Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Security update needed: mongodb

See original GitHub issue

npm audit is throwing high severity warnings for mongodb. It looks like we would need to update to mongodb@3.3.3 to resolve those, and we’re currently on "mongodb": "^2.2.36". Clearly possible breaking changes.

We probably need to update apostrophe-db-mongo-3-driver as well, though easier there.

Issue Analytics

State:
Created 4 years ago
Comments:12 (11 by maintainers)

Top GitHub Comments

1reaction

boutellcommented, Jan 2, 2020

This got done, with emulate-mongo-2-driver.

1reaction

abeacommented, Nov 25, 2019

I think the whitelist is only for Github. So Github has its own security warnings, which are suppressed by whitelisting. There’s no such whitelisting for NPM, so that warning remains.

Top Results From Across the Web

Security — MongoDB Manual

MongoDB provides various features, such as authentication, access control, encryption, to secure your MongoDB deployments. Some key security features ...

Security Checklist — MongoDB Manual

This document provides a list of security measures that you should ... Then create users and assign them only the roles they need...

Mongodb security/bug fix patches - Installation & Upgrades

Dear Team, We need an advise on the below topics. 1)Is there any security/bug fix patches is available from mongodb side?

Addressing Security Vulnerabilities - MongoDB

MongoDB, Inc. takes all required security vulnerabilities very seriously and will always ensure that there is a clear and open channel of communication...

7 Best Practices For MongoDB Security

To enable authentication, create login credentials for each user or process that accesses MongoDB. Suppose several users need administrative ...