chore(deps): bump go.mongodb.org/mongo-driver from 1.12.1 to 1.17.6

[dependabot]

Bumps go.mongodb.org/mongo-driver from 1.12.1 to 1.17.6.

Release notes

Sourced from go.mongodb.org/mongo-driver's releases.

MongoDB Go Driver 1.17.4

The MongoDB Go Driver Team is pleased to release version 1.17.4 of the official MongoDB Go Driver.

Release Notes

This release resolves two bugs in the Go Driver: it removes a buggy and unnecessary connection liveness check that could run unexpectedly or fail intermittently when maxIdleTimeMS was set, and it fixes an issue where regular expressions were marshaled to invalid JSON due to improper character escaping, ensuring all generated JSON is now valid.

---

For a full list of tickets included in this release, please see the list of fixed issues.

Full Changelog: v1.17.3...v1.17.4

Documentation for the Go Driver can be found on pkg.go.dev and the MongoDB documentation site. BSON library documentation is also available on pkg.go.dev. Questions and inquiries can be asked on the MongoDB Developer Community. Bugs can be reported in the Go Driver project in the MongoDB JIRA where a list of current issues can be found. Your feedback on the Go Driver is greatly appreciated!

What's Changed

• Add GitHub Actions workflow for merge ups by @​alcaeus in mongodb/mongo-go-driver#1962
• Use different credentials for merge-up PRs by @​alcaeus in mongodb/mongo-go-driver#1968
• GODRIVER-3476 Escape for Regex Options. by @​qingyang-hu in mongodb/mongo-go-driver#1929
• Ignore unmaintained branches when merging up by @​alcaeus in mongodb/mongo-go-driver#2062
• GODRIVER-3549 Fix timeouts in CSE custom endpoint test (#2028) (#2031) by @​prestonvasquez in mongodb/mongo-go-driver#2061
• GODRIVER-3516 Remove isAlive by @​linfeip in mongodb/mongo-go-driver#2060
• GODRIVER-3560 Assume ec2 role explicitly in CI by @​prestonvasquez in mongodb/mongo-go-driver#2080
• GODRIVER-3524 Sync updates to reflect showExpandedEvents omissions by @​prestonvasquez in mongodb/mongo-go-driver#2084

New Contributors

• @​linfeip made their first contribution in mongodb/mongo-go-driver#2060

Full Changelog: mongodb/mongo-go-driver@v1.17.3...v1.17.4

MongoDB Go Driver 1.17.3

The MongoDB Go Driver team is pleased to release version 1.17.3 of the official MongoDB Go Driver.

Release Notes

This release fixes one bug:

• Skips calling UnmarshalBSONValue only if the associated BSON field value is null and the Go value is a pointer.

---

For a full list of tickets included in this release, please see the links below:

• Bugs

Full Changelog: v1.17.2...v1.17.3

Documentation for the MongoDB Go Driver can be found on pkg.go.dev and the MongoDB documentation site. BSON library documentation is also available on pkg.go.dev. Questions and inquiries can be asked on the MongoDB Developer Community. Bugs can be reported in the Go Driver project in the MongoDB JIRA where a list of current issues can be found. Your feedback on the MongoDB Go Driver is greatly appreciated!

MongoDB Go Driver 1.17.2

The MongoDB Go Driver Team is pleased to release version 1.17.2 of the official MongoDB Go driver.

... (truncated)

Commits

• d2fa0ab BUMP v1.17.6
• f1d540b BUMP v1.17.5
• b879028 GODRIVER-3654 Don't test v1 branches against latest server. (#2188)
• 21f47d4 Allow ignore-for-release label to satisfy label checker (#2203)
• 8708ca8 Disable merge-up from release/1.17 (#2202)
• 0b2794f GODRIVER-3612 Add an internal-only NewSessionWithLSID API (v1) (#2183)
• 747a8d0 Consider HTTP 429 a succcessful response in the Markdown link check. (#2191)
• 8c336ff Pin drivers-evergreen-tools to rev 98f6b0e in v1. (#2184)
• 106cff3 Retry Markdown link checks on HTTP 429 (v1) (#2186)
• d406474 GODRIVER-3564: Add config and workflows for release note labels (#2148)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Greptile Overview

Updated On: 2025-10-28 00:11:28 UTC

Greptile Summary

Automated dependency update bumping MongoDB Go driver from v1.12.1 to v1.17.6 (5 minor versions). The update includes important bug fixes:

• Fixed regex options escaping bug that caused invalid JSON marshaling
• Removed buggy connection liveness check that could fail intermittently with maxIdleTimeMS
• Fixed BSON unmarshaling for null pointer values

The update also pulls in security and stability improvements in transitive dependencies (golang.org/x/crypto, golang.org/x/net, golang.org/x/sync, etc.).

Confidence Score: 5/5

• Safe to merge - standard dependency update with bug fixes and no breaking changes
• This is an automated Dependabot PR updating MongoDB driver within the v1 major version (no breaking changes expected). The changes only touch dependency files (go.mod/go.sum), and the updated versions include important bug fixes and security improvements. The repository has minimal MongoDB usage (only one example file in mon/time.go), reducing risk.
• No files require special attention

Important Files Changed

File Analysis

Filename	Score	Overview
go.mod	5/5	Updated go.mongodb.org/mongo-driver from 1.12.1 to 1.17.6 and transitive dependencies
go.sum	5/5	Checksums updated for MongoDB driver and transitive dependencies

Sequence Diagram

sequenceDiagram
    participant D as Dependabot
    participant GM as go.mod
    participant GS as go.sum
    participant MD as MongoDB Driver
    participant TD as Transitive Deps
    
    D->>GM: Update mongo-driver 1.12.1 → 1.17.6
    GM->>TD: Pull updated dependencies
    TD->>GM: Update golang.org/x/crypto
    TD->>GM: Update golang.org/x/net
    TD->>GM: Update golang.org/x/sync
    TD->>GM: Update other transitive deps
    D->>GS: Update checksums for all deps
    GS-->>D: Dependencies resolved
    
    Note over MD: Includes bug fixes:<br/>- Regex escaping<br/>- Connection liveness<br/>- BSON unmarshaling

Loading

[greptile-apps]

_{2 files reviewed, no comments}

_{Edit Code Review Agent Settings | Greptile}