[Snyk] Security upgrade mquery from 3.2.1 to 3.2.5

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-MQUERY-1089718	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: mquery

The new version differs by 17 commits.

• 6646bd9 chore: release 3.2.5
• 158f059 Merge pull request #121 from 418sec/1-npm-mquery
• d3b230b Merge pull request #1 from zpbrent/patch-1
• a7b6d7c Update utils.js
• 34344fa chore: release 3.2.4
• 2dd768d fix(utils): make clone() only copy own properties
• bb185d9 chore: update changelog with CVE
• eeaa57c chore: release 3.2.3
• 792e69f fix(utils): avoid copying special properties like `__proto__` when merging and cloning
• 2268a48 Merge pull request #118 from aheckmann/dependabot/npm_and_yarn/mongodb-3.6.1
• 658f66a chore(deps-dev): bump mongodb from 3.1.1 to 3.6.1
• e68f8e1 chore: add tidelift disclosure
• 6d3e0c7 chore: release 3.2.2
• b36dfd8 fix: dont re-call setOptions() when pulling base class options
• d8d94f8 chore: remove istanbul and use eslint 5.x
• ec0f83f chore: get rid of package-lock.json
• 6bd88b7 travis; update node versions

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic