search

KOSASIH / SpaceX-API

:rocket: Open Source REST API for rocket, core, capsule, pad, and launch data
Apache License 2.0
19 stars 0 forks source link

Bump mongoose from 8.3.2 to 8.7.2 #586

Closed dependabot[bot] closed 2 weeks ago

dependabot[bot] commented 3 weeks ago

Bumps mongoose from 8.3.2 to 8.7.2.

Release notes

Sourced from mongoose's releases.

8.7.2 / 2024-10-17

  • fix(document): recursively clear modified subpaths when setting deeply nested subdoc to null #14963 #14952
  • fix(populate): handle array of ids with parent refPath #14965
  • types: make Buffers into mongodb.Binary in lean result type to match runtime behavior #14967
  • types: correct schema type inference when using nested typeKey like type: { type: String } #14956 #14950
  • types: re-export DeleteResult and UpdateResult from MongoDB Node.js driver #14947 #14946
  • docs(documents): add section on setting deeply nested properties, including warning about nullish coalescing assignment #14972
  • docs(model): add more info on acknowledged: false, specifically that Mongoose may return that if the update was empty #14957

8.7.1 / 2024-10-09

  • fix: set flattenObjectIds to false when calling toObject() for internal purposes #14938
  • fix: add mongodb 8 to test matrix #14937
  • fix: handle buffers stored in MongoDB as EJSON representation with { $binary } #14932
  • docs: indicate that Mongoose 8.7 is required for full MongoDB 8 support #14937

8.7.0 / 2024-09-27

  • feat(model): add Model.applyVirtuals() to apply virtuals to a POJO #14905 #14818
  • feat: upgrade mongodb -> 6.9.0 #14914
  • feat(query): cast $rename to string #14887 #3027
  • feat(SchemaType): add getEmbeddedSchemaType() method to SchemaTypes #14880 #8389
  • fix(model): throw MongooseBulkSaveIncompleteError if bulkSave() didn't completely succeed #14884 #14763
  • fix(connection): avoid returning readyState = connected if connection state is stale #14812 #14727
  • fix: depopulate if push() or addToSet() with an ObjectId on a populated array #14883 #1635
  • types: make __v a number, only set __v on top-level documents #14892

8.6.4 / 2024-09-26

  • fix(document): avoid massive perf degradation when saving new doc with 10 level deep subdocs #14910 #14897
  • fix(model): skip applying static hooks by default if static name conflicts with aggregate middleware #14904 dragontaek-lee
  • fix(model): filter applying static hooks by default if static name conflicts with mongoose middleware #14908 dragontaek-lee

8.6.3 / 2024-09-17

  • fix: make getters convert uuid to string when calling toObject() and toJSON() #14890 #14869
  • fix: fix missing Aggregate re-exports for ESM #14886 wongsean
  • types(document): add generic param to depopulate() to allow updating properties #14891 #14876

8.6.2 / 2024-09-11

8.6.1 / 2024-09-03

  • fix(document): avoid unnecessary clone() in applyGetters() that was preventing getters from running on 3-level deep subdocuments #14844 #14840 #14835

... (truncated)

Changelog

Sourced from mongoose's changelog.

8.7.2 / 2024-10-17

  • fix(document): recursively clear modified subpaths when setting deeply nested subdoc to null #14963 #14952
  • fix(populate): handle array of ids with parent refPath #14965
  • types: make Buffers into mongodb.Binary in lean result type to match runtime behavior #14967
  • types: correct schema type inference when using nested typeKey like type: { type: String } #14956 #14950
  • types: re-export DeleteResult and UpdateResult from MongoDB Node.js driver #14947 #14946
  • docs(documents): add section on setting deeply nested properties, including warning about nullish coalescing assignment #14972
  • docs(model): add more info on acknowledged: false, specifically that Mongoose may return that if the update was empty #14957

8.7.1 / 2024-10-09

  • fix: set flattenObjectIds to false when calling toObject() for internal purposes #14938
  • fix: add mongodb 8 to test matrix #14937
  • fix: handle buffers stored in MongoDB as EJSON representation with { $binary } #14932
  • docs: indicate that Mongoose 8.7 is required for full MongoDB 8 support #14937

8.7.0 / 2024-09-27

  • feat(model): add Model.applyVirtuals() to apply virtuals to a POJO #14905 #14818
  • feat: upgrade mongodb -> 6.9.0 #14914
  • feat(query): cast $rename to string #14887 #3027
  • feat(SchemaType): add getEmbeddedSchemaType() method to SchemaTypes #14880 #8389
  • fix(model): throw MongooseBulkSaveIncompleteError if bulkSave() didn't completely succeed #14884 #14763
  • fix(connection): avoid returning readyState = connected if connection state is stale #14812 #14727
  • fix: depopulate if push() or addToSet() with an ObjectId on a populated array #14883 #1635
  • types: make __v a number, only set __v on top-level documents #14892

8.6.4 / 2024-09-26

  • fix(document): avoid massive perf degradation when saving new doc with 10 level deep subdocs #14910 #14897
  • fix(model): skip applying static hooks by default if static name conflicts with aggregate middleware #14904 dragontaek-lee
  • fix(model): filter applying static hooks by default if static name conflicts with mongoose middleware #14908 dragontaek-lee

7.8.2 / 2024-09-25

  • fix(projection): avoid setting projection to unknown exclusive/inclusive if elemMatch on a Date, ObjectId, etc. #14894 #14893

8.6.3 / 2024-09-17

  • fix: make getters convert uuid to string when calling toObject() and toJSON() #14890 #14869
  • fix: fix missing Aggregate re-exports for ESM #14886 wongsean
  • types(document): add generic param to depopulate() to allow updating properties #14891 #14876

6.13.2 / 2024-09-12

  • fix(document): make set() respect merge option on deeply nested objects #14870 #14878

8.6.2 / 2024-09-11

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
socket-security[bot] commented 3 weeks ago

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@mongodb-js/saslprep@1.1.9 None 0 648 kB devtoolsbot
npm/@types/whatwg-url@11.0.5 None 0 14.9 kB types
npm/bson@6.8.0 None 0 2.4 MB dbx-node
npm/mongodb-connection-string-url@3.0.1 None 0 38.4 kB addaleax
npm/mongodb@6.9.0 environment, filesystem, network, shell 0 3.41 MB dbx-node
npm/mongoose@8.7.2 None +1 2.74 MB aaron, rauchg, tjholowaychuk, ...1 more
npm/sift@17.1.3 None 0 372 kB crcn

🚮 Removed packages: npm/@mongodb-js/saslprep@1.1.5, npm/@types/whatwg-url@11.0.4, npm/bson@6.6.0, npm/mongodb-connection-string-url@3.0.0, npm/mongodb@6.5.0, npm/mongoose@8.3.2, npm/sift@16.0.1

View full report↗︎

dependabot[bot] commented 2 weeks ago

Superseded by #587.