Skip to content

[Snyk] Upgrade mongoose from 5.6.1 to 5.12.9 #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
snyk-bot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade mongoose from 5.6.1 to 5.12.9 #1

snyk-bot wants to merge 1 commit into from

Conversation

@snyk-bot
Copy link

@snyk-bot snyk-bot commented Jun 4, 2021

Snyk has created this PR to upgrade mongoose from 5.6.1 to 5.12.9.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 119 versions ahead of your current version.
  • The recommended version was released 22 days ago, on 2021-05-13.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-MQUERY-1089718		 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5		 Proof of Concept
Prototype Pollution
SNYK-JS-MQUERY-1050858		 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5		 No Known Exploit
Internal Property Tampering
SNYK-JS-BSON-561052		 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5		 No Known Exploit
Information Exposure
SNYK-JS-MONGOOSE-472486		 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5		 No Known Exploit
Prototype Pollution
SNYK-JS-MONGOOSE-1086688		 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: mongoose
  • 5.12.9 - 2021-05-13

    chore: release 5.12.9

  • 5.12.8 - 2021-05-10

    chore: release 5.12.8

  • 5.12.7 - 2021-04-29

    chore: release 5.12.7

  • 5.12.6 - 2021-04-27

    chore: release 5.12.6

  • 5.12.5 - 2021-04-19

    chore: release 5.12.5

  • 5.12.4 - 2021-04-15

    chore: release 5.12.4

  • 5.12.3 - 2021-03-31
  • 5.12.2 - 2021-03-22
  • 5.12.1 - 2021-03-18
  • 5.12.0 - 2021-03-11
  • 5.11.20 - 2021-03-11
  • 5.11.19 - 2021-03-05
  • 5.11.18 - 2021-02-23
  • 5.11.17 - 2021-02-17
  • 5.11.16 - 2021-02-12
  • 5.11.15 - 2021-02-03
  • 5.11.14 - 2021-01-28
  • 5.11.13 - 2021-01-20
  • 5.11.12 - 2021-01-14
  • 5.11.11 - 2021-01-08
  • 5.11.10 - 2021-01-04
  • 5.11.9 - 2020-12-28
  • 5.11.8 - 2020-12-14
  • 5.11.7 - 2020-12-10
  • 5.11.6 - 2020-12-09
  • 5.11.5 - 2020-12-07
  • 5.11.4 - 2020-12-04
  • 5.11.3 - 2020-12-03
  • 5.11.2 - 2020-12-02
  • 5.11.1 - 2020-12-01
  • 5.11.0 - 2020-11-30
  • 5.10.19 - 2020-11-30
  • 5.10.18 - 2020-11-29
  • 5.10.17 - 2020-11-27
  • 5.10.16 - 2020-11-25
  • 5.10.15 - 2020-11-16
  • 5.10.14 - 2020-11-12
  • 5.10.13 - 2020-11-06
  • 5.10.12 - 2020-11-04
  • 5.10.11 - 2020-10-26
  • 5.10.10 - 2020-10-23
  • 5.10.9 - 2020-10-09
  • 5.10.8 - 2020-10-05
  • 5.10.7 - 2020-09-24
  • 5.10.6 - 2020-09-18
  • 5.10.5 - 2020-09-11
  • 5.10.4 - 2020-09-09
  • 5.10.3 - 2020-09-03
  • 5.10.2 - 2020-08-28
  • 5.10.1 - 2020-08-26
  • 5.10.0 - 2020-08-14
  • 5.9.29 - 2020-08-13
  • 5.9.28 - 2020-08-07
  • 5.9.27 - 2020-07-31
  • 5.9.26 - 2020-07-27
  • 5.9.25 - 2020-07-17
  • 5.9.24 - 2020-07-13
  • 5.9.23 - 2020-07-10
  • 5.9.22 - 2020-07-06
  • 5.9.21 - 2020-07-01
  • 5.9.20 - 2020-06-22
  • 5.9.19 - 2020-06-15
  • 5.9.18 - 2020-06-05
  • 5.9.17 - 2020-06-02
  • 5.9.16 - 2020-05-25
  • 5.9.15 - 2020-05-18
  • 5.9.14 - 2020-05-13
  • 5.9.13 - 2020-05-08
  • 5.9.12 - 2020-05-04
  • 5.9.11 - 2020-04-30
  • 5.9.10 - 2020-04-20
  • 5.9.9 - 2020-04-13
  • 5.9.7 - 2020-03-30
  • 5.9.6 - 2020-03-23
  • 5.9.5 - 2020-03-16
  • 5.9.4 - 2020-03-09
  • 5.9.3 - 2020-03-02
  • 5.9.2 - 2020-02-21
  • 5.9.1 - 2020-02-14
  • 5.9.0 - 2020-02-13
  • 5.8.13 - 2020-02-13
  • 5.8.12 - 2020-02-12
  • 5.8.11 - 2020-01-31
  • 5.8.10 - 2020-01-27
  • 5.8.9 - 2020-01-17
  • 5.8.7 - 2020-01-10
  • 5.8.6 - 2020-01-08
  • 5.8.5 - 2020-01-06
  • 5.8.4 - 2020-01-02
  • 5.8.3 - 2019-12-23
  • 5.8.2 - 2019-12-20
  • 5.8.1 - 2019-12-12
  • 5.8.0 - 2019-12-09
  • 5.7.14 - 2019-12-06
  • 5.7.13 - 2019-11-29
  • 5.7.12 - 2019-11-19
  • 5.7.11 - 2019-11-14
  • 5.7.10 - 2019-11-11
  • 5.7.9 - 2019-11-08
  • 5.7.8 - 2019-11-05
  • 5.7.7 - 2019-10-24
  • 5.7.6 - 2019-10-21
  • 5.7.5 - 2019-10-14
  • 5.7.4 - 2019-10-09
  • 5.7.3 - 2019-09-30
  • 5.7.1 - 2019-09-13
  • 5.7.0 - 2019-09-09
  • 5.6.13 - 2019-09-06
  • 5.6.12 - 2019-09-03
  • 5.6.11 - 2019-08-25
  • 5.6.10 - 2019-08-21
  • 5.6.9 - 2019-08-07
  • 5.6.8 - 2019-08-02
  • 5.6.7 - 2019-07-26
  • 5.6.6 - 2019-07-22
  • 5.6.5 - 2019-07-17
  • 5.6.4 - 2019-07-08
  • 5.6.3 - 2019-07-03
  • 5.6.2 - 2019-06-28
  • 5.6.1 - 2019-06-24
from mongoose GitHub release notes
Commit messages
Package name: mongoose
  • fcd108a chore: release 5.12.9
  • 2f1d674 Merge pull request #10238 from Automattic/gh-10202
  • cacdf3b chore: address CR comments
  • 462963c fix(query): re-enable using MongoDB 4.4 projection expressions
  • 7d564eb style: remove unnecessary comment
  • a3e0538 fix(update): convert nested dotted paths in update to nested paths to avoid ending up with dotted properties in update
  • 79928e5 added onlyVirtuals to loadClass
  • 05ebcea fix(index.d.ts): add pre('distinct') hooks to TypeScript
  • 358fdb0 fix(schema): ensure `add()` overwrites existing schema paths by default
  • 1fa1105 test(schema): repro #10203
  • a3c9acd fix(schema): apply static properties to model when using `loadClass()`
  • 060a46c fix(schema): support creating nested paths underneath document arrays
  • 3dda166 test(schema): repro #10193
  • fa9ad96 fix(document): allow calling `validate()` and `validateSync()` with `options` as first parameter
  • 45bc433 fix(index.d.ts): allow returning `Promise<void>` from middleware functions
  • a116b62 chore: release 5.12.8
  • 7bedeb7 docs(typescript): add query helpers tutorial
  • 9726a81 docs(typescript): add a typescript intro tutorial and statics tutorial
  • d65070e fix(query): add `allowDiskUse()` method to improve setting MongoDB 4.4's new `allowDiskUse` option
  • 2f0d4ef Merge pull request #10228 from Automattic/gh-10144
  • 2cdf8e3 Merge branch 'master' into gh-10144
  • 909cc87 docs(deprecations): add note that you can safely ignore `useFindAndModify` and `useCreateIndex` deprecation warnings
  • 97145d5 fix(populate): allow populating paths under mixed schematypes where some documents have non-object properties
  • cb3fdc4 test(populate): repro #10191

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@snyk-bot