fix(deps): update dependency mongodb to v6

[renovate[bot]]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
mongodb	^5.0.0 -> ^6.0.0

---

Release Notes

mongodb/node-mongodb-native (mongodb)

### [`v6.7.0`](https://togithub.com/mongodb/node-mongodb-native/blob/HEAD/HISTORY.md#670-2024-05-29) [Compare Source](https://togithub.com/mongodb/node-mongodb-native/compare/v6.6.2...v6.7.0) ##### Features - **NODE-5464:** OIDC machine and callback workflow ([#​3912](https://togithub.com/mongodb/node-mongodb-native/issues/3912)) ([2ba8434](https://togithub.com/mongodb/node-mongodb-native/commit/2ba8434d10aa02ddf281482cc02ef168c1b2965c)) ##### Bug Fixes - **NODE-6165:** useBigInt64 causes compareTopologyVersion to throw ([#​4109](https://togithub.com/mongodb/node-mongodb-native/issues/4109)) ([21b729b](https://togithub.com/mongodb/node-mongodb-native/commit/21b729b983e2ddbe1dd9cff31f996825a45ec4e0)) ### [`v6.6.2`](https://togithub.com/mongodb/node-mongodb-native/blob/HEAD/HISTORY.md#662-2024-05-15) [Compare Source](https://togithub.com/mongodb/node-mongodb-native/compare/v6.6.1...v6.6.2) ##### Bug Fixes - **NODE-6171:** RTT set to zero when serverMonitoringMode=stream ([#​4110](https://togithub.com/mongodb/node-mongodb-native/issues/4110)) ([7a7ec5b](https://togithub.com/mongodb/node-mongodb-native/commit/7a7ec5b95d0c38b377551c31d03130cd9f1882f6)) ### [`v6.6.1`](https://togithub.com/mongodb/node-mongodb-native/blob/HEAD/HISTORY.md#661-2024-05-06) [Compare Source](https://togithub.com/mongodb/node-mongodb-native/compare/v6.6.0...v6.6.1) ##### Bug Fixes - **NODE-6151:** MongoClient connect does not keep Node.js running ([#​4101](https://togithub.com/mongodb/node-mongodb-native/issues/4101)) ([7e0d9e6](https://togithub.com/mongodb/node-mongodb-native/commit/7e0d9e689859e20ad0fd7aae047fc349e24355c9)) ### [`v6.6.0`](https://togithub.com/mongodb/node-mongodb-native/releases/tag/v6.6.0) [Compare Source](https://togithub.com/mongodb/node-mongodb-native/compare/v6.5.0...v6.6.0) The MongoDB Node.js team is pleased to announce version 6.6.0 of the `mongodb` package! #### Release Notes ##### Aggregation pipelines can now add stages manually When creating an aggregation pipeline cursor, a new generic method `addStage()` has been added in the fluid API for users to add [aggregation pipeline stages](https://www.mongodb.com/docs/manual/reference/operator/aggregation-pipeline/) in a general manner. ```ts const documents = await users.aggregate().addStage({ $project: { name: true } }).toArray(); ``` Thank you [@​prenaissance](https://togithub.com/prenaissance) for contributing this feature! ##### cause and package name included for `MongoMissingDependencyErrors` `MongoMissingDependencyError`s now include a `cause` and a `dependencyName` field, which can be used to programmatically determine which package is missing and why the driver failed to load it. For example: MongoMissingDependencyError: The iHateJavascript module does not exist at findOne (mongodb/main.js:7:11) at Object. (mongodb/main.js:14:1) ... 3 lines matching cause stack trace ... at Module._load (node:internal/modules/cjs/loader:1021:12) { dependencyName: 'iHateJavascript', [Symbol(errorLabels)]: Set(0) {}, [cause]: Error: Cannot find module 'iHateJavascript' Require stack: - mongodb/main.js at require (node:internal/modules/helpers:179:18) at findOne (mongodb/main.js:5:5) at Object. (mongodb/main.js:14:1) { code: 'MODULE_NOT_FOUND', requireStack: [ 'mongodb/main.js' ] } } ##### `ServerDescription` Round Trip Time (RTT) measurement changes ##### (1) `ServerDescription.roundTripTime` is now a moving average Previously, `ServerDescription.roundTripTime` was calculated as a weighted average of the most recently observed heartbeat duration and the previous duration. This update changes this behaviour to average `ServerDescription.roundTripTime` over the last 10 observed heartbeats. This should reduce the likelihood that the selected server changes as a result of momentary spikes in server latency. ##### (2) Added `minRoundTripTime` to `ServerDescription` A new `minRoundTripTime` property is now available on the `ServerDescription` class which gives the minimum RTT over the last 10 heartbeats. Note that this value will be reported as 0 when fewer than 2 samples have been observed. ##### `type` supported in `SearchIndexDescription` It is now possible to specify the type of a search index when [creating a search index](https://www.mongodb.com/docs/atlas/atlas-search/create-index/): ```typescript const indexName = await collection.createSearchIndex({ name: 'my-vector-search-index', // new! specifies that a `vectorSearch` index is created type: 'vectorSearch', definition: { mappings: { dynamic: false } } }); ``` ##### `Collection.findOneAndModify`'s `UpdateFilter.$currentDate` no longer throws on collections with limited schema Example: ```typescript // collection has no schema collection.update( $currentData: { lastModified: true } // no longer throws a TS error ); ``` ##### `TopologyDescription` now properly stringifies itself to JSON The `TopologyDescription` class is exposed by the driver in server selection errors and topology monitoring events to provide insight into the driver's current representation of the server's topology and to aid in debugging. However, the TopologyDescription uses `Map`s internally, which get serialized to `{}` when JSON stringified. We recommend using Node's `util.inspect()` helper to print topology descriptions because `inspect` properly handles all JS types and all types we use in the driver. However, if JSON must be used, the `TopologyDescription` now provides a custom `toJSON()` hook: ```typescript client.on('topologyDescriptionChanged', ({ newDescription }) => { // recommended! console.log('topology description changed', inspect(newDescription, { depth: Infinity, colors: true })) // now properly prints the entire topology description console.log('topology description changed', JSON.stringify(newDescription)) }); ``` ##### Omit `readConcern` and `writeConcern` in `Collection.listSearchIndexes` options argument > \[!Important]\ > `readConcern` and `writeConcern` are no longer viable keys in the options argument passed into `Collection.listSearchIndexes` This type change is a correctness fix. `Collection.listSearchIndexes` is an Atlas specific method, and Atlas' search indexes do not support `readConcern` and `writeConcern` options. The types for this function now reflect this functionality. ##### Don't throw error when non-read operation in a transaction has a `ReadPreferenceMode` other than `'primary'` The following error will now only be thrown when a user provides a `ReadPreferenceMode` other than `primary` and then tries to perform a command that involves a read: ```javascript new MongoTransactionError('Read preference in a transaction must be primary'); ``` Prior to this change, the Node Driver would incorrectly throw this error even when the operation does not perform a read. Note: a `RunCommandOperation` is treated as a read operation for this error. ##### `TopologyDescription.error` type is `MongoError` > \[!Important]\ > The `TopologyDescription.error` property type is now `MongoError` rather than `MongoServerError`. This type change is a correctness fix. Before this change, the following errors that were not instances of `MongoServerError` were already passed into `TopologyDescription.error` at runtime: - `MongoNetworkError` (excluding `MongoNetworkRuntimeError`) - `MongoError` with a `MongoErrorLabel.HandshakeError` label ##### `indexExists()` no longer supports the `full` option The `Collection.indexExists()` helper supported an option, `full`, that modified the internals of the method. When `full` was set to `true`, the driver would always return `false`, regardless of whether or not the index exists. The `full` option is intended to modify the return type of index enumeration APIs (`Collection.indexes()` and `Collection.indexInformation()`, but since the return type of `Collection.indexExists()` this option does not make sense for the `Collection.indexExists()` helper. We have removed support for this option. ##### `indexExists()`, `indexes()` and `indexInformation()` support cursor options in Typescript These APIs have supported cursor options at runtime since the 4.x version of the driver, but our Typescript has incorrectly omitted cursor options from these APIs. ##### Index information helpers have accurate Typescript return types `Collection.indexInformation()`, `Collection.indexes()` and `Db.indexInformation()` are helpers that return index information for a given collection or database. These helpers take an option, `full`, that configures whether the return value contains full index descriptions or a compact summary: ```typescript collection.indexes({ full: true }); // returns an array of index descriptions collection.indexes({ full: false }); // returns an object, mapping index names to index keys ``` However, the Typescript return type of these helpers was always `Document`. Thanks to [@​prenaissance](https://togithub.com/prenaissance), these helpers now have accurate type information! The helpers return a new type, `IndexDescriptionCompact | IndexDescriptionInfo[]`, which accurately reflects the return type of these helpers. The helpers also support type narrowing by providing a boolean literal as an option to the API: ```typescript collection.indexes(); // returns `IndexDescriptionCompact | IndexDescriptionInfo[]` collection.indexes({ full: false }); // returns an `IndexDescriptionCompact` collection.indexes({ full: true }); // returns an `IndexDescriptionInfo[]` collection.indexInfo(); // returns `IndexDescriptionCompact | IndexDescriptionInfo[]` collection.indexInfo({ full: false }); // returns an `IndexDescriptionCompact` collection.indexInfo({ full: true }); // returns an `IndexDescriptionInfo[]` db.indexInfo(); // returns `IndexDescriptionCompact | IndexDescriptionInfo[]` db.indexInfo({ full: false }); // returns an `IndexDescriptionCompact` db.indexInfo({ full: true }); // returns an `IndexDescriptionInfo[]` ``` ##### AWS credentials with expirations no longer throw when using on-demand AWS KMS credentials In addition to letting users provide KMS credentials manually, client-side encryption supports fetching AWS KMS credentials on-demand using the AWS SDK. However, AWS credential mechanisms that returned access keys with expiration timestamps caused the driver to throw an error. The driver will no longer throw an error when receiving an expiration token from the AWS SDK. ##### `ClusterTime` interface `signature` optionality The `ClusterTime` interface incorrectly reported the `signature` field as required, [the server may omit it](https://togithub.com/mongodb/mongo/blob/r8.0.0-rc4/src/mongo/db/vector_clock.idl#L47-L58), so the typescript has been updated to reflect reality. #### Summary ##### Features - **NODE-3639:** add a general stage to the aggregation pipeline builder ([#​4079](https://togithub.com/mongodb/node-mongodb-native/issues/4079)) ([8fca1aa](https://togithub.com/mongodb/node-mongodb-native/commit/8fca1aaaeb611e26745c837868b7e7f47b287ad5)) - **NODE-5678:** add options parsing support for `timeoutMS` and `defaultTimeoutMS` ([#​4068](https://togithub.com/mongodb/node-mongodb-native/issues/4068)) ([ddd1e81](https://togithub.com/mongodb/node-mongodb-native/commit/ddd1e81c970ae16b8b7adc7045832462d283e43c)) - **NODE-5762:** include `cause` and package name for all `MongoMissingDependencyError`s ([#​4067](https://togithub.com/mongodb/node-mongodb-native/issues/4067)) ([62ea94b](https://togithub.com/mongodb/node-mongodb-native/commit/62ea94b9f529d1b850c77fb5219014159b4d27ab)) - **NODE-5825:** add `minRoundTripTime` to `ServerDescription` and change `roundTripTime` to a moving average ([#​4059](https://togithub.com/mongodb/node-mongodb-native/issues/4059)) ([0e3d6ea](https://togithub.com/mongodb/node-mongodb-native/commit/0e3d6ead735ed067bd044c8d0c9c307d970f1986)) - **NODE-5919:** support new `type` option in create search index helpers ([#​4060](https://togithub.com/mongodb/node-mongodb-native/issues/4060)) ([3598c23](https://togithub.com/mongodb/node-mongodb-native/commit/3598c23bff588f4f05f0f456261eb558d6f48cbf)) - **NODE-6020:** upgrade `bson` to ^6.5.0 ([#​4035](https://togithub.com/mongodb/node-mongodb-native/issues/4035)) ([8ab2055](https://togithub.com/mongodb/node-mongodb-native/commit/8ab205569436a629f8b7b8bbc7f6cb29a3939864)) - **NODE-6149:** upgrade `bson` to ^6.7.0 ([#​4099](https://togithub.com/mongodb/node-mongodb-native/pull/4099)) ([7f191cf](https://togithub.com/mongodb/node-mongodb-native/commit/7f191cf85631408a384be2afd7f6171dfe832f77)) ##### Bug Fixes - **NODE-3681:** Typescript error in `Collection.findOneAndModify` `UpdateFilter.$currentDate` ([#​4047](https://togithub.com/mongodb/node-mongodb-native/issues/4047)) ([a8670a7](https://togithub.com/mongodb/node-mongodb-native/commit/a8670a76cd2746e8353504c100050b474d844f36)) - **NODE-5530:** make topology descriptions JSON stringifiable ([#​4070](https://togithub.com/mongodb/node-mongodb-native/issues/4070)) ([3a0e011](https://togithub.com/mongodb/node-mongodb-native/commit/3a0e01191be5836c4d41bd92c5cc64141b531dda)) - **NODE-5745:** ignore Read/Write Concern in Atlas Search Index Helpers ([#​4042](https://togithub.com/mongodb/node-mongodb-native/issues/4042)) ([67d7bab](https://togithub.com/mongodb/node-mongodb-native/commit/67d7bab434164fa9a81e22edde9339f89be91f65)) - **NODE-5925:** driver throws error when non-read operation in a transaction has a `ReadPreferenceMode` other than `primary` ([#​4075](https://togithub.com/mongodb/node-mongodb-native/issues/4075)) ([39fc198](https://togithub.com/mongodb/node-mongodb-native/commit/39fc198b8fd2baed17c3aec223ca43094bb1c147)) - **NODE-5971:** attach `v` to `createIndexes` command when `version` is specified ([#​4043](https://togithub.com/mongodb/node-mongodb-native/issues/4043)) ([1879a04](https://togithub.com/mongodb/node-mongodb-native/commit/1879a04b9053e8c77c6957e415886c534fe9992b)) - **NODE-5999:** Change `TopologyDescription.error` type to `MongoError` ([#​4028](https://togithub.com/mongodb/node-mongodb-native/issues/4028)) ([30432e8](https://togithub.com/mongodb/node-mongodb-native/commit/30432e8664cb142e999159e5d06ceaaf14f51eb8)) - **NODE-6019:** indexExists always returns false when `full` is set to `true` ([#​4034](https://togithub.com/mongodb/node-mongodb-native/issues/4034)) ([0ebc1ac](https://togithub.com/mongodb/node-mongodb-native/commit/0ebc1ac099a2ee869d8c1cb1c7632422c4e6a7ba)) - **NODE-6029:** update types for collection listing indexes ([#​4072](https://togithub.com/mongodb/node-mongodb-native/issues/4072)) ([232bf3c](https://togithub.com/mongodb/node-mongodb-native/commit/232bf3cb9e41b717680ad0a5678bbc16d3cc243f)) - **NODE-6051:** only provide expected allowed keys to `libmongocrypt` after fetching AWS KMS credentials ([#​4057](https://togithub.com/mongodb/node-mongodb-native/issues/4057)) ([c604e74](https://togithub.com/mongodb/node-mongodb-native/commit/c604e74e2ca0bcf827441558e40cecbaf9f4fe94)) - **NODE-6066:** `ClusterTime.signature` can be undefined ([#​4069](https://togithub.com/mongodb/node-mongodb-native/issues/4069)) ([ce55ca9](https://togithub.com/mongodb/node-mongodb-native/commit/ce55ca9f5c7ea81058627b60e2cec5482d2be1f6)) ##### Performance Improvements - **NODE-6127:** move error construction into `setTimeout` callback ([#​4094](https://togithub.com/mongodb/node-mongodb-native/issues/4094)) ([6abc074](https://togithub.com/mongodb/node-mongodb-native/commit/6abc074b3b1f2bbcc5d7252ab4cbfbd729fb4eb2)) #### Documentation - [Reference](https://docs.mongodb.com/drivers/node/current/) - [API](https://mongodb.github.io/node-mongodb-native/6.6/) - [Changelog](https://togithub.com/mongodb/node-mongodb-native/blob/v6.6.0/HISTORY.md) We invite you to try the `mongodb` library immediately, and report any issues to the [NODE project](https://jira.mongodb.org/projects/NODE). ### [`v6.5.0`](https://togithub.com/mongodb/node-mongodb-native/blob/HEAD/HISTORY.md#650-2024-03-11) [Compare Source](https://togithub.com/mongodb/node-mongodb-native/compare/v6.4.0...v6.5.0) ##### Features - **NODE-5968:** container and Kubernetes awareness in client metadata ([#​4005](https://togithub.com/mongodb/node-mongodb-native/issues/4005)) ([28b7040](https://togithub.com/mongodb/node-mongodb-native/commit/28b70408d0153e6b1118f3dd9cfbcfa30abe29f0)) - **NODE-5988:** Provide access to raw results doc on MongoServerError ([#​4016](https://togithub.com/mongodb/node-mongodb-native/issues/4016)) ([c023242](https://togithub.com/mongodb/node-mongodb-native/commit/c02324218db18e7c51f5b775f35edacc084762b0)) - **NODE-6008:** deprecate CloseOptions interface ([#​4030](https://togithub.com/mongodb/node-mongodb-native/issues/4030)) ([f6cd8d9](https://togithub.com/mongodb/node-mongodb-native/commit/f6cd8d991b8dc8ca6d28964e46839c79727de669)) ##### Bug Fixes - **NODE-5636:** generate \_ids using pkFactory in bulk write operations ([#​4025](https://togithub.com/mongodb/node-mongodb-native/issues/4025)) ([fbb5059](https://togithub.com/mongodb/node-mongodb-native/commit/fbb505906cc171ae01279025d42f6ea1c3e7e299)) - **NODE-5981:** read preference not applied to commands properly ([#​4010](https://togithub.com/mongodb/node-mongodb-native/issues/4010)) ([937c9c8](https://togithub.com/mongodb/node-mongodb-native/commit/937c9c890b6ad9be04823702b1b92b548ef4de9b)) - **NODE-5985:** throw Nodejs' certificate expired error when TLS fails to connect instead of `CERT_HAS_EXPIRED` ([#​4014](https://togithub.com/mongodb/node-mongodb-native/issues/4014)) ([057c223](https://togithub.com/mongodb/node-mongodb-native/commit/057c223f13a0d129aa9efc01ba3c9b48271e7b97)) - **NODE-5993:** memory leak in the `Connection` class ([#​4022](https://togithub.com/mongodb/node-mongodb-native/issues/4022)) ([69de253](https://togithub.com/mongodb/node-mongodb-native/commit/69de2537314fe25a5c3fa83f73235cfa7e7f729d)) ##### Performance Improvements - **NODE-5986:** parallelize SRV/TXT resolution ([#​4012](https://togithub.com/mongodb/node-mongodb-native/issues/4012)) ([eab8f23](https://togithub.com/mongodb/node-mongodb-native/commit/eab8f2338622218a1e57121a31cad493f462931b)) ### [`v6.4.0`](https://togithub.com/mongodb/node-mongodb-native/blob/HEAD/HISTORY.md#640-2024-02-29) [Compare Source](https://togithub.com/mongodb/node-mongodb-native/compare/v6.3.0...v6.4.0) ##### Features - **NODE-3449:** Add serverConnectionId to Command Monitoring Spec ([735f7aa](https://togithub.com/mongodb/node-mongodb-native/commit/735f7aa17c2403044c015c0eb0fc7e4be08c0983)) - **NODE-3470:** retry selects another mongos ([#​3963](https://togithub.com/mongodb/node-mongodb-native/issues/3963)) ([84959ee](https://togithub.com/mongodb/node-mongodb-native/commit/84959ee27135abd04e4009b0adfebc7889d9139f)) - **NODE-3689:** require hello command for connection handshake to use OP_MSG disallowing OP_QUERY ([#​3938](https://togithub.com/mongodb/node-mongodb-native/issues/3938)) ([ce7df0f](https://togithub.com/mongodb/node-mongodb-native/commit/ce7df0f79ed764d4a36caf1562cea4f5015c0ea6)) - **NODE-4686:** Add log messages to CLAM ([#​3955](https://togithub.com/mongodb/node-mongodb-native/issues/3955)) ([e3bfa30](https://togithub.com/mongodb/node-mongodb-native/commit/e3bfa30eefe6b0a79141b32029d8e44d426275d6)) - **NODE-4687:** Add logging to server selection ([#​3946](https://togithub.com/mongodb/node-mongodb-native/issues/3946)) ([7f3ce0b](https://togithub.com/mongodb/node-mongodb-native/commit/7f3ce0bb8d4173739e5a3ffe9041dd11b28f9b08)) - **NODE-4719:** add SDAM Logging Spec ([#​3940](https://togithub.com/mongodb/node-mongodb-native/issues/3940)) ([a3c0298](https://togithub.com/mongodb/node-mongodb-native/commit/a3c02983bc9cead125373d86a5c47cf8f4e40f9e)) - **NODE-4847:** Add config error handling to logging ([#​3970](https://togithub.com/mongodb/node-mongodb-native/issues/3970)) ([8f7bb59](https://togithub.com/mongodb/node-mongodb-native/commit/8f7bb593cbd1b2cd69c76702dbd1125479d1055a)) - **NODE-5717:** make ExceededTimeLimit retryable reads error ([#​3947](https://togithub.com/mongodb/node-mongodb-native/issues/3947)) ([106ab09](https://togithub.com/mongodb/node-mongodb-native/commit/106ab092d0fe184509551c55b6b0fe817fa6ba21)) - **NODE-5885:** upgrade BSON to `^6.3.0` ([#​3983](https://togithub.com/mongodb/node-mongodb-native/issues/3983)) ([9401d09](https://togithub.com/mongodb/node-mongodb-native/commit/9401d09af4def8bfbeff65e70863be5d13b3dd61)) - **NODE-5939:** Implement 6.x: cache the AWS credentials provider in the MONGODB-AWS auth logic ([#​3991](https://togithub.com/mongodb/node-mongodb-native/issues/3991)) ([e0a37e5](https://togithub.com/mongodb/node-mongodb-native/commit/e0a37e594919d173762b0c64a24bb0291b159fa5)) - **NODE-5978:** upgrade BSON to ^6.4.0 ([#​4007](https://togithub.com/mongodb/node-mongodb-native/issues/4007)) ([90f2f70](https://togithub.com/mongodb/node-mongodb-native/commit/90f2f70ba61e598fd3c69c1e2a5ae4297fe8f333)) ##### Bug Fixes - **NODE-5127:** implement reject kmsRequest on server close ([#​3964](https://togithub.com/mongodb/node-mongodb-native/issues/3964)) ([568e05f](https://togithub.com/mongodb/node-mongodb-native/commit/568e05fdc3d78882e925e8e799aca6fb86c88295)) - **NODE-5609:** node driver omits base64 padding in sasl-continue command ([#​3975](https://togithub.com/mongodb/node-mongodb-native/issues/3975)) ([b7d28d3](https://togithub.com/mongodb/node-mongodb-native/commit/b7d28d3135fa298d693aa22d2f1713054c5b0751)) - **NODE-5765:** change type for countDocuments ([#​3932](https://togithub.com/mongodb/node-mongodb-native/issues/3932)) ([22cae0f](https://togithub.com/mongodb/node-mongodb-native/commit/22cae0fbc0ad4043e27210577427870b8ec287f5)) - **NODE-5791:** type error with $addToSet in bulkWrite ([#​3953](https://togithub.com/mongodb/node-mongodb-native/issues/3953)) ([b93d405](https://togithub.com/mongodb/node-mongodb-native/commit/b93d405275c3a8ce6b1eba0af335ffb2a309e34e)) - **NODE-5818:** Add feature flagging to server selection logging ([#​3974](https://togithub.com/mongodb/node-mongodb-native/issues/3974)) ([55203ef](https://togithub.com/mongodb/node-mongodb-native/commit/55203ef53d085518fd0acaf4b23d4a987cf6736d)) - **NODE-5839:** support for multibyte code-points in stringifyWithMaxLen ([#​3979](https://togithub.com/mongodb/node-mongodb-native/issues/3979)) ([aed1cf0](https://togithub.com/mongodb/node-mongodb-native/commit/aed1cf0d2b1083e24997e49bfe7f5416e944466e)) - **NODE-5840:** heartbeat duration includes socket creation ([#​3973](https://togithub.com/mongodb/node-mongodb-native/issues/3973)) ([a42039b](https://togithub.com/mongodb/node-mongodb-native/commit/a42039b9d03f1fc4d58f6edc641a839bc0364cd2)) - **NODE-5901:** propagate errors to transformed stream in cursor ([#​3985](https://togithub.com/mongodb/node-mongodb-native/issues/3985)) ([ecfc615](https://togithub.com/mongodb/node-mongodb-native/commit/ecfc6157786360832d1afb4294d76f83a90a9d70)) - **NODE-5944:** make AWS session token optional ([#​4002](https://togithub.com/mongodb/node-mongodb-native/issues/4002)) ([f26de76](https://togithub.com/mongodb/node-mongodb-native/commit/f26de764c7ee5034992ec5978175fc50f29fc690)) ##### Performance Improvements - **NODE-5771:** improve new connection ([#​3948](https://togithub.com/mongodb/node-mongodb-native/issues/3948)) ([a4776cf](https://togithub.com/mongodb/node-mongodb-native/commit/a4776cfe638c4e51cb690e43b941153d4f36a30a)) - **NODE-5854:** Conditional logger instantiation and precompute willLog perf fix ([#​3984](https://togithub.com/mongodb/node-mongodb-native/issues/3984)) ([a63fbc2](https://togithub.com/mongodb/node-mongodb-native/commit/a63fbc2a98a2b0ed88bfe2cd5f59e9feee97820b)) - **NODE-5928:** consolidate signal use and abort promise wrap ([#​3992](https://togithub.com/mongodb/node-mongodb-native/issues/3992)) ([38742c2](https://togithub.com/mongodb/node-mongodb-native/commit/38742c2849d00e6a6070329b5c6a19704f40eb89)) ### [`v6.3.0`](https://togithub.com/mongodb/node-mongodb-native/blob/HEAD/HISTORY.md#630-2023-11-15) [Compare Source](https://togithub.com/mongodb/node-mongodb-native/compare/v6.2.0...v6.3.0) ##### Features - **NODE-3881:** require hello command + OP_MSG when 'loadBalanced=True' ([#​3907](https://togithub.com/mongodb/node-mongodb-native/issues/3907)) ([fd58eec](https://togithub.com/mongodb/node-mongodb-native/commit/fd58eec441d99493aff5c62bcc170c469efa679b)) - **NODE-4849:** Add Typescript support for log path in client options ([#​3886](https://togithub.com/mongodb/node-mongodb-native/issues/3886)) ([f495abb](https://togithub.com/mongodb/node-mongodb-native/commit/f495abb0e25755e867b311a19c8cd35a4c606aa4)) - **NODE-4878:** Add remaining log configurable client options ([#​3908](https://togithub.com/mongodb/node-mongodb-native/issues/3908)) ([54adc9f](https://togithub.com/mongodb/node-mongodb-native/commit/54adc9f65b5924ffa9730a9adf0a8162a284277e)) - **NODE-5197:** add server monitoring mode ([#​3899](https://togithub.com/mongodb/node-mongodb-native/issues/3899)) ([ae4c94a](https://togithub.com/mongodb/node-mongodb-native/commit/ae4c94a1ac8bd402c047263e39a55d65488cc2a3)) - **NODE-5452:** Logging Cosmos Document DB Info Message ([#​3902](https://togithub.com/mongodb/node-mongodb-native/issues/3902)) ([bb5fa43](https://togithub.com/mongodb/node-mongodb-native/commit/bb5fa43ce58f11d4961f1feaa0d6e58ef6bd8378)) - **NODE-5590:** deprecate GridFS fields ([#​3905](https://togithub.com/mongodb/node-mongodb-native/issues/3905)) ([d2225da](https://togithub.com/mongodb/node-mongodb-native/commit/d2225da322d9367a9216e554e7fe927fb1cd08aa)) ##### Bug Fixes - **NODE-4863:** do not use RetryableWriteError for non-server errors ([#​3914](https://togithub.com/mongodb/node-mongodb-native/issues/3914)) ([08c9fb4](https://togithub.com/mongodb/node-mongodb-native/commit/08c9fb4386736fad4a8df0174025e71971c1b6ff)) - **NODE-5709:** bump mongodb-connection-string-url to 3.0.0 ([#​3909](https://togithub.com/mongodb/node-mongodb-native/issues/3909)) ([1c3dc02](https://togithub.com/mongodb/node-mongodb-native/commit/1c3dc0259c0758f3b16de3a696d2c40df32f8ad7)) - **NODE-5749:** RTTPinger always sends legacy hello ([#​3921](https://togithub.com/mongodb/node-mongodb-native/issues/3921)) ([ebbfb8a](https://togithub.com/mongodb/node-mongodb-native/commit/ebbfb8a0ba0a17fafa39f777a9546d0351ff66e2)) ### [`v6.2.0`](https://togithub.com/mongodb/node-mongodb-native/blob/HEAD/HISTORY.md#620-2023-10-19) [Compare Source](https://togithub.com/mongodb/node-mongodb-native/compare/v6.1.0...v6.2.0) ##### Features - **NODE-5613:** add `awaited` field to SDAM heartbeat events ([#​3895](https://togithub.com/mongodb/node-mongodb-native/issues/3895)) ([b50aadc](https://togithub.com/mongodb/node-mongodb-native/commit/b50aadca7e5e471283ebaccff5b98c099c57fa55)) - update bson to 6.2.0 ([#​3898](https://togithub.com/mongodb/node-mongodb-native/issues/3898)) ([32b7176](https://togithub.com/mongodb/node-mongodb-native/commit/32b7176af6af4d6bd455200da64d0fde07ce0806)) ##### Bug Fixes - **NODE-5496:** remove client-side collection and database name check validation ([#​3873](https://togithub.com/mongodb/node-mongodb-native/issues/3873)) ([98550c6](https://togithub.com/mongodb/node-mongodb-native/commit/98550c6ad5b7c268707d3e9e2367ca56f71298ad)) - **NODE-5628:** bulkWriteResult.insertedIds does not filter out \_ids that are not actually inserted ([#​3867](https://togithub.com/mongodb/node-mongodb-native/issues/3867)) ([09f2a67](https://togithub.com/mongodb/node-mongodb-native/commit/09f2a6796b4f1ecec4880678e19375a07e446949)) - **NODE-5706:** make findOne() close implicit session to avoid memory leak ([#​3897](https://togithub.com/mongodb/node-mongodb-native/issues/3897)) ([995d138](https://togithub.com/mongodb/node-mongodb-native/commit/995d13805d4d4e35eac41c2264979dd84b1e4dd3)) ### [`v6.1.0`](https://togithub.com/mongodb/node-mongodb-native/blob/HEAD/HISTORY.md#610-2023-09-14) [Compare Source](https://togithub.com/mongodb/node-mongodb-native/compare/v6.0.0...v6.1.0) ##### Features - **NODE-5634:** bump bson version to ^6.1.0 ([#​3866](https://togithub.com/mongodb/node-mongodb-native/issues/3866)) ([c6edabb](https://togithub.com/mongodb/node-mongodb-native/commit/c6edabb8fa4c6f8d80b028a96eacd26975460f8a)) ##### Bug Fixes - **NODE-5551:** set AWS region from environment variable for STSClient ([#​3831](https://togithub.com/mongodb/node-mongodb-native/issues/3831)) ([e9a5079](https://togithub.com/mongodb/node-mongodb-native/commit/e9a50793143c53f5f70a720e17cf6683f56f7229)) - **NODE-5588:** recursive calls to next cause memory leak ([#​3841](https://togithub.com/mongodb/node-mongodb-native/issues/3841)) ([9a8fdb2](https://togithub.com/mongodb/node-mongodb-native/commit/9a8fdb22853a7a84dfa8b8e87a6b5d808ae00b6e)) ### [`v6.0.0`](https://togithub.com/mongodb/node-mongodb-native/blob/HEAD/HISTORY.md#600-2023-08-28) [Compare Source](https://togithub.com/mongodb/node-mongodb-native/compare/v5.9.2...v6.0.0) ##### ⚠ BREAKING CHANGES - **NODE-5584:** adopt bson v6 and mongodb-client-encryption v6 ([#​3845](https://togithub.com/mongodb/node-mongodb-native/issues/3845)) - **NODE-5484:** mark MongoError for internal use and remove Node14 cause assignment logic ([#​3800](https://togithub.com/mongodb/node-mongodb-native/issues/3800)) - **NODE-4788:** use implementer Writable methods for GridFSBucketWriteStream ([#​3808](https://togithub.com/mongodb/node-mongodb-native/issues/3808)) - **NODE-4986:** remove callbacks from ClientEncryption encrypt, decrypt, and createDataKey ([#​3797](https://togithub.com/mongodb/node-mongodb-native/issues/3797)) - **NODE-5490:** bump kerberos compatibility to ^2.0.1 ([#​3798](https://togithub.com/mongodb/node-mongodb-native/issues/3798)) - **NODE-3568:** ensure includeResultsMetadata is false by default ([#​3786](https://togithub.com/mongodb/node-mongodb-native/issues/3786)) - **NODE-3989:** only accept true and false for boolean options ([#​3791](https://togithub.com/mongodb/node-mongodb-native/issues/3791)) - **NODE-5233:** prevent session from one client from being used on another ([#​3790](https://togithub.com/mongodb/node-mongodb-native/issues/3790)) - **NODE-5444:** emit deprecation warning for useNewUrlParser and useUnifiedTopology ([#​3792](https://togithub.com/mongodb/node-mongodb-native/issues/3792)) - **NODE-5470:** convert remaining FLE to TS and drop support for `onKMSProvidersRefresh` ([#​3787](https://togithub.com/mongodb/node-mongodb-native/issues/3787)) - **NODE-5508:** remove EvalOperation and EvalOptions ([#​3795](https://togithub.com/mongodb/node-mongodb-native/issues/3795)) - **NODE-3920:** validate options are not repeated in connection string ([#​3788](https://togithub.com/mongodb/node-mongodb-native/issues/3788)) - **NODE-3924:** read tls files async ([#​3776](https://togithub.com/mongodb/node-mongodb-native/issues/3776)) - **NODE-5430:** make AutoEncrypter and MongoClient.autoEncrypter internal ([#​3789](https://togithub.com/mongodb/node-mongodb-native/issues/3789)) - **NODE-4961:** remove command result from commit and abort transaction APIs ([#​3784](https://togithub.com/mongodb/node-mongodb-native/issues/3784)) - **NODE-2014:** return executor result from withSession and withTransaction ([#​3783](https://togithub.com/mongodb/node-mongodb-native/issues/3783)) - **NODE-5409:** allow socks to be installed optionally ([#​3782](https://togithub.com/mongodb/node-mongodb-native/issues/3782)) - **NODE-4796:** remove addUser and collection.stats APIs ([#​3781](https://togithub.com/mongodb/node-mongodb-native/issues/3781)) - **NODE-4936:** remove unsupported options from db.command and admin.command ([#​3775](https://togithub.com/mongodb/node-mongodb-native/issues/3775)) - **NODE-5228:** remove unneeded fields from ConnectionPoolCreatedEvent.options ([#​3772](https://togithub.com/mongodb/node-mongodb-native/issues/3772)) - **NODE-5190:** remove deprecated keep alive options ([#​3771](https://togithub.com/mongodb/node-mongodb-native/issues/3771)) - **NODE-5186:** remove duplicate BulkWriteResult accessors ([#​3766](https://togithub.com/mongodb/node-mongodb-native/issues/3766)) - **NODE-5376:** remove deprecated ssl options ([#​3755](https://togithub.com/mongodb/node-mongodb-native/issues/3755)) - **NODE-5415:** bump minimum Node.js version to v16.20.1 ([#​3760](https://togithub.com/mongodb/node-mongodb-native/issues/3760)) ##### Features - **NODE-2014:** return executor result from withSession and withTransaction ([#​3783](https://togithub.com/mongodb/node-mongodb-native/issues/3783)) ([65aa288](https://togithub.com/mongodb/node-mongodb-native/commit/65aa288a28a9e8859f4fd75f176961ef3d9747f0)) - **NODE-3568:** ensure includeResultsMetadata is false by default ([#​3786](https://togithub.com/mongodb/node-mongodb-native/issues/3786)) ([fee8d3e](https://togithub.com/mongodb/node-mongodb-native/commit/fee8d3e094846222035962c75a207e14b70325c7)) - **NODE-3920:** validate options are not repeated in connection string ([#​3788](https://togithub.com/mongodb/node-mongodb-native/issues/3788)) ([11631a2](https://togithub.com/mongodb/node-mongodb-native/commit/11631a2b63e7102602ce2b2e452fd61ee5a46d05)) - **NODE-3924:** read tls files async ([#​3776](https://togithub.com/mongodb/node-mongodb-native/issues/3776)) ([68adaf1](https://togithub.com/mongodb/node-mongodb-native/commit/68adaf1e5d5ee8cf8f0468380d7a7b3113facc07)) - **NODE-3989:** only accept true and false for boolean options ([#​3791](https://togithub.com/mongodb/node-mongodb-native/issues/3791)) ([e2e36cc](https://togithub.com/mongodb/node-mongodb-native/commit/e2e36ccbb30de217d7ca2014d8591b574360d557)) - **NODE-4796:** remove addUser and collection.stats APIs ([#​3781](https://togithub.com/mongodb/node-mongodb-native/issues/3781)) ([e79ac9d](https://togithub.com/mongodb/node-mongodb-native/commit/e79ac9da9fce35e1ea9b26fc4a97a79826a6a687)) - **NODE-4961:** remove command result from commit and abort transaction APIs ([#​3784](https://togithub.com/mongodb/node-mongodb-native/issues/3784)) ([71c5936](https://togithub.com/mongodb/node-mongodb-native/commit/71c593685735a08d5d7503120464a7c23ba20a46)) - **NODE-4986:** remove callbacks from ClientEncryption encrypt, decrypt, and createDataKey ([#​3797](https://togithub.com/mongodb/node-mongodb-native/issues/3797)) ([51a573f](https://togithub.com/mongodb/node-mongodb-native/commit/51a573fe99506b81c7ab808898eb9eb63f58f600)) - **NODE-5186:** remove duplicate BulkWriteResult accessors ([#​3766](https://togithub.com/mongodb/node-mongodb-native/issues/3766)) ([8693987](https://togithub.com/mongodb/node-mongodb-native/commit/8693987b66dff745c8421ac9cdc29dc772b1f675)) - **NODE-5190:** remove deprecated keep alive options ([#​3771](https://togithub.com/mongodb/node-mongodb-native/issues/3771)) ([7ade907](https://togithub.com/mongodb/node-mongodb-native/commit/7ade9079fa78538069604a5b42ad13ffbb80af46)) - **NODE-5233:** prevent session from one client from being used on another ([#​3790](https://togithub.com/mongodb/node-mongodb-native/issues/3790)) ([9268b35](https://togithub.com/mongodb/node-mongodb-native/commit/9268b35d5ba0736ff38e691024d89f1ac6c28515)) - **NODE-5376:** remove deprecated ssl options ([#​3755](https://togithub.com/mongodb/node-mongodb-native/issues/3755)) ([ee56c8e](https://togithub.com/mongodb/node-mongodb-native/commit/ee56c8eebf22b2f90885513e699d209c63379846)) - **NODE-5396:** add `mongodb-js/saslprep` as a required dependency ([#​3815](https://togithub.com/mongodb/node-mongodb-native/issues/3815)) ([bd031fc](https://togithub.com/mongodb/node-mongodb-native/commit/bd031fc26bdbae7ac8a73cccc06e11da7160d656)) - **NODE-5409:** allow socks to be installed optionally ([#​3782](https://togithub.com/mongodb/node-mongodb-native/issues/3782)) ([787bdbf](https://togithub.com/mongodb/node-mongodb-native/commit/787bdbf3f7bd974aca1347de427e973217c90009)) - **NODE-5415:** bump minimum Node.js version to v16.20.1 ([#​3760](https://togithub.com/mongodb/node-mongodb-native/issues/3760)) ([de158b2](https://togithub.com/mongodb/node-mongodb-native/commit/de158b245d809e6600c178303a033997d4181ade)) - **NODE-5430:** make AutoEncrypter and MongoClient.autoEncrypter internal ([#​3789](https://togithub.com/mongodb/node-mongodb-native/issues/3789)) ([b16ef9e](https://togithub.com/mongodb/node-mongodb-native/commit/b16ef9ed2cbb141c1c8c071ed0d51bc0993dc423)) - **NODE-5444:** emit deprecation warning for useNewUrlParser and useUnifiedTopology ([#​3792](https://togithub.com/mongodb/node-mongodb-native/issues/3792)) ([c08060d](https://togithub.com/mongodb/node-mongodb-native/commit/c08060d074dfe6f222feb360589ac52f9fa90b6d)) - **NODE-5470:** convert remaining FLE to TS and drop support for `onKMSProvidersRefresh` ([#​3787](https://togithub.com/mongodb/node-mongodb-native/issues/3787)) ([844aa52](https://togithub.com/mongodb/node-mongodb-native/commit/844aa52640baf69c0b6dacdb3d11add4ca24d8f2)) - **NODE-5484:** mark MongoError for internal use and remove Node14 cause assignment logic ([#​3800](https://togithub.com/mongodb/node-mongodb-native/issues/3800)) ([a17b0af](https://togithub.com/mongodb/node-mongodb-native/commit/a17b0af1a2ae112b7e96da86a8761d5c15d616cf)) - **NODE-5490:** bump kerberos compatibility to ^2.0.1 ([#​3798](https://togithub.com/mongodb/node-mongodb-native/issues/3798)) ([1044be1](https://togithub.com/mongodb/node-mongodb-native/commit/1044be14ca69ea4c367bf79735894deadf166d6e)) - **NODE-5508:** remove EvalOperation and EvalOptions ([#​3795](https://togithub.com/mongodb/node-mongodb-native/issues/3795)) ([225cb81](https://togithub.com/mongodb/node-mongodb-native/commit/225cb8184295c6ad934571c2a0cb7ef6bcf8af50)) - **NODE-5566:** add ability to provide CRL file via tlsCRLFile ([#​3834](https://togithub.com/mongodb/node-mongodb-native/issues/3834)) ([33c86c9](https://togithub.com/mongodb/node-mongodb-native/commit/33c86c923e0ccfcb61f670c31efd145542bd4980)) - **NODE-5584:** adopt bson v6 and mongodb-client-encryption v6 ([#​3845](https://togithub.com/mongodb/node-mongodb-native/issues/3845)) ([7bef363](https://togithub.com/mongodb/node-mongodb-native/commit/7bef3632da73f20431952b99a0d11e9aac001c12)) ##### Bug Fixes - **NODE-4788:** use implementer Writable methods for GridFSBucketWriteStream ([#​3808](https://togithub.com/mongodb/node-mongodb-native/issues/3808)) ([7955610](https://togithub.com/mongodb/node-mongodb-native/commit/7955610c67eb500af683866aed631d06521345cc)) - **NODE-4936:** remove unsupported options from db.command and admin.command ([#​3775](https://togithub.com/mongodb/node-mongodb-native/issues/3775)) ([52cd649](https://togithub.com/mongodb/node-mongodb-native/commit/52cd649caf2e64aef6d3984c5f2d24af03db4c51)) - **NODE-5228:** remove unneeded fields from ConnectionPoolCreatedEvent.options ([#​3772](https://togithub.com/mongodb/node-mongodb-native/issues/3772)) ([7a91714](https://togithub.com/mongodb/node-mongodb-native/commit/7a9171411e6afeb68d8611e15f49b872648dbc9c)) - **NODE-5412:** drop aws sdk version to match node18 runtime ([#​3809](https://togithub.com/mongodb/node-mongodb-native/issues/3809)) ([1e96e49](https://togithub.com/mongodb/node-mongodb-native/commit/1e96e49b607791d1c1517e65cf88f51821898b0b)) - **NODE-5548:** ensure that tlsCertificateKeyFile maps to cert and key ([#​3819](https://togithub.com/mongodb/node-mongodb-native/issues/3819)) ([a0955bd](https://togithub.com/mongodb/node-mongodb-native/commit/a0955bdf935113abbb28d7c7011abc04027be2b0)) - **NODE-5592:** withTransaction return type ([#​3846](https://togithub.com/mongodb/node-mongodb-native/issues/3846)) ([05d2725](https://togithub.com/mongodb/node-mongodb-native/commit/05d2725bf179e4c35ff3735856313bca062c77a8))

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[github-actions[bot]]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@mongodb-js/saslprep	1.1.7	Unknown	Unknown
npm/@types/whatwg-url	11.0.5	:green_circle: 6.9	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 8 Found 25/30 approved changesets -- score normalized to 8 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Security-Policy :green_circle: 10 security policy file detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing :warning: 0 project is not fuzzed
npm/bson	6.8.0	:green_circle: 6.2	Details Check Score Reason Maintained :green_circle: 10 23 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 10 all changesets reviewed CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :green_circle: 8 1 out of the last 1 releases have a total of 1 signed artifacts. Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Security-Policy :warning: 0 security policy file not detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :green_circle: 7 SAST tool detected but not run on all commits Vulnerabilities :green_circle: 7 3 existing vulnerabilities detected
npm/mongodb	6.8.0	:green_circle: 6.2	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :green_circle: 8 1 out of the last 1 releases have a total of 1 signed artifacts. Packaging :warning: -1 packaging workflow not detected Branch-Protection :green_circle: 4 branch protection is not maximal on development and all release branches Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Security-Policy :warning: 0 security policy file not detected SAST :green_circle: 9 SAST tool detected but not run on all commits Binary-Artifacts :green_circle: 10 no binaries found in the repo Vulnerabilities :green_circle: 8 2 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
npm/mongodb-connection-string-url	3.0.1	:green_circle: 4.9	Details Check Score Reason Code-Review :green_circle: 4 Found 10/23 approved changesets -- score normalized to 4 Maintained :green_circle: 5 6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 5 branch protection is not maximal on development and all release branches Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :warning: 0 security policy file not detected SAST :warning: 2 SAST tool is not run on all commits -- score normalized to 2
npm/tr46	4.1.1	:green_circle: 4.3	Details Check Score Reason Code-Review :warning: 1 Found 4/22 approved changesets -- score normalized to 1 Maintained :warning: 0 0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Pinned-Dependencies :green_circle: 3 dependency not pinned by hash detected -- score normalized to 3 Signed-Releases :warning: -1 no releases found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Fuzzing :warning: 0 project is not fuzzed Security-Policy :green_circle: 10 security policy file detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/whatwg-url	13.0.0	:green_circle: 4.5	Details Check Score Reason Code-Review :warning: 0 Found 2/23 approved changesets -- score normalized to 0 Maintained :green_circle: 3 1 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 3 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Branch-Protection :warning: 0 branch protection not enabled on development/release branches Fuzzing :warning: 0 project is not fuzzed Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/@mongodb-js/saslprep	1.1.1	Unknown	Unknown
npm/@types/whatwg-url	8.2.2	:green_circle: 6.9	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 8 Found 25/30 approved changesets -- score normalized to 8 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Security-Policy :green_circle: 10 security policy file detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing :warning: 0 project is not fuzzed
npm/bson	5.5.1	:green_circle: 6.2	Details Check Score Reason Maintained :green_circle: 10 23 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Code-Review :green_circle: 10 all changesets reviewed CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :green_circle: 8 1 out of the last 1 releases have a total of 1 signed artifacts. Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Security-Policy :warning: 0 security policy file not detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :green_circle: 7 SAST tool detected but not run on all commits Vulnerabilities :green_circle: 7 3 existing vulnerabilities detected
npm/mongodb	5.9.2	:green_circle: 6.2	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :green_circle: 8 1 out of the last 1 releases have a total of 1 signed artifacts. Packaging :warning: -1 packaging workflow not detected Branch-Protection :green_circle: 4 branch protection is not maximal on development and all release branches Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Security-Policy :warning: 0 security policy file not detected SAST :green_circle: 9 SAST tool detected but not run on all commits Binary-Artifacts :green_circle: 10 no binaries found in the repo Vulnerabilities :green_circle: 8 2 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
npm/mongodb-connection-string-url	2.6.0	:green_circle: 4.9	Details Check Score Reason Code-Review :green_circle: 4 Found 10/23 approved changesets -- score normalized to 4 Maintained :green_circle: 5 6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :green_circle: 5 branch protection is not maximal on development and all release branches Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :warning: 0 security policy file not detected SAST :warning: 2 SAST tool is not run on all commits -- score normalized to 2
npm/tr46	3.0.0	:green_circle: 4.3	Details Check Score Reason Code-Review :warning: 1 Found 4/22 approved changesets -- score normalized to 1 Maintained :warning: 0 0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Pinned-Dependencies :green_circle: 3 dependency not pinned by hash detected -- score normalized to 3 Signed-Releases :warning: -1 no releases found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Fuzzing :warning: 0 project is not fuzzed Security-Policy :green_circle: 10 security policy file detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/whatwg-url	11.0.0	:green_circle: 4.5	Details Check Score Reason Code-Review :warning: 0 Found 2/23 approved changesets -- score normalized to 0 Maintained :green_circle: 3 1 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 3 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 2 dependency not pinned by hash detected -- score normalized to 2 Branch-Protection :warning: 0 branch protection not enabled on development/release branches Fuzzing :warning: 0 project is not fuzzed Signed-Releases :warning: -1 no releases found Security-Policy :green_circle: 10 security policy file detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/mongodb	^6.0.0	:green_circle: 6.2	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :green_circle: 8 1 out of the last 1 releases have a total of 1 signed artifacts. Packaging :warning: -1 packaging workflow not detected Branch-Protection :green_circle: 4 branch protection is not maximal on development and all release branches Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Security-Policy :warning: 0 security policy file not detected SAST :green_circle: 9 SAST tool detected but not run on all commits Binary-Artifacts :green_circle: 10 no binaries found in the repo Vulnerabilities :green_circle: 8 2 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
npm/mongodb	^5.0.0	:green_circle: 6.2	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :green_circle: 8 1 out of the last 1 releases have a total of 1 signed artifacts. Packaging :warning: -1 packaging workflow not detected Branch-Protection :green_circle: 4 branch protection is not maximal on development and all release branches Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Security-Policy :warning: 0 security policy file not detected SAST :green_circle: 9 SAST tool detected but not run on all commits Binary-Artifacts :green_circle: 10 no binaries found in the repo Vulnerabilities :green_circle: 8 2 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0

Scanned Manifest Files

package-lock.json

• @mongodb-js/saslprep@1.1.7
• @types/whatwg-url@11.0.5
• bson@6.8.0
• mongodb@6.8.0
• mongodb-connection-string-url@3.0.1
• tr46@4.1.1
• whatwg-url@13.0.0
• @mongodb-js/saslprep@1.1.1
• @types/whatwg-url@8.2.2
• bson@5.5.1
• mongodb@5.9.2
• mongodb-connection-string-url@2.6.0
• tr46@3.0.0
• whatwg-url@11.0.0

package.json

• mongodb@^6.0.0
• mongodb@^5.0.0

[netlify[bot]]

✅ Deploy Preview for endearing-brigadeiros-63f9d0 canceled.

Name	Link
🔨 Latest commit	ec3cef25b6de73ca17f5bf97052549f9855463b7
🔍 Latest deploy log	https://app.netlify.com/sites/endearing-brigadeiros-63f9d0/deploys/6687fa15fb1a340008634543

[codecov[bot]]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 57.39%. Comparing base (bc801ab) to head (ec3cef2).

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #593 +/- ## ======================================= Coverage 57.39% 57.39% ======================================= Files 46 46 Lines 1582 1582 ======================================= Hits 908 908 Misses 674 674 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.