From c4003b02ed5830550ba1e39ba6fd899efe3e2f21 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 9 Dec 2024 17:45:26 +0000
Subject: [PATCH] fix(deps): Bump mongoose from 8.8.2 to 8.8.4 (#406)
Bumps [mongoose](https://github.com/Automattic/mongoose) from 8.8.2 to 8.8.4.
Release notes
Sourced from mongoose's releases.
8.8.4 / 2024-12-05
- fix: cast using overwritten embedded discriminator key when set #15076 #15051
- fix: avoid throwing error if saveOptions undefined when invalidating subdoc cache #15062
8.8.3 / 2024-11-26
- fix: disallow using $where in match
- perf: cache results from getAllSubdocs() on saveOptions, only loop through known subdoc properties #15055 #15029
- fix(model+query): support overwriteDiscriminatorKey for bulkWrite updateOne and updateMany, allow inferring discriminator key from update #15046 #15040
Changelog
Sourced from mongoose's changelog.
8.8.4 / 2024-12-05
- fix: cast using overwritten embedded discriminator key when set #15076 #15051
- fix: avoid throwing error if saveOptions undefined when invalidating subdoc cache #15062
8.8.3 / 2024-11-26
- fix: disallow using $where in match
- perf: cache results from getAllSubdocs() on saveOptions, only loop through known subdoc properties #15055 #15029
- fix(model+query): support overwriteDiscriminatorKey for bulkWrite updateOne and updateMany, allow inferring discriminator key from update #15046 #15040
Commits
2607904
chore: release 8.8.4
cf50772
Merge pull request #15076 from Automattic/vkarpov15/gh-15051
7cbb295
Update test/model.updateOne.test.js
76c745c
fix: cast using overwritten embedded discriminator key when set
76f92d2
fix: avoid throwing error if saveOptions undefined when invalidating subdoc c...
f5f7be9
Merge pull request #15066 from Automattic/dependabot/npm_and_yarn/master/mark...
41f6bbd
chore(deps-dev): bump marked from 14.1.3 to 15.0.3
622c49f
Merge pull request #15069 from Automattic/dependabot/npm_and_yarn/master/mark...
977d7c9
Merge pull request #15063 from Automattic/dependabot/npm_and_yarn/master/type...
fefa521
Merge branch 'master' into dependabot/npm_and_yarn/master/typescript-5.7.2
- Additional commits viewable in compare view
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=mongoose&package-manager=npm_and_yarn&previous-version=8.8.2&new-version=8.8.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
---
package-lock.json | 10 ++++------
package.json | 2 +-
2 files changed, 5 insertions(+), 7 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 474779b..435f82e 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -15,7 +15,7 @@
"axios": "^1.7.7",
"env-var": "^7.5.0",
"fast-crc32c": "^2.0.0",
- "mongoose": "^8.7.3",
+ "mongoose": "^8.8.4",
"webcrypto-core": "< 2.0"
},
"devDependencies": {
@@ -39,7 +39,6 @@
"peerDependencies": {
"@relaycorp/relaynet-core": ">=1.88.1, < 2.0",
"@typegoose/typegoose": "< 13.0",
- "mongoose": "< 9.0",
"webcrypto-core": "< 2.0"
}
},
@@ -6756,10 +6755,9 @@
}
},
"node_modules/mongoose": {
- "version": "8.8.2",
- "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-8.8.2.tgz",
- "integrity": "sha512-jCTSqDANfRzk909v4YoZQi7jlGRB2MTvgG+spVBc/BA4tOs1oWJr//V6yYujqNq9UybpOtsSfBqxI0dSOEFJHQ==",
- "license": "MIT",
+ "version": "8.8.4",
+ "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-8.8.4.tgz",
+ "integrity": "sha512-yJbn695qCsqDO+xyPII29x2R7flzXhxCDv09mMZPSGllf0sm4jKw3E9s9uvQ9hjO6bL2xjU8KKowYqcY9eSTMQ==",
"dependencies": {
"bson": "^6.7.0",
"kareem": "2.6.3",
diff --git a/package.json b/package.json
index 63689ea..83506c7 100644
--- a/package.json
+++ b/package.json
@@ -44,7 +44,7 @@
"axios": "^1.7.7",
"env-var": "^7.5.0",
"fast-crc32c": "^2.0.0",
- "mongoose": "^8.7.3",
+ "mongoose": "^8.8.4",
"webcrypto-core": "< 2.0"
},
"peerDependencies": {