="Title is private" data-url="Automattic/mongoose#15528" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15528/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15528">#15528</a> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3212867705" data-permission-text="Title is private" data-url="Automattic/mongoose#15522" data-hovercard-type="issue" data-hovercard-url="/Automattic/mongoose/issues/15522/hovercard" href="https://redirect.github.com/Automattic/mongoose/issues/15522">#15522</a></li> <li>types: infer Typescript string enums <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3224312454" data-permission-text="Title is private" data-url="Automattic/mongoose#15530" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15530/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15530">#15530</a> <a href="https://redirect.github.com/ruiaraujo">ruiaraujo</a></li> <li>types: pass TModelType down to schema statics <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3233226123" data-permission-text="Title is private" data-url="Automattic/mongoose#15537" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15537/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15537">#15537</a></li> </ul> </li> <li> <b>8.16.3</b> - <a href="https://redirect.github.com/Automattic/mongoose/releases/tag/8.16.3">2025-07-10</a></br><h1>8.16.3 / 2025-07-10</h1> <ul> <li>fix(document): clean modified subpaths if unsetting map <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3209687640" data-permission-text="Title is private" data-url="Automattic/mongoose#15520" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15520/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15520">#15520</a> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3209143317" data-permission-text="Title is private" data-url="Automattic/mongoose#15519" data-hovercard-type="issue" data-hovercard-url="/Automattic/mongoose/issues/15519/hovercard" href="https://redirect.github.com/Automattic/mongoose/issues/15519">#15519</a></li> <li>fix: make DocumentArray SchemaType pass all options to embedded SchemaType <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3213865906" data-permission-text="Title is private" data-url="Automattic/mongoose#15523" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15523/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15523">#15523</a></li> <li>types: support readonly array in query.select <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3217205824" data-permission-text="Title is private" data-url="Automattic/mongoose#15527" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15527/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15527">#15527</a> <a href="https://redirect.github.com/omermizr">omermizr</a></li> </ul> </li> <li> <b>8.16.2</b> - <a href="https://redirect.github.com/Automattic/mongoose/releases/tag/8.16.2">2025-07-07</a></br><h1>8.16.2 / 2025-07-07</h1> <ul> <li>fix(cursor): populate after hydrating in queryCursor so populated docs get parent() <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3193156560" data-permission-text="Title is private" data-url="Automattic/mongoose#15498" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15498/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15498">#15498</a> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3179946229" data-permission-text="Title is private" data-url="Automattic/mongoose#15494" data-hovercard-type="issue" data-hovercard-url="/Automattic/mongoose/issues/15494/hovercard" href="https://redirect.github.com/Automattic/mongoose/issues/15494">#15494</a></li> <li>fix(schema): support toJSONSchema() on mixed types and improve error message about unsupported types <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3179520029" data-permission-text="Title is private" data-url="Automattic/mongoose#15492" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15492/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15492">#15492</a> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3174597323" data-permission-text="Title is private" data-url="Automattic/mongoose#15489" data-hovercard-type="issue" data-hovercard-url="/Automattic/mongoose/issues/15489/hovercard" href="https://redirect.github.com/Automattic/mongoose/issues/15489">#15489</a></li> <li>types: add _id and __v to toObject/toJSON transform type <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3193864752" data-permission-text="Title is private" data-url="Automattic/mongoose#15501" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15501/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15501">#15501</a> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3145020558" data-permission-text="Title is private" data-url="Automattic/mongoose#15479" data-hovercard-type="issue" data-hovercard-url="/Automattic/mongoose/issues/15479/hovercard" href="https://redirect.github.com/Automattic/mongoose/issues/15479">#15479</a></li> <li>types(schema): use user-provided THydratedDocumentType as context for virtual get() and set() <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3205408388" data-permission-text="Title is private" data-url="Automattic/mongoose#15517" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15517/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15517">#15517</a> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3203768114" data-permission-text="Title is private" data-url="Automattic/mongoose#15516" data-hovercard-type="issue" data-hovercard-url="/Automattic/mongoose/issues/15516/hovercard" href="https://redirect.github.com/Automattic/mongoose/issues/15516">#15516</a></li> <li>types: improve typing for transform option to toJSON and toObject <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3165281132" data-permission-text="Title is private" data-url="Automattic/mongoose#15485" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15485/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15485">#15485</a></li> <li>docs: link to custom setter docs from lowercase, etc. options and note that setters run on query filters <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3179559608" data-permission-text="Title is private" data-url="Automattic/mongoose#15493" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15493/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15493">#15493</a> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3178037830" data-permission-text="Title is private" data-url="Automattic/mongoose#15491" data-hovercard-type="issue" data-hovercard-url="/Automattic/mongoose/issues/15491/hovercard" href="https://redirect.github.com/Automattic/mongoose/issues/15491">#15491</a></li> <li>docs(jest): add note about resetModules <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3200176577" data-permission-text="Title is private" data-url="Automattic/mongoose#15515" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15515/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15515">#15515</a></li> </ul> </li> <li> <b>8.16.1</b> - <a href="https://redirect.github.com/Automattic/mongoose/releases/tag/8.16.1">2025-06-26</a></br><h1>8.16.1 / 2025-06-26</h1> <ul> <li>fix(document): avoid setting _skipMarkModified when setting nested path with merge option <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3164370267" data-permission-text="Title is private" data-url="Automattic/mongoose#15484" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15484/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15484">#15484</a> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1265052748" data-permission-text="Title is private" data-url="Automattic/mongoose#11913" data-hovercard-type="issue" data-hovercard-url="/Automattic/mongoose/issues/11913/hovercard" href="https://redirect.github.com/Automattic/mongoose/issues/11913">#11913</a></li> <li>fix(model): make sure post save error handler gets doc as param on VersionError <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3164302491" data-permission-text="Title is private" data-url="Automattic/mongoose#15483" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15483/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15483">#15483</a> <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3153142469" data-permission-text="Title is private" data-url="Automattic/mongoose#15480" data-hovercard-type="issue" data-hovercard-url="/Automattic/mongoose/issues/15480/hovercard" href="https://redirect.github.com/Automattic/mongoose/issues/15480">#15480</a></li> <li>fix: consistent $conditionalHandlers setup between schematypes <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3176350747" data-permission-text="Title is private" data-url="Automattic/mongoose#15490" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15490/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15490">#15490</a></li> <li>docs(compatibility): note that mongodb 4.0 is not supported anymore since 8.16.0 <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3171918500" data-permission-text="Title is private" data-url="Automattic/mongoose#15487" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15487/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15487">#15487</a> <a href="https://redirect.github.com/hasezoey">hasezoey</a></li> <li>docs: remove unnecessary --save flag from npm install instruction <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3167998752" data-permission-text="Title is private" data-url="Automattic/mongoose#15486" data-hovercard-type="pull_request" data-hovercard-url="/Automattic/mongoose/pull/15486/hovercard" href="https://redirect.github.com/Automattic/mongoose/pull/15486">#15486</a> <a href="https://redirect.github.com/Thahirgeek">Thahirgeek</a></li> </ul> </li> </ul> from <a href="https://redirect.github.com/Automattic/mongoose/releases">mongoose GitHub release notes</a> </details> </details> --- > [!IMPORTANT] > > - Check the changes in this PR to ensure they won't cause issues with your project. > - This PR was automatically created by Snyk using the credentials of a real user. > - Max score is 1000. Note that the real score may have changed since the PR was raised. --- **Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs._ **For more information:** <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIxNGEyYzRlYy0zYjdjLTRiYTgtOGQ2MC1lNjE2NmM2YmI3MDMiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjE0YTJjNGVjLTNiN2MtNGJhOC04ZDYwLWU2MTY2YzZiYjcwMyJ9fQ==" width="0" height="0"/> > - 🧐 [View latest project report](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr) > - 📜 [Customise PR templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates?utm_source=&utm_content=fix-pr-template) > - 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59/settings/integration?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr) > - 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59/settings/integration?pkg=mongoose&utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades) [//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"mongoose","from":"8.16.1","to":"8.16.4"}],"env":"prod","hasFixes":true,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":["SNYK-JS-BRACEEXPANSION-9789073","SNYK-JS-BRACEEXPANSION-9789073"],"prId":"14a2c4ec-3b7c-4ba8-8d60-e6166c6bb703","prPublicId":"14a2c4ec-3b7c-4ba8-8d60-e6166c6bb703","packageManager":"npm","priorityScoreList":[57],"projectPublicId":"55e114f8-489e-4f14-b900-20574b041e59","projectUrl":"https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["priorityScore"],"type":"auto","upgrade":["SNYK-JS-BRACEEXPANSION-9789073","SNYK-JS-BRACEEXPANSION-9789073"],"upgradeInfo":{"versionsDiff":3,"publishedDate":"2025-07-16T22:31:03.488Z"},"vulns":["SNYK-JS-BRACEEXPANSION-9789073","SNYK-JS-BRACEEXPANSION-9789073"]}'
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
<!--](https://user-images.githubusercontent.com/1393946/111216524-d2bb8e00-85d4-11eb-821b-ed4c00989c02.png">](https://pullrequestbadge.com/?utm_medium=github&utm_source=reisene&utm_campaign=badge_info)<!--){kind=link}
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fix #15531
Summary
The crux of #15531 is that we're setting
forceto an object when connection.close() expectsforceto be a boolean.Examples