Bump mongodb and mongoose in /5-holamundo/backend

[dependabot]

Bumps mongodb to 5.9.1 and updates ancestor dependency mongoose. These dependencies need to be updated together.

Updates mongodb from 5.7.0 to 5.9.1

Release notes

Sourced from mongodb's releases.

v5.9.1

5.9.1 (2023-10-18)

The MongoDB Node.js team is pleased to announce version 5.9.1 of the mongodb package!

Release Notes

insertedIds in bulk write now contain only successful insertions

Prior to this fix, the bulk write error's result.insertedIds property contained the _id of each attempted insert in a bulk operation.

Now, when a bulkwrite() or an insertMany() operation rejects one or more inserts, throwing an error, the error's result.insertedIds property will only contain the _id fields of successfully inserted documents.

Fixed edge case leak in findOne()

When running a findOne against a time series collection, the driver left the implicit session for the cursor un-ended due to the way the server returns the resulting cursor information. Now the cursor will always be cleaned up regardless of the outcome of the find operation.

Bug Fixes

• NODE-5627: BulkWriteResult.insertedIds includes ids that were not inserted (#3870) (d766ae2)
• NODE-5691: make findOne() close implicit session to avoid memory leak (#3889) (0d6c9cd)

Documentation

• Reference
• API
• Changelog

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v5.9.0

5.9.0 (2023-09-14)

The MongoDB Node.js team is pleased to announce version 5.9.0 of the mongodb package!

Release Notes

Bumped bson version to make use of new Decimal128 behaviour

In this release, we have adopted the changes made to Decimal128 in bson version 5.5. The Decimal128 constructor and fromString() methods now throw when detecting a loss of precision (more than 34 significant digits). We also expose a new fromStringWithRounding() method which restores the previous rounding behaviour.

See the bson v5.5.0 release notes for more information.

Use region settings for STS AWS credentials request

When using IAM AssumeRoleWithWebIdentity AWS authentication the driver uses the @​aws-sdk/credential-providers package to contact the Security Token Service API for temporary credentials. AWS recommends using Regional AWS STS endpoints instead of the global endpoint to reduce latency, build-in redundancy, and increase session token validity. Unfortunately, environment variables AWS_STS_REGIONAL_ENDPOINTS and AWS_REGION do not directly control the region the SDK's STS client contacts for credentials.

The driver now has added support for detecting these variables and setting the appropriate options when calling the SDK's API: fromNodeProviderChain().

... (truncated)

Changelog

Sourced from mongodb's changelog.

5.9.1 (2023-10-18)

Bug Fixes

• NODE-5627: BulkWriteResult.insertedIds includes ids that were not inserted (#3870) (d766ae2)
• NODE-5691: make findOne() close implicit session to avoid memory leak (#3889) (0d6c9cd)

5.9.0 (2023-09-14)

Features

• NODE-5564: bump bson version to ^5.5.0 (#3865) (dc110e0)

Bug Fixes

• NODE-5550: set AWS region from environment variable for STSClient (#3851) (2fab06b)
• NODE-5587: recursive calls to next cause memory leak (#3842) (f60f1b5)

5.8.1 (2023-08-23)

Bug Fixes

• NODE-5572: fix saslprep import (#3837) (250dc21)

5.8.0 (2023-08-21)

Features

• NODE-5399: use mongodb-js/saslprep instead of saslprep (#3818) (c0d3927)
• NODE-5429: deprecate the AutoEncrypter interface (#3764) (9bb0d95)
• NODE-5465,NODE-5538: lower @aws-sdk/credential-providers version to 3.188.0 and zstd to ^1.0.0 (#3821) (39ff81d)
• NODE-5489: update kerberos dependency (8c25d6d)

Bug Fixes

• NODE-5489: set kerberos compatibility to ^1.0.0 || ^2.0.0 (#3803) (c3b35b3)
• NODE-5495: do not emit deprecation warning when tlsCertificateKeyFile is specified and tlsCertificateFile is not (#3810) (e81d4a2)
• NODE-5537: remove credentials from ConnectionPoolCreatedEvent options (#3813) (4cf1e96)

Commits

• 0c16582 chore(5.x): release 5.9.1 [skip-ci] (#3878)
• 0d6c9cd fix(NODE-5691): make findOne() close implicit session to avoid memory leak (#...
• df0780e test(NODE-5705): fix failing explain tests (#3894)
• efb5e93 test(NODE-5695): update azure configuration (#3892)
• 2ab2189 ci(NODE-5668): remove custom dep tests against master and fix prose test 14 (...
• 74833fb ci(NODE-5664): unit test on all supported Node versions (#3885)
• 296faac ci(NODE-5653): remove vars from ci config (#3880)
• d766ae2 fix(NODE-5627): BulkWriteResult.insertedIds includes ids that were not insert...
• 6f67539 docs(no-story): build docs for 5.9 release (#3868)
• 6861e19 chore(5.x): release 5.9.0 [skip-ci] (#3852)
• Additional commits viewable in compare view

Updates mongoose from 7.4.2 to 7.6.11

Release notes

Sourced from mongoose's releases.

7.6.3 / 2023-10-17

• fix(populate): handle multiple spaces when specifying paths to populate using space-delimited paths #13984 #13951
• fix(update): avoid applying defaults on query filter when upserting with empty update #13983 #13962
• fix(model): add versionKey to bulkWrite when inserting or upserting #13981 #13944
• docs: fix typo in timestamps docs #13976 danielcoker

7.6.2 / 2023-10-13

• perf: avoid storing a separate entry in schema subpaths for every element in an array #13953 #13874
• fix(document): avoid triggering setter when initializing Model.prototype.collection to allow defining collection as a schema path name #13968 #13956
• fix(model): make bulkSave() save changes in discriminator paths if calling bulkSave() on base model #13959 #13907
• fix(document): allow calling $model() with no args for TypeScript #13963 #13878
• fix(schema): handle embedded discriminators defined using Schema.prototype.discriminator() #13958 #13898
• types(model): make InsertManyResult consistent with return type of insertMany #13965 #13904
• types(models): add cleaner type definitions for insertMany() with no generics to prevent errors when using insertMany() in generic classes #13964 #13957
• types(schematypes): allow defining map path using type: 'Map' in addition to type: Map #13960 #13755

7.6.1 / 2023-10-09

• fix: bump bson to match mongodb@5.9.0 exactly #13947 hasezoey
• fix: raw result deprecation message #13954 simllll
• type: add types for includeResultMetadata #13955 simllll
• perf(npmignore): ignore newer files #13946 hasezoey
• perf: move mocha config from package.json to mocharc #13948 hasezoey

7.6.0 / 2023-10-06

• feat: upgrade mongodb node driver -> 5.9.0 #13927 #13926 sanguineti
• fix: avoid CastError when passing different value of discriminator key in $or #13938 #13906

7.5.4 / 2023-10-04

• fix: avoid stripping out id property when _id is set #13933 #13892 #13867
• fix(QueryCursor): avoid double-applying schema paths so you can include select: false fields with + projection using cursors #13932 #13773
• fix(query): allow deselecting discriminator key using - syntax #13929 #13760
• fix(query): handle $round in $expr as array #13928 #13881
• fix(document): call pre('validate') hooks when modifying a path underneath triply nested subdoc #13912 #13876
• fix(mongoose): correctly handle global applyPluginsToChildSchemas option #13911 #13887
• types: add insertMany array overload with options #13931 t1bb4r
• docs(compatibility): add Mongoose 7 support to compatibility matrix #13875
• docs: amend some awkward FAQ wording #13925 peteboere

7.5.3 / 2023-09-25

• fix(document): handle MongoDB Long when casting BigInts #13869 #13791
• fix(model): make bulkSave() persist changes that happen in pre('save') middleware #13885 #13799
• fix: handle casting $elemMatch underneath $not underneath another $elemMatch #13893 #13880
• fix(model): make bulkWrite casting respect global setDefaultsOnInsert #13870 #13823
• fix(document): handle default values for discriminator key with embedded discriminators #13891 #13835

... (truncated)

Changelog

Sourced from mongoose's changelog.

7.6.11 / 2024-04-11

• fix(populate): avoid match function filtering out null values in populate result #14518
• fix(schema): support setting discriminator options in Schema.prototype.discriminator() #14493 #14448
• fix(schema): deduplicate idGetter so creating multiple models with same schema doesn't result in multiple id getters #14492 #14457

6.12.8 / 2024-04-10

• fix(document): handle virtuals that are stored as objects but getter returns string with toJSON #14468 #14446
• fix(schematype): consistently set wasPopulated to object with value property rather than boolean #14418
• docs(model): add extra note about lean option for insertMany() skipping casting #14415 #14376

8.3.1 / 2024-04-08

• fix(document): make update minimization unset property rather than setting to null #14504 #14445
• fix(model): make Model.recompileSchema() also re-apply discriminators #14500 #14444
• fix(schema): deduplicate idGetter so creating multiple models with same schema doesn't result in multiple id getters #14492
• fix: update kareem -> 2.6.3 for index.d.ts #14508 #14497
• fix(mongoose): make setDriver() update mongoose.model() connections and collections #14505
• types(validation): support function for validator message property, and add support for accessing validator reason #14499 #14496
• docs: remove typo #14501 epmartini

8.3.0 / 2024-04-03

• feat: use mongodb@6.5.0
• feat(document): add validateAllPaths option to validate() and validateSync() #14467 #14414
• feat: pathsToSave option to save() function #14385 #9583
• feat(query): add options parameter to Query.prototype.sort() #14375 #14365
• feat: add function SchemaType.prototype.validateAll #14434 #6910
• fix: handle array schema definitions with of keyword #14447 #14416
• types: add overwriteMiddlewareResult and skipMiddlewareFunction to types #14328 #14829

8.2.4 / 2024-03-28

• types(query): bring "getFilter" and "getQuery" in-line with "find" and other types #14463 hasezoey
• types(schema): re-export the defintion for SearchIndexDescription #14464 noseworthy
• docs: removed unused hook from docs #14461 bernardarhia

8.2.3 / 2024-03-21

• fix(schema): avoid returning string 'nested' as schematype #14453 #14443 #14435
• types(schema): add missing search index types #14449 noseworthy
• types: improve the typing of FilterQuery type to prevent it from only getting typed to any #14436 #14398 #14397

8.2.2 / 2024-03-15

• fix(model): improve update minimizing to only minimize top-level properties in the update #14437 #14420 #13782
• fix: add Null check in case schema.options['type'][0] is undefined #14431 Atharv-Bobde
• types: consistently infer array of objects in schema as a DocumentArray #14430 #14367
• types: add TypeScript interface for the new PipelineStage - Vector Search - solving issue #14428 #14429 jkorach

... (truncated)

Commits

• c97c060 chore: release 7.6.11
• 247d029 fix(populate): avoid match function filtering out null values in populate r...
• bf70152 Merge branch '6.x' into 7.x
• c00a715 chore: release 6.12.8
• 8a8bea5 Merge pull request #14493 from Automattic/vkarpov15/gh-14448
• f1ed8b1 fix(schema): deduplicate idGetter so creating multiple models with same schem...
• f845fb2 fix(schema): support setting discriminator options in Schema.prototype.discri...
• d3cb2ab Merge pull request #14468 from Automattic/vkarpov15/gh-14446
• 69a0581 fix(document): handle virtuals that are stored as objects but getter returns ...
• 759f0d4 Merge pull request #14458 from Automattic/vkarpov15/gh-14418
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.