deps(deps): bump mongoose from 6.5.0 to 7.3.4

[dependabot[bot]]

Bumps mongoose from 6.5.0 to 7.3.4.

Release notes

Sourced from mongoose's releases.

7.3.4 / 2023-07-12

• chore: release 7.4.4 to overwrite accidental publish of 5.13.20 to latest tag

7.3.3 / 2023-07-10

• fix: avoid prototype pollution on init
• fix(document): clean up all array subdocument modified paths on save() #13589 #13582
• types: avoid unnecessary MergeType<> if TOverrides not set, clean up statics and insertMany() type issues #13577 #13529

7.3.2 / 2023-07-06

• fix(model): avoid TypeError if insertMany() fails with error that does not have writeErrors property #13579 #13531
• fix(query): convert findOneAndUpdate to findOneAndReplace when overwrite set for backwards compat with Mongoose 6 #13572 #13550
• fix(query): throw readable error when executing a Query instance without an associated model #13571 #13570
• types: support mongoose.Schema.ObjectId as alias for mongoose.Schema.Types.ObjectId #13543 #13534
• docs(connections): clarify that socketTimeoutMS now defaults to 0 #13576 #13537
• docs(migrating_to_7): add mapReduce() removal to migration guide #13568 #13548
• docs(schemas): fix typo in schemas.md #13540 Metehan-Altuntekin

7.3.1 / 2023-06-21

• fix(query): respect query-level strict option on findOneAndReplace() #13516 #13507
• docs(connections): expand docs on serverSelectionTimeoutMS #13533 #12967
• docs: add example of accessing save options in pre save #13498
• docs(connections+faq): add info on localhost vs 127.0.0.1
• docs(SchemaType): validate members are validator & message (not msg) #13521 lorand-horvath

7.3.0 / 2023-06-14

• feat: upgrade mongodb -> 5.6.0 #13455 lorand-horvath
• feat(aggregate): add Aggregate.prototype.finally() to be consistent with Promise API for TypeScript #13509
• feat(schema): support selecting subset of fields to apply optimistic concurrency to #13506 #10591
• feat(model): add ordered option to Model.create() #13472 #4038
• feat(schema): consistently add .get() function to all SchemaType classes
• feat(populate): pass virtual to match function to allow merging match options #13477 #12443
• types: allow overwriting Paths in select() to tell TypeScript which fields are projected #13478 #13224
• types(schema): add validateModifiedOnly as schema option #13503 #10153
• docs: add note about validateModifiedOnly as a schema option #13503 #10153
• docs(migrating_to_7): update migrating_to_7.md to include Model.countDocuments #13508 Climax777
• docs(further_reading): remove style for "img" hasezoey

7.2.4 / 2023-06-12

• fix(query): handle non-string discriminator key values in query #13496 #13492

7.2.3 / 2023-06-09

• fix(model): ignore falsy last argument to create() for backwards compatibility #13493 #13491 #13487 MohOraby
• types: remove generic param that's causing issues for typegoose #13494 #13482

... (truncated)

Changelog

Sourced from mongoose's changelog.

7.3.4 / 2023-07-12

• chore: release 7.4.4 to overwrite accidental publish of 5.13.20 to latest tag

6.11.3 / 2023-07-11

• fix: avoid prototype pollution on init
• fix(schema): correctly handle uuids with populate() #13317 #13595

7.3.3 / 2023-07-10

• fix: avoid prototype pollution on init
• fix(document): clean up all array subdocument modified paths on save() #13589 #13582
• types: avoid unnecessary MergeType<> if TOverrides not set, clean up statics and insertMany() type issues #13577 #13529

7.3.2 / 2023-07-06

• fix(model): avoid TypeError if insertMany() fails with error that does not have writeErrors property #13579 #13531
• fix(query): convert findOneAndUpdate to findOneAndReplace when overwrite set for backwards compat with Mongoose 6 #13572 #13550
• fix(query): throw readable error when executing a Query instance without an associated model #13571 #13570
• types: support mongoose.Schema.ObjectId as alias for mongoose.Schema.Types.ObjectId #13543 #13534
• docs(connections): clarify that socketTimeoutMS now defaults to 0 #13576 #13537
• docs(migrating_to_7): add mapReduce() removal to migration guide #13568 #13548
• docs(schemas): fix typo in schemas.md #13540 Metehan-Altuntekin

7.3.1 / 2023-06-21

• fix(query): respect query-level strict option on findOneAndReplace() #13516 #13507
• docs(connections): expand docs on serverSelectionTimeoutMS #13533 #12967
• docs: add example of accessing save options in pre save #13498
• docs(connections+faq): add info on localhost vs 127.0.0.1
• docs(SchemaType): validate members are validator & message (not msg) #13521 lorand-horvath

7.3.0 / 2023-06-14

• feat: upgrade mongodb -> 5.6.0 #13455 lorand-horvath
• feat(aggregate): add Aggregate.prototype.finally() to be consistent with Promise API for TypeScript #13509
• feat(schema): support selecting subset of fields to apply optimistic concurrency to #13506 #10591
• feat(model): add ordered option to Model.create() #13472 #4038
• feat(schema): consistently add .get() function to all SchemaType classes
• feat(populate): pass virtual to match function to allow merging match options #13477 #12443
• types: allow overwriting Paths in select() to tell TypeScript which fields are projected #13478 #13224
• types(schema): add validateModifiedOnly as schema option #13503 #10153
• docs: add note about validateModifiedOnly as a schema option #13503 #10153
• docs(migrating_to_7): update migrating_to_7.md to include Model.countDocuments #13508 Climax777
• docs(further_reading): remove style for "img" hasezoey

7.2.4 / 2023-06-12

• fix(query): handle non-string discriminator key values in query #13496 #13492

... (truncated)

Commits

• 0cb0757 chore: release 7.3.4
• aef309e Merge branch '6.x'
• e9eb8ab chore: release 6.11.3
• 688da8f test: fix flakey tests, remove test for #9597 because it affects global state...
• 4f264a8 test: fix tests re: #13317
• 9616af7 fix(schema): correctly handle uuids with populate()
• 305ce4f fix: avoid prototype pollution on init
• 90d84fd chore: release 7.3.3
• 82b9c3c style: fix lint
• 02699fa Merge branch 'vkarpov15/avoid-prototype-pollution'
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Dependabot tried to add @5HT2 as a reviewer to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/effectindex/EffectIndex/pulls/180/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the users or teams you specified is not a collaborator of the effectindex/EffectIndex repository. // See: https://docs.github.com/rest/pulls/review-requests#request-reviewers-for-a-pull-request

[dependabot[bot]]

Superseded by #187.