[Snyk] Upgrade mongoose from 5.9.23 to 5.13.5 #1

snyk-bot · 2021-08-26T23:56:56Z

Snyk has created this PR to upgrade mongoose from 5.9.23 to 5.13.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 69 versions ahead of your current version.
The recommended version was released a month ago, on 2021-07-30.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Prototype Pollution SNYK-JS-MQUERY-1089718	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-MQUERY-1050858	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
Remote Memory Exposure SNYK-JS-BL-608877	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-MONGOOSE-1086688	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: mongoose

5.13.5 - 2021-07-30
chore: release 5.13.5
5.13.4 - 2021-07-28
chore: release 5.13.4
5.13.3 - 2021-07-16
chore: release 5.13.3
5.13.2 - 2021-07-03
5.13.1 - 2021-07-02
5.13.0 - 2021-06-28
5.12.15 - 2021-06-25
5.12.14 - 2021-06-15
5.12.13 - 2021-06-04
5.12.12 - 2021-05-28
5.12.11 - 2021-05-24
5.12.10 - 2021-05-18
5.12.9 - 2021-05-13
5.12.8 - 2021-05-10
5.12.7 - 2021-04-29
5.12.6 - 2021-04-27
5.12.5 - 2021-04-19
5.12.4 - 2021-04-15
5.12.3 - 2021-03-31
5.12.2 - 2021-03-22
5.12.1 - 2021-03-18
5.12.0 - 2021-03-11
5.11.20 - 2021-03-11
5.11.19 - 2021-03-05
5.11.18 - 2021-02-23
5.11.17 - 2021-02-17
5.11.16 - 2021-02-12
5.11.15 - 2021-02-03
5.11.14 - 2021-01-28
5.11.13 - 2021-01-20
5.11.12 - 2021-01-14
5.11.11 - 2021-01-08
5.11.10 - 2021-01-04
5.11.9 - 2020-12-28
5.11.8 - 2020-12-14
5.11.7 - 2020-12-10
5.11.6 - 2020-12-09
5.11.5 - 2020-12-07
5.11.4 - 2020-12-04
5.11.3 - 2020-12-03
5.11.2 - 2020-12-02
5.11.1 - 2020-12-01
5.11.0 - 2020-11-30
5.10.19 - 2020-11-30
5.10.18 - 2020-11-29
5.10.17 - 2020-11-27
5.10.16 - 2020-11-25
5.10.15 - 2020-11-16
5.10.14 - 2020-11-12
5.10.13 - 2020-11-06
5.10.12 - 2020-11-04
5.10.11 - 2020-10-26
5.10.10 - 2020-10-23
5.10.9 - 2020-10-09
5.10.8 - 2020-10-05
5.10.7 - 2020-09-24
5.10.6 - 2020-09-18
5.10.5 - 2020-09-11
5.10.4 - 2020-09-09
5.10.3 - 2020-09-03
5.10.2 - 2020-08-28
5.10.1 - 2020-08-26
5.10.0 - 2020-08-14
5.9.29 - 2020-08-13
5.9.28 - 2020-08-07
5.9.27 - 2020-07-31
5.9.26 - 2020-07-27
5.9.25 - 2020-07-17
5.9.24 - 2020-07-13
5.9.23 - 2020-07-10

from mongoose GitHub release notes

Commit messages

Package name: mongoose

c36bd64 chore: release 5.13.5
b33599c Merge pull request #10510 from thiagokisaki/gh-10504
d88f981 Merge pull request #10515 from andreialecu/perf-types
9c41c19 perf: improve typescript type checking performance
f1e0de1 Merge pull request #10501 from gfrancz/patch-1
ae819cc fix(index.d.ts): fix `debug` type in `MongooseOptions`
28b1aa3 fix: get rid of hardcoding of @ types/node re: node: Make Buffer mergeable DefinitelyTyped/DefinitelyTyped#54479
b82aa37 Update depopulate documentation for document.js
6b33a7b chore: release 5.13.4
060039d fix(index.d.ts): improve autocomplete for `new Model()` by making `doc` an object with correct keys
2066180 fix(map): correctly clone subdocs when calling `toObject()` on a map
7793065 test(map): repro #10486
1be924d style: fix lint
c05e7f6 Merge branch 'master' of github.com:Automattic/mongoose
b6beb3e fix(update): support overwriting nested map paths
926533f test: repro #10485
fcbadbc Merge pull request #10494 from juhdanad/lean-populated
0afa2ba Merge branch 'master' of github.com:Automattic/mongoose
e2d94cb docs(mongoose+connection): correct default value for bufferTimeoutMS
0ff1c8a Merge pull request #10464 from AbdelrahmanHafez/gh-10437
fa4094a chore: peg optional-require to v1.0.x re: restore compatibility with node v4 and v5 jchip/optional-require#6
257adc4 fix(update): apply timestamps to subdocs that would be newly created by `$setOnInsert`
1589af2 fix(cursor): cap parallel batchSize for populate at 5000
4640bee style: fix lint

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade mongoose from 5.9.23 to 5.13.5. See this package in npm: https://www.npmjs.com/package/mongoose See this project in Snyk: https://app.snyk.io/org/ulashn/project/a2607873-444b-4261-bfca-f6850070dffc?utm_source=github&utm_medium=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Snyk] Upgrade mongoose from 5.9.23 to 5.13.5 #1

[Snyk] Upgrade mongoose from 5.9.23 to 5.13.5 #1

Uh oh!

snyk-bot commented Aug 26, 2021

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

[Snyk] Upgrade mongoose from 5.9.23 to 5.13.5 #1

Are you sure you want to change the base?

[Snyk] Upgrade mongoose from 5.9.23 to 5.13.5 #1

Uh oh!

Conversation

snyk-bot commented Aug 26, 2021

Snyk has created this PR to upgrade mongoose from 5.9.23 to 5.13.5.

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants