Skip to content

Build(deps): bump mongodb from 6.18.0 to 6.20.0 #650

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Build(deps): bump mongodb from 6.18.0 to 6.20.0 #650

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 22, 2025

Bumps mongodb from 6.18.0 to 6.20.0.

Release notes

Sourced from mongodb's releases.

v6.20.0

6.20.0 (2025-09-17)

The MongoDB Node.js team is pleased to announce version 6.20.0 of the mongodb package!

Release Notes

Collection and Db objects now provide references to their Db and MongoClient

import { MongoClient } from 'mongodb';
const client = new MongoClient(process.env.MONGODB_URI);
const db = client.db('test');
assert(db.client === client); // returns the MongoClient associated with the Db object
const collection = db.collection('test');
assert(collection.db === db); // returns the Db associated with the Collection object

Hint is supported with unacknowledged writes for delete, update and findAndModify commands on servers that support hint

The driver no longer throws errors when hint is provided to unacknowledged writes for delete, update and findAndModify commands in the following circumstances:

  • No error is thrown for update commands.
  • No errors are thrown for delete and findAndModify commands on servers >=4.4.

ServerCapabilities and ReadPreference.minWireVersion are deprecated

Neither the ServerCapabilities class nor the ReadPreference.minWireVersion property were ever intended for public use and, internally, are effectively dead code with the driver's minimum supported server version being 4.2.

Driver info and metadata MongoClient options have been deprecated.

These will be made internal in a future major release:

  • driverInfo
  • additionalDriverInfo
  • metadata
  • extendedMetadata

CommandOperationOptions.retryWrites is deprecated

CommandOperationOptions.retryWrites is deprecated. This per‑command option has no effect; the Node.js driver only honors retryWrites when configured at the client level (MongoClient options) or via the connection string. Do not use this option on individual commands. There is no runtime behavior change because it was already ignored, but it will be removed in an upcoming major release and may cause type or build errors in code that references it. To control retryable writes, set retryWrites in MongoClient options or include retryWrites=true|false in the connection string.

ChangeStream .tryNext() now updates resumeToken to prevent duplicates after resume

When .tryNext() returns a change document, the driver now caches its resumeToken, aligning its behavior with .next() and the 'change' event. If .tryNext() returns null (no new changes), nothing is cached, which is unchanged from previous behavior.

Previously, .tryNext() did not update the resumeToken, so a resumable error could cause a resume from an older token and re-deliver already processed changes. With this release, resumes continue from the latest token observed via .tryNext(), preventing duplicates.

const changeStream = collection.watch([]);
while (true) {
  const change = await changeStream.tryNext(); // prior versions could return duplicates
</tr></table>

... (truncated)

Changelog

Sourced from mongodb's changelog.

6.20.0 (2025-09-17)

Features

  • NODE-6883: allow rawData option on time series collections (#4642) (0fa3cd4)
  • NODE-7125: add db and client properties to collection and database objects (#4640) (3469f86)
  • NODE-7134: allow hint with unacknowledged writes for delete, update and findAndModify commands (#4647) (82d6ce6)
  • NODE-7139: remove pre-4.2 logic and deprecate dead code (#4657) (14303bc)
  • NODE-7140: deprecate driver info options (#4654) (b813c85)
  • NODE-7157: deprecate retryWrites in CommandOperationOptions (#4661) (620972d)

Bug Fixes

  • NODE-4763: cache resumeToken in ChangeStream.tryNext() (#4636) (8331a93)
  • NODE-6858: treat MongoServerSelectionError as a resumable error for Change Streams (#4653) (c6d64e7)
  • NODE-7138: prevent duplicate metadata from being appended to handshake metadata (#4651) (05c230c)

6.19.0 (2025-08-26)

Features

  • NODE-4179: allow secureContext in KMS TLS options (#4578) (0ea6eaa)
  • NODE-6472: findOne and find no longer keep open cursors (#4580) (be7f808)
  • NODE-7020: remove ping on connect (#4607) (3d296b7)
  • NODE-7059, NODE-7008: add support for text queries for QE string fields (#4597) (e4492f3)
Commits
  • 477140e chore(main): release 6.20.0 (#4641)
  • 7c485ef docs: generate docs from latest main [skip-ci] (#4595)
  • 05c230c fix(NODE-7138): prevent duplicate metadata from being appended to handshake m...
  • aa7465e chore: update local cluster setup instructions (#4662)
  • 620972d feat(NODE-7157): deprecate retryWrites in CommandOperationOptions (#4661)
  • a6eca88 chore(deps): bump drivers-evergreen-tools from 931726b to d7a7337 (#4658)
  • c6d64e7 fix(NODE-6858): treat MongoServerSelectionError as a resumable error for Chan...
  • 14303bc feat(NODE-7139): remove pre-4.2 logic and deprecate dead code (#4657)
  • c617294 refactor(NODE-7148): make rawData internal (#4655)
  • b813c85 feat(NODE-7140): deprecate driver info options (#4654)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Build(deps): bump mongodb from 6.18.0 to 6.20.0
fa90b25 
Bumps [mongodb](https://github.com/mongodb/node-mongodb-native) from 6.18.0 to 6.20.0.
- [Release notes](https://github.com/mongodb/node-mongodb-native/releases)
- [Changelog](https://github.com/mongodb/node-mongodb-native/blob/main/HISTORY.md)
- [Commits](mongodb/node-mongodb-native@v6.18.0...v6.20.0)

---
updated-dependencies:
- dependency-name: mongodb
  dependency-version: 6.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Sep 22, 2025
@dependabot dependabot bot mentioned this pull request Sep 22, 2025
Closed
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants