From 57b38f8f125c91e9727e2e435a44729c06f1a221 Mon Sep 17 00:00:00 2001
From: Valeri Karpov <val@karpov.io>
Date: Sun, 20 Oct 2024 08:35:54 -0400
Subject: [PATCH] types(connection): add missing sanitizeFilter option

---
 types/connection.d.ts | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/types/connection.d.ts b/types/connection.d.ts
index 08165549a86..e37914bdb4f 100644
--- a/types/connection.d.ts
+++ b/types/connection.d.ts
@@ -50,6 +50,12 @@ declare module 'mongoose' {
     autoIndex?: boolean;
     /** Set to `false` to disable Mongoose automatically calling `createCollection()` on every model created on this connection. */
     autoCreate?: boolean;
+    /**
+     * Sanitizes query filters against [query selector injection attacks](
+     * https://thecodebarbarian.com/2014/09/04/defending-against-query-selector-injection-attacks.html
+     * ) by wrapping any nested objects that have a property whose name starts with $ in a $eq.
+     */
+    sanitizeFilter?: boolean;
   }
 
   class Connection extends events.EventEmitter implements SessionStarter {