From be22e39f7095e30337d6e435436833a084db2377 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 28 May 2020 17:28:27 -0700 Subject: [PATCH 1/2] fix: upgrade mongoose from 5.9.9 to 5.9.12 Snyk has created this PR to upgrade mongoose from 5.9.9 to 5.9.12. See this package in NPM: https://www.npmjs.com/package/mongoose See this project in Snyk: https://app.snyk.io/org/carl-utter/project/68e0a474-9093-4043-b7aa-5d990da8e8a0?utm_source=github&utm_medium=upgrade-pr --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 19414ed9..9c12fa39 100644 --- a/package.json +++ b/package.json @@ -61,7 +61,7 @@ "joi": "^14.3.1", "jsonwebtoken": "^8.5.1", "method-override": "^2.3.5", - "mongoose": "^5.9.6", + "mongoose": "^5.9.12", "morgan": "^1.9.1", "snyk": "^1.300.0", "winston": "^2.4.0" From 2e95c8318b9aeb8402ee2baecb235cc26628c74f Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 28 May 2020 17:28:28 -0700 Subject: [PATCH 2/2] fix: upgrade mongoose from 5.9.9 to 5.9.12 Snyk has created this PR to upgrade mongoose from 5.9.9 to 5.9.12. See this package in NPM: https://www.npmjs.com/package/mongoose See this project in Snyk: https://app.snyk.io/org/carl-utter/project/68e0a474-9093-4043-b7aa-5d990da8e8a0?utm_source=github&utm_medium=upgrade-pr --- yarn.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/yarn.lock b/yarn.lock index 64531407..7bb479a4 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1797,10 +1797,10 @@ browserslist@^3.2.6: caniuse-lite "^1.0.30000844" electron-to-chromium "^1.3.47" -bson@^1.1.1, bson@~1.1.1: - version "1.1.3" - resolved "https://registry.yarnpkg.com/bson/-/bson-1.1.3.tgz#aa82cb91f9a453aaa060d6209d0675114a8154d3" - integrity sha512-TdiJxMVnodVS7r0BdL42y/pqC9cL2iKynVwA0Ho3qbsQYr428veL3l7BQyuqiw+Q5SqqoT0m4srSY/BlZ9AxXg== +bson@^1.1.4: + version "1.1.4" + resolved "https://registry.yarnpkg.com/bson/-/bson-1.1.4.tgz#f76870d799f15b854dffb7ee32f0a874797f7e89" + integrity sha512-S/yKGU1syOMzO86+dGpg2qGoDL0zvzcb262G+gqEy6TgP6rt6z6qxSFX/8X6vLC91P7G7C3nLs0+bvDzmvBA3Q== buffer-equal-constant-time@1.0.1: version "1.0.1" @@ -5979,13 +5979,13 @@ mocha@^4.0.1: mkdirp "0.5.1" supports-color "4.4.0" -mongodb@3.5.5: - version "3.5.5" - resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-3.5.5.tgz#1334c3e5a384469ac7ef0dea69d59acc829a496a" - integrity sha512-GCjDxR3UOltDq00Zcpzql6dQo1sVry60OXJY3TDmFc2SWFY6c8Gn1Ardidc5jDirvJrx2GC3knGOImKphbSL3A== +mongodb@3.5.7: + version "3.5.7" + resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-3.5.7.tgz#6dcfff3bdbf67a53263dcca1647c265eea1d065d" + integrity sha512-lMtleRT+vIgY/JhhTn1nyGwnSMmJkJELp+4ZbrjctrnBxuLbj6rmLuJFz8W2xUzUqWmqoyVxJLYuC58ZKpcTYQ== dependencies: bl "^2.2.0" - bson "^1.1.1" + bson "^1.1.4" denque "^1.4.1" require_optional "^1.0.1" safe-buffer "^5.1.2" @@ -5997,14 +5997,14 @@ mongoose-legacy-pluralize@1.0.2: resolved "https://registry.yarnpkg.com/mongoose-legacy-pluralize/-/mongoose-legacy-pluralize-1.0.2.tgz#3ba9f91fa507b5186d399fb40854bff18fb563e4" integrity sha512-Yo/7qQU4/EyIS8YDFSeenIvXxZN+ld7YdV9LqFVQJzTLye8unujAWPZ4NWKfFA+RNjh+wvTWKY9Z3E5XM6ZZiQ== -mongoose@^5.9.6: - version "5.9.9" - resolved "https://registry.yarnpkg.com/mongoose/-/mongoose-5.9.9.tgz#8e242330bcae306467936e3e65374bb84f3c06f6" - integrity sha512-pLkIkM7XQwfbQ+xK1l57Zv0DYPH190/I6Cv5+PbJGfAU0HvX0atMlp+vly8zcjNTEvTkVM80qA5eBYBvZyLYXw== +mongoose@^5.9.12: + version "5.9.16" + resolved "https://registry.yarnpkg.com/mongoose/-/mongoose-5.9.16.tgz#6aa688a6b7b444d10f60ac539b92556cae20475e" + integrity sha512-b4HNndgh+dacoLE/2SBF3iBBofeaKL+aGVZH7jnPRc2RXRCplX4sfH5sgoz03ryCSXJ+RQNIfqKAADt/ZBzPDA== dependencies: - bson "~1.1.1" + bson "^1.1.4" kareem "2.3.1" - mongodb "3.5.5" + mongodb "3.5.7" mongoose-legacy-pluralize "1.0.2" mpath "0.7.0" mquery "3.2.2"