Bump mongodb from 6.8.0 to 6.9.0 in /backend

[dependabot[bot]]

Bumps mongodb from 6.8.0 to 6.9.0.

Release notes

Sourced from mongodb's releases.

v6.9.0

6.9.0 (2024-09-06)

The MongoDB Node.js team is pleased to announce version 6.9.0 of the mongodb package!

Release Notes

Driver support of upcoming MongoDB server release

Increased the driver's max supported Wire Protocol version and server version in preparation for the upcoming release of MongoDB 8.0.

MongoDB 3.6 server support deprecated

[!WARNING] Support for 3.6 servers is deprecated and will be removed in a future version.

Support for explicit resource management

The driver now natively supports explicit resource management for MongoClient, ClientSession, ChangeStreams and cursors. Additionally, on compatible Node.js versions, explicit resource management can be used with cursor.stream() and the GridFSDownloadStream, since these classes inherit resource management from Node.js' readable streams.

This feature is experimental and subject to changes at any time. This feature will remain experimental until the proposal has reached stage 4 and Node.js declares its implementation of async disposable resources as stable.

To use explicit resource management with the Node driver, you must:

• Use Typescript 5.2 or greater (or another bundler that supports resource management)
• Enable tslib polyfills for your application
• Either use a compatible Node.js version or polyfill Symbol.asyncDispose (see the TS 5.2 release announcement for more information).

Explicit resource management is a feature that ensures that resources' disposal methods are always called when the resources' scope is exited. For driver resources, explicit resource management guarantees that the resources' corresponding close method is called when the resource goes out of scope.

// before:
{
  try {
    const client = MongoClient.connect('<uri>');
    try {
      const session = client.startSession();
      const cursor = client.db('my-db').collection("my-collection").find({}, { session });
      try {
        const doc = await cursor.next();
      } finally {
        await cursor.close();
      }
    } finally {
      await session.endSession();
    }
  } finally {
    await client.close();
  }
}
</tr></table> 

... (truncated)

Changelog

Sourced from mongodb's changelog.

6.9.0 (2024-09-12)

Features

• NODE-5459: add durations to connection pool events (#4166) (7295695)
• NODE-5614: add support for explicit resource management (#4177) (b3f3987)
• NODE-5754: allow auto select family options (#4185) (54efb7d)
• NODE-5908: support range v2 (#4141) (de253a7)
• NODE-6225: add property ownership check before referencing mongocryptdSpawnPath and mongocryptdSpawnArgs (#4151) (f48f8d3)
• NODE-6244: Bump max supported wire version and server version (#4163) (45bc098)
• NODE-6252: insertMany and bulkWrite permit readonly arrays (#4175) (4b219d3)
• NODE-6278: deprecate 3.6 servers (#4178) (35d8840)
• NODE-6309: Mark range API as stable (#4190) (f53e9d9)
• NODE-6327: new client bulk write types and builders (#4205) (6d65ae7)
• NODE-6365: pass through allowPartialTrustChain TLS flag (#4228) (d6c147d)

Bug Fixes

• NODE-5720: on pre-4.4 sharded servers, the node driver uses error.writeConcern.code to determine retryability (#4155) (b26c328)
• NODE-6241: allow Binary as local kms provider key for auto encryption (#4165) (d85f827)
• NODE-6259: replace dynamically assigned length property with a static getter (#4173) (320dde0)
• NODE-6276: preserve top level error code MongoWriteConcernError (#4183) (e902584)
• NODE-6284: make sparsity and trimFactor optional (#4189) (8622545)
• NODE-6355: respect utf8 validation options when iterating cursors (#4214) (8bfe187)
• NODE-6362: cache cursor deserialization options across deserialize calls (#4221) (833eaa4)
• NODE-6367: enable mixed use of iteration APIs (#4231) (08912c8)

Performance Improvements

• NODE-5906: optimize toArray to use batches (#4171) (5565d50)

Commits

• 1dcf8b1 chore(main): release 6.9.0 [skip-ci] (#4164)
• 210c572 docs: generate docs from latest main [skip-ci] (#4147)
• 08912c8 fix(NODE-6367): enable mixed use of iteration APIs (#4231)
• 8347db9 test(NODE-6323): add performance no-op baseline test (#4194)
• 833eaa4 fix(NODE-6362): cache cursor deserialization options across deserialize calls...
• d6c147d feat(NODE-6365): pass through allowPartialTrustChain TLS flag (#4228)
• 91ceaf0 chore: specify branch when checking out GHA code (#4226)
• 27fd8a0 chore: quote branch names to avoid numeric conversion (#4224)
• 65e0e15 test(NODE-6317): fix test assertions and naming (#4217)
• f53e9d9 feat(NODE-6309): Mark range API as stable (#4190)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)