chore(deps): bump mongodb from 6.12.0 to 6.13.0

[dependabot]

Bumps mongodb from 6.12.0 to 6.13.0.

Release notes

Sourced from mongodb's releases.

v6.13.0

6.13.0 (2025-01-30)

The MongoDB Node.js team is pleased to announce version 6.13.0 of the mongodb package!

Release Notes

MongoDB Standardized Logging 📝

The driver's standardized logger is now available! The primary goal of our driver's logger is to enable insight into database operations without code changes so enabling and configuring the logger are primarily done through our environment variables.

TL;DR Show me the logs!

env MONGODB_LOG_ALL=debug node server.mjs

[!TIP] If you are a CLI app developer (or otherwise take great care of your std outputs): The client options constructor argument takes precedence over environment variables, permitting you to disable or otherwise customize the logger so your app does not automatically respond to the current environment.

🚀 Improved command monitoring performance

Previously, when command monitoring was enabled, the driver would make deep copies of command and reply objects, which have the potential to be very large documents. These copies have been eliminated, providing a speed and memory efficiency bump to command monitoring.

[!WARNING] Since we no longer make deep copies of commands/replies in Command Monitoring Events, directly modifying the command/reply objects on CommandStartedEvents and CommandSucceededEvents may lead to undefined behaviour.

🧪 Experimental AbortSignal support added to Find and Aggregate! 🚥

A signal argument can now be passed to the following APIs:

• collection.find() & collection.findOne()
• collection.aggregate() & collection.countDocuments()

In order to support field level encryption properly, also:

• db.listCollections()
• db.command()

When aborted, the signal will interrupt the execution of each of each of these APIs. For the cursor-based APIs, this will be observed when attempting to consume from the cursor via toArray(), next(), for-await, etc.

There is a known limitation: aborting a signal closes a perfectly healthy connection which can cause unnecessary connection reestablishment so we're releasing this as experimental for evaluation in use cases that can tolerate the shortcoming.

DNS SRV & TXT look up timeouts are retried

To mitigate the potentially transient DNS timeout error, the driver now catches and retries the DNS lookups upon resolving a mongodb+srv:// style connection string.

MongoClient.close now closes any outstanding cursors

... (truncated)

Changelog

Sourced from mongodb's changelog.

6.13.0 (2025-01-30)

Features

• NODE-5672: support standardized logging (#4387) (d1b2453)
• NODE-6258: add signal support to find and aggregate (#4364) (73def18)
• NODE-6451: retry SRV and TXT lookup for DNS timeout errors (#4375) (fd902d3)
• NODE-6633: MongoClient.close closes active cursors (#4372) (654069f)

Bug Fixes

• NODE-5225: concurrent MongoClient.close() calls each attempt to close the client (#4376) (9419af7)
• NODE-6340: OIDC reauth uses caches speculative auth result (#4379) (8b2b7fd)

Performance Improvements

• NODE-6452: Optimize CommandStartedEvent and CommandSucceededEvent constructors (#4371) (41b066b)
• NODE-6616: shortcircuit logging ejson.stringify (#4377) (c1bcf0d)

Commits

• 76f697f chore(main): release 6.13.0 [skip-ci] (#4374)
• d08480b ci(NODE-6686): deployed Atlas cluster tests use secrets manager (#4384)
• d1b2453 feat(NODE-5672): support standardized logging (#4387)
• 6b15f20 ci(NODE-6682, NODE-6684): deployed KMS tests and serverless tests use secrets...
• 9419af7 fix(NODE-5225): concurrent MongoClient.close() calls each attempt to close th...
• 8b2b7fd fix(NODE-6340): OIDC reauth uses caches speculative auth result (#4379)
• 907aac1 test(NODE-4955): sync unacknowledged write spec tests (#4380)
• 654069f feat(NODE-6633): MongoClient.close closes active cursors (#4372)
• 73def18 feat(NODE-6258): add signal support to find and aggregate (#4364)
• c1bcf0d perf(NODE-6616): shortcircuit logging ejson.stringify (#4377)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)