build(deps): bump mongoose from 8.3.1 to 8.3.2

[dependabot]

Bumps mongoose from 8.3.1 to 8.3.2.

Release notes

Sourced from mongoose's releases.

8.3.2 / 2024-04-16

• fix(populate): avoid match function filtering out null values in populate result #14518 #14494
• types(query): make FilterQuery props resolve to any for generics support #14510 #14473 #14459
• types(DocumentArray): pass DocType generic to Document for correct toJSON() and toObject() return types #14526 #14469
• types(models): fix incorrect bulk write options #14513 emiljanitzek
• docs: add documentation for calling schema.post() with async function #14514 #14305

Changelog

Sourced from mongoose's changelog.

8.3.2 / 2024-04-16

• fix(populate): avoid match function filtering out null values in populate result #14518 #14494
• types(query): make FilterQuery props resolve to any for generics support #14510 #14473 #14459
• types(DocumentArray): pass DocType generic to Document for correct toJSON() and toObject() return types #14526 #14469
• types(models): fix incorrect bulk write options #14513 emiljanitzek
• docs: add documentation for calling schema.post() with async function #14514 #14305

7.6.11 / 2024-04-11

• fix(populate): avoid match function filtering out null values in populate result #14518
• fix(schema): support setting discriminator options in Schema.prototype.discriminator() #14493 #14448
• fix(schema): deduplicate idGetter so creating multiple models with same schema doesn't result in multiple id getters #14492 #14457

6.12.8 / 2024-04-10

• fix(document): handle virtuals that are stored as objects but getter returns string with toJSON #14468 #14446
• fix(schematype): consistently set wasPopulated to object with value property rather than boolean #14418
• docs(model): add extra note about lean option for insertMany() skipping casting #14415 #14376

Commits

• 6861d8d chore: release 8.3.2
• 0c5ec09 Merge pull request #14526 from Automattic/vkarpov15/gh-14469
• cc84536 chore: add missing header to changelog
• 8bffb11 chore: fix dangling merge conflict in CHANGELOG
• 904c436 types(DocumentArray): pass DocType generic to Document for correct toJSON() a...
• 78bbcb5 Merge pull request #14513 from emiljanitzek/feature/bulk-write-types
• 480c3f3 Merge branch '7.x'
• c97c060 chore: release 7.6.11
• 247d029 fix(populate): avoid match function filtering out null values in populate r...
• 2d4cbb8 Merge pull request #14518 from Automattic/vkarpov15/gh-14494
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/mongoose	8.3.2	🟢 7.7	Details Check Score Reason Code-Review 🟢 5 Found 10/20 approved changesets -- score normalized to 5 Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 9 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 8 SAST tool detected but not run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3
npm/mongoose	8.3.1	🟢 7.7	Details Check Score Reason Code-Review 🟢 5 Found 10/20 approved changesets -- score normalized to 5 Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 9 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 8 SAST tool detected but not run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3
npm/mongoose	^8.3.2	🟢 7.7	Details Check Score Reason Code-Review 🟢 5 Found 10/20 approved changesets -- score normalized to 5 Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 9 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 8 SAST tool detected but not run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3
npm/mongoose	^8.0.0	🟢 7.7	Details Check Score Reason Code-Review 🟢 5 Found 10/20 approved changesets -- score normalized to 5 Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 9 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 8 SAST tool detected but not run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3

Scanned Manifest Files

package-lock.json

• [email protected]
• [email protected]

package.json

• mongoose@^8.3.2
• mongoose@^8.0.0

[netlify]

✅ Deploy Preview for splendorous-snickerdoodle-0e3599 ready!

Name	Link
🔨 Latest commit	9e1b375
🔍 Latest deploy log	https://app.netlify.com/sites/splendorous-snickerdoodle-0e3599/deploys/6626e4c09c58ec0008a054b9
😎 Deploy Preview	https://deploy-preview-87--splendorous-snickerdoodle-0e3599.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.