7.3.0 (2026-06-17)
The MongoDB Node.js team is pleased to announce version 7.3.0 of the bson package!
Release Notes
Deprecated inapplicable Long members on Timestamp
Timestamp inherits from Long for storage convenience, but it is semantically a (t, i) pair, not a general 64-bit integer. If you have called Long methods directly on Timestamp instances (for example toNumber(), getHighBits(), getLowBits(), or aithmetic and bitwise operations), those are now marked @deprecated with no runtime behavior changes. The .t and .i accessors provide direct, semantically consistent access to the two timestamp components.
BSON operations no longer throw on deeply nested documents
Core serialization and deserialization function (serialize, deserialize, calculateObjectSize) have been rewritten as iterative algorithms, so a sufficiently-nested document will no longer exhaust the call stack.
Behavior change: Code with Scope scopes are no longer promoted to DBRef
As a side effect of the rewrite, a Code with Scope scope that happens to carry $ref, $id, and $db keys is no longer promoted to a DBRef instance. The scope is returned as a plain object, which is the correct behavior: a scope represents JavaScript variable bindings, not a document reference.
new Binary(buffer, subType) now coerces subType to match BSON bytes
The Binary constructor now normalizes subtype inputs to match BSON serialization. Previously, passing a stringified subtype like '4' would cause a mismatch between the sub_type property (string '4') and the serialized BSON value (0x04). The constructor now converts inputs to ensure consistency.
EJSON.stringify now correctly handles all parameter combinations
Previously, calling EJSON.stringify(value, options, space) silently discarded the space parameter, producing unformatted output. This has been fixed so all documented call signatures work as expected:
// This now correctly produces indented canonical EJSON
EJSON.stringify(doc, { relaxed: false }, 2);Thanks to @chdanielmueller for working on this problem!
ObjectId generates unique values across Node.js startup snapshot processes
ObjectId now resets its random state (process-unique bytes and counter seed) when a process restores from a Node.js startup snapshot. Previously these values were frozen into the snapshot blob, causing processes restored from the same snapshot to generate colliding ObjectIds.
Features
Bug Fixes
- NODE-5937: rewrite deserializeObject as iterative, not recursive (#886) (0231603)
- NODE-7354: eagerly make Binary sub_type into a number (#858) (5b42c5a)
- NODE-7436: EJSON.stringify type signature (#870) (c949780)
- NODE-7575: reset ObjectId state when building startup snapshot (#884) (ba29d33)
Documentation
We invite you to try the bson library immediately, and report any issues to the NODE project.