Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(NODE-4905): double precision accuracy in canonical EJSON #549

Merged
merged 2 commits into from
Jan 4, 2023

Conversation

nbbeeken
Copy link
Contributor

@nbbeeken nbbeeken commented Jan 3, 2023

Description

What is changing?

Same as #548, this is a backport

Double check the following

  • Ran npm run lint script
  • Self-review completed using the steps outlined here
  • PR title follows the correct format: <type>(NODE-xxxx)<!>: <description>
  • Changes are covered by tests
  • New TODOs have a related JIRA ticket

@nbbeeken
Copy link
Contributor Author

nbbeeken commented Jan 3, 2023

durran
durran approved these changes Jan 4, 2023
@durran durran merged commit d86bd52 into 4.0 Jan 4, 2023
@durran durran deleted the NODE-4905-fix-double-precision-4.0 branch January 4, 2023 20:04
cbush pushed a commit to mongodb/docs-realm that referenced this pull request Jan 30, 2023
<h3>Snyk has created this PR to upgrade bson from 4.7.0 to 4.7.1.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

- The recommended version is **1 version** ahead of your current
version.
- The recommended version was released **21 days ago**, on 2023-01-05.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>bson</b></summary>
    <ul>
      <li>
<b>4.7.1</b> - <a
href="https://snyk.io/redirect/github/mongodb/js-bson/releases/tag/v4.7.1">2023-01-05</a></br><p>The
MongoDB Node.js team is pleased to announce version v4.7.1 of the bson
package!</p>
<h3>Bug Fixes</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4905">NODE-4905</a>:</strong>
double precision accuracy in canonical EJSON (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/issues/549"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/js-bson/pull/549/hovercard">#549</a>) (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/d86bd52661e7f5d26479f6b63acac7950f505d69">d86bd52</a>)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li>API: <a
href="https://snyk.io/redirect/github/mongodb/js-bson#readme">https://github.com/mongodb/js-bson#readme</a></li>
<li>Changelog: <a
href="https://snyk.io/redirect/github/mongodb/js-bson/blob/4.0/HISTORY.md#change-log">https://github.com/mongodb/js-bson/blob/4.0/HISTORY.md#change-log</a></li>
</ul>
<p>We invite you to try the bson library immediately, and report any
issues to the <a href="https://jira.mongodb.org/projects/NODE"
rel="nofollow">NODE project</a>.</p>
      </li>
      <li>
<b>4.7.0</b> - <a
href="https://snyk.io/redirect/github/mongodb/js-bson/releases/tag/v4.7.0">2022-08-18</a></br><p>The
MongoDB Node.js team is pleased to announce version 4.7.0 of the bson
package!</p>
<h2>Release Highlights</h2>
<p>This release adds <em>automatic</em> UUID support. Now when
serializing or deserializing BSON you can work directly with the UUID
type without explicit conversion methods. The UUID class is now a
subclass of binary so all existing code will continue to work (including
the explicit conversion methods
<code>.toUUID</code>/<code>.toBinary</code>). The same automatic support
for UUID is also present in EJSON
<code>.parse</code>/<code>.stringify</code>.</p>
<p>Take a look at the following for the expected behavior:</p>
<div class="highlight highlight-source-ts notranslate position-relative
overflow-auto" data-snippet-clipboard-copy-content="const document =
BSON.deserialize(bytes)
// { uuid: UUID('xxx') }
BSON.serialize(document)
// Buffer &lt; document with uuid (binary subtype 4) &gt;"><pre><span
class="pl-k">const</span> <span class="pl-smi">document</span> <span
class="pl-c1">=</span> <span class="pl-smi">BSON</span><span
class="pl-kos">.</span><span class="pl-en">deserialize</span><span
class="pl-kos">(</span><span class="pl-s1">bytes</span><span
class="pl-kos">)</span>
<span class="pl-c">// { uuid: UUID('xxx') }</span>
<span class="pl-smi">BSON</span><span class="pl-kos">.</span><span
class="pl-en">serialize</span><span class="pl-kos">(</span><span
class="pl-smi">document</span><span class="pl-kos">)</span>
<span class="pl-c">// Buffer &lt; document with uuid (binary subtype 4)
&gt;</span></pre></div>
<p>Special thanks to <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/aditi-khare-mongoDB/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/aditi-khare-mongoDB">@
aditi-khare-mongoDB</a> for all her hard work on this feature!! <g-emoji
class="g-emoji" alias="tada"
fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f389.png">🎉</g-emoji></p>
<h3>Features</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4405">NODE-4405</a>:</strong>
support serializing UUID class (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/issues/508"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/js-bson/pull/508/hovercard">#508</a>) (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/f5dc9edf915cc119f02f53ec84d1c640695dced7">f5dc9ed</a>)</li>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4419">NODE-4419</a>:</strong>
UUID class deserialization (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/issues/509"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/js-bson/pull/509/hovercard">#509</a>) (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/ff2b97585848730fcf90cd21c14ba2a18a0ed016">ff2b975</a>)</li>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4506">NODE-4506</a>:</strong>
Make UUID a subclass of binary (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/issues/512"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/js-bson/pull/512/hovercard">#512</a>) (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/e9afa9dcfc295da8ff53b28658835fc76cde557c">e9afa9d</a>)</li>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4535">NODE-4535</a>:</strong>
automatically promote UUIDs when deserializing and parsing UUIDs (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/issues/513"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/js-bson/pull/513/hovercard">#513</a>) (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/1dc7eaea6a61924be66ae5b8a05b74d5dd9c7b1e">1dc7eae</a>)</li>
</ul>
<hr>
<h2>Documentation</h2>
<ul>
<li>API: <a
href="https://snyk.io/redirect/github/mongodb/js-bson#readme">https://github.com/mongodb/js-bson#readme</a></li>
<li>Changelog: <a
href="https://snyk.io/redirect/github/mongodb/js-bson/blob/main/HISTORY.md#change-log">https://github.com/mongodb/js-bson/blob/main/HISTORY.md#change-log</a></li>
</ul>
<p>We invite you to try the bson library immediately, and report any
issues to the <a href="https://jira.mongodb.org/projects/NODE"
rel="nofollow">NODE project</a>.</p>
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/mongodb/js-bson/releases">bson
GitHub release notes</a>
  </details>
</details>


<details>
  <summary><b>Commit messages</b></summary>
  </br>
  <details>
    <summary>Package name: <b>bson</b></summary>
    <ul>
<li><a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/5465c33b356ceaed05c1759007acdf3ab077ee33">5465c33</a>
chore(release): 4.7.1</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/d86bd52661e7f5d26479f6b63acac7950f505d69">d86bd52</a>
fix(NODE-4905): double precision accuracy in canonical EJSON (#549)</li>
    </ul>

<a
href="https://snyk.io/redirect/github/mongodb/js-bson/compare/853bbb0441b0e29e5277cd191b515d5a884d8d21...5465c33b356ceaed05c1759007acdf3ab077ee33">Compare</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIzOTdmMzA0MS1kMTJmLTQ4MDMtODIyNC1iNDY4MmQ0YzU4NjgiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjM5N2YzMDQxLWQxMmYtNDgwMy04MjI0LWI0NjgyZDRjNTg2OCJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?pkg&#x3D;bson&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"397f3041-d12f-4803-8224-b4682d4c5868","prPublicId":"397f3041-d12f-4803-8224-b4682d4c5868","dependencies":[{"name":"bson","from":"4.7.0","to":"4.7.1"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"852e6e4f-be96-45c8-b370-1060f5ebee55","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2023-01-05T15:16:00.352Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]})
--->

---------

Co-authored-by: snyk-bot <[email protected]>
cbush pushed a commit to mongodb/docs-realm that referenced this pull request Feb 13, 2023
<h3>Snyk has created this PR to upgrade bson from 4.7.1 to 4.7.2.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

- The recommended version is **1 version** ahead of your current
version.
- The recommended version was released **21 days ago**, on 2023-01-10.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>bson</b></summary>
    <ul>
      <li>
<b>4.7.2</b> - <a
href="https://snyk.io/redirect/github/mongodb/js-bson/releases/tag/v4.7.2">2023-01-10</a></br><p>The
MongoDB Node.js team is pleased to announce version v4.7.2 of the bson
package!</p>
<h3>Bug Fixes</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4932">NODE-4932</a>:</strong>
remove .0 suffix from double extended json values (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/issues/553"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/js-bson/pull/553/hovercard">#553</a>) (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/a298d22173e7e07789d86051f95f76153f29e10a">a298d22</a>)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li>API: <a
href="https://snyk.io/redirect/github/mongodb/js-bson#readme">https://github.com/mongodb/js-bson#readme</a></li>
<li>Changelog: <a
href="https://snyk.io/redirect/github/mongodb/js-bson/blob/4.0/HISTORY.md#change-log">https://github.com/mongodb/js-bson/blob/4.0/HISTORY.md#change-log</a></li>
</ul>
<p>We invite you to try the bson library immediately, and report any
issues to the <a href="https://jira.mongodb.org/projects/NODE"
rel="nofollow">NODE project</a>.</p>
      </li>
      <li>
<b>4.7.1</b> - <a
href="https://snyk.io/redirect/github/mongodb/js-bson/releases/tag/v4.7.1">2023-01-05</a></br><p>The
MongoDB Node.js team is pleased to announce version v4.7.1 of the bson
package!</p>
<h3>Bug Fixes</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4905">NODE-4905</a>:</strong>
double precision accuracy in canonical EJSON (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/issues/549"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/js-bson/pull/549/hovercard">#549</a>) (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/d86bd52661e7f5d26479f6b63acac7950f505d69">d86bd52</a>)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li>API: <a
href="https://snyk.io/redirect/github/mongodb/js-bson#readme">https://github.com/mongodb/js-bson#readme</a></li>
<li>Changelog: <a
href="https://snyk.io/redirect/github/mongodb/js-bson/blob/4.0/HISTORY.md#change-log">https://github.com/mongodb/js-bson/blob/4.0/HISTORY.md#change-log</a></li>
</ul>
<p>We invite you to try the bson library immediately, and report any
issues to the <a href="https://jira.mongodb.org/projects/NODE"
rel="nofollow">NODE project</a>.</p>
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/mongodb/js-bson/releases">bson
GitHub release notes</a>
  </details>
</details>


<details>
  <summary><b>Commit messages</b></summary>
  </br>
  <details>
    <summary>Package name: <b>bson</b></summary>
    <ul>
<li><a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/c3fc5dfa2ebc399a4bf7e80210405f86a360f642">c3fc5df</a>
chore(release): 4.7.2</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/a298d22173e7e07789d86051f95f76153f29e10a">a298d22</a>
fix(NODE-4932): remove .0 suffix from double extended json values
(#553)</li>
    </ul>

<a
href="https://snyk.io/redirect/github/mongodb/js-bson/compare/5465c33b356ceaed05c1759007acdf3ab077ee33...c3fc5dfa2ebc399a4bf7e80210405f86a360f642">Compare</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI2NzRhMWMwYS0wY2ZjLTQ0YzYtYmJkZS0xNTgwYjM4MzM4ZDYiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjY3NGExYzBhLTBjZmMtNDRjNi1iYmRlLTE1ODBiMzgzMzhkNiJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?pkg&#x3D;bson&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"674a1c0a-0cfc-44c6-bbde-1580b38338d6","prPublicId":"674a1c0a-0cfc-44c6-bbde-1580b38338d6","dependencies":[{"name":"bson","from":"4.7.1","to":"4.7.2"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"852e6e4f-be96-45c8-b370-1060f5ebee55","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2023-01-10T20:47:50.442Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]})
--->

---------

Co-authored-by: snyk-bot <[email protected]>
mongodben pushed a commit to mongodben/docs-realm that referenced this pull request Feb 14, 2023
<h3>Snyk has created this PR to upgrade bson from 4.7.1 to 4.7.2.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

- The recommended version is **1 version** ahead of your current
version.
- The recommended version was released **21 days ago**, on 2023-01-10.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>bson</b></summary>
    <ul>
      <li>
<b>4.7.2</b> - <a
href="https://snyk.io/redirect/github/mongodb/js-bson/releases/tag/v4.7.2">2023-01-10</a></br><p>The
MongoDB Node.js team is pleased to announce version v4.7.2 of the bson
package!</p>
<h3>Bug Fixes</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4932">NODE-4932</a>:</strong>
remove .0 suffix from double extended json values (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/issues/553"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/js-bson/pull/553/hovercard">mongodb#553</a>) (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/a298d22173e7e07789d86051f95f76153f29e10a">a298d22</a>)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li>API: <a
href="https://snyk.io/redirect/github/mongodb/js-bson#readme">https://github.com/mongodb/js-bson#readme</a></li>
<li>Changelog: <a
href="https://snyk.io/redirect/github/mongodb/js-bson/blob/4.0/HISTORY.md#change-log">https://github.com/mongodb/js-bson/blob/4.0/HISTORY.md#change-log</a></li>
</ul>
<p>We invite you to try the bson library immediately, and report any
issues to the <a href="https://jira.mongodb.org/projects/NODE"
rel="nofollow">NODE project</a>.</p>
      </li>
      <li>
<b>4.7.1</b> - <a
href="https://snyk.io/redirect/github/mongodb/js-bson/releases/tag/v4.7.1">2023-01-05</a></br><p>The
MongoDB Node.js team is pleased to announce version v4.7.1 of the bson
package!</p>
<h3>Bug Fixes</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4905">NODE-4905</a>:</strong>
double precision accuracy in canonical EJSON (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/issues/549"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/js-bson/pull/549/hovercard">mongodb#549</a>) (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/d86bd52661e7f5d26479f6b63acac7950f505d69">d86bd52</a>)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li>API: <a
href="https://snyk.io/redirect/github/mongodb/js-bson#readme">https://github.com/mongodb/js-bson#readme</a></li>
<li>Changelog: <a
href="https://snyk.io/redirect/github/mongodb/js-bson/blob/4.0/HISTORY.md#change-log">https://github.com/mongodb/js-bson/blob/4.0/HISTORY.md#change-log</a></li>
</ul>
<p>We invite you to try the bson library immediately, and report any
issues to the <a href="https://jira.mongodb.org/projects/NODE"
rel="nofollow">NODE project</a>.</p>
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/mongodb/js-bson/releases">bson
GitHub release notes</a>
  </details>
</details>


<details>
  <summary><b>Commit messages</b></summary>
  </br>
  <details>
    <summary>Package name: <b>bson</b></summary>
    <ul>
<li><a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/c3fc5dfa2ebc399a4bf7e80210405f86a360f642">c3fc5df</a>
chore(release): 4.7.2</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/a298d22173e7e07789d86051f95f76153f29e10a">a298d22</a>
fix(NODE-4932): remove .0 suffix from double extended json values
(mongodb#553)</li>
    </ul>

<a
href="https://snyk.io/redirect/github/mongodb/js-bson/compare/5465c33b356ceaed05c1759007acdf3ab077ee33...c3fc5dfa2ebc399a4bf7e80210405f86a360f642">Compare</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI2NzRhMWMwYS0wY2ZjLTQ0YzYtYmJkZS0xNTgwYjM4MzM4ZDYiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjY3NGExYzBhLTBjZmMtNDRjNi1iYmRlLTE1ODBiMzgzMzhkNiJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?pkg&#x3D;bson&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"674a1c0a-0cfc-44c6-bbde-1580b38338d6","prPublicId":"674a1c0a-0cfc-44c6-bbde-1580b38338d6","dependencies":[{"name":"bson","from":"4.7.1","to":"4.7.2"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"852e6e4f-be96-45c8-b370-1060f5ebee55","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2023-01-10T20:47:50.442Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]})
--->

---------

Co-authored-by: snyk-bot <[email protected]>
mongodben pushed a commit to mongodben/docs-realm that referenced this pull request Feb 14, 2023
<h3>Snyk has created this PR to upgrade bson from 4.7.1 to 4.7.2.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

- The recommended version is **1 version** ahead of your current
version.
- The recommended version was released **21 days ago**, on 2023-01-10.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>bson</b></summary>
    <ul>
      <li>
<b>4.7.2</b> - <a
href="https://snyk.io/redirect/github/mongodb/js-bson/releases/tag/v4.7.2">2023-01-10</a></br><p>The
MongoDB Node.js team is pleased to announce version v4.7.2 of the bson
package!</p>
<h3>Bug Fixes</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4932">NODE-4932</a>:</strong>
remove .0 suffix from double extended json values (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/issues/553"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/js-bson/pull/553/hovercard">mongodb#553</a>) (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/a298d22173e7e07789d86051f95f76153f29e10a">a298d22</a>)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li>API: <a
href="https://snyk.io/redirect/github/mongodb/js-bson#readme">https://github.com/mongodb/js-bson#readme</a></li>
<li>Changelog: <a
href="https://snyk.io/redirect/github/mongodb/js-bson/blob/4.0/HISTORY.md#change-log">https://github.com/mongodb/js-bson/blob/4.0/HISTORY.md#change-log</a></li>
</ul>
<p>We invite you to try the bson library immediately, and report any
issues to the <a href="https://jira.mongodb.org/projects/NODE"
rel="nofollow">NODE project</a>.</p>
      </li>
      <li>
<b>4.7.1</b> - <a
href="https://snyk.io/redirect/github/mongodb/js-bson/releases/tag/v4.7.1">2023-01-05</a></br><p>The
MongoDB Node.js team is pleased to announce version v4.7.1 of the bson
package!</p>
<h3>Bug Fixes</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4905">NODE-4905</a>:</strong>
double precision accuracy in canonical EJSON (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/issues/549"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/js-bson/pull/549/hovercard">mongodb#549</a>) (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/d86bd52661e7f5d26479f6b63acac7950f505d69">d86bd52</a>)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li>API: <a
href="https://snyk.io/redirect/github/mongodb/js-bson#readme">https://github.com/mongodb/js-bson#readme</a></li>
<li>Changelog: <a
href="https://snyk.io/redirect/github/mongodb/js-bson/blob/4.0/HISTORY.md#change-log">https://github.com/mongodb/js-bson/blob/4.0/HISTORY.md#change-log</a></li>
</ul>
<p>We invite you to try the bson library immediately, and report any
issues to the <a href="https://jira.mongodb.org/projects/NODE"
rel="nofollow">NODE project</a>.</p>
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/mongodb/js-bson/releases">bson
GitHub release notes</a>
  </details>
</details>


<details>
  <summary><b>Commit messages</b></summary>
  </br>
  <details>
    <summary>Package name: <b>bson</b></summary>
    <ul>
<li><a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/c3fc5dfa2ebc399a4bf7e80210405f86a360f642">c3fc5df</a>
chore(release): 4.7.2</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/a298d22173e7e07789d86051f95f76153f29e10a">a298d22</a>
fix(NODE-4932): remove .0 suffix from double extended json values
(mongodb#553)</li>
    </ul>

<a
href="https://snyk.io/redirect/github/mongodb/js-bson/compare/5465c33b356ceaed05c1759007acdf3ab077ee33...c3fc5dfa2ebc399a4bf7e80210405f86a360f642">Compare</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI2NzRhMWMwYS0wY2ZjLTQ0YzYtYmJkZS0xNTgwYjM4MzM4ZDYiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjY3NGExYzBhLTBjZmMtNDRjNi1iYmRlLTE1ODBiMzgzMzhkNiJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?pkg&#x3D;bson&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"674a1c0a-0cfc-44c6-bbde-1580b38338d6","prPublicId":"674a1c0a-0cfc-44c6-bbde-1580b38338d6","dependencies":[{"name":"bson","from":"4.7.1","to":"4.7.2"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"852e6e4f-be96-45c8-b370-1060f5ebee55","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2023-01-10T20:47:50.442Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]})
--->

---------

Co-authored-by: snyk-bot <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants