[Snyk] Upgrade mongoose from 5.7.5 to 5.9.5

[snyk-bot]

Snyk has created this PR to upgrade mongoose from 5.7.5 to 5.9.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 28 versions ahead of your current version.
• The recommended version was released 23 days ago, on 2020-03-16.

The recommended version fixes:

Severity	Issue	Exploit Maturity
	Deserialization of Untrusted Data SNYK-JS-BSON-561052	No Known Exploit
	MPL-2.0 license snyk:lic:npm:axe-puppeteer:MPL-2.0	No Data
	MPL-2.0 license snyk:lic:npm:axe-core:MPL-2.0	No Data

Release notes

Package name: mongoose

• 5.9.5 - 2020-03-16
  

  chore: release 5.9.5

• 5.9.4 - 2020-03-09
  

  chore: release 5.9.4

• 5.9.3 - 2020-03-02
  

  chore: release 5.9.3

• 5.9.2 - 2020-02-21
  

  chore: release 5.9.2

• 5.9.1 - 2020-02-14
  

  chore: release 5.9.1

• 5.9.0 - 2020-02-13
  

  chore: release 5.9.0

• 5.8.13 - 2020-02-13
  

  chore: release 5.8.13

• 5.8.12 - 2020-02-12
• 5.8.11 - 2020-01-31
• 5.8.10 - 2020-01-27
• 5.8.9 - 2020-01-17
• 5.8.7 - 2020-01-10
• 5.8.6 - 2020-01-08
• 5.8.5 - 2020-01-06
• 5.8.4 - 2020-01-02
• 5.8.3 - 2019-12-23
• 5.8.2 - 2019-12-20
• 5.8.1 - 2019-12-12
• 5.8.0 - 2019-12-09
• 5.7.14 - 2019-12-06
• 5.7.13 - 2019-11-29
• 5.7.12 - 2019-11-19
• 5.7.11 - 2019-11-14
• 5.7.10 - 2019-11-11
• 5.7.9 - 2019-11-08
• 5.7.8 - 2019-11-05
• 5.7.7 - 2019-10-24
• 5.7.6 - 2019-10-21
• 5.7.5 - 2019-10-14

from mongoose GitHub release notes

Commit messages

Package name: mongoose

• 6065eff chore: release 5.9.5
• 0f1a80a test: remove more unnecessary collections re: #8481
• 3a7cbb1 chore: get rid of acorn devDependency re: security warning
• 0e55fe0 style: fix lint
• 24b6e1e test: clean up more unnecessary collections re: #8481
• d44d123 chore: quick fix re: #8659
• 69b4653 fix(updateValidators): don't run `Mixed` update validator on dotted path underneath mixed type
• e58f695 test(updateValidators): repro #8659
• 2c8dd51 fix(connection): emit "disconnected" after losing connectivity to every member of a replica set with `useUnifiedTopology: true`
• f70f6cf test: fix tests re: #8481
• 3885d8b style: fix lint
• 9670bf4 test: fix some more tests re: #8481
• 778f574 test: drop indexes after tests to fix some issues with #8481
• ae823ab style: fix lint
• bca57f7 fix(map): avoid marking map as modified if setting `key` to the same value
• c2f5430 chore: package.json formatting
• ceecfa4 test(map): repro #8652
• 490eea6 test: clean up some test failures re: #8481
• 8b1d2df test: clean up more unnecessary collections and add quick instrumentation to see what collections are used
• ddaa898 docs(query): improve `Query#populate()` example to clarify that `sort` doesn't affect the original result's order
• 94d8822 test: fix tests
• 2c07b5c fix(populate): ensure top-level `limit` applies if one document being populated has more than `limit` results
• 616b50c test(populate): repro #8657
• 8542fcc style: fix lint

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs