Bump mongoose from 5.3.6 to 5.3.7

[dependabot-preview[bot]]

Bumps mongoose from 5.3.6 to 5.3.7.

Changelog

*Sourced from [mongoose's changelog](https://github.com/Automattic/mongoose/blob/master/History.md).* > 5.3.7 / 2018-10-26 > ================== > * fix(browser): fix buffer usage in browser build [#7184](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7184) [#7173](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7173) [lineus](https://github.com/lineus) > * fix(document): make depopulate() work on populate virtuals and unpopulated docs [#7180](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7180) [#6075](https://github-redirect.dependabot.com/Automattic/mongoose/issues/6075) [lineus](https://github.com/lineus) > * fix(document): only pass properties as 2nd arg to custom validator if `propsParameter` set [#7145](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7145) > * docs(schematypes): add note about nested paths with `type` getting converted to mixed [#7143](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7143) > * fix(update): run update validators on nested doc when $set on an array [#7135](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7135) > * fix(update): copy exact errors from array subdoc validation into top-level update validator error [#7135](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7135)

Commits

- [`578a16d`](https://github.com/Automattic/mongoose/commit/578a16d4516e666cbb0a3435a127b8396bd9f95c) chore: release 5.3.7 - [`4fa41e8`](https://github.com/Automattic/mongoose/commit/4fa41e805296954c6a37e2f165aef89a93c699d8) Merge pull request [#7180](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7180) from lineus/fix-6075 - [`addc12a`](https://github.com/Automattic/mongoose/commit/addc12aaf22d452f346fa2d79586ff7a105bc8fb) Merge pull request [#7184](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7184) from lineus/fix-7173 - [`4d7d05f`](https://github.com/Automattic/mongoose/commit/4d7d05fa79383ca98840dff356500c0f7f3d8430) simplify declaration of NodeBuffer - [`4f83211`](https://github.com/Automattic/mongoose/commit/4f83211a95ae900370d9ae4f7979d3291a1e950b) fallback to safe-buffer in the browser - [`35118dd`](https://github.com/Automattic/mongoose/commit/35118dde81beacf16d76f14f514c13f007449b2d) change !includes to indexof === -1 - [`a611926`](https://github.com/Automattic/mongoose/commit/a61192668f4f40a6b5e7e45a6b1079a62bd55f97) fix(update): copy exact errors from array subdoc validation into top-level up... - [`b321e81`](https://github.com/Automattic/mongoose/commit/b321e81ed10b353d70977669611e7d758c9d9e38) test(update): add one more case for [#7135](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7135) - [`e1a7ae5`](https://github.com/Automattic/mongoose/commit/e1a7ae5f97c7ab6d856b0b0b8b8be2c44b950fdf) fix(update): run update validators on nested doc when $set on an array - [`460b703`](https://github.com/Automattic/mongoose/commit/460b70381485f50ba6ff06d779c4c1c8b8589711) test(update): repro [#7135](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7135) - Additional commits viewable in [compare view](https://github.com/Automattic/mongoose/compare/5.3.6...5.3.7)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) Finally, you can contact us by mentioning @dependabot.