Bump mongoose from 8.22.1 to 9.1.6

[dependabot]

Bumps mongoose from 8.22.1 to 9.1.6.

Release notes

Sourced from mongoose's releases.

9.1.6 / 2026-02-04

• fix: handle other top-level query operators in sanitizeFilter
• fix(types): fix toObject() type inference with timestamps + virtuals #15975 #15965 AbdelrahmanHafez
• fix(populate): defer subpopulate until after match functions to avoid comparing populated subdocs #15981 mongodb-js/mongoose-autopopulate#112
• fix(DocumentArray): correctly clone subdocument when updating document array #15978 #15973
• fix(documentArray): fix change tracking for documentArrays in nested maps #15983 #15970 AbdelrahmanHafez
• docs: clarify that you need to explicitly create timeseries collection before inserting document #15990 #15986

9.1.5 / 2026-01-20

• fix(map): validate map subdocument when loaded with init #15960 #15957 AbdelrahmanHafez
• fix(discriminator): prevent indexes and callQueue duplication with shared nested schemas #15974 #15966 AbdelrahmanHafez
• fix(subdocuments): do not pass parent path on init #15970 #15969 #15682 AbdelrahmanHafez
• types(inferrawdoctype): correct handling for subdocs and doc arrays #15967 #13772
• docs: improve grammar and clarity in TypeScript schema comments #15971 harshsinghpujari

9.1.4 / 2026-01-15

• fix: attach sessions to docs retrieved by cursor #15953 #15949 mjfwalsh
• fix(model): make hydrate() handle nested schema arrays #15964 #15956
• fix(clone): fix parent doc for map subdocuments and array subdocuments #15958 #15954 AbdelrahmanHafez
• fix: prevent crash when accessing nested paths on prototype #15962 #15961 som14062005

9.1.3 / 2026-01-09

• fix(model): support timestamps option to insertMany() as both boolean and QueryTimestampsConfig #15941 #15938
• fix(query): include preview of current and incoming update in error when merging normal update with pipeline #15939 #15928
• types(model): apply basic type casting to paths underneath subdocuments #15948 #15947
• types(utility): make WithLevel1NestedPaths correctly handle PopulatedDoc and other TypeScript unions with Document members #15942 #15923
• docs(schema): expose "DocumentArrayElement" #15590 hasezoey

9.1.2 / 2025-01-05

• fix(subdocs): pass options to pre-save hooks for subdocs #15921 #15920 AbdelrahmanHafez
• perf(model): select only _id when checking document existence during save() #15919 AbdelrahmanHafez

9.1.1 / 2025-12-30

• fix(document): avoid 'Cannot mix array and object updates' on doc.updateOne() with pipeline #15928
• docs: update default search version to 9.x #15926 #15925

9.1.0 / 2025-12-29

• feat(model): make pathsToSave handle saving just a subpath of a modified path #15896
• feat(document+model): pass options to pre('deleteOne') and update+options to pre('updateOne') hooks #15908 #15870
• feat(versioning): optimistic concurrency exclude option, update docs for optimisticConcurrency options #15917 #15915 #15912 AbdelrahmanHafez
• feat(document): add support for getAtomics() to allow custom container types to utilize atomics #15817
• perf: optimize Object.keys() checks and optional chaining #15865 AbdelrahmanHafez
• fix: add support for typescript style enums #15914 #15913 mjfwebb

... (truncated)

Changelog

Sourced from mongoose's changelog.

9.1.6 / 2026-02-04

• fix: handle other top-level query operators in sanitizeFilter
• fix(types): fix toObject() type inference with timestamps + virtuals #15975 #15965 AbdelrahmanHafez
• fix(populate): defer subpopulate until after match functions to avoid comparing populated subdocs #15981 mongodb-js/mongoose-autopopulate#112
• fix(DocumentArray): correctly clone subdocument when updating document array #15978 #15973
• fix(documentArray): fix change tracking for documentArrays in nested maps #15983 #15970 AbdelrahmanHafez
• docs: clarify that you need to explicitly create timeseries collection before inserting document #15990 #15986

Commits

• dfff2a5 chore: release 9.1.6
• 1b06959 test: remove hydrate with strict mode test for now
• fad4514 style: fix lint
• ffe31d7 Merge branch '8.x'
• 41fb971 docs: add missing changelog entries
• c893a91 Merge pull request #15992 from Automattic/vkarpov15/npm-audit
• 80fadc1 remove eslint plugin markdown and bump cheerio
• 95a6915 Merge pull request #15981 from Automattic/vkarpov15/mongodb-js/mongoose-autop...
• 28ccf64 Merge pull request #15990 from Automattic/vkarpov15/gh-15986
• e7518f6 add types/node to deps
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)