4.17.0 (2023-08-17)
The MongoDB Node.js team is pleased to announce version 4.17.0 of the mongodb package!
Release Notes
mongodb-js/saslprep is now installed by default
Until v6, the driver included the saslprep package as an optional dependency for SCRAM-SHA-256 authentication. saslprep breaks when bundled with webpack because it attempted to read a file relative to the package location and consequently the driver would throw errors when using SCRAM-SHA-256 if it were bundled.
The driver now depends on mongodb-js/saslprep, a fork of saslprep that can be bundled with webpack because it includes the necessary saslprep data in memory upon loading. This will be installed by default but will only be used if SCRAM-SHA-256 authentication is used.
Remove credential availability on ConnectionPoolCreatedEvent
In order to avoid mistakenly printing credentials the ConnectionPoolCreatedEvent will replace the credentials option with an empty object. The credentials are still accessble via MongoClient options: client.options.credentials.
Features
- NODE-5272: do not create or drop ecc collections (#3678) (d26ad61)
- NODE-5398: use mongodb-js/saslprep instead of saslprep (#3820) (5244711)
Bug Fixes
- NODE-5262: AWS Lambda metadata detection logic is too permissive (#3683) (c0c3d99)
- NODE-5311: construct error messages for AggregateErrors in Node16+ (#3683) (98b7bdf)
-
NODE-5316: prevent parallel topology creation in MongoClient.connect (#3696) (e13038d)
- Thank you
@clemclxfor contributing this fix!
- Thank you
- NODE-5356: prevent scram auth from throwing TypeError if saslprep is not a function (#3732) (2d028af)
- NODE-5536: remove credentials from ConnectionPoolCreatedEvent options (#3812) (2910dca)
Documentation
We invite you to try the mongodb library immediately, and report any issues to the NODE project.