Bump mongoose from 8.9.4 to 8.9.6

[dependabot]

Bumps mongoose from 8.9.4 to 8.9.6.

Release notes

Sourced from mongoose's releases.

8.9.6 / 2025-01-31

• fix(document): allow setting values to undefined with set(obj) syntax with strict: false #15207 #15192
• fix(schema): improve reason for UUID cast error, currently a TypeError #15215 #15202
• fix(aggregate): improve error when calling near() with invalid coordinates #15206 #15188

8.9.5 / 2025-01-13

• fix: disallow nested $where in populate match
• fix(schema): handle bitwise operators on Int32 #15176 #15170

Changelog

Sourced from mongoose's changelog.

8.9.6 / 2025-01-31

• fix(document): allow setting values to undefined with set(obj) syntax with strict: false #15207 #15192
• fix(schema): improve reason for UUID cast error, currently a TypeError #15215 #15202
• fix(aggregate): improve error when calling near() with invalid coordinates #15206 #15188

7.8.6 / 2025-01-20

• chore: remove coverage output from bundle

6.13.8 / 2025-01-20

• chore: remove coverage output from bundle

7.8.5 / 2025-01-20

• chore: re-release to force npm audit to pick up 6.x fix for CVE-2025-23061

6.13.7 / 2025-01-20

• chore: re-release to force npm audit to pick up 6.x fix for CVE-2025-23061

8.9.5 / 2025-01-13

• fix: disallow nested $where in populate match CVE-2025-23061
• fix(schema): handle bitwise operators on Int32 #15176 #15170

7.8.4 / 2025-01-13

• fix: disallow nested $where in populate match CVE-2025-23061

6.13.6 / 2025-01-13

• fix: disallow nested $where in populate match CVE-2025-23061

Commits

• 6107403 chore: release 8.9.6
• 5f0c105 Merge pull request #15215 from Automattic/vkarpov15/gh-15202
• 1e8db47 fix(schema): improve reason for UUID cast error, currently a TypeError
• 25bd7d8 Merge pull request #15206 from Automattic/vkarpov15/gh-15188
• a6c8513 docs(aggregate): add note explaining near
• fbd63c7 Merge pull request #15207 from Automattic/vkarpov15/gh-15192
• fd11431 fix(document): allow setting values to undefined with set(obj) syntax with st...
• 6e5e048 fix tests
• 37fd3a0 fix(aggregate): improve error when calling near() with invalid coordinates
• 1020947 chore: remove dangling git merge issue from changelog
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #149.