Skip to content

Bump mongodb from 6.6.2 to 6.7.0

Imanuel Ulbricht requested to merge dependabot-npm_and_yarn-mongodb-6.7.0 into main

Bumps mongodb from 6.6.2 to 6.7.0.

Release notes

Sourced from mongodb's releases.

v6.7.0

6.7.0 (2024-05-29)

The MongoDB Node.js team is pleased to announce version 6.7.0 of the mongodb package!

Release Notes

Support for MONGODB-OIDC Authentication

MONGODB-OIDC is now supported as an authentication mechanism for MongoDB server versions 7.0+. The currently supported facets to authenticate with are callback authentication, human interaction callback authentication, Azure machine authentication, and GCP machine authentication.

Azure Machine Authentication

The MongoClient must be instantiated with authMechanism=MONGODB-OIDC in the URI or in the client options. Additional required auth mechanism properties of TOKEN_RESOURCE and ENVIRONMENT are required and another optional username can be provided. Example:

const client = new MongoClient('mongodb+srv://<username>@<host>:<port>/?authMechanism=MONGODB-OIDC&authMechanismProperties=TOKEN_RESOURCE:<azure_token>,ENVIRONMENT=azure');
await client.connect();

GCP Machine Authentication

The MongoClient must be instantiated with authMechanism=MONGODB-OIDC in the URI or in the client options. Additional required auth mechanism properties of TOKEN_RESOURCE and ENVIRONMENT are required. Example:

const client = new MongoClient('mongodb+srv://<host>:<port>/?authMechanism=MONGODB-OIDC&authMechanismProperties=TOKEN_RESOURCE:<gcp_token>,ENVIRONMENT=gcp');
await client.connect();

Callback Authentication

The user can provide a custom callback to the MongoClient that returns a valid response with an access token. The callback is provided as an auth mechanism property an has the signature of:

const oidcCallBack = (params: OIDCCallbackParams): Promise<OIDCResponse> => {
  // params.timeoutContext is an AbortSignal that will abort after 30 seconds for non-human and 5 minutes for human.
  // params.version is the current OIDC API version.
  // params.idpInfo is the IdP info returned from the server.
  // params.username is the optional username.
// Make a call to get a token.
const token = ...;
return {
accessToken: token,
expiresInSeconds: 300,
refreshToken: token
};
}
</tr></table>

... (truncated)

Changelog

Sourced from mongodb's changelog.

6.7.0 (2024-05-29)

Features

  • NODE-5464: OIDC machine and callback workflow (#3912) (2ba8434)

Bug Fixes

  • NODE-6165: useBigInt64 causes compareTopologyVersion to throw (#4109) (21b729b)
Commits
  • f56938f chore(main): release 6.7.0 [skip-ci] (#4118)
  • 2ba8434 feat(NODE-5464): OIDC machine and callback workflow (#3912)
  • d3031a5 docs(NODE-6191): clarify that operations should not be parallelized in transa...
  • d1695c4 docs: fix typos, punctuation, caps, formatting (#4103)
  • 652af8d chore(NODE-6170): update release please owner (#4115)
  • 21b729b fix(NODE-6165): useBigInt64 causes compareTopologyVersion to throw (#4109)
  • 9285c42 chore(NODE-6178): enable codeql scans (#4116)
  • See full diff in compare view

Dependabot commands
You can trigger Dependabot actions by commenting on this MR
  • $dependabot recreate will recreate this MR rewriting all the manual changes and resolving conflicts

Merge request reports