feat(NODE-5409)!: allow socks to be installed optionally

package.json

@@ -26,8 +26,7 @@
   },
   "dependencies": {
     "bson": "^5.4.0",
-    "mongodb-connection-string-url": "^2.6.0",
-    "socks": "^2.7.1"
+    "mongodb-connection-string-url": "^2.6.0"
   },
   "optionalDependencies": {
     "saslprep": "^1.0.3"
@@ -38,7 +37,8 @@
     "gcp-metadata": "^5.2.0",
     "kerberos": "^2.0.1",
     "mongodb-client-encryption": ">=6.0.0-alpha.0 <7",
-    "snappy": "^7.2.2"
+    "snappy": "^7.2.2",
+    "socks": "^2.7.1"
   },
   "peerDependenciesMeta": {
     "@aws-sdk/credential-providers": {
@@ -58,6 +58,9 @@
     },
     "gcp-metadata": {
       "optional": true
+    },
+    "socks": {
+      "optional": true
     }
   },
   "devDependencies": {
@@ -102,6 +105,7 @@
     "sinon": "^15.0.4",
     "sinon-chai": "^3.7.0",
     "snappy": "^7.2.2",
+    "socks": "^2.7.1",
     "source-map-support": "^0.5.21",
     "ts-node": "^10.9.1",
     "tsd": "^0.28.1",

src/client-side-encryption/stateMachine.js

@@ -4,12 +4,25 @@ import * as tls from 'tls';
 import * as net from 'net';
 import * as fs from 'fs';
 import { once } from 'events';
-import { SocksClient } from 'socks';
 import { MongoNetworkTimeoutError } from '../error';
 import { debug, databaseNamespace, collectionNamespace } from './common';
 import { MongoCryptError } from './errors';
 import { BufferPool } from './buffer_pool';
 import { serialize, deserialize } from '../bson';
+import { getSocks } from '../deps';
+
+/** @type {import('../deps').SocksLib | null} */
+let socks = null;
+function loadSocks() {
+  if (socks == null) {
+    const socksImport = getSocks();
+    if ('kModuleError' in socksImport) {
+      throw socksImport.kModuleError;
+    }
+    socks = socksImport;
+  }
+  return socks;
+}
 
 // libmongocrypt states
 const MONGOCRYPT_CTX_ERROR = 0;
@@ -289,8 +302,9 @@ class StateMachine {
         rawSocket.on('error', onerror);
         try {
           await once(rawSocket, 'connect');
+          socks ??= loadSocks();
           options.socket = (
-            await SocksClient.createConnection({
+            await socks.SocksClient.createConnection({
               existing_socket: rawSocket,
               command: 'connect',
               destination: { host: options.host, port: options.port },

src/cmap/connect.ts

@@ -1,11 +1,11 @@
 import type { Socket, SocketConnectOpts } from 'net';
 import * as net from 'net';
-import { SocksClient } from 'socks';
 import type { ConnectionOptions as TLSConnectionOpts, TLSSocket } from 'tls';
 import * as tls from 'tls';
 
 import type { Document } from '../bson';
 import { LEGACY_HELLO_COMMAND } from '../constants';
+import { getSocks, type SocksLib } from '../deps';
 import {
   MongoCompatibilityError,
   MongoError,
@@ -419,6 +419,18 @@ function makeConnection(options: MakeConnectionOptions, _callback: Callback<Stre
   }
 }
 
+let socks: SocksLib | null = null;
+function loadSocks() {
+  if (socks == null) {
+    const socksImport = getSocks();
+    if ('kModuleError' in socksImport) {
+      throw socksImport.kModuleError;
+    }
+    socks = socksImport;
+  }
+  return socks;
+}
+
 function makeSocks5Connection(options: MakeConnectionOptions, callback: Callback<Stream>) {
   const hostAddress = HostAddress.fromHostPort(
     options.proxyHost ?? '', // proxyHost is guaranteed to set here
@@ -434,7 +446,7 @@ function makeSocks5Connection(options: MakeConnectionOptions, callback: Callback
       proxyHost: undefined
     },
     (err, rawSocket) => {
-      if (err) {
+      if (err || !rawSocket) {
         return callback(err);
       }
 
@@ -445,8 +457,14 @@ function makeSocks5Connection(options: MakeConnectionOptions, callback: Callback
         );
       }
 
+      try {
+        socks ??= loadSocks();
+      } catch (error) {
+        return callback(error);
+      }
+
       // Then, establish the Socks5 proxy connection:
-      SocksClient.createConnection({
+      socks.SocksClient.createConnection({
         existing_socket: rawSocket,
         timeout: options.connectTimeoutMS,
         command: 'connect',

src/deps.ts

@@ -1,5 +1,6 @@
 /* eslint-disable @typescript-eslint/no-var-requires */
 import type { Document } from './bson';
+import { type Stream } from './cmap/connect';
 import type { ProxyOptions } from './cmap/connection';
 import { MongoMissingDependencyError } from './error';
 import type { MongoClient } from './mongo_client';
@@ -157,6 +158,40 @@ export function getSnappy(): SnappyLib | { kModuleError: MongoMissingDependencyE
   }
 }
 
+export type SocksLib = {
+  SocksClient: {
+    createConnection(options: {
+      command: 'connect';
+      destination: { host: string; port: number };
+      proxy: {
+        /** host and port are ignored because we pass existing_socket */
+        host: 'iLoveJavaScript';
+        port: 0;
+        type: 5;
+        userId?: string;
+        password?: string;
+      };
+      timeout?: number;
+      /** We always create our own socket, and pass it to this API for proxy negotiation */
+      existing_socket: Stream;
+    }): Promise<{ socket: Stream }>;
+  };
+};
+
+export function getSocks(): SocksLib | { kModuleError: MongoMissingDependencyError } {
+  try {
+    // Ensure you always wrap an optional require in the try block NODE-3199
+    const value = require('socks');
+    return value;
+  } catch (cause) {
+    const kModuleError = new MongoMissingDependencyError(
+      'Optional module `socks` not found. Please install it to connections over a SOCKS5 proxy',
+      { cause }
+    );
+    return { kModuleError };
+  }
+}
+
 export let saslprep: typeof import('saslprep') | { kModuleError: MongoMissingDependencyError } =
   makeErrorModule(
     new MongoMissingDependencyError(

test/action/dependency.test.ts

@@ -7,14 +7,15 @@ import { expect } from 'chai';
 import { dependencies, peerDependencies, peerDependenciesMeta } from '../../package.json';
 import { itInNodeProcess } from '../tools/utils';
 
-const EXPECTED_DEPENDENCIES = ['bson', 'mongodb-connection-string-url', 'socks'];
+const EXPECTED_DEPENDENCIES = ['bson', 'mongodb-connection-string-url'];
 const EXPECTED_PEER_DEPENDENCIES = [
   '@aws-sdk/credential-providers',
   '@mongodb-js/zstd',
   'kerberos',
   'snappy',
   'mongodb-client-encryption',
-  'gcp-metadata'
+  'gcp-metadata',
+  'socks'
 ];
 
 describe('package.json', function () {
@@ -119,10 +120,7 @@ describe('package.json', function () {
     'mongodb-connection-string-url',
     'whatwg-url',
     'webidl-conversions',
-    'tr46',
-    'socks',
-    'ip',
-    'smart-buffer'
+    'tr46'
   ];
 
   describe('mongodb imports', () => {