Bump mongodb from 5.6.0 to 6.0.0

[dependabot[bot]]

Bumps mongodb from 5.6.0 to 6.0.0.

Release notes

Sourced from mongodb's releases.

v6.0.0

6.0.0 (2023-08-22)

The MongoDB Node.js team is pleased to announce version 6.0.0 of the mongodb package!

The main focus of this release was usability improvements and a streamlined API. Read on for details!

Release Notes

[!IMPORTANT] This is a list of changes relative to v5.8.1 of the driver. ALL changes listed below are BREAKING. Users migrating from an older version of the driver are advised to upgrade to at least v5.8.1 before adopting v6.

🛠️ Runtime and dependency updates

Minimum Node.js version is now v16.20.1

The minimum supported Node.js version is now v16.20.1. We strive to keep our minimum supported Node.js version in sync with the runtime's release cadence to keep up with the latest security updates and modern language features.

BSON version 6.0.0

This driver version has been updated to use [email protected]. BSON functionality re-exported from the driver is subject to the changes outlined in the BSON V6 release notes.

Optional peer dependency version bumps

• kerberos optional peer dependency minimum version raised to 2.0.1, dropped support for 1.x
• zstd optional peer depedency minimum version raised to 1.1.0 from 1.0.0
• mongodb-client-encryption optional peer dependency minimum version raised to 6.0.0 from 2.3.0 (note that mongodb-client-encryption does not have 3.x-5.x version releases)

[!NOTE] As of version 6.0.0, all useful public APIs formerly exposed from mongodb-client-encryption have been moved into the driver and should now be imported directly from the driver. These APIs rely internally on the functionality exposed from mongodb-client-encryption, but there is no longer any need to explicitly reference mongodb-client-encryption in your application code.

Allow socks to be installed optionally

The driver uses the socks dependency to connect to mongod or mongos through a SOCKS5 proxy. socks used to be a required dependency of the driver and was installed automatically. Now, socks is a peerDependency that must be installed to enable socks proxy support.

☀️ API usability improvements

findOneAndX family of methods will now return only the found document or null by default (includeResultMetadata is false by default)

Previously, the default return type of this family of methods was a ModifyResult containing the found document and additional metadata. This additional metadata is unnecessary for the majority of use cases, so now, by default, they will return only the found document or null.

The previous behavior is still available by explicitly setting includeResultMetadata: true in the options.

See the following blog post for more information.

// This has the same behaviour as providing `{ includeResultMetadata: false }` in the v5.7.0+ driver
await collection.findOneAndUpdate({ hello: 'world' }, { $set: { hello: 'WORLD' } });
// > { _id: new ObjectId("64c4204517f785be30795c92"), hello: 'world' }
</tr></table> 

... (truncated)

Changelog

Sourced from mongodb's changelog.

6.0.0 (2023-08-28)

⚠ BREAKING CHANGES

• NODE-5584: adopt bson v6 and mongodb-client-encryption v6 (#3845)
• NODE-5484: mark MongoError for internal use and remove Node14 cause assignment logic (#3800)
• NODE-4788: use implementer Writable methods for GridFSBucketWriteStream (#3808)
• NODE-4986: remove callbacks from ClientEncryption encrypt, decrypt, and createDataKey (#3797)
• NODE-5490: bump kerberos compatibility to ^2.0.1 (#3798)
• NODE-3568: ensure includeResultsMetadata is false by default (#3786)
• NODE-3989: only accept true and false for boolean options (#3791)
• NODE-5233: prevent session from one client from being used on another (#3790)
• NODE-5444: emit deprecation warning for useNewUrlParser and useUnifiedTopology (#3792)
• NODE-5470: convert remaining FLE to TS and drop support for onKMSProvidersRefresh (#3787)
• NODE-5508: remove EvalOperation and EvalOptions (#3795)
• NODE-3920: validate options are not repeated in connection string (#3788)
• NODE-3924: read tls files async (#3776)
• NODE-5430: make AutoEncrypter and MongoClient.autoEncrypter internal (#3789)
• NODE-4961: remove command result from commit and abort transaction APIs (#3784)
• NODE-2014: return executor result from withSession and withTransaction (#3783)
• NODE-5409: allow socks to be installed optionally (#3782)
• NODE-4796: remove addUser and collection.stats APIs (#3781)
• NODE-4936: remove unsupported options from db.command and admin.command (#3775)
• NODE-5228: remove unneeded fields from ConnectionPoolCreatedEvent.options (#3772)
• NODE-5190: remove deprecated keep alive options (#3771)
• NODE-5186: remove duplicate BulkWriteResult accessors (#3766)
• NODE-5376: remove deprecated ssl options (#3755)
• NODE-5415: bump minimum Node.js version to v16.20.1 (#3760)

Features

• NODE-2014: return executor result from withSession and withTransaction (#3783) (65aa288)
• NODE-3568: ensure includeResultsMetadata is false by default (#3786) (fee8d3e)
• NODE-3920: validate options are not repeated in connection string (#3788) (11631a2)
• NODE-3924: read tls files async (#3776) (68adaf1)
• NODE-3989: only accept true and false for boolean options (#3791) (e2e36cc)
• NODE-4796: remove addUser and collection.stats APIs (#3781) (e79ac9d)
• NODE-4961: remove command result from commit and abort transaction APIs (#3784) (71c5936)
• NODE-4986: remove callbacks from ClientEncryption encrypt, decrypt, and createDataKey (#3797) (51a573f)
• NODE-5186: remove duplicate BulkWriteResult accessors (#3766) (8693987)
• NODE-5190: remove deprecated keep alive options (#3771) (7ade907)
• NODE-5233: prevent session from one client from being used on another (#3790) (9268b35)
• NODE-5376: remove deprecated ssl options (#3755) (ee56c8e)
• NODE-5396: add mongodb-js/saslprep as a required dependency (#3815) (bd031fc)
• NODE-5409: allow socks to be installed optionally (#3782) (787bdbf)
• NODE-5415: bump minimum Node.js version to v16.20.1 (#3760) (de158b2)
• NODE-5430: make AutoEncrypter and MongoClient.autoEncrypter internal (#3789) (b16ef9e)
• NODE-5444: emit deprecation warning for useNewUrlParser and useUnifiedTopology (#3792) (c08060d)
• NODE-5470: convert remaining FLE to TS and drop support for onKMSProvidersRefresh (#3787) (844aa52)

... (truncated)

Commits

• e57b738 chore(main): release 6.0.0 [skip-ci] (#3762)
• e70826a docs: generate docs from latest main [skip-ci] (#3744)
• df1b4f2 docs(NODE-5560): add v6 upgrade guide (#3844)
• 7bef363 feat(NODE-5584)!: adopt bson v6 and mongodb-client-encryption v6 (#3845)
• 05d2725 fix(NODE-5592): withTransaction return type (#3846)
• 91152b9 chore(NODE-5581): pull in bson alpha.1 and mongodb-legacy main (#3843)
• ecb2e20 chore: fix alpha version guard
• ea2d60a refactor(NODE-5514): make FLE logic use async-await (#3830)
• a17b0af feat(NODE-5484)!: mark MongoError for internal use and remove Node14 cause as...
• 33c86c9 feat(NODE-5566): add ability to provide CRL file via tlsCRLFile (#3834)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by dbx-node, a new releaser for mongodb since your current version.

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.