[Snyk] Upgrade mongoose from 5.7.5 to 5.13.15

[snyk-bot]

Snyk has created this PR to upgrade mongoose from 5.7.5 to 5.13.15.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 124 versions ahead of your current version.
• The recommended version was released a month ago, on 2022-08-22.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-MQUERY-1089718	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MQUERY-1050858	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MONGOOSE-2961688	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MPATH-1577289	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MONGOOSE-1086688	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: mongoose

• 5.13.15 - 2022-08-22
  

  chore: release 5.13.15

• 5.13.14 - 2021-12-27
• 5.13.13 - 2021-11-02
• 5.13.12 - 2021-10-19
• 5.13.11 - 2021-10-12
• 5.13.10 - 2021-10-05
• 5.13.9 - 2021-09-06
• 5.13.8 - 2021-08-23
• 5.13.7 - 2021-08-11
• 5.13.6 - 2021-08-09
• 5.13.5 - 2021-07-30
• 5.13.4 - 2021-07-28
• 5.13.3 - 2021-07-16
• 5.13.2 - 2021-07-03
• 5.13.1 - 2021-07-02
• 5.13.0 - 2021-06-28
• 5.12.15 - 2021-06-25
• 5.12.14 - 2021-06-15
• 5.12.13 - 2021-06-04
• 5.12.12 - 2021-05-28
• 5.12.11 - 2021-05-24
• 5.12.10 - 2021-05-18
• 5.12.9 - 2021-05-13
• 5.12.8 - 2021-05-10
• 5.12.7 - 2021-04-29
• 5.12.6 - 2021-04-27
• 5.12.5 - 2021-04-19
• 5.12.4 - 2021-04-15
• 5.12.3 - 2021-03-31
• 5.12.2 - 2021-03-22
• 5.12.1 - 2021-03-18
• 5.12.0 - 2021-03-11
• 5.11.20 - 2021-03-11
• 5.11.19 - 2021-03-05
• 5.11.18 - 2021-02-23
• 5.11.17 - 2021-02-17
• 5.11.16 - 2021-02-12
• 5.11.15 - 2021-02-03
• 5.11.14 - 2021-01-28
• 5.11.13 - 2021-01-20
• 5.11.12 - 2021-01-14
• 5.11.11 - 2021-01-08
• 5.11.10 - 2021-01-04
• 5.11.9 - 2020-12-28
• 5.11.8 - 2020-12-14
• 5.11.7 - 2020-12-10
• 5.11.6 - 2020-12-09
• 5.11.5 - 2020-12-07
• 5.11.4 - 2020-12-04
• 5.11.3 - 2020-12-03
• 5.11.2 - 2020-12-02
• 5.11.1 - 2020-12-01
• 5.11.0 - 2020-11-30
• 5.10.19 - 2020-11-30
• 5.10.18 - 2020-11-29
• 5.10.17 - 2020-11-27
• 5.10.16 - 2020-11-25
• 5.10.15 - 2020-11-16
• 5.10.14 - 2020-11-12
• 5.10.13 - 2020-11-06
• 5.10.12 - 2020-11-04
• 5.10.11 - 2020-10-26
• 5.10.10 - 2020-10-23
• 5.10.9 - 2020-10-09
• 5.10.8 - 2020-10-05
• 5.10.7 - 2020-09-24
• 5.10.6 - 2020-09-18
• 5.10.5 - 2020-09-11
• 5.10.4 - 2020-09-09
• 5.10.3 - 2020-09-03
• 5.10.2 - 2020-08-28
• 5.10.1 - 2020-08-26
• 5.10.0 - 2020-08-14
• 5.9.29 - 2020-08-13
• 5.9.28 - 2020-08-07
• 5.9.27 - 2020-07-31
• 5.9.26 - 2020-07-27
• 5.9.25 - 2020-07-17
• 5.9.24 - 2020-07-13
• 5.9.23 - 2020-07-10
• 5.9.22 - 2020-07-06
• 5.9.21 - 2020-07-01
• 5.9.20 - 2020-06-22
• 5.9.19 - 2020-06-15
• 5.9.18 - 2020-06-05
• 5.9.17 - 2020-06-02
• 5.9.16 - 2020-05-25
• 5.9.15 - 2020-05-18
• 5.9.14 - 2020-05-13
• 5.9.13 - 2020-05-08
• 5.9.12 - 2020-05-04
• 5.9.11 - 2020-04-30
• 5.9.10 - 2020-04-20
• 5.9.9 - 2020-04-13
• 5.9.7 - 2020-03-30
• 5.9.6 - 2020-03-23
• 5.9.5 - 2020-03-16
• 5.9.4 - 2020-03-09
• 5.9.3 - 2020-03-02
• 5.9.2 - 2020-02-21
• 5.9.1 - 2020-02-14
• 5.9.0 - 2020-02-13
• 5.8.13 - 2020-02-13
• 5.8.12 - 2020-02-12
• 5.8.11 - 2020-01-31
• 5.8.10 - 2020-01-27
• 5.8.9 - 2020-01-17
• 5.8.7 - 2020-01-10
• 5.8.6 - 2020-01-08
• 5.8.5 - 2020-01-06
• 5.8.4 - 2020-01-02
• 5.8.3 - 2019-12-23
• 5.8.2 - 2019-12-20
• 5.8.1 - 2019-12-12
• 5.8.0 - 2019-12-09
• 5.7.14 - 2019-12-06
• 5.7.13 - 2019-11-29
• 5.7.12 - 2019-11-19
• 5.7.11 - 2019-11-14
• 5.7.10 - 2019-11-11
• 5.7.9 - 2019-11-08
• 5.7.8 - 2019-11-05
• 5.7.7 - 2019-10-24
• 5.7.6 - 2019-10-21
• 5.7.5 - 2019-10-14

from mongoose GitHub release notes

Commit messages

Package name: mongoose

• ca7996b chore: release 5.13.15
• e75732a Merge pull request #12307 from Automattic/vkarpov15/fix-5x-build
• a1144dc test: run node 7 tests with upgraded npm re: #12297
• dfc4ad7 test: try upgrading npm for node v4 tests re: #12297
• b9e985c test: more strict @ types/node version
• 4d813fa test: fix @ types/node version in tests re: #12297
• 99b4189 Merge pull request #12297 from shubanker/issue/prototype-pollution-5.x-patch
• 5eb11dd made function non async
• 6a19731 fix(schema): disallow setting __proto__ when creating schema with dotted properties
• a2ec28d Merge pull request #11366 from laissonsilveira/5.x
• 05ce577 Fix broken link from findandmodify method deprecation
• d2b846f chore: release 5.13.14
• 69c1f6c docs(models): fix up nModified example for 5.x
• 4cfc4d6 fix(timestamps): avoid setting `createdAt` on documents that already exist but dont have createdAt
• a738440 chore: release 5.13.13
• 4d12a62 Merge pull request #10942 from jneal-afs/fix-query-set-ts-type
• c3463c4 Merge pull request #10916 from iovanom/gh-10902-v5
• ff5ddb5 fix: hardcode base 10 for nodeMajorVersion parseInt() call
• d205c4d make value optional
• c6fd7f7 Fix ts types for query set
• 22e9b3b [gh-10902 v5] Add node major version to utils
• 5468642 [gh-10902 v5] Emit end event in before close
• 271bc60 Merge pull request #10910 from lorand-horvath/patch-2
• b7ebeec Update mongodb driver to 3.7.3

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs