[Snyk] Upgrade mongoose from 5.13.15 to 5.13.22

[wambugucoder]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade mongoose from 5.13.15 to 5.13.22.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

- The recommended version is **7 versions** ahead of your current version. - The recommended version was released **22 days ago**, on 2024-01-02. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Prototype Pollution
[SNYK-JS-MONGOOSE-5777721](https://snyk.io/vuln/SNYK-JS-MONGOOSE-5777721) | **726/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 8.1 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: mongoose

• 5.13.22 - 2024-01-02
  

  chore: release 5.13.22

    </li>
    <li>
      <b>5.13.21</b> - 2023-10-19
    </li>
    <li>
      <b>5.13.20</b> - 2023-07-12
    </li>
    <li>
      <b>5.13.19</b> - 2023-06-22
    </li>
    <li>
      <b>5.13.18</b> - 2023-06-22
    </li>
    <li>
      <b>5.13.17</b> - 2023-04-04
    </li>
    <li>
      <b>5.13.16</b> - 2023-02-20
    </li>
    <li>
      <b>5.13.15</b> - 2022-08-22
    </li>
  </ul>
  from <a href="https://snyk.io/redirect/github/Automattic/mongoose/releases">mongoose GitHub release notes</a>

Commit messages

Package name: mongoose

• 2642bb5 chore: release 5.13.22
• e894fe8 types: add `skipValidation`, `strict`, `timestamps` as options for bulkWrite()
• c5fa9b4 fix: also allow setting nested field to undefined re: #14205
• 66e5c1b fix: fix some merge issues with #14226 re: #14205
• a96164e fix(document): allow setting nested path to `null`
• 7ff7e33 perf(schema): remove unnecessary lookahead in numeric subpath check
• 09c55b3 pin another version for node 4 build
• a1c9fb1 chore: fix typo
• 7bd07d9 try pinning @ types/babylon dep to fix build issues
• 21639c8 chore: release 5.13.21
• 78257e2 Merge pull request #13670 from Automattic/IslandRhythms/backport-pull-12954
• 443092a add back `uniqueDocs`
• e7ff415 fix: lint
• deedb88 backport GeoNear to 5.x
• 11bb2c4 Merge pull request #13655 from Automattic/IslandRhythms/backport-npm
• 702b4a0 Update .npmignore
• 0f3997a chore: release 5.13.20
• f1efabf fix: avoid prototype pollution on init
• 98e0762 chore: release 5.13.19
• 7e36d21 chore: release 5.13.18
• 6759c60 undo accidental changes and actually pin @ types/json-schema
• 4ed4a89 chore: pin version of @ types/json-schema because of install issues on node v4 and v6
• 9a9536d Merge pull request #13535 from lorand-horvath/patch-12
• 26424d5 5.x - bump mongodb driver to 3.7.4

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs