Bump mongodb from 4.9.1 to 6.11.0

[dependabot]

Bumps mongodb from 4.9.1 to 6.11.0.

Release notes

Sourced from mongodb's releases.

v6.11.0

6.11.0 (2024-11-22)

The MongoDB Node.js team is pleased to announce version 6.11.0 of the mongodb package!

Release Notes

Client Side Operations Timeout (CSOT)

We've been working hard to try to simplify how setting timeouts works in the driver and are excited to finally put Client Side Operation Timeouts (CSOT) in your hands! We're looking forward to hearing your feedback on this new feature during its trial period in the driver, so feel free to file Improvements, Questions or Bug reports on our Jira Project or leave comments on this community forum thread: Node.js Driver 6.11 Forum Discussion!

CSOT is the common drivers solution for timing out the execution of an operation at the different stages of an operation's lifetime. At its simplest, CSOT allows you to specify one option,timeoutMS that determines when the driver will interrupt an operation and return a timeout error.

For example, when executing a potentially long-running query, you would specify timeoutMS as follows:

await collection.find({}, {timeoutMS: 600_000}).toArray(); // Ensures that the find will throw a timeout error if all documents are not retrieved within 10 minutes
// Potential Stack trace if this were to time out:
// Uncaught MongoOperationTimeoutError: Timed out during socket read (600000ms)
//    at Connection.readMany (mongodb/lib/cmap/connection.js:427:31)
//    at async Connection.sendWire (mongodb/lib/cmap/connection.js:246:30)
//    at async Connection.sendCommand (mongodb/lib/cmap/connection.js:281:24)
//    at async Connection.command (mongodb/lib/cmap/connection.js:323:26)
//    at async Server.command (mongodb/lib/sdam/server.js:170:29)
//    at async GetMoreOperation.execute (mongodb/lib/operations/get_more.js:58:16)
//    at async tryOperation (mongodb/lib/operations/execute_operation.js:203:20)
//    at async executeOperation (mongodb/lib/operations/execute_operation.js:73:16)
//    at async FindCursor.getMore (mongodb/lib/cursor/abstract_cursor.js:590:16)

[!WARNING] This feature is experimental and subject to change at any time. We do not recommend using this feature in production applications until it is stable.

What's new?

timeoutMS

The main new option introduced with CSOT is the timeoutMS option. This option can be applied directly as a client option, as well as at the database, collection, session, transaction and operation layers, following the same inheritance behaviours as other driver options.

When the timeoutMS option is specified, it will always take precedence over the following options:

• socketTimeoutMS
• waitQueueTimeoutMS
• wTimeoutMS
• maxTimeMS
• maxCommitTimeMS

Note, however that timeoutMS DOES NOT unconditionally override the serverSelectionTimeoutMS option.

When timeoutMS is specified, the duration of time allotted to the server selection and connection checkout portions of command execution is defined by min(serverSelectionTimeoutMS, timeoutMS) if both are >0. A zero value for either timeout value represents an infinite timeout. A finite timeout will always be used unless both timeouts are specified as 0. Note also that the driver has a default value for serverSelectionTimeoutMS of 30000.

After server selection and connection checkout are complete, the time remaining bounds the execution of the remainder of the operation.

... (truncated)

Changelog

Sourced from mongodb's changelog.

6.11.0 (2024-11-22)

Features

• NODE-5682: set maxTimeMS on commands and preempt I/O (#4174) (e4e6a5e)
• NODE-5844: add iscryptd to ServerDescription (#4239) (c39d443)
• NODE-6069: OIDC k8s machine workflow (#4270) (82c931c)
• NODE-6090: Implement CSOT logic for connection checkout and server selection (bd8a9f4)
• NODE-6231: Add CSOT behaviour for retryable reads and writes (#4186) (2ffd5eb)
• NODE-6274: add CSOT support to bulkWrite (#4250) (c5a9ae5)
• NODE-6275: Add CSOT support to GridFS (#4246) (3cb8187)
• NODE-6304: add CSOT support for non-tailable cursors (#4195) (131f6ed)
• NODE-6305: Add CSOT support to tailable cursors (#4218) (2398fc6)
• NODE-6312: add error transformation for server timeouts (#4192) (c2c0cb9)
• NODE-6313: add CSOT support to sessions and transactions (#4199) (5f1102f)
• NODE-6387: Add CSOT support to change streams (#4256) (4588ff2)
• NODE-6389: add support for timeoutMS in StateMachine.execute() (#4243) (c55f965)
• NODE-6390: Add timeoutMS support to auto encryption (#4265) (55e08e7)
• NODE-6391: Add timeoutMS support to explicit encryption (#4269) (f745b99)
• NODE-6392: add timeoutMS support to ClientEncryption helpers part 1 (#4281) (e86f11e)
• NODE-6403: add CSOT support to client bulk write (#4261) (365d63b)
• NODE-6421: add support for timeoutMS to explain helpers (#4268) (5b2629b)
• NODE-6446: deprecate legacy timeout options (#4279) (c28608b)
• NODE-6551: update bson to 6.10.0 (#4329) (adb15fe)

Bug Fixes

• NODE-6374: MongoOperationTimeoutError inherits MongoRuntimeError (#4237) (9fb896a)
• NODE-6412: read stale response from previously timed out connection (#4273) (fd8f3bd)
• NODE-6454: use timeoutcontext for state machine execute() cursor options (#4291) (5dd8ee5)
• NODE-6469: pool is cleared before connection checkin on error (#4296) (06a2e2c)
• NODE-6523: deleteMany in gridfs passes timeoutMS to predicate, not options (#4319) (1965ed5)

Performance Improvements

• NODE-6525: remove setPrototype and defineProperty from hot path (#4321) (48ed47e)

6.10.0 (2024-10-21)

Features

• NODE-5838: remove support for server 3.6 (#4182) (7b71e1f)
• NODE-6060: set fire-and-forget protocol when writeConcern is w: 0 (#4219) (643a875)
• NODE-6289: allow valid srv hostnames with less than 3 parts (#4197) (3d5bd51)
• NODE-6329: client bulk write happy path (#4206) (3d3da40)
• NODE-6337: implement client bulk write batching (#4248) (d56e235)

... (truncated)

Commits

• 122421d chore(main): release 6.11.0 [skip-ci] (#4317)
• b9bba0f ci(NODE-6557): Add Node.js 22 to support matrix (#4330)
• 1673748 chore(NODE-6565): add dependabot for github actions (#4331)
• a0431f0 chore(NODE-6426): update saslprep dependency to 1.1.9 (#4327)
• adb15fe feat(NODE-6551): update bson to 6.10.0 (#4329)
• 06a2e2c fix(NODE-6469): pool is cleared before connection checkin on error (#4296)
• aa986f8 ci(NODE-6405): stop mongo orchestration in post task (#4328)
• 1320ad8 chore(NODE-6488): specify target=es2021 for ts compilation tests (#4303)
• 691cbbb test(NODE-5722): unpin on endSessions test (#4326)
• 20564f7 refactor(NODE-6524): consolidate socket timeout calculation (#4320)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by dbx-node, a new releaser for mongodb since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.