[Snyk] Upgrade mongoose from 8.0.0 to 8.8.3

[axqqt]

Snyk has created this PR to upgrade mongoose from 8.0.0 to 8.8.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 44 versions ahead of your current version.

• The recommended version was released a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Improper Neutralization of Special Elements in Data Query Logic SNYK-JS-MONGOOSE-8446504	721	No Known Exploit

Release notes

Package name: mongoose

• 8.8.3 - 2024-11-26
  

  8.8.3 / 2024-11-26

  • fix: disallow using $where in match
  • perf: cache results from getAllSubdocs() on saveOptions, only loop through known subdoc properties #15055 #15029
  • fix(model+query): support overwriteDiscriminatorKey for bulkWrite updateOne and updateMany, allow inferring discriminator key from update #15046 #15040
• 8.8.2 - 2024-11-18
  

  8.8.2 / 2024-11-18

  • fix(model): handle array filters when casting bulkWrite #15036 #14978
  • fix(model): make diffIndexes() avoid trying to drop default timeseries collection index #15035 #14984
  • fix: save execution stack in query as string #15039 durran
  • types(cursor): correct asyncIterator and asyncDispose for TypeScript with lib: 'esnext' #15038
  • docs(migrating_to_8): add note about removing findByIdAndRemove #15024 dragontaek-lee
• 8.8.1 - 2024-11-08
  

  8.8.1 / 2024-11-08

  • perf: make a few micro-optimizations to help speed up findOne() #15022 #14906
  • fix: apply embedded discriminators to subdoc schemas before compiling top level model so middleware applies correctly #15001 #14961
  • fix(query): add overwriteImmutable option to allow updating immutable properties without disabling strict mode #15000 #8619
• 8.8.0 - 2024-10-31
• 8.7.3 - 2024-10-25
• 8.7.2 - 2024-10-17
• 8.7.1 - 2024-10-09
• 8.7.0 - 2024-09-27
• 8.6.4 - 2024-09-26
• 8.6.3 - 2024-09-17
• 8.6.2 - 2024-09-11
• 8.6.1 - 2024-09-03
• 8.6.0 - 2024-08-28
• 8.5.5 - 2024-08-28
• 8.5.4 - 2024-08-23
• 8.5.3 - 2024-08-13
• 8.5.2 - 2024-07-30
• 8.5.1 - 2024-07-12
• 8.5.0 - 2024-07-08
• 8.4.5 - 2024-07-05
• 8.4.4 - 2024-06-25
• 8.4.3 - 2024-06-17
• 8.4.2 - 2024-06-17
• 8.4.1 - 2024-05-31
• 8.4.0 - 2024-05-17
• 8.3.5 - 2024-05-15
• 8.3.4 - 2024-05-06
• 8.3.3 - 2024-04-29
• 8.3.2 - 2024-04-16
• 8.3.1 - 2024-04-08
• 8.3.0 - 2024-04-03
• 8.2.4 - 2024-03-28
• 8.2.3 - 2024-03-21
• 8.2.2 - 2024-03-15
• 8.2.1 - 2024-03-04
• 8.2.0 - 2024-02-22
• 8.1.3 - 2024-02-16
• 8.1.2 - 2024-02-11
• 8.1.1 - 2024-01-24
• 8.1.0 - 2024-01-16
• 8.0.4 - 2024-01-09
• 8.0.3 - 2023-12-07
• 8.0.2 - 2023-11-28
• 8.0.1 - 2023-11-15
• 8.0.0 - 2023-10-31

from mongoose GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs