dependabot-preview[bot] commented 4 years ago

Bumps mongoose from 5.4.18 to 5.7.3.

Changelog

*Sourced from [mongoose's changelog](https://github.com/Automattic/mongoose/blob/master/History.md).* > 5.7.3 / 2019-09-30 > ================== > * fix: make CoreMongooseArray#includes() handle `fromIndex` parameter [#8203](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8203) > * fix(update): cast right hand side of `$pull` as a query instead of an update for document arrays [#8166](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8166) > * fix(populate): handle virtual populate of an embedded discriminator nested path [#8173](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8173) > * docs(validation): remove deprecated `isAsync` from validation docs in favor of emphasizing promises [#8184](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8184) > * docs(documents): add overwriting section [#8178](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8178) > * docs(promises): add note about queries being thenable [#8110](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8110) > * perf: avoid update validators going into Mixed types [#8192](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8192) [birdofpreyru](https://github.com/birdofpreyru) > * refactor: remove async as a prod dependency [#8073](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8073) > > 5.7.2 / 2019-09-23 > ================== > * fix(mongoose): support `mongoose.set('autoIndex', false)` [#8158](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8158) > * fix(discriminator): support `tiedValue` parameter for embedded discriminators analagous to top-level discriminators [#8164](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8164) > * fix(query): handle `toConstructor()` with entries-style sort syntax [#8159](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8159) > * fix(populate): avoid converting mixed paths into arrays if populating an object path under `Mixed` [#8157](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8157) > * fix: use $wrapCallback when using promises for mongoose-async-hooks > * fix: handle queries with setter that converts value to Number instance [#8150](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8150) > * docs: add mongoosejs-cli to readme [#8142](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8142) > * docs: fix example typo for Schema.prototype.plugin() [#8175](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8175) [anaethoss](https://github.com/anaethoss) > > 5.7.1 / 2019-09-13 > ================== > * fix(query): fix TypeError when calling `findOneAndUpdate()` with `runValidators` [#8151](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8151) [fernandolguevara](https://github.com/fernandolguevara) > * fix(document): throw strict mode error if setting an immutable path with strict mode: false [#8149](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8149) > * fix(mongoose): support passing options object to Mongoose constructor [#8144](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8144) > * fix(model): make syncIndexes() handle changes in index key order [#8135](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8135) > * fix(error): export StrictModeError as a static property of MongooseError [#8148](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8148) [ouyuran](https://github.com/ouyuran) > * docs(connection+mongoose): add `useUnifiedTopology` option to `connect()` and `openUri()` docs [#8146](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8146) > > 5.7.0 / 2019-09-09 > ================== > * feat(document+query): support conditionally immutable schema paths [#8001](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8001) > * perf(documentarray): refactor to use ES6 classes instead of mixins, ~30% speedup [#7895](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7895) > * feat: use MongoDB driver 3.3.x for MongoDB 4.2 support [#8083](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8083) [#8078](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8078) > * feat(schema+query): add pre('validate') and post('validate') hooks for update validation [#7984](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7984) > * fix(timestamps): ensure updatedAt gets incremented consistently using update with and without $set [#4768](https://github-redirect.dependabot.com/Automattic/mongoose/issues/4768) > * feat(query): add `Query#get()` to make writing custom setters that handle both queries and documents easier [#7312](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7312) > * feat(document): run setters on defaults [#8012](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8012) > * feat(document): add `aliases: false` option to `Document#toObject()` [#7548](https://github-redirect.dependabot.com/Automattic/mongoose/issues/7548) > * feat(timestamps): support skipping updatedAt and createdAt for individual save() and update() [#3934](https://github-redirect.dependabot.com/Automattic/mongoose/issues/3934) > * docs: fix index creation link in guide [#8138](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8138) [joebowbeer](https://github.com/joebowbeer) > > 5.6.13 / 2019-09-04 > =================== > * fix(parallel): fix parallelLimit when fns is empty [#8130](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8130) [#8128](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8128) [sibelius](https://github.com/sibelius) > * fix(document): ensure nested mixed validator gets called exactly once [#8117](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8117) > * fix(populate): handle `justOne = undefined` [#8125](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8125) [taxilian](https://github.com/taxilian) > > ... (truncated)

Commits

- [`43b63ae`](https://github.com/Automattic/mongoose/commit/43b63ae8d18e49db3ddb56b4c843637339495a76) chore: release 5.7.3 - [`06112b0`](https://github.com/Automattic/mongoose/commit/06112b061aa8a29b56fc92aae16797805700e417) docs(validation): remove deprecated `isAsync` from validation docs in favor o... - [`7fee719`](https://github.com/Automattic/mongoose/commit/7fee719574d00d7831906420dfc12e631f585575) docs(documents): add overwriting section - [`98b5a73`](https://github.com/Automattic/mongoose/commit/98b5a73243f831c7c69b889ab86d2e50d4f17a6d) fix: make CoreMongooseArray#includes() handle `fromIndex` parameter - [`6c91dea`](https://github.com/Automattic/mongoose/commit/6c91deafb9ca9176c84b3bf38654768c1a9dc3b2) style: fix lint - [`9bb4b03`](https://github.com/Automattic/mongoose/commit/9bb4b034ab4ca3cb03cf18eb888bdd308612d2d5) refactor: remove async as a prod dependency - [`3647292`](https://github.com/Automattic/mongoose/commit/36472927155dc861a57e878c2b6e68f91a522dda) refactor(cursor): remove async.queue() from eachAsync() re: [#8073](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8073) [#5502](https://github-redirect.dependabot.com/Automattic/mongoose/issues/5502) - [`e60db1b`](https://github.com/Automattic/mongoose/commit/e60db1b1d928a6da02f08e4890356087826e7c24) refactor(cursor): remove dependency on async.times() - [`c5b2355`](https://github.com/Automattic/mongoose/commit/c5b235537e8888fd04d2928ec550f206b53fd8e7) docs(promises): add note about queries being thenable - [`da77b8d`](https://github.com/Automattic/mongoose/commit/da77b8df8a4b17f2b5beeffdf3b36e49123e3fc6) Merge pull request [#8192](https://github-redirect.dependabot.com/Automattic/mongoose/issues/8192) from birdofpreyru/fix-8093-1 - Additional commits viewable in [compare view](https://github.com/Automattic/mongoose/compare/5.4.18...5.7.3)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will not automatically merge this PR because it includes a minor update to a production dependency.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) Finally, you can contact us by mentioning @dependabot.

codecov[bot] commented 4 years ago

Codecov Report

Merging #300 into master will not change coverage. The diff coverage is n/a.

@@           Coverage Diff           @@
##           master     #300   +/-   ##
=======================================
  Coverage   23.55%   23.55%           
=======================================
  Files          99       99           
  Lines        2165     2165           
=======================================
  Hits          510      510           
  Misses       1655     1655

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 7f73d5d...f869737. Read the comment docs.

dependabot-preview[bot] commented 4 years ago

Superseded by #305.

geodatagouv / geoplatform

Bump mongoose from 5.4.18 to 5.7.3 #300

Codecov Report