[Snyk] Security upgrade mongodb from 3.6.1 to 3.6.10

[ardalanamini]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	496/1000 Why? Recently disclosed, Has a fix available, CVSS 4.2	Information Exposure SNYK-JS-MONGODB-5871303	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: mongodb

The new version differs by 105 commits.

• 1297cd1 chore(release): 3.6.10
• e9196ab refactor(NODE-3324): bump max wire version to 13 (#2875)
• 3ce148d fix(NODE-3397): report more helpful error with unsupported authMechanism in initial handshake (#2876)
• 558182f test(NODE-3307): unified runner does not assert identical keys (#2867)
• 621677a fix(NODE-3380): perform retryable write checks against server (#2861)
• e4a9a57 fix(NODE-3150): added bsonRegExp option for v3.6 (#2843)
• 750760c fix(NODE-3358): Command monitoring objects hold internal state references (#2858)
• a917dfa fix(NODE-2035): Exceptions thrown from awaited cursor forEach do not propagate (#2852)
• b98f206 refactor(NODE-3356): Update command monitoring logging (#2853)
• 68b4665 test(NODE-2856): ensure defaultTransactionOptions get used from session (#2845)
• 8c8b4c3 fix(NODE-3356): update redaction logic for command monitoring events (#2847)
• 2c5d440 test(NODE-3357): extend timeout for atlas connectivity (#2846)
• fd97808 test(NODE-3288): sync command-monitoring spec tests to 3.6 (#2838)
• bf8b21b docs: change links to use https (#2836)
• f42ac4c refactor(NODE-2752): deprecate strict option for Db.collection (#2819)
• 394832a chore(release): 3.6.9
• fac9610 fix(NODE-3309): remove redundant iteration of bulk write result (#2815)
• 58c4e69 fix: fix url parsing for a mongodb+srv url that has commas in the database name (#2789)
• 6c8cc84 chore(release): 3.6.8
• 6e3bab3 fix(cmap): undo flipping of `beforeHandshake` flag for timeout errors (#2813)
• 4fd03e8 chore(release): 3.6.7
• 6ceace6 fix(NODE-3192): check clusterTime is defined before access (#2806)
• 1967515 test(NODE-3187): port unified test runner (#2783)
• 5d8f649 fix(NODE-3252): state transistion from DISCONNECTED (#2807)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[codecov]

Codecov Report

Merging #35 (51f3469) into master (f42bd0c) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master      #35   +/-   ##
=======================================
  Coverage   71.67%   71.67%           
=======================================
  Files          25       25           
  Lines        4431     4431           
  Branches      431      431           
=======================================
  Hits         3176     3176           
- Misses       1254     1255    +1     
+ Partials        1        0    -1     

see 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more