chore(release): bump package version(s) [skip ci]

BREAKING CHANGE:

The required minimum version of `mongodb` has been bumped to v6, make sure to upgrade it in your project via `npm i mongodb@latest` or the equivalent

.github/ISSUE_TEMPLATE/2_bug_provider.yml

@@ -36,6 +36,7 @@ body:
         - "Beyond Identity"
         - "Box"
         - "Bungie"
+        - "ClickUp"
         - "Cognito"
         - "Coinbase"
         - "Descope"
@@ -58,6 +59,7 @@ body:
         - "LinkedIn"
         - "Mailchimp"
         - "Mail.ru"
+        - "Mastodon"
         - "Medium"
         - "Naver"
         - "Netlify"

apps/dev/nextjs/.env.local.example

@@ -59,6 +59,10 @@ WIKIMEDIA_SECRET=
 YANDEX_ID=
 YANDEX_SECRET=
 
+# ClickUp OAuth. https://clickup.com/api/
+CLICK_UP_ID=
+CLICK_UP_SECRET=
+
 # Example configuration for a Gmail account (will need SMTP enabled)
 EMAIL_SERVER=smtps://user@gmail.com:password@smtp.gmail.com:465
 EMAIL_FROM=user@gmail.com

apps/dev/nextjs/pages/api/auth/[...nextauth].ts

@@ -39,7 +39,7 @@ import Yandex from "@auth/core/providers/yandex"
 import Vk from "@auth/core/providers/vk"
 import Wikimedia from "@auth/core/providers/wikimedia"
 import WorkOS from "@auth/core/providers/workos"
-
+import ClickUp from '@auth/core/providers/click-up'
 // // Prisma
 // import { PrismaClient } from "@prisma/client"
 // import { PrismaAdapter } from "@auth/prisma-adapter"
@@ -131,6 +131,7 @@ export const authConfig: AuthConfig = {
     Vk({ clientId: process.env.VK_ID, clientSecret: process.env.VK_SECRET }),
     Wikimedia({ clientId: process.env.WIKIMEDIA_ID, clientSecret: process.env.WIKIMEDIA_SECRET }),
     WorkOS({ clientId: process.env.WORKOS_ID, clientSecret: process.env.WORKOS_SECRET }),
+    ClickUp({ clientId: process.env.CLICK_UP_ID, clientSecret: process.env.CLICK_UP_SECRET })
   ],
   // debug: process.env.NODE_ENV !== "production",
 }

docs/docs/guides/providers/credentials-provider.md

@@ -7,11 +7,7 @@ The Credentials provider allows you to handle signing in with arbitrary credenti
 
 It is intended to support use cases where you have an existing system you need to authenticate users against.
 
-It comes with the constraint that users authenticated in this manner are not persisted in the database, and consequently that the Credentials provider can only be used if JSON Web Tokens are enabled for sessions.
-
-:::warning
-The functionality provided for credentials-based authentication is intentionally limited to discourage the use of passwords due to the inherent security risks associated with them and the additional complexity associated with supporting usernames and passwords.
-:::
+It comes with the constraint that users authenticated in this manner are not persisted in the database by default, and consequently, that the Credentials provider can only be used if JSON Web Tokens are enabled for sessions.
 
 ## Options
 
@@ -23,17 +19,31 @@ You can override any of the options to suit your own use case.
 
 ## Example - Username / Password
 
-The Credentials provider is specified like other providers, except that you need to define a handler for `authorize()` that accepts credentials submitted via HTTP POST as input and returns either:
+:::caution
+The functionality provided for credentials-based authentication is intentionally limited to discourage the use of passwords due to the inherent security risks of the username-password model.
 
-1. A `user` object, which indicates the credentials are valid.
+OAuth providers spend significant amounts of money, time, and engineering effort to build:
 
-If you return an object it will be persisted to the JSON Web Token and the user will be signed in, unless a custom `signIn()` callback is configured that subsequently rejects it.
+- bot-protection
+- rate-limiting
+- password management
+- data security
 
-2. If you return `null` then an error will be displayed advising the user to check their details.
+and much more for authentication solutions. It is likely that your application would benefit from leveraging these battle-tested solutions rather than try to rebuild them from scratch.
 
-3. If you throw an Error, the user will be sent to the error page with the error message as a query parameter.
+If you'd still like to build password-based authentication for your application despite these risks, Auth.js gives you full control to do so.
 
-The Credentials provider's `authorize()` method also provides the request object as the second parameter (see the example below).
+:::
+
+The Credentials provider is specified like other providers, except that you need to define a handler for `authorize()` that accepts credentials submitted via HTTP POST as input and returns a `user` object, which indicates the credentials are valid.
+
+If you return an object it will be persisted to the JSON Web Token and the user will be signed in (unless a custom `signIn()` callback is configured that subsequently rejects it).
+
+- If you return `null` then an error will be displayed advising the user to check their details.
+
+- If you throw an Error, the user will be sent to the error page with the error message as a query parameter.
+
+The Credentials provider's `authorize()` method also provides the request object as the second parameter. Here's an example that handles these concerns.
 
 ```js title="auth.js"
 import CredentialsProvider from "next-auth/providers/credentials";
@@ -70,7 +80,7 @@ providers: [
 ```
 
 See the [callbacks documentation](/reference/configuration/auth-config#callbacks) for more information on how to interact with the token. For example, you can add additional information to the token by returning an object from the `jwt()` callback:
-  
+
 ```js
 callbacks: {
   async jwt(token, user, account, profile, isNewUser) {
@@ -82,6 +92,38 @@ callbacks: {
 }
 ```
 
+### Using a database
+
+You can also use the `authorize()` callback to interact with your database to regain some of the functionality from [more powerful providers](reference/core/providers):
+
+```js
+...
+providers: [
+  CredentialsProvider({
+    ...
+    async authorize(credentials, req) {
+      let user = null
+
+      const saltedPasswordToCheck = passwordToSalt(credentials.password)
+      user = await getUserFromDb(credentials.username, credentials.password)
+
+      if (!user) {
+        const saltedPassword = passwordToSalt(credentials.password)
+        user = await addUserToDb(credentials.username, saltedPassword)
+      }
+
+      if (!user) {
+        throw new Error("User was not found and could not be created.")
+      }
+
+      return user
+
+    }
+  })
+]
+...
+```
+
 ## Example - Web3 / Signin With Ethereum
 
 The credentials provider can also be used to integrate with a service like [Sign-in With Ethereum](https://login.xyz).
@@ -89,8 +131,8 @@ The credentials provider can also be used to integrate with a service like [Sign
 For more information, check out the links below:
 
 - [Tutorial](https://docs.login.xyz/integrations/Auth.js)
-- [Example App Repo](https://github.com/spruceid/siwe-next-auth-example).
-- [Example App Demo](https://siwe-next-auth-example2.vercel.app/).
+- [Example App Repo](https://github.com/spruceid/siwe-next-auth-example)
+- [Example App Demo](https://siwe-next-auth-example2.vercel.app/)
 
 ## Multiple providers
 

docs/static/img/providers/click-up.svg

@@ -0,0 +1,27 @@
+<svg width="185" height="185" viewBox="0 0 185 185" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g filter="url(#filter0_d)">
+<rect x="30" y="20" width="125" height="125" rx="62.5" fill="white"/>
+<rect x="30" y="20" width="125" height="125" rx="62.5" fill="white"/>
+<path fill-rule="evenodd" clip-rule="evenodd" d="M55.8789 105.714L69.3974 95.3593C76.5762 104.732 84.1998 109.051 92.6948 109.051C101.143 109.051 108.557 104.781 115.414 95.4832L129.119 105.59C119.232 118.996 106.932 126.079 92.6948 126.079C78.5049 126.079 66.0907 119.046 55.8789 105.714Z" fill="url(#paint0_linear)"/>
+<path fill-rule="evenodd" clip-rule="evenodd" d="M92.6491 60.7078L68.5883 81.4406L57.4727 68.5407L92.6969 38.1885L127.647 68.5644L116.477 81.417L92.6491 60.7078Z" fill="url(#paint1_linear)"/>
+</g>
+<defs>
+<filter id="filter0_d" x="0" y="0" width="185" height="185" filterUnits="userSpaceOnUse" color-interpolation-filters="sRGB">
+<feFlood flood-opacity="0" result="BackgroundImageFix"/>
+<feColorMatrix in="SourceAlpha" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"/>
+<feOffset dy="10"/>
+<feGaussianBlur stdDeviation="15"/>
+<feColorMatrix type="matrix" values="0 0 0 0 0.0627451 0 0 0 0 0.117647 0 0 0 0 0.211765 0 0 0 0.1 0"/>
+<feBlend mode="normal" in2="BackgroundImageFix" result="effect1_dropShadow"/>
+<feBlend mode="normal" in="SourceGraphic" in2="effect1_dropShadow" result="shape"/>
+</filter>
+<linearGradient id="paint0_linear" x1="55.8789" y1="116.251" x2="129.119" y2="116.251" gradientUnits="userSpaceOnUse">
+<stop stop-color="#8930FD"/>
+<stop offset="1" stop-color="#49CCF9"/>
+</linearGradient>
+<linearGradient id="paint1_linear" x1="57.4727" y1="67.6025" x2="127.647" y2="67.6025" gradientUnits="userSpaceOnUse">
+<stop stop-color="#FF02F0"/>
+<stop offset="1" stop-color="#FFC800"/>
+</linearGradient>
+</defs>
+</svg>

docs/static/img/providers/mastodon.svg

@@ -0,0 +1,10 @@
+<svg width="75" height="79" viewBox="0 0 75 79" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M73.8393 17.4898C72.6973 9.00165 65.2994 2.31235 56.5296 1.01614C55.05 0.797115 49.4441 0 36.4582 0H36.3612C23.3717 0 20.585 0.797115 19.1054 1.01614C10.5798 2.27644 2.79399 8.28712 0.904997 16.8758C-0.00358524 21.1056 -0.100549 25.7949 0.0682394 30.0965C0.308852 36.2651 0.355538 42.423 0.91577 48.5665C1.30307 52.6474 1.97872 56.6957 2.93763 60.6812C4.73325 68.042 12.0019 74.1676 19.1233 76.6666C26.7478 79.2728 34.9474 79.7055 42.8039 77.9162C43.6682 77.7151 44.5217 77.4817 45.3645 77.216C47.275 76.6092 49.5123 75.9305 51.1571 74.7385C51.1797 74.7217 51.1982 74.7001 51.2112 74.6753C51.2243 74.6504 51.2316 74.6229 51.2325 74.5948V68.6416C51.2321 68.6154 51.2259 68.5896 51.2142 68.5661C51.2025 68.5426 51.1858 68.522 51.1651 68.5058C51.1444 68.4896 51.1204 68.4783 51.0948 68.4726C51.0692 68.4669 51.0426 68.467 51.0171 68.4729C45.9835 69.675 40.8254 70.2777 35.6502 70.2682C26.7439 70.2682 24.3486 66.042 23.6626 64.2826C23.1113 62.762 22.7612 61.1759 22.6212 59.5646C22.6197 59.5375 22.6247 59.5105 22.6357 59.4857C22.6466 59.4609 22.6633 59.4391 22.6843 59.422C22.7053 59.4048 22.73 59.3929 22.7565 59.3871C22.783 59.3813 22.8104 59.3818 22.8367 59.3886C27.7864 60.5826 32.8604 61.1853 37.9522 61.1839C39.1768 61.1839 40.3978 61.1839 41.6224 61.1516C46.7435 61.008 52.1411 60.7459 57.1796 59.7621C57.3053 59.7369 57.431 59.7154 57.5387 59.6831C65.4861 58.157 73.0493 53.3672 73.8178 41.2381C73.8465 40.7606 73.9184 36.2364 73.9184 35.7409C73.9219 34.0569 74.4606 23.7949 73.8393 17.4898Z" fill="url(#paint0_linear_549_34)"/>
+<path d="M61.2484 27.0263V48.114H52.8916V27.6475C52.8916 23.3388 51.096 21.1413 47.4437 21.1413C43.4287 21.1413 41.4177 23.7409 41.4177 28.8755V40.0782H33.1111V28.8755C33.1111 23.7409 31.0965 21.1413 27.0815 21.1413C23.4507 21.1413 21.6371 23.3388 21.6371 27.6475V48.114H13.2839V27.0263C13.2839 22.7176 14.384 19.2946 16.5843 16.7572C18.8539 14.2258 21.8311 12.926 25.5264 12.926C29.8036 12.926 33.0357 14.5705 35.1905 17.8559L37.2698 21.346L39.3527 17.8559C41.5074 14.5705 44.7395 12.926 49.0095 12.926C52.7013 12.926 55.6784 14.2258 57.9553 16.7572C60.1531 19.2922 61.2508 22.7152 61.2484 27.0263Z" fill="white"/>
+<defs>
+<linearGradient id="paint0_linear_549_34" x1="37.0692" y1="0" x2="37.0692" y2="79" gradientUnits="userSpaceOnUse">
+<stop stop-color="#6364FF"/>
+<stop offset="1" stop-color="#563ACC"/>
+</linearGradient>
+</defs>
+</svg>

packages/adapter-mongodb/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/mongodb-adapter",
-  "version": "1.0.0",
+  "version": "2.0.0",
   "description": "MongoDB adapter for Auth.js",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",
@@ -42,15 +42,15 @@
     "@auth/core": "workspace:*"
   },
   "peerDependencies": {
-    "mongodb": "^5 || ^4"
+    "mongodb": "^6"
   },
   "devDependencies": {
     "@auth/adapter-test": "workspace:*",
     "@auth/tsconfig": "workspace:*",
     "jest": "^27.4.3",
-    "mongodb": "^4.17.0"
+    "mongodb": "^6.0.0"
   },
   "jest": {
     "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-mongodb/src/index.ts

@@ -193,7 +193,7 @@ export function MongoDBAdapter(
         await db
       ).U.findOneAndUpdate({ _id }, { $set: user }, { returnDocument: "after" })
 
-      return from<AdapterUser>(result.value!)
+      return from<AdapterUser>(result!)
     },
     async deleteUser(id) {
       const userId = _id(id)
@@ -210,7 +210,7 @@ export function MongoDBAdapter(
       return account
     },
     async unlinkAccount(provider_providerAccountId) {
-      const { value: account } = await (
+      const account = await (
         await db
       ).A.findOneAndDelete(provider_providerAccountId)
       return from<AdapterAccount>(account!)
@@ -235,17 +235,17 @@ export function MongoDBAdapter(
     async updateSession(data) {
       const { _id, ...session } = to<AdapterSession>(data)
 
-      const result = await (
+      const updatedSession = await (
         await db
       ).S.findOneAndUpdate(
         { sessionToken: session.sessionToken },
         { $set: session },
         { returnDocument: "after" }
       )
-      return from<AdapterSession>(result.value!)
+      return from<AdapterSession>(updatedSession!)
     },
     async deleteSession(sessionToken) {
-      const { value: session } = await (
+      const session = await (
         await db
       ).S.findOneAndDelete({
         sessionToken,
@@ -257,14 +257,13 @@ export function MongoDBAdapter(
       return data
     },
     async useVerificationToken(identifier_token) {
-      const { value: verificationToken } = await (
+      const verificationToken = await (
         await db
       ).V.findOneAndDelete(identifier_token)
 
       if (!verificationToken) return null
-      // @ts-expect-error
-      delete verificationToken._id
-      return verificationToken
+      const { _id, ...rest } = verificationToken;
+      return rest;
     },
   }
 }

packages/core/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/core",
-  "version": "0.13.0",
+  "version": "0.14.0",
   "description": "Authentication for the Web.",
   "keywords": [
     "authentication",

packages/core/src/providers/click-up.ts

@@ -0,0 +1,103 @@
+/**
+ * <div style={{backgroundColor: "#24292f", display: "flex", justifyContent: "space-between", color: "#fff", padding: 16}}>
+ * <span>Built-in <b>ClickUp</b> integration.</span>
+ * <a href="https://clickup.com">
+ *   <img style={{display: "block"}} src="https://authjs.dev/img/providers/click-up.svg" height="48" width="48"/>
+ * </a>
+ * </div>
+ *
+ * @module providers/ClickUp
+ */
+
+import type { OAuthConfig, OAuthUserConfig } from "./index.js"
+
+/** @see [Get the authenticated user](https://clickup.com/api/clickupreference/operation/GetAuthorizedUser/)*/
+export interface ClickUpProfile {
+  user: {
+    id: number
+    username: string
+    color: string
+    profilePicture: string
+  }
+}
+
+/**
+ * Add ClickUp login to your page and make requests to [ClickUp APIs](https://clickup.com/api/).
+ *
+ * ### Setup
+ *
+ * #### Callback URL
+ * ```
+ * https://example.com/api/auth/callback/clickup
+ * ```
+ *
+ * #### Configuration
+ * ```ts
+ * import { Auth } from "@auth/core"
+ * import ClickUp from "@auth/core/providers/click-up"
+ *
+ * const request = new Request(origin)
+ * const response = await Auth(request, {
+ *   providers: [ClickUp({ clientId: CLICKUP_CLIENT_ID, clientSecret: CLICKUP_CLIENT_SECRET })],
+ * })
+ * ```
+ *
+ * ### Resources
+ *
+ * - [ClickUp - Authorizing OAuth Apps](https://clickup.com/api/developer-portal/authentication#oauth-flow)
+ * - [Source code](https://github.com/nextauthjs/next-auth/blob/main/packages/core/src/providers/click-up.ts)
+ *
+ * ### Notes
+ *
+ * By default, Auth.js assumes that the ClickUp provider is
+ * based on the [OAuth 2](https://www.rfc-editor.org/rfc/rfc6749.html) specification.
+ *
+ * :::tip
+ *
+ * The ClickUp provider comes with a [default configuration](https://github.com/nextauthjs/next-auth/blob/main/packages/core/src/providers/click-up.ts).
+ * To override the defaults for your use case, check out [customizing a built-in OAuth provider](https://authjs.dev/guides/providers/custom-provider#override-default-options).
+ *
+ * :::
+ *
+ * :::info **Disclaimer**
+ *
+ * If you think you found a bug in the default configuration, you can [open an issue](https://authjs.dev/new/provider-issue).
+ *
+ * Auth.js strictly adheres to the specification and it cannot take responsibility for any deviation from
+ * the spec by the provider. You can open an issue, but if the problem is non-compliance with the spec,
+ * we might not pursue a resolution. You can ask for more help in [Discussions](https://authjs.dev/new/github-discussions).
+ *
+ * :::
+ */
+export default function ClickUp(
+  config: OAuthUserConfig<ClickUpProfile>
+): OAuthConfig<ClickUpProfile> {
+  return {
+    id: "clickup",
+    name: "ClickUp",
+    type: "oauth",
+    authorization: "https://app.clickup.com/api",
+    token: "https://api.clickup.com/api/v2/oauth/token",
+    userinfo: "https://api.clickup.com/api/v2/user",
+    clientId: config.clientId,
+    clientSecret: config.clientSecret,
+    checks: ["state"],
+    profile: (profile: ClickUpProfile) => {
+      return {
+        id: profile.user.id.toString(),
+        name: profile.user.username,
+        profilePicture: profile.user.profilePicture,
+        color: profile.user.color,
+      }
+    },
+    style: {
+      logo: "/click-up.svg",
+      logoDark: "/click-up.svg",
+      bg: "#fff",
+      bgDark: "#24292f",
+      text: "#000",
+      textDark: "#fff",
+    },
+    options: config,
+  }
+}

packages/core/src/providers/mastodon.ts

@@ -0,0 +1,106 @@
+/**
+ * <div style={{backgroundColor: "#000", display: "flex", justifyContent: "space-between", color: "#fff", padding: 16}}>
+ * <span>Built-in <b>Mastodon</b> integration.</span>
+ * <a href="https://mastodon.social">
+ *   <img style={{display: "block"}} src="https://authjs.dev/img/providers/mastodon.svg" height="48" width="48"/>
+ * </a>
+ * </div>
+ *
+ * @module providers/mastodon
+ */
+import type { OAuthConfig, OAuthUserConfig } from "./index.js"
+
+export interface MastodonProfile extends Record<string, any> {
+  id: string
+  username: string
+  acct: string
+  display_name: string
+  locked: boolean
+  bot: boolean
+  created_at: string
+  note: string
+  url: string
+  avatar: string
+  avatar_static: string
+  header: string
+  header_static: string
+  followers_count: number
+  following_count: number
+  statuses_count: number
+  last_status_at: string | null
+}
+
+/**
+ * Add Mastodon login to your page.
+ *
+ * ### Setup
+ *
+ * #### Callback URL
+ * ```
+ * https://example.com/api/auth/callback/mastodon
+ * ```
+ *
+ * #### Configuration
+ *```js
+ * import Auth from "@auth/core"
+ * import Mastodon from "@auth/core/providers/mastodon"
+ *
+ * const request = new Request(origin)
+ * const response = await Auth(request, {
+ *   providers: [Mastodon({ clientId: MASTODON_CLIENT_ID, clientSecret: MASTODON_CLIENT_SECRET, issuer: MASTODON_ISSUER })],
+ * })
+ * ```
+ *
+ * ### Resources
+ *
+ *  - [Mastodon OAuth documentation](https://docs.joinmastodon.org/client/token/)
+ *  - [Mastodon OAuth Configuration](https://mastodon.social/settings/applications)
+ *
+ * ### Notes
+ *
+ * By default, Auth.js assumes that the Mastodon provider is
+ * based on the [OAuth 2](https://www.rfc-editor.org/rfc/rfc6749.html) specification.
+ *
+ * Due to Mastodons infrastructure beeing a Fediverse you have to define the `issuer` you want to connect to.
+ *
+ * :::tip
+ *
+ * The Mastodon provider comes with a [default configuration](https://github.com/nextauthjs/next-auth/blob/main/packages/core/src/providers/mastodon.ts).
+ * To override the defaults for your use case, check out [customizing a built-in OAuth provider](https://authjs.dev/guides/providers/custom-provider#override-default-options).
+ *
+ * :::
+ *
+ * :::info **Disclaimer**
+ *
+ * If you think you found a bug in the default configuration, you can [open an issue](https://authjs.dev/new/provider-issue).
+ *
+ * Auth.js strictly adheres to the specification and it cannot take responsibility for any deviation from
+ * the spec by the provider. You can open an issue, but if the problem is non-compliance with the spec,
+ * we might not pursue a resolution. You can ask for more help in [Discussions](https://authjs.dev/new/github-discussions).
+ *
+ * :::
+ */
+
+export default function Mastodon<P extends MastodonProfile>(
+  options: OAuthUserConfig<P> & {
+    issuer: string
+  }
+): OAuthConfig<P> {
+  return {
+    id: "mastodon",
+    name: "Mastodon",
+    type: "oauth",
+    authorization: `${options.issuer}/oauth/authorize?scope=read`,
+    token: `${options.issuer}/oauth/token`,
+    userinfo: `${options.issuer}/api/v1/accounts/verify_credentials`,
+    profile(profile) {
+      return {
+        id: profile.id,
+        name: profile.username,
+        image: profile.avatar_static,
+        email: null,
+      }
+    },
+    options,
+  }
+}

pnpm-lock.yaml

@@ -515,8 +515,8 @@ importers:
         specifier: ^27.4.3
         version: 27.5.1
       mongodb:
-        specifier: ^4.17.0
-        version: 4.17.0
+        specifier: ^6.0.0
+        version: 6.0.0
 
   packages/adapter-neo4j:
     dependencies:
@@ -10334,7 +10334,6 @@ packages:
     dependencies:
       sparse-bitfield: 3.0.3
     dev: true
-    optional: true
 
   /@mswjs/cookies@0.2.1:
     resolution: {integrity: sha512-0tDfcPw5/s7QsNQqS3knAvAD5w5PF1nNPagRhKO/yECY+sMbJxoC2sLWnH7Lzmh52mTSVLKDhd1r92Q3kfljnQ==}
@@ -14459,6 +14458,11 @@ packages:
       buffer: 5.7.1
     dev: true
 
+  /bson@6.0.0:
+    resolution: {integrity: sha512-FoWvdELfF2wQaUo8S/a1Rh2BDwJEUancDDnzdTpYymJTZjmvRpLWoqRPelKn+XSeh5D4YddWDG66cLtEhGGvcg==}
+    engines: {node: '>=16.20.1'}
+    dev: true
+
   /btoa-lite@1.0.0:
     resolution: {integrity: sha512-gvW7InbIyF8AicrqWoptdW08pUxuhq8BEgowNajy9RhiE86fmGAGl+bLKo6oB8QP0CkqHLowfN0oJdKC/J6LbA==}
 
@@ -25279,7 +25283,6 @@ packages:
     resolution: {integrity: sha512-ZS4Bp4r/Zoeq6+NLJpP+0Zzm0pR8whtGPf1XExKLJBAczGMnSi3It14OiNCStjQjM6NU1okjQGSxgEZN8eBYKg==}
     requiresBuild: true
     dev: true
-    optional: true
 
   /meow@8.1.2:
     resolution: {integrity: sha512-r85E3NdZ+mpYk1C6RjPFEMSE+s1iZMuHtsHAqY0DT3jZczl0diWUZ8g6oU7h0M9cD2EL+PzaYghhCLzR0ZNn5Q==}
@@ -25703,6 +25706,38 @@ packages:
       - aws-crt
     dev: true
 
+  /mongodb@6.0.0:
+    resolution: {integrity: sha512-wUIYesF4DTyDccm0noE5TwGi9ISdXUAi9T2cQ4xPc+EUBZG44bfMVt2ecOG5Ypca7eCz3oRpJm6YI6c7jAnuNw==}
+    engines: {node: '>=16.20.1'}
+    peerDependencies:
+      '@aws-sdk/credential-providers': ^3.188.0
+      '@mongodb-js/zstd': ^1.1.0
+      gcp-metadata: ^5.2.0
+      kerberos: ^2.0.1
+      mongodb-client-encryption: '>=6.0.0 <7'
+      snappy: ^7.2.2
+      socks: ^2.7.1
+    peerDependenciesMeta:
+      '@aws-sdk/credential-providers':
+        optional: true
+      '@mongodb-js/zstd':
+        optional: true
+      gcp-metadata:
+        optional: true
+      kerberos:
+        optional: true
+      mongodb-client-encryption:
+        optional: true
+      snappy:
+        optional: true
+      socks:
+        optional: true
+    dependencies:
+      '@mongodb-js/saslprep': 1.1.0
+      bson: 6.0.0
+      mongodb-connection-string-url: 2.6.0
+    dev: true
+
   /morgan@1.10.0:
     resolution: {integrity: sha512-AbegBVI4sh6El+1gNwvD5YIck7nSA36weD7xvIxG4in80j/UoK8AEGaWnnz8v1GxonMCltmlNs5ZKbGvl9b1XQ==}
     engines: {node: '>= 0.8.0'}
@@ -30103,7 +30138,6 @@ packages:
     dependencies:
       memory-pager: 1.5.0
     dev: true
-    optional: true
 
   /spawn-command@0.0.2-1:
     resolution: {integrity: sha512-n98l9E2RMSJ9ON1AKisHzz7V42VDiBQGY6PB1BwRglz99wpVsSuGzQ+jOi6lFXBGVTCrRpltvjm+/XA+tpeJrg==}