[Snyk] Security upgrade mongoose from 7.6.8 to 8.0.0

[fengmk2]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	823/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 8.6	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: mongoose

The new version differs by 129 commits.

• 5821568 chore: release 8.0.0
• 3f850ce docs: add version support notes for Mongoose 8, including EOL date for Mongoose 6
• db92dd9 Merge pull request #14004 from hasezoey/fixwebsite
• 68166bf chore(scripts/website): fix script to correctly parse "-rc" like versions
• c28cffe chore: release 8.0.0-rc0
• 4280457 Merge pull request #13937 from Automattic/8.0
• 502ec4b Merge pull request #13990 from Automattic/vkarpov15/gh-13897
• 572e018 chore: add 8.0.0-rc0 changelog
• b567ec6 feat: upgrade to MongoDB driver 6.2.0
• 9e9ad37 Merge branch 'master' into 8.0
• d3d2ec4 docs(migrating_to_8): add note about #13897 to migration guide
• 8d61a7d Merge branch '8.0' into vkarpov15/gh-13897
• f923f6c Merge pull request #13989 from Automattic/vkarpov15/gh-13578
• 30888e3 test: fix typescript tests
• ce66e23 fix lint
• 8fe5c36 docs: fix lint
• c7f110e docs(migrating_to_8): add note about `overwrite` to migration guide
• d6cd1db test: fix a couple of failing tests
• 84ac690 Merge branch '8.0' into vkarpov15/gh-13578
• c5b16fe test: add additional assert re: code review comment
• b630afb docs(migrating_to_8): add missing issues to migration guide
• eefe935 Merge branch 'master' into 8.0
• 4a2cb0b types(models): make all properties to Model constructor optional
• f6ed0eb refactor: remove remaining usage of `overwrite` option

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Server-side Request Forgery (SSRF)

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/mongoose@8.1.2	Transitive: environment, filesystem, network, shell	+17	9.62 MB	vkarpov15

🚮 Removed packages: npm/mongoose@7.6.8

View full report↗︎

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (4d95371) 98.84% compared to head (377633d) 98.84%.
Report is 1 commits behind head on master.

Additional details and impacted files

@@           Coverage Diff           @@
##           master      #61   +/-   ##
=======================================
  Coverage   98.84%   98.84%           
=======================================
  Files           6        6           
  Lines         173      173           
  Branches       36       36           
=======================================
  Hits          171      171           
  Misses          2        2           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.