Bump mpath and mongoose

[dependabot]

Bumps mpath to 0.8.4 and updates ancestor dependency mongoose. These dependencies need to be updated together.

Updates mpath from 0.6.0 to 0.8.4

Changelog

Sourced from mpath's changelog.

0.8.4 / 2021-09-01

• fix: throw error if parts contains an element that isn't a string or number #13

0.8.3 / 2020-12-30

• fix: use var instead of let/const for Node.js 4.x support

0.8.2 / 2020-12-30

• fix(stringToParts): fall back to legacy treatment for square brackets if square brackets contents aren't a number Automattic/mongoose#9640
• chore: add eslint

0.8.1 / 2020-12-10

• fix(stringToParts): handle empty string and trailing dot the same way that split() does for backwards compat

0.8.0 / 2020-11-14

• feat: support square bracket indexing for get(), set(), has(), and unset()

0.7.0 / 2020-03-24

• BREAKING CHANGE: remove component.json #9 AlexeyGrigorievBoost

Commits

• 634a0fa chore: release 0.8.4
• 89402d2 fix: throw error if parts contains an element that isn't a string or number
• 03c4efe chore: add basic SECURITY.md file
• ad7a023 chore: release 0.8.3
• f050c3a fix: use var instead of let/const for Node.js 4.x support
• e3bdd36 chore: release 0.8.2
• b09cebc chore: add lint
• ffed519 fix(stringToParts): fall back to legacy treatment for square brackets if squa...
• 095573c chore: release 0.8.1
• c507d2c fix(stringToParts): handle empty string and trailing dot the same way that `s...
• Additional commits viewable in compare view

Updates mongoose from 5.8.1 to 5.13.16

Changelog

Sourced from mongoose's changelog.

5.13.16 / 2023-02-20

• fix: make access to process.versions lazy #12584 maciasello
• fix(types): add missing type definitions for bulkSave() #12019
• docs: backport documentation URL updates #12692 hasezoey

6.9.2 / 2023-02-16

• fix(model): fixed post('save') callback parameter #13030 #13026 lpizzinidev
• fix(UUID): added null check to prevent error on binaryToString conversion #13034 #13032 #13029 lpizzinidev Freezystem
• fix(query): revert breaking changes introduced by #12797 #12999 lpizzinidev
• fix(document): make array $shift() use $pop instead of overwriting array #13004
• docs: update & remove old links #13019 hasezoey
• docs(middleware): describe how to access model from document middleware #13031 AxeOfMen
• docs: update broken & outdated links #13001 hasezoey
• chore: change deno tests to also use MMS #12918 hasezoey

6.9.1 / 2023-02-06

• fix(document): isModified should not be triggered when setting a nested boolean to the same value as previously #12994 lpizzinidev
• fix(document): save newly set defaults underneath single nested subdocuments #13002 #12905
• fix(update): handle custom discriminator model name when casting update #12947 wassil
• fix(connection): handles unique autoincrement ID for connections #12990 lpizzinidev
• fix(types): fix type of options of Model.aggregate #12933 ghost91-
• fix(types): fix "near" aggregation operator input type #12954 Jokero
• fix(types): add missing Top operator to AccumulatorOperator type declaration #12952 lpizzinidev
• docs(transactions): added example for Connection.transaction() method #12943 #12934 lpizzinidev
• docs(populate): fix out of date comment referencing onModel property #13000
• docs(transactions): fix typo in transactions.md #12995 Parth86

6.9.0 / 2023-01-25

• feat(schema): add removeVirtual(path) function to schema #12920 IslandRhythms
• fix(cast): remove empty $or conditions after strict applied #12898 0x0a0d
• docs: fixed typo #12946 Gbengstar

6.8.5 / 2023-01-23

• fix(query): correctly pass context when casting $elemMatch #12915 #12909 #12902 MohOraby

6.8.4 / 2023-01-17

• fix(collection): handle creating model when connection disconnected with bufferCommands = false #12889
• fix(populate): merge instead of overwrite when match is on _id #12891
• fix: add guard to stop loadClass copying Document if Document is used as base of loaded class (same hack as implemented for Model already) #12820 sgpinkus
• fix(types): correctly infer types on document arrays #12884 #12882 JavaScriptBach
• fix(types): added omit for ArraySubdocument type in LeanType declaration #12903 piyushk96
• fix(types): add returnDocument type safety #12906 AbdelrahmanHafez
• docs(typescript): add notes about virtual context to Mongoose 6 migration and TypeScript virtuals docs #12912 #12806
• docs(schematypes): removed dead link and fixed formatting #12897 #12885 lpizzinidev

... (truncated)

Commits

• e76c41c chore: release 5.13.16
• cdab11e chore: remove Node 5 and 7 from CI because GitHub actions is bugging out with...
• e33a8be fix(types): add missing typedefs for bulkSave() to 5.x
• 896cd76 Merge pull request #12692 from hasezoey/backportLinkUpdate
• 9caa847 chore: remove test from #12584 because it causes test failures
• 41a2ea3 chore: remove browser build from tests
• 3715c05 chore: fix browser build on old node re: https://github.com/webpack/schema-ut...
• 78d9d91 Merge pull request #12584 from maciasello/fix/gh-11943
• aef4c7b docs: quick fix for search re: #12830
• 48179b4 chore: search fixes
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.