RubyGems - mongo - Versions diffs - 2.20.0 → 2.20.1 - Mend

mongo 2.20.0 → 2.20.1

Files changed (109) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 281c66c9e5d92b0eb8040c342bb0dfcf554c9b5420ec803bc68748472d74a1ae
-  data.tar.gz: 423f31b24accb3ce674ea28a7aa8fcaf028730eb1370187c23f5304ba30698f6
+  metadata.gz: 1a641cd6128fd246b0ac9999f00167631548206573a22989968f2a7a132bc0ae
+  data.tar.gz: d5526d1ca34219ac644191f1e2c7177877c70063cc5a97992379e8e86065d0ca
 SHA512:
-  metadata.gz: 4f414d30bf15f7c32ac9181e25e707caa80447975690fc6c0eb9d8fa37a784f8c4d21125b385d5a6d7efdb4bd751ee2c9c4bea313adbf78d20de3b019c25ac8a
-  data.tar.gz: 7a83ba71f6a36d886769d755fb5ea45e6d1fae37bd92b490c58e9f643f51c25d5a489ed79928d67975f067d258c738f54cc3e5caecca6eb0bad2e2bf49d81613
+  metadata.gz: 4c23fd9abff5c29517b2cf0c0094bedfbbe667a96f2494b36e6465d8bbfbe113cd08f05e72d15b6db17ef35a211c4aaa040c20dc99eb65417c3c3690b7712c59
+  data.tar.gz: 54ffbc332168455337aa4de863db0ca179084a35c271e9f21dbfe2425556bd00e02b2fd46a5c2581aa15d5e9a11b84d9a0c231889774adb129f2ad38b997f4f4

data/README.md CHANGED Viewed

@@ -5,7 +5,43 @@ MongoDB Ruby Driver
 The officially supported Ruby driver for [MongoDB](https://www.mongodb.org/).
-The Ruby driver supports Ruby 2.5-3.0 and JRuby 9.2.
+The Ruby driver supports Ruby 2.7-3.3 and JRuby 9.3-9.4.
+## Installation
+Install via RubyGems, either via the command-line for ad-hoc uses:
+  $ gem install mongo
+Or via a Gemfile for more general use:
+  gem 'mongo'
+### Release Integrity
+Each release of the MongoDB Ruby driver after version 2.20.0 has been automatically built and signed using the team's GPG key.
+To verify the driver's gem file:
+1. [Download the GPG key](https://pgp.mongodb.com/ruby-driver.asc).
+2. Import the key into your GPG keyring with `gpg --import ruby-driver.asc`.
+3. Download the gem file (if you don't already have it). You can download it from RubyGems with `gem fetch mongo`, or you can download it from the [releases page](https://github.com/mongodb/mongo-ruby-driver/releases) on GitHub.
+4. Download the corresponding detached signature file from the [same release](https://github.com/mongodb/mongo-ruby-driver/releases). Look at the bottom of the release that corresponds to the gem file, under the 'Assets' list, for a `.sig` file with the same version number as the gem you wish to install.
+5. Verify the gem with `gpg --verify mongo-X.Y.Z.gem.sig mongo-X.Y.Z.gem` (replacing `X.Y.Z` with the actual version number).
+You are looking for text like "Good signature from "MongoDB Ruby Driver Release Signing Key <packaging@mongodb.com>" in the output. If you see that, the signature was found to correspond to the given gem file.
+(Note that other output, like "This key is not certified with a trusted signature!", is related to *web of trust* and depends on how strongly you, personally, trust the `ruby-driver.asc` key that you downloaded from us. To learn more, see https://www.gnupg.org/gph/en/manual/x334.html)
+### Why not use RubyGems' gem-signing functionality?
+RubyGems' own gem signing is problematic, most significantly because there is no established chain of trust related to the keys used to sign gems. RubyGems' own documentation admits that "this method of signing gems is not widely used" (see https://guides.rubygems.org/security/). Discussions about this in the RubyGems community have been off-and-on for more than a decade, and while a solution will eventually arrive, we have settled on using GPG instead for the following reasons:
+1. Many of the other driver teams at MongoDB are using GPG to sign their product releases. Consistency with the other teams means that we can reuse existing tooling for our own product releases.
+2. GPG is widely available and has existing tools and procedures for dealing with web of trust (though they are admittedly quite arcane and intimidating to the uninitiated, unfortunately).
+Ultimately, most users do not bother to verify gems, and will not be impacted by our choice of GPG over RubyGems' native method.
 ## Documentation

data/Rakefile CHANGED Viewed

@@ -2,17 +2,12 @@
 # rubocop:todo all
 require 'bundler'
-require 'bundler/gem_tasks'
 require 'rspec/core/rake_task'
-# TODO move the mongo require into the individual tasks that actually need it
-require 'mongo'
 ROOT = File.expand_path(File.join(File.dirname(__FILE__)))
 $: << File.join(ROOT, 'spec/shared/lib')
-require 'mrss/spec_organizer'
 CLASSIFIERS = [
   [%r,^mongo/server,, :unit_server],
   [%r,^mongo,, :unit],
@@ -33,18 +28,67 @@ RUN_PRIORITY = %i(
   spec spec_sdam_integration
 )
-tasks = Rake.application.instance_variable_get('@tasks')
-tasks['release:do'] = tasks.delete('release')
 RSpec::Core::RakeTask.new(:spec) do |t|
   #t.rspec_opts = "--profile 5" if ENV['CI']
 end
 task :default => ['spec:prepare', :spec]
+# stands in for the Bundler-provided `build` task, which builds the
+# gem for this project. Our release process builds the gems in a
+# particular way, in a GitHub action. This task is just to help remind
+# developers of that fact.
+task :build do
+  abort <<~WARNING
+    `rake build` does nothing in this project. The gem must be built via
+    the `Driver Release` action on GitHub, which is triggered manually when
+    a new release is ready.
+  WARNING
+end
+# `rake version` is used by the deployment system so get the release version
+# of the product beng deployed. It must do nothing more than just print the
+# product version number.
+#
+# See the mongodb-labs/driver-github-tools/ruby/publish Github action.
+desc "Print the current value of Mongo::VERSION"
+task :version do
+  require 'mongo/version'
+  puts Mongo::VERSION
+end
+# overrides the default Bundler-provided `release` task, which also
+# builds the gem. Our release process assumes the gem has already
+# been built (and signed via GPG), so we just need `rake release` to
+# push the gem to rubygems.
+task :release do
+  require 'mongo/version'
+  if ENV['GITHUB_ACTION'].nil?
+    abort <<~WARNING
+      `rake release` must be invoked from the `Driver Release` GitHub action,
+      and must not be invoked locally. This ensures the gem is properly signed
+      and distributed by the appropriate user.
+      Note that it is the `rubygems/release-gem@v1` step in the `Driver Release`
+      action that invokes this task. Do not rename or remove this task, or the
+      release-gem step will fail. Reimplement this task with caution.
+      mongo-#{Mongo::VERSION}.gem was NOT pushed to RubyGems.
+    WARNING
+  end
+  system 'gem', 'push', "mongo-#{Mongo::VERSION}.gem"
+end
+task :mongo do
+  require 'mongo'
+end
 namespace :spec do
   desc 'Creates necessary user accounts in the cluster'
-  task :prepare do
+  task prepare: :mongo do
     $: << File.join(File.dirname(__FILE__), 'spec')
     require 'support/utils'
@@ -53,7 +97,7 @@ namespace :spec do
   end
   desc 'Waits for sessions to be available in the deployment'
-  task :wait_for_sessions do
+  task wait_for_sessions: :mongo do
     $: << File.join(File.dirname(__FILE__), 'spec')
     require 'support/utils'
@@ -77,7 +121,7 @@ namespace :spec do
   end
   desc 'Prints configuration used by the test suite'
-  task :config do
+  task config: :mongo do
     $: << File.join(File.dirname(__FILE__), 'spec')
     # Since this task is usually used for troubleshooting of test suite
@@ -90,6 +134,8 @@ namespace :spec do
   end
   def spec_organizer
+    require 'mrss/spec_organizer'
     Mrss::SpecOrganizer.new(
       root: ROOT,
       classifiers: CLASSIFIERS,
@@ -109,16 +155,6 @@ namespace :spec do
   end
 end
-namespace :release do
-  task :check_private_key do
-    unless File.exist?('gem-private_key.pem')
-      raise "No private key present, cannot release"
-    end
-  end
-end
-task :release => ['release:check_private_key', 'release:do']
 desc 'Build and validate the evergreen config'
 task eg: %w[ eg:build eg:validate ]

data/lib/mongo/config.rb CHANGED Viewed

@@ -16,7 +16,7 @@ module Mongo
     # When this flag is off, an aggregation done on a view will be executed over
     # the documents included in that view, instead of all documents in the
-    # collection. When this flag is on, the view fiter is ignored.
+    # collection. When this flag is on, the view filter is ignored.
     option :broken_view_aggregate, default: true
     # When this flag is set to false, the view options will be correctly
@@ -24,7 +24,7 @@ module Mongo
     option :broken_view_options, default: true
     # When this flag is set to true, the update and replace methods will
-    # validate the paramters and raise an error if they are invalid.
+    # validate the parameters and raise an error if they are invalid.
     option :validate_update_replace, default: false
     # Set the configuration options.

data/lib/mongo/retryable/base_worker.rb CHANGED Viewed

@@ -49,7 +49,8 @@ module Mongo
       private
-      # Indicate which exception classes that are generally retryable.
+      # Indicate which exception classes that are generally retryable
+      # when using modern retries mechanism.
       #
       # @return [ Array<Mongo:Error> ] Array of exception classes that are
       #   considered retryable.
@@ -58,18 +59,42 @@ module Mongo
           Error::ConnectionPerished,
           Error::ServerNotUsable,
           Error::SocketError,
-          Error::SocketTimeoutError
+          Error::SocketTimeoutError,
         ].freeze
       end
+      # Indicate which exception classes that are generally retryable
+      # when using legacy retries mechanism.
+      #
+      # @return [ Array<Mongo:Error> ] Array of exception classes that are
+      #   considered retryable.
+      def legacy_retryable_exceptions
+        [
+          Error::ConnectionPerished,
+          Error::ServerNotUsable,
+          Error::SocketError,
+          Error::SocketTimeoutError,
+          Error::PoolClearedError,
+          Error::PoolPausedError,
+        ].freeze
+      end
       # Tests to see if the given exception instance is of a type that can
-      # be retried.
+      # be retried with modern retry mechanism.
       #
       # @return [ true | false ] true if the exception is retryable.
       def is_retryable_exception?(e)
         retryable_exceptions.any? { |klass| klass === e }
       end
+      # Tests to see if the given exception instance is of a type that can
+      # be retried with legacy retry mechanism.
+      #
+      # @return [ true | false ] true if the exception is retryable.
+      def is_legacy_retryable_exception?(e)
+        legacy_retryable_exceptions.any? { |klass| klass === e }
+      end
       # Logs the given deprecation warning the first time it is called for a
       # given key; after that, it does nothing when given the same key.
       def deprecation_warning(key, warning)

data/lib/mongo/retryable/read_worker.rb CHANGED Viewed

@@ -198,7 +198,7 @@ module Mongo
         raise e if !is_retryable_exception?(e) && !e.write_retryable?
         retry_read(e, session, server_selector, failed_server: server, &block)
       end
       # Attempts to do a "legacy" read with retry. The operation will be
       # attempted multiple times, up to the client's `max_read_retries`
       # setting.
@@ -213,17 +213,18 @@ module Mongo
       def legacy_read_with_retry(session, server_selector, &block)
         attempt = attempt ? attempt + 1 : 1
         yield select_server(cluster, server_selector, session)
-      rescue *retryable_exceptions, Error::OperationFailure, Error::PoolError => e
+      rescue *legacy_retryable_exceptions, Error::OperationFailure => e
         e.add_notes('legacy retry', "attempt #{attempt}")
-        if is_retryable_exception?(e)
+        if is_legacy_retryable_exception?(e)
           raise e if attempt > client.max_read_retries || session&.in_transaction?
         elsif e.retryable? && !session&.in_transaction?
           raise e if attempt > client.max_read_retries
         else
           raise e
         end
         log_retry(e, message: 'Legacy read retry')
         sleep(client.read_retry_interval) unless is_retryable_exception?(e)
         retry
@@ -261,7 +262,7 @@ module Mongo
       # @param [ Mongo::Server ] failed_server The server on which the original
       #   operation failed.
       # @param [ Proc ] block The block to execute.
-      #
+      #
       # @return [ Result ] The result of the operation.
       def retry_read(original_error, session, server_selector, failed_server: nil, &block)
         begin
@@ -270,9 +271,9 @@ module Mongo
           original_error.add_note("later retry failed: #{e.class}: #{e}")
           raise original_error
         end
         log_retry(original_error, message: 'Read retry')
         begin
           yield server, true
         rescue *retryable_exceptions => e

data/lib/mongo/retryable/write_worker.rb CHANGED Viewed

@@ -104,7 +104,7 @@ module Mongo
         session = context.session
         server = select_server(cluster, ServerSelector.primary, session)
         options = session&.client&.options || {}
         if options[:retry_writes]
           begin
             server.with_connection(connection_global_id: context.connection_global_id) do |connection|
@@ -219,7 +219,7 @@ module Mongo
       def modern_write_with_retry(session, server, context, &block)
         txn_num = nil
         connection_succeeded = false
         server.with_connection(connection_global_id: context.connection_global_id) do |connection|
           connection_succeeded = true
@@ -264,7 +264,7 @@ module Mongo
         # a socket error or a not master error should have marked the respective
         # server unknown). Here we just need to wait for server selection.
         server = select_server(cluster, ServerSelector.primary, session, failed_server)
         unless server.retry_writes?
           # Do not need to add "modern retry" here, it should already be on
           # the first exception.
@@ -278,7 +278,7 @@ module Mongo
           # special marker class to bypass the ordinarily applicable rescues.
           raise Error::RaiseOriginalError
         end
         log_retry(original_error, message: 'Write retry')
         server.with_connection(connection_global_id: context.connection_global_id) do |connection|
           yield(connection, txn_num, context)

data/lib/mongo/server/pending_connection.rb CHANGED Viewed

@@ -110,6 +110,24 @@ module Mongo
       private
+      # Sends the hello command to the server, then receive and deserialize
+      # the response.
+      #
+      # This method is extracted to be mocked in the tests.
+      #
+      # @param [ Protocol::Message ] Command that should be sent to a server
+      #   for handshake purposes.
+      #
+      # @return [ Mongo::Protocol::Reply ] Deserialized server response.
+      def get_handshake_response(hello_command)
+        @server.round_trip_time_averager.measure do
+          add_server_diagnostics do
+            socket.write(hello_command.serialize.to_s)
+            Protocol::Message.deserialize(socket, Protocol::Message::MAX_MESSAGE_SIZE)
+          end
+        end
+      end
       # @param [ BSON::Document | nil ] speculative_auth_doc The document to
       #   provide in speculativeAuthenticate field of handshake command.
       #
@@ -131,12 +149,7 @@ module Mongo
         doc = nil
         @server.handle_handshake_failure! do
           begin
-            response = @server.round_trip_time_averager.measure do
-              add_server_diagnostics do
-                socket.write(hello_command.serialize.to_s)
-                Protocol::Message.deserialize(socket, Protocol::Message::MAX_MESSAGE_SIZE)
-              end
-            end
+            response = get_handshake_response(hello_command)
             result = Operation::Result.new([response])
             result.validate!
             doc = result.documents.first

data/lib/mongo/socket/ssl.rb CHANGED Viewed

@@ -287,7 +287,7 @@ module Mongo
         # for instance, if there is no newline between two certificates
         # this code will extract them both but OpenSSL fails in this situation.
         if cert_text
-          certs = cert_text.scan(/-----BEGIN CERTIFICATE-----(?:.|\n)+?-----END CERTIFICATE-----/)
+          certs = extract_certs(cert_text)
           if certs.length > 1
             context.cert = OpenSSL::X509::Certificate.new(certs.shift)
             context.extra_chain_cert = certs.map do |cert|
@@ -390,6 +390,27 @@ module Mongo
           hook.call(@context)
         end
       end
+      BEGIN_CERT = "-----BEGIN CERTIFICATE-----"
+      END_CERT = "-----END CERTIFICATE-----"
+      # This was originally a scan + regex, but the regex was particularly
+      # inefficient and was flagged as a concern by static analysis.
+      def extract_certs(text)
+        [].tap do |list|
+          pos = 0
+          while (begin_idx = text.index(BEGIN_CERT, pos))
+            end_idx = text.index(END_CERT, begin_idx)
+            break unless end_idx
+            end_idx += END_CERT.length
+            list.push(text[begin_idx...end_idx])
+            pos = end_idx
+          end
+        end
+      end
     end
   end
 end

data/lib/mongo/version.rb CHANGED Viewed

@@ -1,5 +1,4 @@
 # frozen_string_literal: true
-# rubocop:todo all
 # Copyright (C) 2014-2020 MongoDB Inc.
 #
@@ -16,9 +15,6 @@
 # limitations under the License.
 module Mongo
   # The current version of the driver.
-  #
-  # @since 2.0.0
-  VERSION = '2.20.0'.freeze
+  VERSION = '2.20.1'
 end

data/mongo.gemspec CHANGED Viewed

@@ -9,28 +9,25 @@ Gem::Specification.new do |s|
   s.name              = 'mongo'
   s.version           = Mongo::VERSION
   s.platform          = Gem::Platform::RUBY
-  s.authors           = ["The MongoDB Ruby Team"]
-  s.email             = "dbx-ruby@mongodb.com"
+  s.authors           = [ 'The MongoDB Ruby Team' ]
+  s.email             = 'dbx-ruby@mongodb.com'
   s.homepage          = 'https://mongodb.com/docs/ruby-driver/'
   s.summary           = 'Ruby driver for MongoDB'
-  s.description       = 'A Ruby driver for MongoDB'
   s.license           = 'Apache-2.0'
+  s.description       = <<~DESC
+    A pure-Ruby driver for connecting to, querying, and manipulating MongoDB
+    databases. Officially developed and supported by MongoDB, with love for
+    the Ruby community.
+  DESC
   s.metadata = {
     'bug_tracker_uri' => 'https://jira.mongodb.org/projects/RUBY',
     'changelog_uri' => 'https://github.com/mongodb/mongo-ruby-driver/releases',
-    'documentation_uri' => 'https://mongodb.com/docs/ruby-driver/',
     'homepage_uri' => 'https://mongodb.com/docs/ruby-driver/',
+    'documentation_uri' => 'https://mongodb.com/docs/ruby-driver/current/tutorials/quick-start/',
     'source_code_uri' => 'https://github.com/mongodb/mongo-ruby-driver',
   }
-  if File.exist?('gem-private_key.pem')
-    s.signing_key     = 'gem-private_key.pem'
-    s.cert_chain      = ['gem-public_cert.pem']
-  else
-    warn "[#{s.name}] Warning: No private key present, creating unsigned gem."
-  end
   s.files             = Dir.glob('{bin,lib,spec}/**/*')
   s.files             += %w[mongo.gemspec LICENSE README.md CONTRIBUTING.md Rakefile]
   s.test_files        = Dir.glob('spec/**/*')

data/spec/integration/client_side_encryption/range_explicit_encryption_prose_spec.rb CHANGED Viewed

@@ -7,6 +7,9 @@ require 'spec_helper'
 # rubocop:disable RSpec/ExampleLength
 describe 'Range Explicit Encryption' do
   min_server_version '7.0.0-rc0'
+  # https://jira.mongodb.org/browse/RUBY-3457
+  max_server_version '7.99.99'
   require_libmongocrypt
   include_context 'define shared FLE helpers'

data/spec/integration/retryable_reads_errors_spec.rb CHANGED Viewed

@@ -4,6 +4,7 @@
 require 'spec_helper'
 describe 'Retryable reads errors tests' do
+  retry_test
   let(:client) { authorized_client.with(options.merge(retry_reads: true)) }
@@ -73,31 +74,42 @@ describe 'Retryable reads errors tests' do
       client.subscribe(Mongo::Monitoring::CONNECTION_POOL, subscriber)
     end
-    it "retries on PoolClearedError" do
-      # After the first find fails, the pool is paused and retry is triggered.
-      # Now, a race is started between the second find acquiring a connection,
-      # and the first retrying the read. Now, retry reads cause the cluster to
-      # be rescanned and the pool to be unpaused, allowing the second checkout
-      # to succeed (when it should fail). Therefore we want the second find's
-      # check out to win the race. This gives the check out a little head start.
-      allow_any_instance_of(Mongo::Server::ConnectionPool).to receive(:ready).and_wrap_original do |m, *args, &block|
-        ::Utils.wait_for_condition(5) do
-          # check_out_results should contain:
-          # - find1 connection check out successful
-          # - pool cleared
-          # - find2 connection check out failed
-          # We wait here for the third event to happen before we ready the pool.
-          cmap_events.select do |e|
-            event_types.include?(e.class)
-          end.length >= 3
+    shared_examples_for 'retries on PoolClearedError' do
+      it "retries on PoolClearedError" do
+        # After the first find fails, the pool is paused and retry is triggered.
+        # Now, a race is started between the second find acquiring a connection,
+        # and the first retrying the read. Now, retry reads cause the cluster to
+        # be rescanned and the pool to be unpaused, allowing the second checkout
+        # to succeed (when it should fail). Therefore we want the second find's
+        # check out to win the race. This gives the check out a little head start.
+        allow_any_instance_of(Mongo::Server::ConnectionPool).to receive(:ready).and_wrap_original do |m, *args, &block|
+          ::Utils.wait_for_condition(5) do
+            # check_out_results should contain:
+            # - find1 connection check out successful
+            # - pool cleared
+            # - find2 connection check out failed
+            # We wait here for the third event to happen before we ready the pool.
+            cmap_events.select do |e|
+              event_types.include?(e.class)
+            end.length >= 3
+          end
+          m.call(*args, &block)
         end
-        m.call(*args, &block)
+        threads.map(&:join)
+        expect(check_out_results[0]).to be_a(Mongo::Monitoring::Event::Cmap::ConnectionCheckedOut)
+        expect(check_out_results[1]).to be_a(Mongo::Monitoring::Event::Cmap::PoolCleared)
+        expect(check_out_results[2]).to be_a(Mongo::Monitoring::Event::Cmap::ConnectionCheckOutFailed)
+        expect(find_events.length).to eq(3)
       end
-      threads.map(&:join)
-      expect(check_out_results[0]).to be_a(Mongo::Monitoring::Event::Cmap::ConnectionCheckedOut)
-      expect(check_out_results[1]).to be_a(Mongo::Monitoring::Event::Cmap::PoolCleared)
-      expect(check_out_results[2]).to be_a(Mongo::Monitoring::Event::Cmap::ConnectionCheckOutFailed)
-      expect(find_events.length).to eq(3)
+    end
+    it_behaves_like 'retries on PoolClearedError'
+    context 'legacy read retries' do
+      let(:client) { authorized_client.with(options.merge(retry_reads: false, max_read_retries: 1)) }
+      it_behaves_like 'retries on PoolClearedError'
     end
     after do

data/spec/integration/sdam_error_handling_spec.rb CHANGED Viewed

@@ -8,6 +8,8 @@ describe 'SDAM error handling' do
   clean_slate
+  retry_test
   after do
     # Close all clients after every test to avoid leaking expectations into
     # subsequent tests because we set global assertions on sockets.

data/spec/lite_spec_helper.rb CHANGED Viewed

@@ -168,16 +168,6 @@ RSpec.configure do |config|
     end
   end
-  if SpecConfig.instance.ci? && !%w(1 true yes).include?(ENV['INTERACTIVE']&.downcase)
-    # Tests should take under 10 seconds ideally but it seems
-    # we have some that run for more than 10 seconds in CI.
-    config.around(:each) do |example|
-      TimeoutInterrupt.timeout(example_timeout_seconds, ExampleTimeout) do
-        example.run
-      end
-    end
-  end
   if SpecConfig.instance.ci?
     if defined?(Rfc::Rif)
       unless BSON::Environment.jruby?

data/spec/mongo/collection_crud_spec.rb CHANGED Viewed

@@ -4,6 +4,7 @@
 require 'spec_helper'
 describe Mongo::Collection do
+  retry_test
   let(:subscriber) { Mrss::EventSubscriber.new }

data/spec/mongo/server/connection_spec.rb CHANGED Viewed

@@ -583,6 +583,28 @@ describe Mongo::Server::Connection do
       end
     end
+    context 'when the server returns unknown saslSupportedMechs' do
+      min_server_version '4.0'
+      let(:connection) do
+        described_class.new(server, server.options.merge(connection_pool: pool))
+      end
+      before do
+        expect_any_instance_of(Mongo::Server::PendingConnection).to receive(:get_handshake_response).and_wrap_original do |original_method, *args|
+          original_method.call(*args).tap do |result|
+            if result.documents.first.fetch('saslSupportedMechs', nil).is_a?(Array)
+              result.documents.first['saslSupportedMechs'].append('unknownMechanism')
+            end
+          end
+        end
+      end
+      it 'does not raise an error' do
+        expect { connection.connect! }.not_to raise_error
+      end
+    end
   end
   describe '#disconnect!' do

data/spec/spec_tests/data/client_side_encryption/fle2v2-BypassQueryAnalysis.yml CHANGED Viewed

@@ -1,6 +1,7 @@
 # Requires libmongocrypt 1.8.0.
 runOn:
   - minServerVersion: "7.0.0"
+    maxServerVersion: "7.99.99"
     # Skip QEv2 (also referred to as FLE2v2) tests on Serverless. Unskip once Serverless enables the QEv2 protocol.
     # FLE 2 Encrypted collections are not supported on standalone.
     topology: [ "replicaset", "sharded", "load-balanced" ]

data/spec/spec_tests/data/client_side_encryption/fle2v2-Compact.yml CHANGED Viewed

@@ -1,6 +1,7 @@
 # Requires libmongocrypt 1.8.0.
 runOn:
   - minServerVersion: "7.0.0"
+    maxServerVersion: "7.99.99"
     # Skip QEv2 (also referred to as FLE2v2) tests on Serverless. Unskip once Serverless enables the QEv2 protocol.
     # FLE 2 Encrypted collections are not supported on standalone.
     topology: [ "replicaset", "sharded", "load-balanced" ]

data/spec/spec_tests/data/client_side_encryption/fle2v2-CreateCollection.yml CHANGED Viewed

@@ -1,6 +1,7 @@
 # Requires libmongocrypt 1.8.0.
 runOn:
   - minServerVersion: "7.0.0"
+    maxServerVersion: "7.99.99"
     # Skip QEv2 (also referred to as FLE2v2) tests on Serverless. Unskip once Serverless enables the QEv2 protocol.
     # FLE 2 Encrypted collections are not supported on standalone.
     topology: [ "replicaset", "sharded", "load-balanced" ]