Comment 5 for bug 2058012

   bson.D{{"$regex", fmt.Sprintf("%s/.*", uri.ID)}}}}).Select(
^ if the uri.ID started with a +

   _, err = secretRevisionsCollection.Writeable().RemoveAll(bson.D{{
    "_id", bson.D{{"$regex", fmt.Sprintf("%s/%s", uri.ID, revisionRegexp)}},
^ same here

 err = secretRevisionsCollection.Find(bson.D{{"_id",
  bson.D{{"$regex", fmt.Sprintf("%s/.*", uri.ID)}}}}).Select(
^ and here

I'm not sure that these *could* be the problem, as URI.secretURIParse uses:
 idSnippet = `[0-9a-z]{20}`
 uuidSnippet = `[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}`

which would say that the ID must be a 20 character alphanumeric. And there is no place in that for a +.

That particular file makes heavy use of $regex to the database, passing in the ID as the start of the _id search.

It *is* clear that the final error is coming from Mongo, but it isn't clear which possible query could have bad content in the request.