build(deps): bump go.mongodb.org/mongo-driver from 1.5.1 to 1.10.1

[dependabot]

Bumps go.mongodb.org/mongo-driver from 1.5.1 to 1.10.1.

Release notes

Sourced from go.mongodb.org/mongo-driver's releases.

MongoDB Go Driver 1.10.1

The MongoDB Go Driver Team is pleased to release version 1.10.1 of the official Go driver.

Release Notes

This release, along with the libmongocrypt v1.5.2 release, fixes a potential encryption key corruption bug in ClientEncryption.RewrapManyDataKey that can lead to encrypted data corruption when rotating encryption keys backed by GCP or Azure key services.

This release also removes potentially confusing deprecation warnings added to some existing timeout mechanisms in the v1.10.0 release.

Fix for potential data corruption when rotating encryption keys

Fixes a potential encryption key corruption bug in ClientEncryption.RewrapManyDataKey that can lead to encrypted data corruption when rotating encryption keys backed by GCP or Azure key services. See the libmongocrypt v1.5.2 release notes for more details about the bug. ClientEncryption.RewrapManyDataKey will now return an error if the linked version of libmongocrypt is less than 1.5.2.

---

For a full list of tickets included in this release, please see the links below:

• Improvements

• Bugs

• Tasks

Documentation for the Go driver can be found on pkg.go.dev and the MongoDB documentation site. BSON library documentation is also available on pkg.go.dev. Questions and inquiries can be asked on the MongoDB Developer Community. Bugs can be reported in the Go Driver project in the MongoDB JIRA where a list of current issues can be found. Your feedback on the Go driver is greatly appreciated!

MongoDB Go Driver 1.10.0

⚠️ Retracted

This release has been retracted due to a potential encryption key corruption bug in ClientEncryption.RewrapManyDataKey that can lead to encrypted data corruption when rotating encryption keys backed by GCP or Azure key services.

Please use version 1.10.1 or higher.

---

The MongoDB Go Driver Team is pleased to release version 1.10.0 of the official Go driver.

Release Notes

This release supports several new features introduced in MongoDB v6.0, including the following notable changes.

Queryable Encryption Support

This release includes new options to AutoEncryptionOpts and EncryptOpts to support Queryable Encryption. Queryable Encryption support requires MongoDB server 6.0 or newer, and libmongocrypt 1.5.0 or newer.

Automatic Encryption Shared Library

Add support for the new encryption helper, crypt_shared, referred to as the Shared Library. The shared library replacesmongocryptd and does not require spawning a new process.

Key Management API Operations

Add ClientEncryption entity operations for Key Management API with the purpose of

• creating data keys

... (truncated)

Commits

• 9c62b3f Update version to v1.10.1
• 06579a7 GODRIVER-2489 createPipelineOptionsDoc: return err (#1036)
• bdfc953 update for libmongocrypt 1.5.2 (#1037)
• 51ecabd GODRIVER-2489 Return error if createPipelineOptionsDoc() fails (#1035)
• e6f6f26 GODRIVER-2494 Skip StaleShardVersion resume test on 6.1+. (#1030)
• e095f2d GODRIVER-2495 Undeprecate legacy timeouts. (#1026)
• 18da11c Update version to v1.10.1-prerelease
• 5d004cc Update version to v1.11.0-prerelease
• 9bbe96c GODRIVER-2464 Add delay in RTT monitor test so Windows can measure a non-zero...
• 3b7e3eb Update version to v1.10.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov-commenter]

Codecov Report

Merging #414 (42dfc33) into master (a135dc2) will decrease coverage by 0.32%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master     #414      +/-   ##
==========================================
- Coverage   40.29%   39.97%   -0.33%     
==========================================
  Files          84       84              
  Lines        5611     5611              
==========================================
- Hits         2261     2243      -18     
- Misses       3192     3211      +19     
+ Partials      158      157       -1     

Impacted Files	Coverage Δ
pkg/store/gorm/logger.go	14.58% <0.00%> (-37.50%)	⬇️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.