This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade mongoose from 6.7.5 to 6.8.2.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **3 versions** ahead of your current version.
- The recommended version was released **22 days ago**, on 2022-12-28.
The recommended version fixes:
Severity | Issue | PriorityScore (*) | Exploit Maturity |
:-------------------------:|:-------------------------|-------------------------|:-------------------------
| Regular Expression Denial of Service (ReDoS) [SNYK-JS-COOKIEJAR-3149984](https://snyk.io/vuln/SNYK-JS-COOKIEJAR-3149984) | **372/1000** **Why?** Proof of Concept exploit, CVSS 5.3 | Proof of Concept
(*) Note that the real score may have changed since the PR was raised.
Release notes Package name: mongoose
1d71187 Merge branch 'master' into vkarpov15/gh-12420-2
2bf15d5 Merge pull request #12827 from Automattic/vkarpov15/gh-12796
9f05147 Merge pull request #12828 from Automattic/vkarpov15/gh-12643
b311b33 Merge pull request #12829 from hasezoey/addWriteConcern
Compare
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.*
For more information:
🧐 [View latest project report](https://app.snyk.io/org/m0cah/project/1be368a2-afd2-40c2-ba18-8d9754f25511?utm_source=github&utm_medium=referral&page=upgrade-pr)
🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/m0cah/project/1be368a2-afd2-40c2-ba18-8d9754f25511/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)
🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/m0cah/project/1be368a2-afd2-40c2-ba18-8d9754f25511/settings/integration?pkg=mongoose&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade mongoose from 6.7.5 to 6.8.2.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **3 versions** ahead of your current version. - The recommended version was released **22 days ago**, on 2022-12-28. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-COOKIEJAR-3149984](https://snyk.io/vuln/SNYK-JS-COOKIEJAR-3149984) | **372/1000**
**Why?** Proof of Concept exploit, CVSS 5.3 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: mongoose
6.8.2 / 2022-12-28
6.8.1 / 2022-12-19
$locals
parameters to getters/setters tutorial #12814 #12550 IslandRhythms6.8.0 / 2022-12-05
localField
andforeignField
for virtual populate #12657 #6963 IslandRhythmsCommit messages
Package name: mongoose
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/m0cah/project/1be368a2-afd2-40c2-ba18-8d9754f25511?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/m0cah/project/1be368a2-afd2-40c2-ba18-8d9754f25511/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/m0cah/project/1be368a2-afd2-40c2-ba18-8d9754f25511/settings/integration?pkg=mongoose&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)