Snyk has created this PR to upgrade mongoose from 5.11.5 to 5.11.8.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 3 versions ahead of your current version.
The recommended version was released 21 days ago, on 2020-12-14.
Snyk has created this PR to upgrade mongoose from 5.11.5 to 5.11.8.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-MQUERY-1050858
Why? Has a fix available, CVSS 7.3
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: mongoose
-
5.11.8 - 2020-12-14
-
5.11.7 - 2020-12-10
-
5.11.6 - 2020-12-09
-
5.11.5 - 2020-12-07
from mongoose GitHub release noteschore: release 5.11.8
chore: release 5.11.7
chore: release 5.11.6
chore: release 5.11.5
Commit messages
Package name: mongoose
- 2f95f9f chore: release 5.11.8
- 6c90b20 Merge pull request #9710 from manekshms/master
- 6fe409a fix(index.d.ts): make options optional for `createIndexes()` and `ensureIndexes()`
- beac486 added missing match and model methods in Aggregate class in type definition file
- bdde2ec Merge pull request #9705 from YC/docs
- d46667a fix(css): media query for ::before on headings
- c657663 fix(index.d.ts): support passing a function to `ValidateOpts.message`
- 3dbbf7d refactor(index.d.ts): add MongooseQueryOptions type for `mongooseOptions()` and `_mongooseOptions`
- a053da8 Merge pull request #9700 from orblazer/patch-3
- ccb0f09 Merge pull request #9699 from orblazer/patch-2
- 85acf45 fix(index.d.ts): make options optional for `toObject`
- 1d8cdf0 fix(index.d.ts): allow specify type of _id
- 26c860a chore: update opencollective sponsors
- c4fef45 Merge pull request #9696 from YC/ts-populate
- ae6e8d0 fix(index.d.ts): loosen type bindings for `Query#toConstructor()` to prevent them from conflicting with discriminator inheritance
- d8faf05 fix(index.d.ts): don't require document methods when calling `Model.create()`
- 2c4309e fix(index.d.ts): add missing single document populate
- 7f899ce docs: add a couple links to clarifying articles
- 8097d05 chore(.npmignore): try alternative approach for #9404 because npm isnt ignoring the changelog
- d7fc59c chore: release 5.11.7
- d318339 fix(index.d.ts): make `Document#id` optional so types that use `id` can use `Model<IMyType & Document>`
- a9b317a chore: upgrade mquery -> 3.2.3
- 43f88db fix(document): ensure calling `get()` with empty string returns undefined for mongoose-plugin-autoinc
- 369efe1 Merge pull request #9692 from sahasayan/patch-4
CompareNote: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs