Skip to content

chore(deps): bump mongodb from 6.20.0 to 7.0.0 #6921

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore(deps): bump mongodb from 6.20.0 to 7.0.0 #6921

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 7, 2025

Bumps mongodb from 6.20.0 to 7.0.0.

Release notes

Sourced from mongodb's releases.

v7.0.0

7.0.0 (2025-11-06)

The MongoDB Node.js team is pleased to announce version 7.0.0 of the mongodb package!

Release Notes

The following is a detailed collection of the changes in the major v7 release of the mongodb package for Node.js. The main focus of this release was usability improvements and a streamlined API. Read on for details!

[!IMPORTANT] This is a list of changes relative to v6.21.0 of the driver. ALL changes listed below are BREAKING unless indicated otherwise. Users migrating from an older version of the driver are advised to upgrade to at least v6.21.0 before adopting v7.

🛠️ Runtime and dependency updates

Minimum Node.js version is now v20.19.0

The minimum supported Node.js version is now v20.19.0 and our TypeScript target has been updated to ES2023. We strive to keep our minimum supported Node.js version in sync with the runtime's release cadence to keep up with the latest security updates and modern language features.

Notably, the driver now offers native support for explicit resource management. Symbol.asyncDispose implementations are available on the MongoClient, ClientSession, ChangeStream and on cursors.

[!Note] Explicit resource management is considered experimental in the driver and will be until the TC39 explicit resource management proposal is completed.

bson and mongodb-connection-string-url versions 7.0.0

This driver version has been updated to use [email protected] and [email protected], which match the driver's Node.js runtime version support. BSON functionality re-exported from the driver is furthermore subject to the changes outlined in the BSON V7 release notes.

Optional peer dependency releases and version bumps

  • @mongodb-js/zstd optional peer dependency minimum version raised to 7.0.0, dropped support for 1.x and 2.x (note that @mongodb-js/zstd does not have 3.x-6.x version releases)
  • kerberos optional peer dependency minimum version raised to 7.0.0, dropped support for 2.x (note that kerberos does not have 3.x-6.x version releases)
  • mongodb-client-encryption optional peer dependency minimum version raised to 7.0.0, dropped support for 6.x

Additionally, the driver is now compatible with the following packages:

Dependency Previous Range New Allowed Range
@​aws-sdk/credential-providers ^3.188.0 ^3.806.0
gcp-metadata ^5.2.0 ^7.0.1
socks ^2.7.1 ^2.8.6

🔐 AWS authentication

To improve long-term maintainability and ensure compatibility with AWS updates, we’ve standardized AWS auth to use the official SDK in all cases and made a number of supporting changes outlined below.

@aws-sdk/credential-providers is now required for MONGODB-AWS authentication

Previous versions of the driver contained two implementations for AWS authentication and could run the risk of the custom driver implementation not supporting all AWS authentication features as well as not being correct when AWS makes changes. Using the official AWS SDK in all cases alleviates these issues.

... (truncated)

Changelog

Sourced from mongodb's changelog.

7.0.0 (2025-11-06)

⚠ BREAKING CHANGES

  • NODE-7259: use alphas of all supporting packages (#4746)
  • NODE-5510: dont filter change stream options (#4723)
  • NODE-6296: remove cursor default batch size of 1000 (#4729)
  • NODE-7150: update peer dependency matrix for 3rd party peer deps (#4720)
  • NODE-7046: remove AWS uri/options support (#4689)
  • NODE-4808: remove support for stream() transform on cursors and change streams (#4728)
  • NODE-6377: remove noResponse option (#4724)
  • NODE-6473: remove MONGODB-CR auth (#4717)
  • NODE-5994: Remove metadata-related properties from public driver API (#4716)
  • NODE-7016: remove beta namespace and move resource management into driver (#4719)
  • NODE-4184: don't throw on aggregate with write concern and explain (#4718)
  • NODE-7043, NODE-7217: adopt mongodb-client-encryption v7 (#4705)
  • NODE-6065: throw MongoRuntimeError instead of MissingDependencyError in crypto connection (#4711)
  • NODE-6584: improve typing for filepaths in AutoEncryptionOptions (#4341)
  • NODE-6334: rename PoolRequstedRetry to PoolRequestedRetry (#4696)
  • NODE-7174: drop support for Node16 and Node18 (#4668)
  • NODE-7047: use custom credential provider first after URI (#4656)
  • NODE-6988: require aws sdk for aws auth (#4659)

Features

  • bump bson to 7.0.0-alpha.2 (#4756) (9b34953)
  • NODE-4184: don't throw on aggregate with write concern and explain (#4718) (88e02a4)
  • NODE-4243: drop collection checks ns not found (#4742) (a8d7c5f)
  • NODE-4808: remove support for stream() transform on cursors and change streams (#4728) (1702987)
  • NODE-5510: dont filter change stream options (#4723) (a2daf76)
  • NODE-5545: remove deprecated objects (#4704) (cfbada6)
  • NODE-5994: Remove metadata-related properties from public driver API (#4716) (b59c5ce)
  • NODE-6065: throw MongoRuntimeError instead of MissingDependencyError in crypto connection (#4711) (ff229fa)
  • NODE-6296: remove cursor default batch size of 1000 (#4729) (f8a855f)
  • NODE-6334: rename PoolRequstedRetry to PoolRequestedRetry (#4696) (84db848)
  • NODE-6377: remove noResponse option (#4724) (9e9059a)
  • NODE-6473: remove MONGODB-CR auth (#4717) (9a1bc65)
  • NODE-6584: improve typing for filepaths in AutoEncryptionOptions (#4341) (dab4c7c)
  • NODE-6988: require aws sdk for aws auth (#4659) (b7c6750)
  • NODE-7016: remove beta namespace and move resource management into driver (#4719) (fb2824f)
  • NODE-7043, NODE-7217: adopt mongodb-client-encryption v7 (#4705) (3f7196e)
  • NODE-7046: remove AWS uri/options support (#4689) (d14ac3f)
  • NODE-7047: use custom credential provider first after URI (#4656) (2a47bbb)
  • NODE-7150: update peer dependency matrix for 3rd party peer deps (#4720) (0451dae)
  • NODE-7174: drop support for Node16 and Node18 (#4668) (a576b7d)
  • NODE-7223: run checkout on connect regardless of credentials (#4715) (c5f74ab)
  • NODE-7259: use alphas of all supporting packages (#4746) (e1ea14c)
  • NODE-7260: update bson alpha to latest (#4748) (4e88559)

... (truncated)

Commits
  • 2512137 chore(main): release 7.0.0 (#4667)
  • e4881f5 docs(NODE-7172): create v7 migration guide (#4751)
  • 53a4fb1 docs: 6.21 docs (#4782)
  • 696664c feat!(NODE-7286): update peer dependencies (#4780)
  • 517da84 docs: add info about testing with different versions and the rosetta setup fo...
  • 252dab8 test(NODE-7219): remove unused tests (#4767)
  • 76c98bb test(NODE-5206): fix flaky sdam prose test (#4752)
  • cb522bf fix(NODE-7247): clarify #rewrapManyDataKey() parameter types (#4760)
  • ec996e6 chore(NODE-6945): remove dependency on v8-heapsnapshot (#4763)
  • 7d879fd test(NODE-7280): remove test/mongodb.ts and its usage (#4766)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump mongodb from 6.20.0 to 7.0.0
8f9571d 
Bumps [mongodb](https://github.com/mongodb/node-mongodb-native) from 6.20.0 to 7.0.0.
- [Release notes](https://github.com/mongodb/node-mongodb-native/releases)
- [Changelog](https://github.com/mongodb/node-mongodb-native/blob/main/HISTORY.md)
- [Commits](mongodb/node-mongodb-native@v6.20.0...v7.0.0)

---
updated-dependencies:
- dependency-name: mongodb
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 7, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@ar2rsawseen ar2rsawseen

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ar2rsawseen