[Snyk] Upgrade connect-mongo from 3.2.0 to 5.1.0

[snyk-io]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade connect-mongo from 3.2.0 to 5.1.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

• The recommended version is 19 versions ahead of your current version.

• The recommended version was released on 9 months ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Prototype Pollution SNYK-JS-MONGOOSE-2961688	55	Proof of Concept
	Prototype Pollution SNYK-JS-MONGOOSE-5777721	55	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	55	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	55	Proof of Concept
	Information Exposure SNYK-JS-MONGODB-5871303	55	No Known Exploit
	Open Redirect SNYK-JS-EXPRESS-6474509	55	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	55	No Known Exploit
	Information Exposure SNYK-JS-MONGODB-5871303	55	No Known Exploit
	Prototype Pollution SNYK-JS-MPATH-1577289	55	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SIDEWAYFORMULA-3317169	55	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	55	Proof of Concept

Release notes

Package name: connect-mongo

• 5.1.0 - 2023-10-14
  

  chore: release v5.1.0

• 5.0.0 - 2023-03-14
  

  fix: createIndex now do not need to supply writeConcern

• 4.6.0 - 2021-09-17
  

  chore: bump version to 4.6.0 for release

• 4.5.0 - 2021-08-17
  

  chore: bump version to 4.5.0 for release

• 4.4.1 - 2021-03-23
  

  chore: bump version to 4.4.1

• 4.4.0 - 2021-03-11
  

  Merge branch 'feat/import-export-review'

• 4.4.0-rc1 - 2021-03-11
• 4.3.1 - 2021-03-09
  

  fix: fix incorrect assertion checking after adding client option

• 4.3.0 - 2021-03-08
  

  docs: ready to release 4.3.0

• 4.2.2 - 2021-03-02
  

  chore: bump version again for mis-publish

• 4.2.1 - 2021-03-02
• 4.2.0 - 2021-02-24
  

  chore: bump version to 4.2.0

• 4.2.0-rc2 - 2021-02-23
• 4.2.0-rc1 - 2021-02-23
• 4.1.0 - 2021-02-22
• 4.1.0-rc1 - 2021-02-22
• 4.0.0 - 2021-02-21
• 4.0.0-rc2 - 2021-02-21
• 4.0.0-rc1 - 2021-02-21
• 3.2.0 - 2019-11-28

from connect-mongo GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.