Update dependency mongodb to v6 - autoclosed

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
mongodb	^4.6.0 -> ^6.0.0

---

Release Notes

mongodb/node-mongodb-native (mongodb)

v6.4.0

Compare Source

Features

• NODE-3449: Add serverConnectionId to Command Monitoring Spec (735f7aa)
• NODE-3470: retry selects another mongos (#​3963) (84959ee)
• NODE-3689: require hello command for connection handshake to use OP_MSG disallowing OP_QUERY (#​3938) (ce7df0f)
• NODE-4686: Add log messages to CLAM (#​3955) (e3bfa30)
• NODE-4687: Add logging to server selection (#​3946) (7f3ce0b)
• NODE-4719: add SDAM Logging Spec (#​3940) (a3c0298)
• NODE-4847: Add config error handling to logging (#​3970) (8f7bb59)
• NODE-5717: make ExceededTimeLimit retryable reads error (#​3947) (106ab09)
• NODE-5885: upgrade BSON to ^6.3.0 (#​3983) (9401d09)
• NODE-5939: Implement 6.x: cache the AWS credentials provider in the MONGODB-AWS auth logic (#​3991) (e0a37e5)
• NODE-5978: upgrade BSON to ^6.4.0 (#​4007) (90f2f70)

Bug Fixes

• NODE-5127: implement reject kmsRequest on server close (#​3964) (568e05f)
• NODE-5609: node driver omits base64 padding in sasl-continue command (#​3975) (b7d28d3)
• NODE-5765: change type for countDocuments (#​3932) (22cae0f)
• NODE-5791: type error with $addToSet in bulkWrite (#​3953) (b93d405)
• NODE-5818: Add feature flagging to server selection logging (#​3974) (55203ef)
• NODE-5839: support for multibyte code-points in stringifyWithMaxLen (#​3979) (aed1cf0)
• NODE-5840: heartbeat duration includes socket creation (#​3973) (a42039b)
• NODE-5901: propagate errors to transformed stream in cursor (#​3985) (ecfc615)
• NODE-5944: make AWS session token optional (#​4002) (f26de76)

Performance Improvements

• NODE-5771: improve new connection (#​3948) (a4776cf)
• NODE-5854: Conditional logger instantiation and precompute willLog perf fix (#​3984) (a63fbc2)
• NODE-5928: consolidate signal use and abort promise wrap (#​3992) (38742c2)

v6.3.0

Compare Source

Features

• NODE-3881: require hello command + OP_MSG when 'loadBalanced=True' (#​3907) (fd58eec)
• NODE-4849: Add Typescript support for log path in client options (#​3886) (f495abb)
• NODE-4878: Add remaining log configurable client options (#​3908) (54adc9f)
• NODE-5197: add server monitoring mode (#​3899) (ae4c94a)
• NODE-5452: Logging Cosmos Document DB Info Message (#​3902) (bb5fa43)
• NODE-5590: deprecate GridFS fields (#​3905) (d2225da)

Bug Fixes

• NODE-4863: do not use RetryableWriteError for non-server errors (#​3914) (08c9fb4)
• NODE-5709: bump mongodb-connection-string-url to 3.0.0 (#​3909) (1c3dc02)
• NODE-5749: RTTPinger always sends legacy hello (#​3921) (ebbfb8a)

v6.2.0

Compare Source

Features

• NODE-5613: add awaited field to SDAM heartbeat events (#​3895) (b50aadc)
• update bson to 6.2.0 (#​3898) (32b7176)

Bug Fixes

• NODE-5496: remove client-side collection and database name check validation (#​3873) (98550c6)
• NODE-5628: bulkWriteResult.insertedIds does not filter out _ids that are not actually inserted (#​3867) (09f2a67)
• NODE-5706: make findOne() close implicit session to avoid memory leak (#​3897) (995d138)

v6.1.0

Compare Source

Features

• NODE-5634: bump bson version to ^6.1.0 (#​3866) (c6edabb)

Bug Fixes

• NODE-5551: set AWS region from environment variable for STSClient (#​3831) (e9a5079)
• NODE-5588: recursive calls to next cause memory leak (#​3841) (9a8fdb2)

v6.0.0

Compare Source

⚠ BREAKING CHANGES

• NODE-5584: adopt bson v6 and mongodb-client-encryption v6 (#​3845)
• NODE-5484: mark MongoError for internal use and remove Node14 cause assignment logic (#​3800)
• NODE-4788: use implementer Writable methods for GridFSBucketWriteStream (#​3808)
• NODE-4986: remove callbacks from ClientEncryption encrypt, decrypt, and createDataKey (#​3797)
• NODE-5490: bump kerberos compatibility to ^2.0.1 (#​3798)
• NODE-3568: ensure includeResultsMetadata is false by default (#​3786)
• NODE-3989: only accept true and false for boolean options (#​3791)
• NODE-5233: prevent session from one client from being used on another (#​3790)
• NODE-5444: emit deprecation warning for useNewUrlParser and useUnifiedTopology (#​3792)
• NODE-5470: convert remaining FLE to TS and drop support for onKMSProvidersRefresh (#​3787)
• NODE-5508: remove EvalOperation and EvalOptions (#​3795)
• NODE-3920: validate options are not repeated in connection string (#​3788)
• NODE-3924: read tls files async (#​3776)
• NODE-5430: make AutoEncrypter and MongoClient.autoEncrypter internal (#​3789)
• NODE-4961: remove command result from commit and abort transaction APIs (#​3784)
• NODE-2014: return executor result from withSession and withTransaction (#​3783)
• NODE-5409: allow socks to be installed optionally (#​3782)
• NODE-4796: remove addUser and collection.stats APIs (#​3781)
• NODE-4936: remove unsupported options from db.command and admin.command (#​3775)
• NODE-5228: remove unneeded fields from ConnectionPoolCreatedEvent.options (#​3772)
• NODE-5190: remove deprecated keep alive options (#​3771)
• NODE-5186: remove duplicate BulkWriteResult accessors (#​3766)
• NODE-5376: remove deprecated ssl options (#​3755)
• NODE-5415: bump minimum Node.js version to v16.20.1 (#​3760)

Features

• NODE-2014: return executor result from withSession and withTransaction (#​3783) (65aa288)
• NODE-3568: ensure includeResultsMetadata is false by default (#​3786) (fee8d3e)
• NODE-3920: validate options are not repeated in connection string (#​3788) (11631a2)
• NODE-3924: read tls files async (#​3776) (68adaf1)
• NODE-3989: only accept true and false for boolean options (#​3791) (e2e36cc)
• NODE-4796: remove addUser and collection.stats APIs (#​3781) (e79ac9d)
• NODE-4961: remove command result from commit and abort transaction APIs (#​3784) (71c5936)
• NODE-4986: remove callbacks from ClientEncryption encrypt, decrypt, and createDataKey (#​3797) (51a573f)
• NODE-5186: remove duplicate BulkWriteResult accessors (#​3766) (8693987)
• NODE-5190: remove deprecated keep alive options (#​3771) (7ade907)
• NODE-5233: prevent session from one client from being used on another (#​3790) (9268b35)
• NODE-5376: remove deprecated ssl options (#​3755) (ee56c8e)
• NODE-5396: add mongodb-js/saslprep as a required dependency (#​3815) (bd031fc)
• NODE-5409: allow socks to be installed optionally (#​3782) (787bdbf)
• NODE-5415: bump minimum Node.js version to v16.20.1 (#​3760) (de158b2)
• NODE-5430: make AutoEncrypter and MongoClient.autoEncrypter internal (#​3789) (b16ef9e)
• NODE-5444: emit deprecation warning for useNewUrlParser and useUnifiedTopology (#​3792) (c08060d)
• NODE-5470: convert remaining FLE to TS and drop support for onKMSProvidersRefresh (#​3787) (844aa52)
• NODE-5484: mark MongoError for internal use and remove Node14 cause assignment logic (#​3800) (a17b0af)
• NODE-5490: bump kerberos compatibility to ^2.0.1 (#​3798) (1044be1)
• NODE-5508: remove EvalOperation and EvalOptions (#​3795) (225cb81)
• NODE-5566: add ability to provide CRL file via tlsCRLFile (#​3834) (33c86c9)
• NODE-5584: adopt bson v6 and mongodb-client-encryption v6 (#​3845) (7bef363)

Bug Fixes

• NODE-4788: use implementer Writable methods for GridFSBucketWriteStream (#​3808) (7955610)
• NODE-4936: remove unsupported options from db.command and admin.command (#​3775) (52cd649)
• NODE-5228: remove unneeded fields from ConnectionPoolCreatedEvent.options (#​3772) (7a91714)
• NODE-5412: drop aws sdk version to match node18 runtime (#​3809) (1e96e49)
• NODE-5548: ensure that tlsCertificateKeyFile maps to cert and key (#​3819) (a0955bd)
• NODE-5592: withTransaction return type (#​3846) (05d2725)

v5.9.2

Compare Source

The MongoDB Node.js team is pleased to announce version 5.9.2 of the mongodb package!

Release Notes

Fix connection leak when serverApi is enabled

When enabling serverApi the driver's RTT mesurment logic (used to determine the closest node) still sent the legacy hello command "isMaster" causing the server to return an error. Unfortunately, the error handling logic did not correctly destroy the socket which would cause a leak.

Both sending the correct hello command and the error handling connection clean up logic are fixed in this change.

Bug Fixes

• NODE-5750: RTTPinger always sends legacy hello (#​3922) (8e56872)

Documentation

• Reference
• API
• Changelog

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v5.9.1

Compare Source

The MongoDB Node.js team is pleased to announce version 5.9.1 of the mongodb package!

Release Notes

insertedIds in bulk write now contain only successful insertions

Prior to this fix, the bulk write error's result.insertedIds property contained the _id of each attempted insert in a bulk operation.

Now, when a bulkwrite() or an insertMany() operation rejects one or more inserts, throwing an error, the error's result.insertedIds property will only contain the _id fields of successfully inserted documents.

Fixed edge case leak in findOne()

When running a findOne against a time series collection, the driver left the implicit session for the cursor un-ended due to the way the server returns the resulting cursor information. Now the cursor will always be cleaned up regardless of the outcome of the find operation.

Bug Fixes

• NODE-5627: BulkWriteResult.insertedIds includes ids that were not inserted (#​3870) (d766ae2)
• NODE-5691: make findOne() close implicit session to avoid memory leak (#​3889) (0d6c9cd)

Documentation

• Reference
• API
• Changelog

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v5.9.0

Compare Source

The MongoDB Node.js team is pleased to announce version 5.9.0 of the mongodb package!

Release Notes

Bumped bson version to make use of new Decimal128 behaviour

In this release, we have adopted the changes made to Decimal128 in bson version 5.5. The Decimal128 constructor and fromString() methods now throw when detecting a loss of precision (more than 34 significant digits). We also expose a new fromStringWithRounding() method which restores the previous rounding behaviour.

See the bson v5.5.0 release notes for more information.

Use region settings for STS AWS credentials request

When using IAM AssumeRoleWithWebIdentity AWS authentication the driver uses the @​aws-sdk/credential-providers package to contact the Security Token Service API for temporary credentials. AWS recommends using Regional AWS STS endpoints instead of the global endpoint to reduce latency, build-in redundancy, and increase session token validity. Unfortunately, environment variables AWS_STS_REGIONAL_ENDPOINTS and AWS_REGION do not directly control the region the SDK's STS client contacts for credentials.

The driver now has added support for detecting these variables and setting the appropriate options when calling the SDK's API: fromNodeProviderChain().

[!IMPORTANT]
The driver will only set region options if BOTH environment variables are present. AWS_STS_REGIONAL_ENDPOINTS MUST be set to either 'legacy' or 'regional', and AWS_REGION must be set.

Fix memory leak with ChangeStreams

In a previous release, 5.7.0, we refactored cursor internals from callbacks to async/await. In particular, the next function that powers cursors was written with callbacks and would recursively call itself depending on the cursor type. For ChangeStreams, this function would call itself if there were no new changes to return to the user. After converting that code to async/await each recursive call created a new promise that saved the current async context. This would slowly build up memory usage if no new changes came in to unwind the recursive calls.

The function is now implemented as a loop, memory leak be gone!

Features

• NODE-5564: bump bson version to ^5.5.0 (#​3865) (dc110e0)

Bug Fixes

• NODE-5550: set AWS region from environment variable for STSClient (#​3851) (2fab06b)
• NODE-5587: recursive calls to next cause memory leak (#​3842) (f60f1b5)

Documentation

• Reference
• API
• Changelog

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v5.8.1

Compare Source

The MongoDB Node.js team is pleased to announce version 5.8.1 of the mongodb package!

Release Notes

Import of saslprep updated to correct library.

Fixes the import of saslprep to be the correct @mongodb-js/saslprep library.

Bug Fixes

• NODE-5572: fix saslprep import (#​3837) (250dc21)

Documentation

• Reference
• API
• Changelog

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v5.8.0

Compare Source

The MongoDB Node.js team is pleased to announce version 5.8.0 of the mongodb package!

Release Notes

The AutoEncrypter interface has been deprecated

The AutoEncrypter interface was used internally but accidentally made public in the 4.x version of the driver. It is now deprecated and will be made internal in the next major release.

Kerberos support for 1.x and 2.x

Moves the kerberos dependency back to ^1.0.0 || ^2.0.0 to indicate support for both 1.x and 2.x. Support for 1.x is removed in 6.0.

Fixed accidental deprecation warning

Because of internal options handling, a deprecation was emitted for tlsCertificateFile when using tlsCertificateKeyFile. That has been corrected.

Remove credential availability on ConnectionPoolCreatedEvent

In order to avoid mistakenly printing credentials the ConnectionPoolCreatedEvent will replace the credentials option with an empty object. The credentials are still accessble via MongoClient options: client.options.credentials.

Features

• NODE-5399: use mongodb-js/saslprep instead of saslprep (#​3818) (c0d3927)
• NODE-5429: deprecate the AutoEncrypter interface (#​3764) (9bb0d95)
• NODE-5465,NODE-5538: lower @aws-sdk/credential-providers version to 3.188.0 and zstd to ^1.0.0 (#​3821) (39ff81d)

Bug Fixes

• NODE-5489: set kerberos compatibility to ^1.0.0 || ^2.0.0 (#​3803) (c3b35b3)
• NODE-5495: do not emit deprecation warning when tlsCertificateKeyFile is specified and tlsCertificateFile is not (#​3810) (e81d4a2)
• NODE-5537: remove credentials from ConnectionPoolCreatedEvent options (#​3813) (4cf1e96)

Documentation

• Reference
• API
• Changelog

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v5.7.0

Compare Source

Features

• NODE-4929: Add OIDC Azure workflow (#​3670) (b3482f3)
• NODE-5008: add zstd and kerberos to peer deps (#​3691) (9561f32)
• NODE-5241: add option to return modified document (#​3710) (d9c2600)
• NODE-5243: add change stream split event (#​3745) (1c84f82)
• NODE-5274: deprecate write concern options (#​3752) (1f880ea)
• NODE-5287: deprecate ssl options (#​3743) (f9b5677)
• NODE-5319: mark search index api public (#​3741) (c015e54)
• NODE-5407: update bson to 5.4.0 (#​3754) (6a574cf)

Bug Fixes

• NODE-4977: load snappy lazily (#​3726) (865e658)
• NODE-5102: listDatabases nameOnly setting is sent as NaN (#​3742) (b97132e)
• NODE-5289: prevent scram auth from throwing TypeError if saslprep is not a function (#​3727) (e006347)
• NODE-5374: do not apply cursor transform in Cursor.hasNext (#​3746) (0668cd8)

v5.6.0

Compare Source

Features

• NODE-5019: add runCursorCommand API (#​3655) (4da926e)
• NODE-5071: support additional time series options (#​3667) (ccf555d)
• NODE-5314: add search index helpers (#​3672) (f647542)

Bug Fixes

• NODE-5249: remove strict flag from create collection options (#​3677) (be8faaf)
• NODE-5296: construct error messages for AggregateErrors in Node16+ (#​3682) (e03178e)

v5.5.0

Compare Source

Features

• NODE-4720: Add log messages to CMAP spec (#​3645) (b27f385)
• NODE-5004: dont create or drop ecc collections (#​3660) (2264fbb)

Bug Fixes

• NODE-5260: AWS Lambda metadata detection logic is too permissive (#​3663) (d74d3f9)

v5.4.0

Compare Source

Features

• NODE-4814: implement remaining severity logging methods (#​3629) (d7a8079)
• NODE-4815: stringify and truncate BSON documents in log messages (#​3635) (d6bd1d1)
• NODE-4970: deprecate collStats collection helper (#​3638) (325c4bc)
• NODE-5166: bump max wire version for 7.0 (#​3659) (561229b)
• NODE-5191: OIDC Auth Updates (#​3637) (c52a4ed)
• NODE-5207: deprecate unsupported runCommand options and add spec tests (#​3643) (d6d76b4)

Bug Fixes

• NODE-5213: ChangeStream.tryNext() should return TChange type (#​3649) (3b58ca1)

v5.3.0

Compare Source

Features

• NODE-4696: add FaaS env information to client metadata (#​3626) (0424080)
• NODE-4774: deprecate cursor forEach (#​3622) (8d76a71)
• NODE-4791: deprecate duplicate bulk methods (#​3623) (2839e95)
• NODE-4795: deprecate addUser helper (#​3624) (53a0aae)
• NODE-5169: Implement emergency logger (#​3610) (d502eb0)
• NODE-5188: add alternative runtime detection to client metadata (#​3636) (2a26de3)
• NODE-5189: deprecate tcp keepalive options (#​3621) (cc7c75a)

Bug Fixes

• NODE-5042: relax SRV record validation to account for a dot suffix (#​3633) (ad15881)
• NODE-5171: allow upsertedId to be null in UpdateResult (#​3631) (4b5be21)
• NODE-5201: prevent warning when default value for deprecation option is used (#​3646) (e7f6e4e)

v5.2.0

Compare Source

Features

• NODE-5035: enable OIDC authentication (#​3577) (35879f6)
• NODE-5036: reauthenticate OIDC and retry (#​3589) (a41846d)
• NODE-5077: automatic Azure kms credential refresh (#​3599) (8e87e5c)

Bug Fixes

• NODE-3998: metadata duplication in handshake (#​3615) (6d894d6)
• NODE-4518: error message with invalid authMechanism is provided (#undefined) (1a16b7e)
• NODE-4854: set timeout on write and reset on message (#​3582) (4a7b5ec)
• NODE-5106: prevent multiple mongo client connect()s from leaking topology (#​3596) (eb836bb)
• NODE-5126: find operations fail when passed an ObjectId as filter (#​3604) (2647b61)

v5.1.0

Compare Source

Features

• NODE-3445: add support for AssumeRoleWithWebIdentity in aws authentication (#​3556) (e8a30b1)
• NODE-4877: Add support for useBigInt64 (#​3519) (917668c)
• NODE-5034: support OIDC auth options (#​3557) (20a4fec)
• NODE-5050: support GCP automatic credential fetch for CSFLE (#​3574) (722a4a6)

Bug Fixes

• NODE-5044: Write Concern 0 Must Not Affect Read Operations (#​3541) (#​3575) (10146a4)
• NODE-5052: prevent cursor and changestream close logic from running more than once (#​3562) (71d0d79)
• NODE-5064: consolidate connection cleanup logic and ensure socket is always closed (#​3572) (e544d88)

5.0.1 (2023-02-07)

Bug Fixes

• NODE-5027: revert "ensure that MessageStream is destroyed when connections are destroyed" (#​3552) (2d178d0)

v5.0.1

Compare Source

v5.0.0

Compare Source

⚠ BREAKING CHANGES

• NODE-5016: compile ts with target es2020 (#​3545)

Features

• NODE-5016: compile ts with target es2020 (#​3545) (def266a)

Bug Fixes

• NODE-4998: use ipv4 in socks5 tests for node 18 (#​3538) (425dbe0)

v4.17.2

Compare Source

The MongoDB Node.js team is pleased to announce version 4.17.2 of the mongodb package!

Release Notes

Fix connection leak when serverApi is enabled

When enabling serverApi the driver's RTT mesurment logic (used to determine the closest node) still sent the legacy hello command "isMaster" causing the server to return an error. Unfortunately, the error handling logic did not correctly destroy the socket which would cause a leak.

Both sending the correct hello command and the error handling connection clean up logic are fixed in this change.

Bug Fixes

• NODE-5751: RTTPinger always sends legacy hello (#​3923) (bc3d020)

Documentation

• Reference
• API
• Changelog

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v4.17.1

Compare Source

The MongoDB Node.js team is pleased to announce version 4.17.1 of the mongodb package!

Release Notes

Import of saslprep updated to correct library.

Fixes the import of saslprep to be the correct @mongodb-js/saslprep library.

Bug Fixes

• NODE-5573: fix saslprep import (#​3838) (ff6c293)

Documentation

• Reference
• API
• Changelog

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v4.17.0

Compare Source

The MongoDB Node.js team is pleased to announce version 4.17.0 of the mongodb package!

Release Notes

mongodb-js/saslprep is now installed by default

Until v6, the driver included the saslprep package as an optional dependency for SCRAM-SHA-256 authentication. saslprep breaks when bundled with webpack because it attempted to read a file relative to the package location and consequently the driver would throw errors when using SCRAM-SHA-256 if it were bundled.

The driver now depends on mongodb-js/saslprep, a fork of saslprep that can be bundled with webpack because it includes the necessary saslprep data in memory upon loading. This will be installed by default but will only be used if SCRAM-SHA-256 authentication is used.

Remove credential availability on ConnectionPoolCreatedEvent

In order to avoid mistakenly printing credentials the ConnectionPoolCreatedEvent will replace the credentials option with an empty object. The credentials are still accessble via MongoClient options: client.options.credentials.

Features

• NODE-5272: do not create or drop ecc collections (#​3678) (d26ad61)
• NODE-5398: use mongodb-js/saslprep instead of saslprep (#​3820) (5244711)

Bug Fixes

• NODE-5262: AWS Lambda metadata detection logic is too permissive (#​3683) (c0c3d99)
• NODE-5311: construct error messages for AggregateErrors in Node16+ (#​3683) (98b7bdf)
• NODE-5316: prevent parallel topology creation in MongoClient.connect (#​3696) (e13038d)
  • Thank you @​clemclx for contributing this fix! 🎉
• NODE-5356: prevent scram auth from throwing TypeError if saslprep is not a function (#​3732) (2d028af)
• NODE-5536: remove credentials from ConnectionPoolCreatedEvent options (#​3812) (2910dca)

Documentation

• Reference
• API
• Changelog

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v4.16.0

Compare Source

The MongoDB Node.js team is pleased to announce version 4.16.0 of the mongodb package!

Features

• NODE-5159: add FaaS env information to client metadata (#​3639) (e0b20f1)
• NODE-5199: add alternative runtime detection to client metadata (#​3647) (fba16ad)

Bug Fixes

• NODE-5161: metadata duplication in handshake (#​3628) (b790142)
• NODE-5200: relax SRV record validation to account for a dot suffix (#​3640) (4272c43)

Documentation

• Reference
• API
• Changelog

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v4.15.0

Compare Source

The MongoDB Node.js team is pleased to announce version 4.15.0 of the mongodb package!

Features

• NODE-5054: add AssumeRoleWithWebIdentity support to 4x driver (#​3566) ([8a8c386](https://togithub.com/mongodb/node-mongodb-native/commit/8a8

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" in timezone Europe/Amsterdam, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.