mongodb 6.9.0 → 6.10.0

package/src/operations/operation.ts

@@ -11,7 +11,8 @@ export const Aspect = {
   EXPLAINABLE: Symbol('EXPLAINABLE'),
   SKIP_COLLATION: Symbol('SKIP_COLLATION'),
   CURSOR_CREATING: Symbol('CURSOR_CREATING'),
-  MUST_SELECT_SAME_SERVER: Symbol('MUST_SELECT_SAME_SERVER')
+  MUST_SELECT_SAME_SERVER: Symbol('MUST_SELECT_SAME_SERVER'),
+  COMMAND_BATCHING: Symbol('COMMAND_BATCHING')
 } as const;
 
 /** @public */
@@ -98,6 +99,10 @@ export abstract class AbstractOperation<TResult = any> {
     this[kSession] = undefined;
   }
 
+  resetBatch(): boolean {
+    return true;
+  }
+
   get canRetryRead(): boolean {
     return this.hasAspect(Aspect.RETRYABLE) && this.hasAspect(Aspect.READ_OPERATION);
   }

package/src/operations/search_indexes/create.ts

@@ -1,5 +1,4 @@
-import type { Document } from 'bson';
-
+import type { Document } from '../../bson';
 import type { Collection } from '../../collection';
 import type { Server } from '../../sdam/server';
 import type { ClientSession } from '../../sessions';

package/src/operations/search_indexes/drop.ts

@@ -1,5 +1,4 @@
-import type { Document } from 'bson';
-
+import type { Document } from '../../bson';
 import type { Collection } from '../../collection';
 import { MONGODB_ERROR_CODES, MongoServerError } from '../../error';
 import type { Server } from '../../sdam/server';

package/src/operations/search_indexes/update.ts

@@ -1,5 +1,4 @@
-import type { Document } from 'bson';
-
+import type { Document } from '../../bson';
 import type { Collection } from '../../collection';
 import type { Server } from '../../sdam/server';
 import type { ClientSession } from '../../sessions';

package/src/sdam/server.ts

@@ -513,7 +513,8 @@ function isPinnableCommand(cmd: Document, session?: ClientSession): boolean {
       'find' in cmd ||
       'getMore' in cmd ||
       'listCollections' in cmd ||
-      'listIndexes' in cmd
+      'listIndexes' in cmd ||
+      'bulkWrite' in cmd
     );
   }
 

package/src/sdam/server_description.ts

@@ -69,6 +69,12 @@ export class ServerDescription {
   setVersion: number | null;
   electionId: ObjectId | null;
   logicalSessionTimeoutMinutes: number | null;
+  /** The max message size in bytes for the server. */
+  maxMessageSizeBytes: number | null;
+  /** The max number of writes in a bulk write command. */
+  maxWriteBatchSize: number | null;
+  /** The max bson object size. */
+  maxBsonObjectSize: number | null;
 
   // NOTE: does this belong here? It seems we should gossip the cluster time at the CMAP level
   $clusterTime?: ClusterTime;
@@ -111,6 +117,9 @@ export class ServerDescription {
     this.setVersion = hello?.setVersion ?? null;
     this.electionId = hello?.electionId ?? null;
     this.logicalSessionTimeoutMinutes = hello?.logicalSessionTimeoutMinutes ?? null;
+    this.maxMessageSizeBytes = hello?.maxMessageSizeBytes ?? null;
+    this.maxWriteBatchSize = hello?.maxWriteBatchSize ?? null;
+    this.maxBsonObjectSize = hello?.maxBsonObjectSize ?? null;
     this.primary = hello?.primary ?? null;
     this.me = hello?.me?.toLowerCase() ?? null;
     this.$clusterTime = hello?.$clusterTime ?? null;

package/src/sdam/srv_polling.ts

@@ -3,7 +3,7 @@ import { clearTimeout, setTimeout } from 'timers';
 
 import { MongoRuntimeError } from '../error';
 import { TypedEventEmitter } from '../mongo_types';
-import { HostAddress, matchesParentDomain, squashError } from '../utils';
+import { checkParentDomainMatch, HostAddress, squashError } from '../utils';
 
 /**
  * @internal
@@ -127,8 +127,11 @@ export class SrvPoller extends TypedEventEmitter<SrvPollerEvents> {
 
     const finalAddresses: dns.SrvRecord[] = [];
     for (const record of srvRecords) {
-      if (matchesParentDomain(record.name, this.srvHost)) {
+      try {
+        checkParentDomainMatch(record.name, this.srvHost);
         finalAddresses.push(record);
+      } catch (error) {
+        squashError(error);
       }
     }
 

package/src/sdam/topology_description.ts

@@ -43,7 +43,6 @@ export class TopologyDescription {
   heartbeatFrequencyMS: number;
   localThresholdMS: number;
   commonWireVersion: number;
-
   /**
    * Create a TopologyDescription
    */

package/src/sessions.ts

@@ -124,6 +124,10 @@ export class ClientSession
   owner?: symbol | AbstractCursor;
   defaultTransactionOptions: TransactionOptions;
   transaction: Transaction;
+  /** @internal
+   * Keeps track of whether or not the current transaction has attempted to be committed. Is
+   * initially undefined. Gets set to false when startTransaction is called. When commitTransaction is sent to server, if the commitTransaction succeeds, it is then set to undefined, otherwise, set to true */
+  commitAttempted?: boolean;
   /** @internal */
   [kServerSession]: ServerSession | null;
   /** @internal */
@@ -417,6 +421,7 @@ export class ClientSession
       );
     }
 
+    this.commitAttempted = false;
     // increment txnNumber
     this.incrementTransactionNumber();
     // create transaction state
@@ -474,7 +479,7 @@ export class ClientSession
       WriteConcern.apply(command, { wtimeoutMS: 10000, w: 'majority', ...wc });
     }
 
-    if (this.transaction.state === TxnState.TRANSACTION_COMMITTED) {
+    if (this.transaction.state === TxnState.TRANSACTION_COMMITTED || this.commitAttempted) {
       WriteConcern.apply(command, { wtimeoutMS: 10000, ...wc, w: 'majority' });
     }
 
@@ -494,8 +499,10 @@ export class ClientSession
 
     try {
       await executeOperation(this.client, operation);
+      this.commitAttempted = undefined;
       return;
     } catch (firstCommitError) {
+      this.commitAttempted = true;
       if (firstCommitError instanceof MongoError && isRetryableWriteError(firstCommitError)) {
         // SPEC-1185: apply majority write concern when retrying commitTransaction
         WriteConcern.apply(command, { wtimeoutMS: 10000, ...wc, w: 'majority' });
@@ -503,7 +510,14 @@ export class ClientSession
         this.unpin({ force: true });
 
         try {
-          await executeOperation(this.client, operation);
+          await executeOperation(
+            this.client,
+            new RunAdminCommandOperation(command, {
+              session: this,
+              readPreference: ReadPreference.primary,
+              bypassPinningCheck: true
+            })
+          );
           return;
         } catch (retryCommitError) {
           // If the retry failed, we process that error instead of the original

package/src/utils.ts

@@ -18,6 +18,7 @@ import type { FindCursor } from './cursor/find_cursor';
 import type { Db } from './db';
 import {
   type AnyError,
+  MongoAPIError,
   MongoCompatibilityError,
   MongoInvalidArgumentError,
   MongoNetworkTimeoutError,
@@ -25,7 +26,7 @@ import {
   MongoParseError,
   MongoRuntimeError
 } from './error';
-import type { Explain } from './explain';
+import type { Explain, ExplainVerbosity } from './explain';
 import type { MongoClient } from './mongo_client';
 import type { CommandOperationOptions, OperationParent } from './operations/command';
 import type { Hint, OperationOptions } from './operations/operation';
@@ -251,12 +252,23 @@ export function decorateWithReadConcern(
  * @param command - the command on which to apply the explain
  * @param options - the options containing the explain verbosity
  */
-export function decorateWithExplain(command: Document, explain: Explain): Document {
-  if (command.explain) {
-    return command;
+export function decorateWithExplain(
+  command: Document,
+  explain: Explain
+): {
+  explain: Document;
+  verbosity: ExplainVerbosity;
+  maxTimeMS?: number;
+} {
+  type ExplainCommand = ReturnType<typeof decorateWithExplain>;
+  const { verbosity, maxTimeMS } = explain;
+  const baseCommand: ExplainCommand = { explain: command, verbosity };
+
+  if (typeof maxTimeMS === 'number') {
+    baseCommand.maxTimeMS = maxTimeMS;
   }
 
-  return { explain: command, verbosity: explain.verbosity };
+  return baseCommand;
 }
 
 /**
@@ -1131,29 +1143,47 @@ export function parseUnsignedInteger(value: unknown): number | null {
 }
 
 /**
- * Determines whether a provided address matches the provided parent domain.
+ * This function throws a MongoAPIError in the event that either of the following is true:
+ * * If the provided address domain does not match the provided parent domain
+ * * If the parent domain contains less than three `.` separated parts and the provided address does not contain at least one more domain level than its parent
  *
  * If a DNS server were to become compromised SRV records would still need to
  * advertise addresses that are under the same domain as the srvHost.
  *
  * @param address - The address to check against a domain
  * @param srvHost - The domain to check the provided address against
- * @returns Whether the provided address matches the parent domain
+ * @returns void
  */
-export function matchesParentDomain(address: string, srvHost: string): boolean {
+export function checkParentDomainMatch(address: string, srvHost: string): void {
   // Remove trailing dot if exists on either the resolved address or the srv hostname
   const normalizedAddress = address.endsWith('.') ? address.slice(0, address.length - 1) : address;
   const normalizedSrvHost = srvHost.endsWith('.') ? srvHost.slice(0, srvHost.length - 1) : srvHost;
 
   const allCharacterBeforeFirstDot = /^.*?\./;
+  const srvIsLessThanThreeParts = normalizedSrvHost.split('.').length < 3;
   // Remove all characters before first dot
   // Add leading dot back to string so
   //   an srvHostDomain = '.trusted.site'
   //   will not satisfy an addressDomain that endsWith '.fake-trusted.site'
   const addressDomain = `.${normalizedAddress.replace(allCharacterBeforeFirstDot, '')}`;
-  const srvHostDomain = `.${normalizedSrvHost.replace(allCharacterBeforeFirstDot, '')}`;
+  let srvHostDomain = srvIsLessThanThreeParts
+    ? normalizedSrvHost
+    : `.${normalizedSrvHost.replace(allCharacterBeforeFirstDot, '')}`;
 
-  return addressDomain.endsWith(srvHostDomain);
+  if (!srvHostDomain.startsWith('.')) {
+    srvHostDomain = '.' + srvHostDomain;
+  }
+  if (
+    srvIsLessThanThreeParts &&
+    normalizedAddress.split('.').length <= normalizedSrvHost.split('.').length
+  ) {
+    throw new MongoAPIError(
+      'Server record does not have at least one more domain level than parent URI'
+    );
+  }
+  if (!addressDomain.endsWith(srvHostDomain)) {
+    throw new MongoAPIError('Server record does not share hostname with parent URI');
+  }
 }
 
 interface RequestOptions {

package/src/write_concern.ts

@@ -58,7 +58,10 @@ interface CommandWriteConcernOptions {
  * @see https://www.mongodb.com/docs/manual/reference/write-concern/
  */
 export class WriteConcern {
-  /** Request acknowledgment that the write operation has propagated to a specified number of mongod instances or to mongod instances with specified tags. */
+  /**
+   * Request acknowledgment that the write operation has propagated to a specified number of mongod instances or to mongod instances with specified tags.
+   * If w is 0 and is set on a write operation, the server will not send a response.
+   */
   readonly w?: W;
   /** Request acknowledgment that the write operation has been written to the on-disk journal */
   readonly journal?: boolean;

package/lib/cmap/auth/mongocr.js

@@ -1,35 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.MongoCR = void 0;
-const crypto = require("crypto");
-const error_1 = require("../../error");
-const utils_1 = require("../../utils");
-const auth_provider_1 = require("./auth_provider");
-class MongoCR extends auth_provider_1.AuthProvider {
-    async auth(authContext) {
-        const { connection, credentials } = authContext;
-        if (!credentials) {
-            throw new error_1.MongoMissingCredentialsError('AuthContext must provide credentials.');
-        }
-        const { username, password, source } = credentials;
-        const { nonce } = await connection.command((0, utils_1.ns)(`${source}.$cmd`), { getnonce: 1 }, undefined);
-        const hashPassword = crypto
-            .createHash('md5')
-            .update(`${username}:mongo:${password}`, 'utf8')
-            .digest('hex');
-        // Final key
-        const key = crypto
-            .createHash('md5')
-            .update(`${nonce}${username}${hashPassword}`, 'utf8')
-            .digest('hex');
-        const authenticateCommand = {
-            authenticate: 1,
-            user: username,
-            nonce,
-            key
-        };
-        await connection.command((0, utils_1.ns)(`${source}.$cmd`), authenticateCommand, undefined);
-    }
-}
-exports.MongoCR = MongoCR;
-//# sourceMappingURL=mongocr.js.map

package/lib/cmap/auth/mongocr.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"mongocr.js","sourceRoot":"","sources":["../../../src/cmap/auth/mongocr.ts"],"names":[],"mappings":";;;AAAA,iCAAiC;AAEjC,uCAA2D;AAC3D,uCAAiC;AACjC,mDAAiE;AAEjE,MAAa,OAAQ,SAAQ,4BAAY;IAC9B,KAAK,CAAC,IAAI,CAAC,WAAwB;QAC1C,MAAM,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,WAAW,CAAC;QAChD,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,oCAA4B,CAAC,uCAAuC,CAAC,CAAC;QAClF,CAAC;QAED,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,WAAW,CAAC;QAEnD,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,IAAA,UAAE,EAAC,GAAG,MAAM,OAAO,CAAC,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;QAE7F,MAAM,YAAY,GAAG,MAAM;aACxB,UAAU,CAAC,KAAK,CAAC;aACjB,MAAM,CAAC,GAAG,QAAQ,UAAU,QAAQ,EAAE,EAAE,MAAM,CAAC;aAC/C,MAAM,CAAC,KAAK,CAAC,CAAC;QAEjB,YAAY;QACZ,MAAM,GAAG,GAAG,MAAM;aACf,UAAU,CAAC,KAAK,CAAC;aACjB,MAAM,CAAC,GAAG,KAAK,GAAG,QAAQ,GAAG,YAAY,EAAE,EAAE,MAAM,CAAC;aACpD,MAAM,CAAC,KAAK,CAAC,CAAC;QAEjB,MAAM,mBAAmB,GAAG;YAC1B,YAAY,EAAE,CAAC;YACf,IAAI,EAAE,QAAQ;YACd,KAAK;YACL,GAAG;SACJ,CAAC;QAEF,MAAM,UAAU,CAAC,OAAO,CAAC,IAAA,UAAE,EAAC,GAAG,MAAM,OAAO,CAAC,EAAE,mBAAmB,EAAE,SAAS,CAAC,CAAC;IACjF,CAAC;CACF;AA/BD,0BA+BC"}

package/src/cmap/auth/mongocr.ts

@@ -1,38 +0,0 @@
-import * as crypto from 'crypto';
-
-import { MongoMissingCredentialsError } from '../../error';
-import { ns } from '../../utils';
-import { type AuthContext, AuthProvider } from './auth_provider';
-
-export class MongoCR extends AuthProvider {
-  override async auth(authContext: AuthContext): Promise<void> {
-    const { connection, credentials } = authContext;
-    if (!credentials) {
-      throw new MongoMissingCredentialsError('AuthContext must provide credentials.');
-    }
-
-    const { username, password, source } = credentials;
-
-    const { nonce } = await connection.command(ns(`${source}.$cmd`), { getnonce: 1 }, undefined);
-
-    const hashPassword = crypto
-      .createHash('md5')
-      .update(`${username}:mongo:${password}`, 'utf8')
-      .digest('hex');
-
-    // Final key
-    const key = crypto
-      .createHash('md5')
-      .update(`${nonce}${username}${hashPassword}`, 'utf8')
-      .digest('hex');
-
-    const authenticateCommand = {
-      authenticate: 1,
-      user: username,
-      nonce,
-      key
-    };
-
-    await connection.command(ns(`${source}.$cmd`), authenticateCommand, undefined);
-  }
-}