[Snyk] Upgrade mongoose from 5.11.16 to 5.13.2

[snyk-bot]

Snyk has created this PR to upgrade mongoose from 5.11.16 to 5.13.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 23 versions ahead of your current version.
• The recommended version was released 25 days ago, on 2021-07-03.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-MQUERY-1089718	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MONGOOSE-1086688	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: mongoose

• 5.13.2 - 2021-07-03
  

  chore: release 5.13.2

• 5.13.1 - 2021-07-02
  

  chore: release 5.13.1

• 5.13.0 - 2021-06-28
  

  chore: release 5.13.0

• 5.12.15 - 2021-06-25
  

  chore: release 5.12.15

• 5.12.14 - 2021-06-15
  

  chore: release 5.12.14

• 5.12.13 - 2021-06-04
  

  chore: release 5.12.13

• 5.12.12 - 2021-05-28
  

  chore: release 5.12.12

• 5.12.11 - 2021-05-24
  

  chore: release 5.12.11

• 5.12.10 - 2021-05-18
• 5.12.9 - 2021-05-13
• 5.12.8 - 2021-05-10
• 5.12.7 - 2021-04-29
• 5.12.6 - 2021-04-27
• 5.12.5 - 2021-04-19
• 5.12.4 - 2021-04-15
• 5.12.3 - 2021-03-31
• 5.12.2 - 2021-03-22
• 5.12.1 - 2021-03-18
• 5.12.0 - 2021-03-11
• 5.11.20 - 2021-03-11
• 5.11.19 - 2021-03-05
• 5.11.18 - 2021-02-23
• 5.11.17 - 2021-02-17
• 5.11.16 - 2021-02-12

from mongoose GitHub release notes

Commit messages

Package name: mongoose

• c03cacb chore: release 5.13.2
• 4482592 style: fix lint
• 1159631 chore: allow @ types/node 14.x
• 726ce8b fix: hardcode @ types/node version for now to avoid breaking changes from feat(node): v16 DefinitelyTyped/DefinitelyTyped#53669
• d250ddc fix(index.d.ts): allow using `type: Date` with Date paths in SchemaDefinitionType
• ccfb86e fix(index.d.ts): allow extra VirtualTypeOptions for better plugin support
• 2259dc1 docs: add SchemaArray to docs
• 980138d docs(schema+validation): fix broken links
• 6661b00 docs(transactions): add note about creating a connection to transactions docs
• 5bbc8e0 chore: release 5.13.1
• 5aeae5a Merge pull request #10393 from YC/20.04
• 0dfad27 Merge pull request #10406 from grimmer0125/fix-outdated-unindexed-upsert-url
• 4831b9d Merge pull request #10395 from thiagokisaki/patch-2
• 4d43d1b fix(index.d.ts): remove `err: any` in callbacks, use `err: CallbackError` instead
• c8a0b53 fix(index.d.ts): use raw DocType instead of `LeanDocument` when using `lean()` with queries if raw DocType doesn't `extends Document`
• 5427f21 refactor(index.d.ts): dont enforce extends DocType for queries re: #10345
• 01c25ee fix(index.d.ts): if using DocType that doesn't `extends Document`, default to returning that DocType from `toObject()` and `toJSON()`
• de5632e fix: support for mongod < 4.4.0
• d859617 revert test.yml
• 8fbe0c7 docs(promises+discriminators): correctly escape () in regexp to pull in examples correctly
• e4ab2db fix(index.d.ts): correct return type for `Model.createCollection()`
• 35d2041 fix(discriminator): allow using array as discriminator key in schema and as tied value
• b236915 test(model): repro #10303
• 6993e1e fix(index.d.ts): allow using `& Document` in schema definition for required subdocument arrays

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[github-actions]

Stale pull request message