mongodb 5.2.0 → 5.4.0

package/src/operations/stats.ts

@@ -7,7 +7,11 @@ import type { Callback } from '../utils';
 import { CommandOperation, CommandOperationOptions } from './command';
 import { Aspect, defineAspects } from './operation';
 
-/** @public */
+/**
+ * @public
+ * @deprecated the `collStats` operation will be removed in the next major release.  Please
+ * use an aggregation pipeline with the [`$collStats`](https://www.mongodb.com/docs/manual/reference/operator/aggregation/collStats/) stage instead
+ */
 export interface CollStatsOptions extends CommandOperationOptions {
   /** Divide the returned sizes by scale value. */
   scale?: number;
@@ -77,6 +81,8 @@ export class DbStatsOperation extends CommandOperation<Document> {
 }
 
 /**
+ * @deprecated the `collStats` operation will be removed in the next major release.  Please
+ * use an aggregation pipeline with the [`$collStats`](https://www.mongodb.com/docs/manual/reference/operator/aggregation/collStats/) stage instead
  * @public
  * @see https://www.mongodb.com/docs/manual/reference/command/collStats/
  */
@@ -130,7 +136,10 @@ export interface CollStats extends Document {
   scaleFactor: number;
 }
 
-/** @public */
+/**
+ * @public
+ * @deprecated This type is only used for the deprecated `collStats` operation and will be removed in the next major release.
+ */
 export interface WiredTigerData extends Document {
   LSM: {
     'bloom filter false positives': number;

package/src/operations/update.ts

@@ -1,6 +1,7 @@
-import type { Document, ObjectId } from '../bson';
+import type { Document } from '../bson';
 import type { Collection } from '../collection';
 import { MongoCompatibilityError, MongoInvalidArgumentError, MongoServerError } from '../error';
+import type { InferIdType } from '../mongo_types';
 import type { Server } from '../sdam/server';
 import type { ClientSession } from '../sessions';
 import { Callback, hasAtomicOperators, MongoDBNamespace } from '../utils';
@@ -23,8 +24,11 @@ export interface UpdateOptions extends CommandOperationOptions {
   let?: Document;
 }
 
-/** @public */
-export interface UpdateResult {
+/**
+ * @public
+ * `TSchema` is the schema of the collection
+ */
+export interface UpdateResult<TSchema extends Document = Document> {
   /** Indicates whether this write result was acknowledged. If not, then all other members of this result will be undefined */
   acknowledged: boolean;
   /** The number of documents that matched the filter */
@@ -34,7 +38,7 @@ export interface UpdateResult {
   /** The number of documents that were upserted */
   upsertedCount: number;
   /** The identifier of the inserted document if an upsert took place */
-  upsertedId: ObjectId;
+  upsertedId: InferIdType<TSchema> | null;
 }
 
 /** @public */

package/src/sdam/srv_polling.ts

@@ -3,22 +3,7 @@ import { clearTimeout, setTimeout } from 'timers';
 
 import { MongoRuntimeError } from '../error';
 import { TypedEventEmitter } from '../mongo_types';
-import { HostAddress } from '../utils';
-
-/**
- * Determines whether a provided address matches the provided parent domain in order
- * to avoid certain attack vectors.
- *
- * @param srvAddress - The address to check against a domain
- * @param parentDomain - The domain to check the provided address against
- * @returns Whether the provided address matches the parent domain
- */
-function matchesParentDomain(srvAddress: string, parentDomain: string): boolean {
-  const regex = /^.*?\./;
-  const srv = `.${srvAddress.replace(regex, '')}`;
-  const parent = `.${parentDomain.replace(regex, '')}`;
-  return srv.endsWith(parent);
-}
+import { HostAddress, matchesParentDomain } from '../utils';
 
 /**
  * @internal

package/src/sdam/topology.ts

@@ -5,6 +5,7 @@ import type { BSONSerializeOptions, Document } from '../bson';
 import type { MongoCredentials } from '../cmap/auth/mongo_credentials';
 import type { ConnectionEvents, DestroyOptions } from '../cmap/connection';
 import type { CloseOptions, ConnectionPoolEvents } from '../cmap/connection_pool';
+import type { ClientMetadata } from '../cmap/handshake/client_metadata';
 import { DEFAULT_OPTIONS, FEATURE_FLAGS } from '../connection_string';
 import {
   CLOSE,
@@ -37,7 +38,6 @@ import type { ClientSession } from '../sessions';
 import type { Transaction } from '../transactions';
 import {
   Callback,
-  ClientMetadata,
   EventEmitterWithState,
   HostAddress,
   List,
@@ -138,7 +138,6 @@ export interface TopologyOptions extends BSONSerializeOptions, ServerOptions {
   /** The name of the replica set to connect to */
   replicaSet?: string;
   srvHost?: string;
-  /** @internal */
   srvPoller?: SrvPoller;
   /** Indicates that a client should directly connect to a node without attempting to discover its topology type */
   directConnection: boolean;
@@ -146,7 +145,6 @@ export interface TopologyOptions extends BSONSerializeOptions, ServerOptions {
   metadata: ClientMetadata;
   /** MongoDB server API version */
   serverApi?: ServerApi;
-  /** @internal */
   [featureFlag: symbol]: any;
 }
 

package/src/utils.ts

@@ -1,6 +1,5 @@
 import * as crypto from 'crypto';
 import type { SrvRecord } from 'dns';
-import * as os from 'os';
 import { URL } from 'url';
 
 import { Document, ObjectId, resolveBSONOptions } from './bson';
@@ -20,7 +19,7 @@ import {
   MongoRuntimeError
 } from './error';
 import type { Explain } from './explain';
-import type { MongoClient, MongoOptions } from './mongo_client';
+import type { MongoClient } from './mongo_client';
 import type { CommandOperationOptions, OperationParent } from './operations/command';
 import type { Hint, OperationOptions } from './operations/operation';
 import { ReadConcern } from './read_concern';
@@ -59,6 +58,23 @@ export const ByteUtils = {
   }
 };
 
+/**
+ * Determines if a connection's address matches a user provided list
+ * of domain wildcards.
+ */
+export function hostMatchesWildcards(host: string, wildcards: string[]): boolean {
+  for (const wildcard of wildcards) {
+    if (
+      host === wildcard ||
+      (wildcard.startsWith('*.') && host?.endsWith(wildcard.substring(2, wildcard.length))) ||
+      (wildcard.startsWith('*/') && host?.endsWith(wildcard.substring(2, wildcard.length)))
+    ) {
+      return true;
+    }
+  }
+  return false;
+}
+
 /**
  * Throws if collectionName is not a valid mongodb collection namespace.
  * @internal
@@ -513,77 +529,6 @@ export function makeStateMachine(stateTable: StateTable): StateTransitionFunctio
   };
 }
 
-/**
- * @public
- * @see https://github.com/mongodb/specifications/blob/master/source/mongodb-handshake/handshake.rst#hello-command
- */
-export interface ClientMetadata {
-  driver: {
-    name: string;
-    version: string;
-  };
-  os: {
-    type: string;
-    name: NodeJS.Platform;
-    architecture: string;
-    version: string;
-  };
-  platform: string;
-  application?: {
-    name: string;
-  };
-}
-
-/** @public */
-export interface ClientMetadataOptions {
-  driverInfo?: {
-    name?: string;
-    version?: string;
-    platform?: string;
-  };
-  appName?: string;
-}
-
-// eslint-disable-next-line @typescript-eslint/no-var-requires
-const NODE_DRIVER_VERSION = require('../package.json').version;
-
-export function makeClientMetadata(
-  options: Pick<MongoOptions, 'appName' | 'driverInfo'>
-): ClientMetadata {
-  const name = options.driverInfo.name ? `nodejs|${options.driverInfo.name}` : 'nodejs';
-  const version = options.driverInfo.version
-    ? `${NODE_DRIVER_VERSION}|${options.driverInfo.version}`
-    : NODE_DRIVER_VERSION;
-  const platform = options.driverInfo.platform
-    ? `Node.js ${process.version}, ${os.endianness()}|${options.driverInfo.platform}`
-    : `Node.js ${process.version}, ${os.endianness()}`;
-
-  const metadata: ClientMetadata = {
-    driver: {
-      name,
-      version
-    },
-    os: {
-      type: os.type(),
-      name: process.platform,
-      architecture: process.arch,
-      version: os.release()
-    },
-    platform
-  };
-
-  if (options.appName) {
-    // MongoDB requires the appName not exceed a byte length of 128
-    const name =
-      Buffer.byteLength(options.appName, 'utf8') <= 128
-        ? options.appName
-        : Buffer.from(options.appName, 'utf8').subarray(0, 128).toString('utf8');
-    metadata.application = { name };
-  }
-
-  return metadata;
-}
-
 /** @internal */
 export function now(): number {
   const hrtime = process.hrtime();
@@ -1083,6 +1028,16 @@ export class HostAddress {
   static fromSrvRecord({ name, port }: SrvRecord): HostAddress {
     return HostAddress.fromHostPort(name, port);
   }
+
+  toHostPort(): { host: string; port: number } {
+    if (this.socketPath) {
+      return { host: this.socketPath, port: 0 };
+    }
+
+    const host = this.host ?? '';
+    const port = this.port ?? 0;
+    return { host, port };
+  }
 }
 
 export const DEFAULT_PK_FACTORY = {
@@ -1277,3 +1232,29 @@ export function parseUnsignedInteger(value: unknown): number | null {
 
   return parsedInt != null && parsedInt >= 0 ? parsedInt : null;
 }
+
+/**
+ * Determines whether a provided address matches the provided parent domain.
+ *
+ * If a DNS server were to become compromised SRV records would still need to
+ * advertise addresses that are under the same domain as the srvHost.
+ *
+ * @param address - The address to check against a domain
+ * @param srvHost - The domain to check the provided address against
+ * @returns Whether the provided address matches the parent domain
+ */
+export function matchesParentDomain(address: string, srvHost: string): boolean {
+  // Remove trailing dot if exists on either the resolved address or the srv hostname
+  const normalizedAddress = address.endsWith('.') ? address.slice(0, address.length - 1) : address;
+  const normalizedSrvHost = srvHost.endsWith('.') ? srvHost.slice(0, srvHost.length - 1) : srvHost;
+
+  const allCharacterBeforeFirstDot = /^.*?\./;
+  // Remove all characters before first dot
+  // Add leading dot back to string so
+  //   an srvHostDomain = '.trusted.site'
+  //   will not satisfy an addressDomain that endsWith '.fake-trusted.site'
+  const addressDomain = `.${normalizedAddress.replace(allCharacterBeforeFirstDot, '')}`;
+  const srvHostDomain = `.${normalizedSrvHost.replace(allCharacterBeforeFirstDot, '')}`;
+
+  return addressDomain.endsWith(srvHostDomain);
+}

package/lib/cmap/auth/mongodb_oidc/workflow.js

@@ -1,3 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-//# sourceMappingURL=workflow.js.map

package/lib/cmap/auth/mongodb_oidc/workflow.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"workflow.js","sourceRoot":"","sources":["../../../../src/cmap/auth/mongodb_oidc/workflow.ts"],"names":[],"mappings":""}

package/src/cmap/auth/mongodb_oidc/workflow.ts

@@ -1,21 +0,0 @@
-import type { Document } from 'bson';
-
-import type { Connection } from '../../connection';
-import type { MongoCredentials } from '../mongo_credentials';
-
-export interface Workflow {
-  /**
-   * All device workflows must implement this method in order to get the access
-   * token and then call authenticate with it.
-   */
-  execute(
-    connection: Connection,
-    credentials: MongoCredentials,
-    reauthenticate?: boolean
-  ): Promise<Document>;
-
-  /**
-   * Get the document to add for speculative authentication.
-   */
-  speculativeAuth(): Promise<Document>;
-}