Bump mongoose from 5.3.9 to 5.3.13

[dependabot-preview[bot]]

Bumps mongoose from 5.3.9 to 5.3.13.

Changelog

*Sourced from [mongoose's changelog](https://github.com/Automattic/mongoose/blob/master/History.md).* > 5.3.13 / 2018-11-20 > =================== > * fix: bump mongodb driver -> 3.1.10 [#7266](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7266) > * fix(populate): support setting a model as a `ref` [#7253](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7253) > * docs(schematype): add ref() function to document what is a valid `ref` path in a schematype [#7253](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7253) > * fix(array): clean modified subpaths when calling `splice()` [#7249](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7249) > * docs(compatibility): don't show Mongoose 4.11 as compatible with MongoDB 3.6 re: MongoDB's official compatibility table [#7248](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7248) [a-harrison](https://github.com/a-harrison) > * fix(document): report correct validation error if doc array set to primitive [#7242](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7242) > * fix(mongoose): print warning when including server-side lib with jest jsdom environment [#7240](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7240) > > 5.3.12 / 2018-11-13 > =================== > * docs(compatibility): don't show Mongoose 4.11 as compatible with MongoDB 3.6 re: MongoDB's official compatibility table [#7238](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7238) [a-harrison](https://github.com/a-harrison) > * fix(populate): use `instanceof` rather than class name for comparison [#7237](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7237) [ivanseidel](https://github.com/ivanseidel) > * docs(api): make options show up as a nested list [#7232](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7232) > * fix(document): don't mark array as modified on init if doc array has default [#7227](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7227) > * docs(api): link to bulk write result object in `bulkWrite()` docs [#7225](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7225) > > 5.3.11 / 2018-11-09 > =================== > * fix(model): make parent pointers non-enumerable so they don't crash JSON.stringify() [#7220](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7220) > * fix(document): allow saving docs with nested props with '.' using `checkKeys: false` [#7144](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7144) > * docs(lambda): use async/await with lambda example [#7019](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7019) > > 5.3.10 / 2018-11-06 > =================== > * fix(discriminator): support reusing a schema for multiple discriminators [#7200](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7200) > * fix(cursor): handle `lean(false)` correctly with query cursors [#7197](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7197) > * fix(document): avoid manual populate if `ref` not set [#7193](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7193) > * fix(schema): handle schema without `.base` for browser build [#7170](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7170) > * docs: add further reading section

Commits

- See full diff in [compare view](https://github.com/Automattic/mongoose/commits)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) Finally, you can contact us by mentioning @dependabot.

[dependabot-preview[bot]]

Superseded by #108.