Bump mquery and mongoose #15

dependabot · 2023-03-29T15:00:30Z

Bumps mquery to 3.2.5 and updates ancestor dependency mongoose. These dependencies need to be updated together.

Updates mquery from 3.2.2 to 3.2.5

Changelog

3.2.5 / 2021-03-29

fix(utils): make mergeClone() skip special properties like __proto__ #121 zpbrent

3.2.4 / 2021-02-12

fix(utils): make clone() only copy own properties Automattic/mongoose#9876

3.2.3 / 2020-12-10

fix(utils): avoid copying special properties like __proto__ when merging and cloning. Fix CVE-2020-35149

Commits

6646bd9 chore: release 3.2.5
158f059 Merge pull request #121 from 418sec/1-npm-mquery
d3b230b Merge pull request #1 from zpbrent/patch-1
a7b6d7c Update utils.js
34344fa chore: release 3.2.4
2dd768d fix(utils): make clone() only copy own properties
bb185d9 chore: update changelog with CVE
eeaa57c chore: release 3.2.3
792e69f fix(utils): avoid copying special properties like __proto__ when merging an...
2268a48 Merge pull request #118 from aheckmann/dependabot/npm_and_yarn/mongodb-3.6.1
Additional commits viewable in compare view

Updates mongoose from 5.8.1 to 5.13.16

Changelog

Sourced from mongoose's changelog.

5.13.16 / 2023-02-20

fix: make access to process.versions lazy #12584 maciasello

fix(types): add missing type definitions for bulkSave() #12019

docs: backport documentation URL updates #12692 hasezoey

6.9.2 / 2023-02-16

fix(model): fixed post('save') callback parameter #13030 #13026 lpizzinidev

fix(UUID): added null check to prevent error on binaryToString conversion #13034 #13032 #13029 lpizzinidev Freezystem

fix(query): revert breaking changes introduced by #12797 #12999 lpizzinidev

fix(document): make array $shift() use $pop instead of overwriting array #13004

docs: update & remove old links #13019 hasezoey

docs(middleware): describe how to access model from document middleware #13031 AxeOfMen

docs: update broken & outdated links #13001 hasezoey

chore: change deno tests to also use MMS #12918 hasezoey

6.9.1 / 2023-02-06

fix(document): isModified should not be triggered when setting a nested boolean to the same value as previously #12994 lpizzinidev

fix(document): save newly set defaults underneath single nested subdocuments #13002 #12905

fix(update): handle custom discriminator model name when casting update #12947 wassil

fix(connection): handles unique autoincrement ID for connections #12990 lpizzinidev

fix(types): fix type of options of Model.aggregate #12933 ghost91-

fix(types): fix "near" aggregation operator input type #12954 Jokero

fix(types): add missing Top operator to AccumulatorOperator type declaration #12952 lpizzinidev

docs(transactions): added example for Connection.transaction() method #12943 #12934 lpizzinidev

docs(populate): fix out of date comment referencing onModel property #13000

docs(transactions): fix typo in transactions.md #12995 Parth86

6.9.0 / 2023-01-25

feat(schema): add removeVirtual(path) function to schema #12920 IslandRhythms

fix(cast): remove empty $or conditions after strict applied #12898 0x0a0d

docs: fixed typo #12946 Gbengstar

6.8.5 / 2023-01-23

fix(query): correctly pass context when casting $elemMatch #12915 #12909 #12902 MohOraby

6.8.4 / 2023-01-17

fix(collection): handle creating model when connection disconnected with bufferCommands = false #12889

fix(populate): merge instead of overwrite when match is on _id #12891

fix: add guard to stop loadClass copying Document if Document is used as base of loaded class (same hack as implemented for Model already) #12820 sgpinkus

fix(types): correctly infer types on document arrays #12884 #12882 JavaScriptBach

fix(types): added omit for ArraySubdocument type in LeanType declaration #12903 piyushk96

fix(types): add returnDocument type safety #12906 AbdelrahmanHafez

docs(typescript): add notes about virtual context to Mongoose 6 migration and TypeScript virtuals docs #12912 #12806

docs(schematypes): removed dead link and fixed formatting #12897 #12885 lpizzinidev

... (truncated)

Commits

e76c41c chore: release 5.13.16
cdab11e chore: remove Node 5 and 7 from CI because GitHub actions is bugging out with...
e33a8be fix(types): add missing typedefs for bulkSave() to 5.x
896cd76 Merge pull request #12692 from hasezoey/backportLinkUpdate
9caa847 chore: remove test from #12584 because it causes test failures
41a2ea3 chore: remove browser build from tests
3715c05 chore: fix browser build on old node re: https://github.com/webpack/schema-ut...
78d9d91 Merge pull request #12584 from maciasello/fix/gh-11943
aef4c7b docs: quick fix for search re: #12830
48179b4 chore: search fixes
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [mquery](https://github.com/aheckmann/mquery) to 3.2.5 and updates ancestor dependency [mongoose](https://github.com/Automattic/mongoose). These dependencies need to be updated together. Updates `mquery` from 3.2.2 to 3.2.5 - [Release notes](https://github.com/aheckmann/mquery/releases) - [Changelog](https://github.com/mongoosejs/mquery/blob/master/History.md) - [Commits](mongoosejs/mquery@3.2.2...3.2.5) Updates `mongoose` from 5.8.1 to 5.13.16 - [Release notes](https://github.com/Automattic/mongoose/releases) - [Changelog](https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md) - [Commits](Automattic/mongoose@5.8.1...5.13.16) --- updated-dependencies: - dependency-name: mquery dependency-type: indirect - dependency-name: mongoose dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Mar 29, 2023

dependabot bot mentioned this pull request Mar 29, 2023

Bump mongoose from 5.8.1 to 5.13.15 #10

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump mquery and mongoose #15

Bump mquery and mongoose #15

dependabot bot commented on behalf of github Mar 29, 2023

Bump mquery and mongoose #15

Are you sure you want to change the base?

Bump mquery and mongoose #15

Conversation

dependabot bot commented on behalf of github Mar 29, 2023

3.2.5 / 2021-03-29

3.2.4 / 2021-02-12

3.2.3 / 2020-12-10

5.13.16 / 2023-02-20

6.9.2 / 2023-02-16

6.9.1 / 2023-02-06

6.9.0 / 2023-01-25

6.8.5 / 2023-01-23

6.8.4 / 2023-01-17