Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Upgrade mongoose from 8.3.4 to 8.4.4 #294

Closed
wants to merge 1 commit into from
Closed

[Snyk] Upgrade mongoose from 8.3.4 to 8.4.4 #294

wants to merge 1 commit into from

Conversation

bryopsida
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade mongoose from 8.3.4 to 8.4.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 6 versions ahead of your current version.

  • The recommended version was released on 21 days ago.

Release notes
Package name: mongoose
  • 8.4.4 - 2024-06-25

    8.4.4 / 2024-06-25

    • perf: avoid unnecesary get() call and use faster approach for converting to string #14673 #14394
    • fix(projection): handle projections on arrays in Model.hydrate() projection option #14686 #14680
    • fix(document): avoid passing validateModifiedOnly to subdocs so subdocs get fully validating if they're directly modified #14685 #14677
    • fix: handle casting primitive array with $elemMatch in bulkWrite() #14687 #14678
    • fix(query): cast $pull using embedded discriminator schema when discriminator key is set in filter #14676 #14675
    • types(connection): fix return type of withSession() #14690 tt-public
    • types: add $documents pipeline stage and fix $unionWith type #14666 nick-statsig
    • docs(findoneandupdate): improve example that shows findOneAndUpdate() returning doc before updates were applied #14671 #14670
  • 8.4.3 - 2024-06-17

    8.4.3 / 2024-06-17

    • fix: remove 0x flamegraph files from release
  • 8.4.2 - 2024-06-17

    8.4.2 / 2024-06-17

    • perf: more toObject() perf improvements #14623 #14606 #14394
    • fix(model): check the value of overwriteModels in options when calling discriminator() #14646 uditha-g
    • fix: avoid throwing TypeError when deleting an null entry on a populated Map #14654 futurliberta
    • fix(connection): fix up some inconsistencies in operation-end event and add to docs #14659 #14648
    • types: avoid inferring Boolean, Buffer, ObjectId as Date in schema definitions under certain circumstances #14667 #14630
    • docs: add note about parallelism in transations #14647 fiws
  • 8.4.1 - 2024-05-31

    8.4.1 / 2024-05-31

    • fix: pass options to clone instead of get in applyVirtuals #14606 #14543 andrews05
    • fix(document): fire pre validate hooks on 5 level deep single nested subdoc when modifying after save() #14604 #14591
    • fix: ensure buildBulkWriteOperations target shard if shardKey is set #14622 #14621 matlpriceshape
    • types: pass DocType down to subdocuments so HydratedSingleSubdocument and HydratedArraySubdocument toObject() returns correct type #14612 #14601
  • 8.4.0 - 2024-05-17
  • 8.3.5 - 2024-05-15
  • 8.3.4 - 2024-05-06
from mongoose GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade mongoose from 8.3.4 to 8.4.4
e40878d 
Snyk has created this PR to upgrade mongoose from 8.3.4 to 8.4.4.

See this package in npm:
mongoose

See this project in Snyk:
https://app.snyk.io/org/bryopsida/project/4b6dfced-2a0e-4298-8c42-ce7a653fe617?utm_source=github&utm_medium=referral&page=upgrade-pr
@socket-security Socket Security
Copy link

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/mongoose@8.4.4 environment, network Transitive: filesystem, shell +19 9.9 MB vkarpov15
npm/supertest@7.0.0 network Transitive: environment, eval, filesystem +34 1.81 MB titanism
npm/testcontainers@10.9.0 environment, filesystem, network, shell Transitive: eval +94 11.3 MB cristianrgreco
npm/ts-jest@29.1.2 environment, filesystem, unsafe Transitive: eval, network, shell +158 14.3 MB kul
npm/ts-loader@9.5.1 filesystem Transitive: environment, eval, network, shell, unsafe +84 14.4 MB johnnyreilly
npm/ts-node@10.9.2 environment, filesystem, unsafe +16 1.99 MB blakeembrey
npm/tsconfig-paths@4.2.0 environment, filesystem, unsafe +3 505 kB jonaskello
npm/typescript@5.4.5 None 0 32.4 MB typescript-bot

🚮 Removed packages: npm/mongoose@8.3.4

View full report↗︎

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@bryopsida bryopsida closed this Sep 2, 2024
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bryopsida @snyk-bot