[Snyk] Upgrade bson from 4.4.1 to 4.6.0

[snyk-bot]

Snyk has created this PR to upgrade bson from 4.4.1 to 4.6.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 6 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2021-11-23.

Release notes

Package name: bson

• 4.6.0 - 2021-11-23
  

  The MongoDB Node.js team is pleased to announce version 4.6.0 of the bson package!

  Release Highlights

  This release adds a new BSON validation option that allows top-level keys to have utf-8 validation disabled or enabled, either on a global or key-specific scale, rather than defaulting to automatic utf-8 validation across all keys. Additionally, it includes a bug fix which allows BSONError and BSONTypeError to be checked with instanceof checks.

  Features

  • NODE-3740: Implement root and top level key utf-8 validation settings for BSON (#472) (07019a0)

  Bug Fixes

  • NODE-3724: Fix BSONTypeError and BSONError to correctly handle instanceof checks (#471) (d8f334b)

  Documentation

  • API: https://github.com/mongodb/js-bson#readme
  • Changelog: https://github.com/mongodb/js-bson/blob/master/HISTORY.md#change-log

  We invite you to try the bson library immediately, and report any issues to the NODE project.

• 4.5.4 - 2021-11-03
  

  The MongoDB Node.js team is pleased to announce version 4.5.4 of the bson package!

  Release Highlights

  This release notably includes a fix to the ObjectId constructor ensuring correct handling of invalid input.

  Bug Fixes

  • NODE-3640: Fix Int32 constructor to coerce its argument to int32 (#466) (d388f1e)
  • NODE-3662: error checking to make sure that ObjectId results in object with correct properties (#467) (5f99b1b)

  Documentation

  • API: https://github.com/mongodb/js-bson#readme
  • Changelog: https://github.com/mongodb/js-bson/blob/master/HISTORY.md#change-log

  We invite you to try the bson library immediately, and report any issues to the NODE project.

• 4.5.3 - 2021-10-05
  

  The MongoDB Node.js team is pleased to announce version 4.5.3 of the bson package!

  Release Highlights

  This release includes a few minor changes for spec compliance, primarily around validation, as detailed below:

  Bug Fixes

  • NODE-3493: code and symbol tests are partially testing the wrong types (#459) (80d7f03)
  • NODE-3534: add subtype 0x6 and 0x7 constants on Binary class (#461) (52cfe9c)
  • NODE-3629: correct corpus runner and add null checks (#464) (d75102d)

  Documentation

  • API: https://github.com/mongodb/js-bson#readme
  • Changelog: https://github.com/mongodb/js-bson/blob/master/HISTORY.md#change-log

  We invite you to try the bson library immediately, and report any issues to the NODE project.

• 4.5.2 - 2021-09-14
  

  The MongoDB Node.js team is pleased to announce version 4.5.2 of the bson package!

  Release Highlights

  Some APIs were marked internal that should've been public. We've also add toString methods to our Int32 and Double classes that wrap Javascript's Number.toString() method.

  Additionally a bug in Decimal128 was corrected where the representation string was wrongly used to find the significant digits. This impacted negative numbers of pattern -0.00XX.

  Bug Fixes

  • NODE-3021: fix numbers of pattern -0.00XX (#458) (824939a)
    • Thanks to @ tzhuan for contributing this!
  • NODE-3582: fix internal marked APIs, add toString methods to Int32 and Double (#457) (b46ab5f)

  Documentation

  • API: https://github.com/mongodb/js-bson#readme
  • Changelog: https://github.com/mongodb/js-bson/blob/master/HISTORY.md#change-log

  We invite you to try the bson library immediately, and report any issues to the NODE project.

• 4.5.1 - 2021-08-24
  

  The MongoDB Node.js team is pleased to announce version 4.5.1 of the bson module!

  In react native environments there was an issue where the bundler attempted to import the Node.js polyfill for 'util'.
  We no longer depend on the package.

  Bug Fixes

  • NODE-3561: umd bundle fails to require util (#455) (1c15155)

  Documentation

  • API: https://github.com/mongodb/js-bson#readme
  • Changelog: https://github.com/mongodb/js-bson/blob/master/HISTORY.md#change-log

  We invite you to try the bson library immediately, and report any issues to the NODE project.

• 4.5.0 - 2021-08-19
  

  The MongoDB Node.js team is pleased to announce version 4.5.0 of the bson module!

  Release Highlights

  The Timestamp constructor can now be called with a more convenient object parameter: new Timestamp({ t: number, i: number }); the existing new Timestamp(increment, timestamp) option has been deprecated.

  Furthermore, this minor version significantly improves deserialization performance for buffer inputs and corrects an issue with our ESM bundles resulting from a reference to global which does not exist in web environments.

  Features

  • NODE-3504: add unambiguous Timestamp() constructor overload (#449) (0298dd8)

  Bug Fixes

  • NODE-3451: fix performance regression from v1 (#451) (2330ab1)
  • NODE-3520: global not defined in esm bundles (#452) (cb82a80)

  Documentation

  • API: https://github.com/mongodb/js-bson#readme
  • Changelog: https://github.com/mongodb/js-bson/blob/master/HISTORY.md#change-log

  We invite you to try the bson library immediately, and report any issues to the NODE project.

• 4.4.1 - 2021-07-06
  

  The MongoDB Node.js team is pleased to announce version 4.4.1 of the bson package!

  Release Highlights

  This patch addresses the bugs listed below. Most notably our EJSON API now correctly stringifies Infinity and NaN doubles in relaxed mode. Relaxed mode is intended for human readable JSON while non-relaxed or canonical mode can be used for data serialization since it will preserve the original BSON type. Double check you are using the correct format for your use case.

  Bug Fixes

  • NODE-3247: DBRef special handling (#443) (f5d984d)
  • NODE-3282: BSONRegExp options not alphabetized (#441) (18c3512)
  • NODE-3376: use standard JS methods for copying Buffers (#444) (804050d)
  • NODE-3390: serialize non-finite doubles correctly in EJSON (#445) (7eb7998)

  Documentation

  • API: https://github.com/mongodb/js-bson#readme
  • Changelog: https://github.com/mongodb/js-bson/blob/master/HISTORY.md#change-log

  We invite you to try the bson library immediately, and report any issues to the NODE project.

from bson GitHub release notes

Commit messages

Package name: bson

• 5221825 chore(release): 4.6.0
• 07019a0 feat(NODE-3740): Implement root and top level key utf-8 validation settings for BSON (Bug report: ToBase64 description is incorrect gchq/CyberChef#472)
• d8f334b fix(NODE-3724): Fix BSONTypeError and BSONError to correctly handle instanceof checks (bugfix for UTF16 vs UTF8 problems gchq/CyberChef#471)
• 0aa8967 chore(release): 4.5.4
• e29156f chore: update .gitignore and PR template (Feature request: Triple DES with 16-byte keys gchq/CyberChef#470)
• 5f99b1b fix(NODE-3662): error checking to make sure that ObjectId results in object with correct properties (Subsection operation gchq/CyberChef#467)
• d388f1e fix(NODE-3640): Fix Int32 constructor to coerce its argument to int32 (Operation request: Extract Hash Values gchq/CyberChef#466)
• 6894bae chore(release): 4.5.3
• d75102d fix(NODE-3629): correct corpus runner and add null checks (Feature Request: URL Encode All Characters Option gchq/CyberChef#464)
• 80d7f03 fix(NODE-3493): code and symbol tests are partially testing the wrong types (Improve Date format in 'Parse X.509 certificate' gchq/CyberChef#459)
• cc5d04d test(NODE-3447): prose tests for serialization of BSON with embedded null bytes in strings (Misc: Unneccesary use of vkbeautify contradicts design principles gchq/CyberChef#462)
• 52cfe9c fix(NODE-3534): add subtype 0x6 and 0x7 constants on Binary class (To/From Insensitive Regex Operations gchq/CyberChef#461)
• dea5e13 test(NODE-3447): serialization of BSON with embedded null bytes in strings (Feature Request: Button for selecting File for input gchq/CyberChef#460)
• 71c6513 chore(release): 4.5.2
• 824939a fix(NODE-3021): fix a long standing bug in Decimal128.fromString() (Browser test suite gchq/CyberChef#458)
• b46ab5f fix(NODE-3582): fix internal marked APIs, add toString methods to Int32 and Double (Disjoin Operation gchq/CyberChef#457)
• 6dcd46e chore(release): 4.5.1
• 1c15155 fix(NODE-3561): umd bundle fails to require util (add lorem ipsum generator gchq/CyberChef#455)
• 5396ab3 chore(release): 4.5.0
• f4b8a4a chore: sync lockfile with package dependencies (Split file by offset gchq/CyberChef#454)
• 2330ab1 fix(NODE-3451): fix performance regression from v1 (Operation request: Image manipulation operations from Jimp gchq/CyberChef#451)
• cb82a80 fix(NODE-3520): global not defined in esm bundles (Rolling xor gchq/CyberChef#452)
• 0298dd8 feat(NODE-3504): add unambiguous `Timestamp()` constructor overload (Added Colour Channel Splitting operation gchq/CyberChef#449)
• d1d8566 chore: address linter failures on master branch (Bug Report: Firefox Dark Reader extension causes incorrect firefox version detection gchq/CyberChef#450)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs