Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update dependency mongoose to v6.11.3 [security] - autoclosed #1279

Closed
wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jul 18, 2023

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
mongoose (source) 6.10.5 -> 6.11.3 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2023-3696

Prototype Pollution in GitHub repository automattic/mongoose prior to 7.3.3, 6.11.3, and 5.13.20.


Release Notes

Automattic/mongoose (mongoose)

v6.11.3

Compare Source

===================

  • fix: avoid prototype pollution on init
  • fix(schema): correctly handle uuids with populate() #​13317 #​13595

v6.11.2

Compare Source

===================

v6.11.1

Compare Source

===================

  • fix(query): apply schema-level paths before calculating projection for findOneAndUpdate() #​13348 #​13340
  • fix: add SUPPRESS_JEST_WARNINGS environment variable to hide jest warnings #​13384 #​13373
  • types(model): allow overwriting expected param type for bulkWrite() #​13292 hasezoey

v6.11.0

Compare Source

===================


Configuration

📅 Schedule: Branch creation - "" in timezone Asia/Shanghai, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot force-pushed the renovate/npm-mongoose-vulnerability branch 2 times, most recently from 73bd6ff to 65754fa Compare August 24, 2023 11:43
@renovate renovate bot force-pushed the renovate/npm-mongoose-vulnerability branch from 65754fa to babd042 Compare September 21, 2023 05:45
@renovate renovate bot force-pushed the renovate/npm-mongoose-vulnerability branch from babd042 to 4756bcb Compare October 2, 2023 18:48
@renovate renovate bot force-pushed the renovate/npm-mongoose-vulnerability branch 2 times, most recently from 87a6082 to cdc9097 Compare October 22, 2023 18:34
@renovate renovate bot force-pushed the renovate/npm-mongoose-vulnerability branch 2 times, most recently from 2b93039 to 10ec532 Compare November 2, 2023 14:37
@renovate renovate bot force-pushed the renovate/npm-mongoose-vulnerability branch 2 times, most recently from 15cabcf to 6da575f Compare November 21, 2023 11:10
@renovate renovate bot force-pushed the renovate/npm-mongoose-vulnerability branch 4 times, most recently from b648dcb to 279a4ef Compare March 2, 2024 14:31
@renovate renovate bot force-pushed the renovate/npm-mongoose-vulnerability branch 4 times, most recently from 971fa90 to 141c705 Compare March 10, 2024 16:26
@renovate renovate bot force-pushed the renovate/npm-mongoose-vulnerability branch from 141c705 to c2a27b8 Compare March 11, 2024 14:35
@renovate renovate bot force-pushed the renovate/npm-mongoose-vulnerability branch 3 times, most recently from 31b2e68 to 9479749 Compare March 31, 2024 16:19
@renovate renovate bot force-pushed the renovate/npm-mongoose-vulnerability branch 5 times, most recently from ef98684 to ad7a04e Compare April 9, 2024 17:11
@renovate renovate bot force-pushed the renovate/npm-mongoose-vulnerability branch from ad7a04e to 3b5c24f Compare April 14, 2024 15:10
@renovate renovate bot force-pushed the renovate/npm-mongoose-vulnerability branch 21 times, most recently from df96c1a to 66a6ae0 Compare May 9, 2024 14:16
@renovate renovate bot force-pushed the renovate/npm-mongoose-vulnerability branch 4 times, most recently from 374716d to 25897ac Compare May 13, 2024 11:33
@renovate renovate bot force-pushed the renovate/npm-mongoose-vulnerability branch from 25897ac to a078f27 Compare May 14, 2024 03:08
@renovate renovate bot changed the title fix(deps): update dependency mongoose to v6.11.3 [security] fix(deps): update dependency mongoose to v6.11.3 [security] - autoclosed May 17, 2024
@renovate renovate bot closed this May 17, 2024
@renovate renovate bot deleted the renovate/npm-mongoose-vulnerability branch May 17, 2024 16:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants