[Snyk] Security upgrade mongoose from 5.4.10 to 5.7.5

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

✨ Snyk has automatically assigned this pull request, set who gets assigned.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:

  • package.json
  • package-lock.json

• Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches.
  Find out more.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	509/1000 Why? Has a fix available, CVSS 5.9	Information Exposure SNYK-JS-MONGOOSE-472486	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: mongoose

The new version differs by 250 commits.

• 40a879b chore: release 5.7.5
• 159457d chore: add vpn black friday as sponsor
• e6285ea Merge pull request #8244 from AbdelrahmanHafez/master
• d9163f5 fix: correct order for declaration
• cec9dda Minor refactor to ValidationError
• 13ae085 docs(index): add favicon to home page
• 96ce0eb style: fix lint
• 973b1e0 docs: add schema options to API docs
• cdfb507 chore: add useUnifiedTopology for tests re: #8212
• 936ddfb fix(update): handle subdocument pre('validate') errors in update validation
• 98b3b09 test(update): repro #7187
• b9c1012 docs(middleware): add note about accessing the document being updated in pre('findOneAndUpdate')
• 327b47a fix(subdocument): make subdocument#isModified use parent document's isModified
• 54db026 test(subdocument): repro #8223
• 89eb449 chore: now working on 5.7.5
• ffbff22 chore: change version for recompiling website
• 0562ca7 chore: add opencollective sponsors: top web design companies, casino top
• ee22c09 chore: now working on 5.7.5
• f3eca5b fix(query): delete top-level `_bsontype` property in queries to prevent silent empty queries
• cc10e0d test(query): repro #8222
• ede5aef chore: release 5.7.4
• 402db1a fix(model): support passing `options` to `Model.remove()`
• 7a20276 fix(schema): handle `required: null` and `required: undefined` as `required: false`
• 9b4a323 test(schema): repro #8219

See the full diff

With a Snyk patch:

Severity	Priority Score (*)	Issue	Exploit Maturity
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:ms:20170412	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

👩‍💻 Set who automatically gets assigned

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic