[Snyk] Upgrade mongodb from 3.0.1 to 3.7.4 #7

it4life · 2024-01-06T23:07:49Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade mongodb from 3.0.1 to 3.7.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 79 versions ahead of your current version.
The recommended version was released 7 months ago, on 2023-06-21.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Internal Property Tampering SNYK-JS-BSON-561052	630/1000 Why? Has a fix available, CVSS 8.1	No Known Exploit
Internal Property Tampering SNYK-JS-BSON-6056525	630/1000 Why? Has a fix available, CVSS 8.1	No Known Exploit
Denial of Service (DoS) SNYK-JS-MONGODB-473855	630/1000 Why? Has a fix available, CVSS 8.1	No Known Exploit
Regular Expression Denial of Service (ReDoS) npm:bson:20180225	630/1000 Why? Has a fix available, CVSS 8.1	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: mongodb

3.7.4 - 2023-06-21
The MongoDB Node.js team is pleased to announce version 3.7.4 of the mongodb package!

Release Highlights

This release fixes a bug that throws a type error when SCRAM-SHA-256 is used with saslprep in a webpacked environment.

3.7.4 (2023-06-21)

Bug Fixes
- NODE-3711: retry txn end on retryable write (#3047) (1595140)
- NODE-5355: prevent error when saslprep is not a function (#3733) (152425a)
Documentation
- Reference
- API
- Changelog
We invite you to try the mongodb library immediately, and report any issues to the NODE project.
3.7.3 - 2021-10-20
3.7.2 - 2021-10-05
3.7.1 - 2021-09-14
3.7.0 - 2021-08-31
3.6.12 - 2021-08-30
3.6.11 - 2021-08-05
3.6.10 - 2021-07-06
3.6.9 - 2021-05-26
3.6.8 - 2021-05-21
3.6.7 - 2021-05-18
3.6.6 - 2021-04-06
3.6.5 - 2021-03-16
3.6.4 - 2021-02-02
3.6.3 - 2020-11-06
3.6.2 - 2020-09-10
3.6.1 - 2020-09-02
3.6.0 - 2020-07-30
3.6.0-beta.0 - 2020-04-14
3.5.11 - 2020-09-10
3.5.10 - 2020-07-30
3.5.9 - 2020-06-12
3.5.8 - 2020-05-28
3.5.7 - 2020-04-29
3.5.6 - 2020-04-14
3.5.5 - 2020-03-11
3.5.4 - 2020-02-25
3.5.3 - 2020-02-12
3.5.2 - 2020-01-20
3.5.1 - 2020-01-17
3.5.0 - 2020-01-14
3.4.1 - 2019-12-19
3.4.0 - 2019-12-10
3.3.5 - 2019-11-26
3.3.4 - 2019-11-11
3.3.4-rc0 - 2019-11-06
3.3.3 - 2019-10-16
3.3.2 - 2019-08-28
3.3.1 - 2019-08-23
3.3.0 - 2019-08-13
3.3.0-beta2 - 2019-07-18
3.3.0-beta1 - 2019-06-18
3.2.7 - 2019-06-04
3.2.6 - 2019-05-24
3.2.5 - 2019-05-17
3.2.4 - 2019-05-08
3.2.3 - 2019-04-05
3.2.2 - 2019-03-22
3.2.1 - 2019-03-21
3.2.0-beta2 - 2019-03-10
3.2.0-beta1 - 2019-02-27
3.1.13 - 2019-01-23
3.1.12 - 2019-01-16
3.1.11 - 2019-01-15
3.1.10 - 2018-11-16
3.1.9 - 2018-11-06
3.1.8 - 2018-10-10
3.1.7 - 2018-10-09
3.1.6 - 2018-09-15
3.1.5 - 2018-09-14
3.1.4 - 2018-08-25
3.1.3 - 2018-08-13
3.1.2 - 2018-08-13
3.1.1 - 2018-07-05
3.1.0 - 2018-06-27
3.1.0-beta4 - 2018-05-11
3.1.0-beta3 - 2018-05-08
3.1.0-beta2 - 2018-04-19
3.1.0-beta1 - 2018-04-18
3.0.11 - 2018-06-28
3.0.10 - 2018-06-02
3.0.9 - 2018-06-01
3.0.8 - 2018-05-08
3.0.7 - 2018-04-17
3.0.6 - 2018-04-09
3.0.5 - 2018-03-23
3.0.4 - 2018-03-05
3.0.3 - 2018-02-23
3.0.2 - 2018-01-29
3.0.1 - 2017-12-24

from mongodb GitHub release notes

Commit messages

Package name: mongodb

c2b6da1 chore(release): 3.7.4
152425a fix(NODE-5355): prevent error when saslprep is not a function (Update 101-vm-simple-windows/azuredeploy.json Azure/azure-quickstart-templates#3733)
1595140 fix(NODE-3711): retry txn end on retryable write (Add template for Elasticsearch on VMSS Azure/azure-quickstart-templates#3047)
9b980c4 chore(NODE-3736): fix drivers tools cloning (Install kubectl on Spinnaker VM Azure/azure-quickstart-templates#3025)
b42e8b3 chore(release): 3.7.3
428e6d3 fix(NODE-3515): do proper opTime merging in bulk results (201-vmss-linux-nat is broken Azure/azure-quickstart-templates#3011)
564b0d7 test(NODE-3606): legacy and new versions of the CSFLE library (Add Spinnaker to Kubernetes template Azure/azure-quickstart-templates#3002)
7c5a7bb chore(release): 3.7.2
ec23d63 chore(NODE-3622): bump optional-require for additional yarn berry pnp support (Adding Template : ansible-tower-rhel Azure/azure-quickstart-templates#2989)
28f721d chore(release): 3.7.1
910c564 feat(NODE-3424): use hello for monitoring commands (Upgrade cf-release to v250 for Cloud Foundry template Azure/azure-quickstart-templates#2964)
44df7d7 chore(release): 3.7.0
1a76618 fix: versioned api low node compat fix (update the cloudera-on-centos offering from 1.1.0 to 1.2.2 Azure/azure-quickstart-templates#2970)
7602f68 docs(NODE-3406): add versioned api examples (update the cloudera-director-on-centos offering from 1.1.0 to 1.1.2 Azure/azure-quickstart-templates#2969)
a07aa56 test(NODE-3409): support AWS temp credentials in CSFLE tests (Removing moved templates Azure/azure-quickstart-templates#2968)
eae0e05 chore(NODE-3303): deprecate md5 hash and isConnected (Merge remote-tracking branch 'refs/remotes/Azure/master' Azure/azure-quickstart-templates#2960)
77ab63e test(NODE-3387): correctly extract findOneX values in unified operations (BitShares on Ubuntu 16.04 LTS Azure/azure-quickstart-templates#2966)
96c8ab4 fix(NODE-3377): driver should allow arbitrary explain levels (update the cloudera-director-on-centos offering from 1.1.0 to 1.1.1 Azure/azure-quickstart-templates#2961)
4c25984 chore: sync 3.6 changes to 3.7 (updating the metadata for all the three templates Azure/azure-quickstart-templates#2963)
e5975af fix(NODE-3463): pass explain error through to callback (KeyVault as variable Azure/azure-quickstart-templates#2949)
238a4b0 fix(NODE-3290): versioned api validation and tests (added existingVnet and existingSubnet Azure/azure-quickstart-templates#2869)
91a2fc9 Merge remote-tracking branch 'origin/3.6' into 3.7
6ee945e chore(NODE-3316): add author info and update bug url in package.json (Remove the text from the Firewall rule name which Azure validation no longer accepts Azure/azure-quickstart-templates#2887)
ecc930b test(NODE-3381): command monitoring redaction tests (Added existingVnet and existingSubnet as parameter Azure/azure-quickstart-templates#2873)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade mongodb from 3.0.1 to 3.7.4. See this package in npm: https://www.npmjs.com/package/mongodb See this project in Snyk: https://app.snyk.io/org/brian-N76JAG9hRQWedTevgbDLiT/project/35071d5c-e08b-4b3d-939d-51debf68b0aa?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Snyk] Upgrade mongodb from 3.0.1 to 3.7.4 #7

[Snyk] Upgrade mongodb from 3.0.1 to 3.7.4 #7

Uh oh!

it4life commented Jan 6, 2024

Release Highlights

3.7.4 (2023-06-21)

Bug Fixes

Documentation

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

[Snyk] Upgrade mongodb from 3.0.1 to 3.7.4 #7

Are you sure you want to change the base?

[Snyk] Upgrade mongodb from 3.0.1 to 3.7.4 #7

Uh oh!

Conversation

it4life commented Jan 6, 2024

Snyk has created this PR to upgrade mongodb from 3.0.1 to 3.7.4.

Release Highlights

3.7.4 (2023-06-21)

Bug Fixes

Documentation

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants