From c060f1a34dd780e73e6b7b84ce23fe0bcde0bab3 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 10 Nov 2025 20:44:20 +0000 Subject: [PATCH] fix(deps): update dependency mongoose to v8.8.3 [security] --- package.json | 2 +- pnpm-lock.yaml | 60 +++++++++++++++++++------------------------------- 2 files changed, 24 insertions(+), 38 deletions(-) diff --git a/package.json b/package.json index fa73a3a9d..aa5303407 100644 --- a/package.json +++ b/package.json @@ -55,7 +55,7 @@ "moment": "2.30.1", "mongodb": "6.11.0", "mongodb-uri": "0.9.7", - "mongoose": "8.2.2", + "mongoose": "8.8.3", "multer": "^1.4.5-lts.1", "nestjs-real-ip": "3.0.1", "openapi3-ts": "^4.2.1", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 2f989807e..9e374cc60 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -25,7 +25,7 @@ dependencies: version: 10.4.13(@nestjs/common@10.4.13)(@nestjs/platform-express@10.4.13)(@nestjs/websockets@10.4.13)(reflect-metadata@0.2.2)(rxjs@7.8.1) '@nestjs/mongoose': specifier: 10.1.0 - version: 10.1.0(@nestjs/common@10.4.13)(@nestjs/core@10.4.13)(mongoose@8.2.2)(rxjs@7.8.1) + version: 10.1.0(@nestjs/common@10.4.13)(@nestjs/core@10.4.13)(mongoose@8.8.3)(rxjs@7.8.1) '@nestjs/passport': specifier: 10.0.3 version: 10.0.3(@nestjs/common@10.4.13)(passport@0.7.0) @@ -123,8 +123,8 @@ dependencies: specifier: 0.9.7 version: 0.9.7 mongoose: - specifier: 8.2.2 - version: 8.2.2 + specifier: 8.8.3 + version: 8.8.3 multer: specifier: ^1.4.5-lts.1 version: 1.4.5-lts.1 @@ -1166,12 +1166,6 @@ packages: resolution: {integrity: sha512-Z7C/xXCiGWsg0KuKsHTKJxbWhpI3Vs5GwLfOean7MGyVFGqdRgBbAjOCh6u4bbjPc/8MJ2pZmK/0DLdCbivLDA==} engines: {node: '>=8'} - /@mongodb-js/saslprep@1.1.7: - resolution: {integrity: sha512-dCHW/oEX0KJ4NjDULBo3JiOaK5+6axtpBbS+ao2ZInoAL9/YRQLhXzSNAFz7hP4nzLkIqsfYAK/PDE3+XHny0Q==} - requiresBuild: true - dependencies: - sparse-bitfield: 3.0.3 - /@mongodb-js/saslprep@1.1.9: resolution: {integrity: sha512-tVkljjeEaAhCqTzajSdgbQ6gE6f3oneVwa3iXR6csiEwXXOFsiC6Uh9iAjAhXPtqa/XMDHWjjeNH/77m/Yq2dw==} dependencies: @@ -1307,7 +1301,7 @@ packages: transitivePeerDependencies: - encoding - /@nestjs/mongoose@10.1.0(@nestjs/common@10.4.13)(@nestjs/core@10.4.13)(mongoose@8.2.2)(rxjs@7.8.1): + /@nestjs/mongoose@10.1.0(@nestjs/common@10.4.13)(@nestjs/core@10.4.13)(mongoose@8.8.3)(rxjs@7.8.1): resolution: {integrity: sha512-1ExAnZUfh2QffEaGjqYGgVPy/sYBQCVLCLqVgkcClKx/BCd0QNgND8MB70lwyobp3nm/+nbGQqBpu9F3/hgOCw==} peerDependencies: '@nestjs/common': ^8.0.0 || ^9.0.0 || ^10.0.0 @@ -1317,7 +1311,7 @@ packages: dependencies: '@nestjs/common': 10.4.13(class-transformer@0.5.1)(class-validator@0.14.1)(reflect-metadata@0.2.2)(rxjs@7.8.1) '@nestjs/core': 10.4.13(@nestjs/common@10.4.13)(@nestjs/platform-express@10.4.13)(@nestjs/websockets@10.4.13)(reflect-metadata@0.2.2)(rxjs@7.8.1) - mongoose: 8.2.2 + mongoose: 8.8.3 rxjs: 7.8.1 dev: false @@ -2056,7 +2050,7 @@ packages: resolution: {integrity: sha512-cqwOVYT3qXyLiGw7ueU2kX9noE8DPGRY6z8eUxudhXY8NZ7DMKYAxyZkLSevGfhCX3dO/AoX5/SO9lAzfjon0Q==} deprecated: Mongoose publishes its own types, so you do not need to install this package. dependencies: - mongoose: 8.2.2 + mongoose: 8.8.3 transitivePeerDependencies: - '@aws-sdk/credential-providers' - '@mongodb-js/zstd' @@ -2876,15 +2870,7 @@ packages: /bson@6.10.1: resolution: {integrity: sha512-P92xmHDQjSKPLHqFxefqMxASNq/aWJMEZugpCjf+AF/pgcUpMMQCg7t7+ewko0/u8AapvF3luf/FoehddEK+sA==} engines: {node: '>=16.20.1'} - - /bson@6.4.0: - resolution: {integrity: sha512-6/gSSEdbkuFlSb+ufj5jUSU4+wo8xQOwm2bDSqwmxiPE17JTpsP63eAwoN8iF8Oy4gJYj+PAL3zdRCTdaw5Y1g==} - engines: {node: '>=16.20.1'} - deprecated: a critical bug affecting zSeries s390x big-endian systems is fixed in bson@6.5.0 - - /bson@6.7.0: - resolution: {integrity: sha512-w2IquM5mYzYZv6rs3uN2DZTOBe2a0zXLj53TGDqwF4l6Sz/XsISrisXOJihArF9+BZ6Cq/GjVht7Sjfmri7ytQ==} - engines: {node: '>=16.20.1'} + deprecated: a critical bug affecting only useBigInt64=true deserialization usage is fixed in bson@6.10.3 /buffer-crc32@0.2.13: resolution: {integrity: sha512-VO9Ht/+p3SN7SKWqcrgEzjGbRSJYTx+Q1pTQC0wrWqHx0vpJraQ6GtHx8tvcg1rlK1byhU5gccxgOgj7B0TDkQ==} @@ -5631,8 +5617,8 @@ packages: safe-buffer: 5.2.1 dev: false - /kareem@2.5.1: - resolution: {integrity: sha512-7jFxRVm+jD+rkq3kY0iZDJfsO2/t4BBPeEb2qKn2lR/9KhuksYk5hxzfRYWMPV8P/x2d0kHD306YyWLzjjH+uA==} + /kareem@2.6.3: + resolution: {integrity: sha512-C3iHfuGUXK2u8/ipq9LfjFfXFxAZMQJJq7vLS45r3D9Y2xQ/m4S8zaR4zMLFWh9AsNPXmcFfUDhTEO8UIC/V6Q==} engines: {node: '>=12.0.0'} /keyv@4.5.4: @@ -6044,8 +6030,8 @@ packages: engines: {node: '>= 0.6.0'} dev: false - /mongodb@6.11.0: - resolution: {integrity: sha512-yVbPw0qT268YKhG241vAMLaDQAPbRyTgo++odSgGc9kXnzOujQI60Iyj23B9sQQFPSvmNPvMZ3dsFz0aN55KgA==} + /mongodb@6.10.0: + resolution: {integrity: sha512-gP9vduuYWb9ZkDM546M+MP2qKVk5ZG2wPF63OvSRuUbqCR+11ZCAE1mOfllhlAG0wcoJY5yDL/rV3OmYEwXIzg==} engines: {node: '>=16.20.1'} peerDependencies: '@aws-sdk/credential-providers': ^3.188.0 @@ -6075,8 +6061,8 @@ packages: bson: 6.10.1 mongodb-connection-string-url: 3.0.0 - /mongodb@6.3.0: - resolution: {integrity: sha512-tt0KuGjGtLUhLoU263+xvQmPHEGTw5LbcNC73EoFRYgSHwZt5tsoJC110hDyO1kjQzpgNrpdcSza9PknWN4LrA==} + /mongodb@6.11.0: + resolution: {integrity: sha512-yVbPw0qT268YKhG241vAMLaDQAPbRyTgo++odSgGc9kXnzOujQI60Iyj23B9sQQFPSvmNPvMZ3dsFz0aN55KgA==} engines: {node: '>=16.20.1'} peerDependencies: '@aws-sdk/credential-providers': ^3.188.0 @@ -6102,21 +6088,21 @@ packages: socks: optional: true dependencies: - '@mongodb-js/saslprep': 1.1.7 - bson: 6.7.0 + '@mongodb-js/saslprep': 1.1.9 + bson: 6.10.1 mongodb-connection-string-url: 3.0.0 - /mongoose@8.2.2: - resolution: {integrity: sha512-6sMxe1d3k/dBjiOX4ExNTNOP0g1x0iq8eXyg+ttgIXM3HLnQ0IUyXRwVVAPFFY6O4/8uYN5dB0Ec72FrexbPpw==} + /mongoose@8.8.3: + resolution: {integrity: sha512-/I4n/DcXqXyIiLRfAmUIiTjj3vXfeISke8dt4U4Y8Wfm074Wa6sXnQrXN49NFOFf2mM1kUdOXryoBvkuCnr+Qw==} engines: {node: '>=16.20.1'} dependencies: - bson: 6.4.0 - kareem: 2.5.1 - mongodb: 6.3.0 + bson: 6.10.1 + kareem: 2.6.3 + mongodb: 6.10.0 mpath: 0.9.0 mquery: 5.0.0 ms: 2.1.3 - sift: 16.0.1 + sift: 17.1.3 transitivePeerDependencies: - '@aws-sdk/credential-providers' - '@mongodb-js/zstd' @@ -7153,8 +7139,8 @@ packages: get-intrinsic: 1.2.4 object-inspect: 1.13.1 - /sift@16.0.1: - resolution: {integrity: sha512-Wv6BjQ5zbhW7VFefWusVP33T/EM0vYikCaQ2qR8yULbsilAT8/wQaXvuQ3ptGLpoKx+lihJE3y2UTgKDyyNHZQ==} + /sift@17.1.3: + resolution: {integrity: sha512-Rtlj66/b0ICeFzYTuNvX/EF1igRbbnGSvEyT79McoZa/DeGhMyC5pWKOEsZKnpkqtSeovd5FL/bjHWC3CIIvCQ==} /signal-exit@3.0.7: resolution: {integrity: sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==}