Bump the server-dependencies group across 1 directory with 5 updates

[dependabot]

Bumps the server-dependencies group with 5 updates in the /server directory:

Package	From	To
mongoose	6.13.5	6.13.8
nodemailer	6.9.16	6.10.0
@types/jsonwebtoken	9.0.7	9.0.8
@types/node	18.19.68	18.19.75
prettier	3.4.2	3.5.0

Updates mongoose from 6.13.5 to 6.13.8

Release notes

Sourced from mongoose's releases.

6.13.8 / 2025-01-20

• chore: remove coverage output from bundle

6.13.7 / 2025-01-20

• chore: re-release to force npm audit to pick up 6.x fix for CVE-2025-23061

6.13.6 / 2025-01-13

• fix: disallow nested $where in populate match

Changelog

Sourced from mongoose's changelog.

6.13.8 / 2025-01-20

• chore: remove coverage output from bundle

7.8.5 / 2025-01-20

• chore: re-release to force npm audit to pick up 6.x fix for CVE-2025-23061

6.13.7 / 2025-01-20

• chore: re-release to force npm audit to pick up 6.x fix for CVE-2025-23061

8.9.5 / 2025-01-13

• fix: disallow nested $where in populate match CVE-2025-23061
• fix(schema): handle bitwise operators on Int32 #15176 #15170

7.8.4 / 2025-01-13

• fix: disallow nested $where in populate match CVE-2025-23061

6.13.6 / 2025-01-13

• fix: disallow nested $where in populate match CVE-2025-23061

8.9.4 / 2025-01-09

• fix(document): fix document not applying manual populate when using a function in schema.options.ref #15138 IchirokuXVI
• fix(model): make Model.validate() static correctly cast document arrays #15169 #15164
• fix(model): allow passing validateBeforeSave option to bulkSave() to skip validation #15161 #15156
• fix(schema): allow multiple self-referencing discriminator schemas using Schema.prototype.discriminator #15142 #15120
• types: avoid BufferToBinary<> wiping lean types when passed to generic functions #15160 #15158
• docs: fix <code> in header ids #15159
• docs: fix header in field-level-encryption.md #15137 damieng

8.9.3 / 2024-12-30

• fix(schema): make duplicate index error a warning for now to prevent blocking upgrading #15135 #15112 #15109
• fix(model): handle document array paths set to non-array values in Model.castObject() #15124 #15075
• fix(document): avoid using childSchemas.path for compatibility with pre-Mongoose-8.8 schemas #15131 #15071
• fix(model): avoid throwing unnecessary error if updateOne() returns null in save() #15126
• perf(cursor): clear the stack every time if using populate with batchSize to avoid stack overflows with large docs #15136 #10449
• types: make BufferToBinary avoid Document instances #15123 #15122
• types(model+query): avoid stripping out virtuals when calling populate with paths generic #15132 #15111
• types(schema): add missing removeIndex #15134
• types: add cleanIndexes() to IndexManager interface #15127
• docs: move search endpoint to netlify #15119

8.9.2 / 2024-12-19

... (truncated)

Commits

• 4327685 chore: release 6.13.8
• c897e23 chore: ignore coverage in npm publish
• e9b72f6 chore: ignore notes file
• eeee55f chore: pin ubuntu 20 for RS tests re: typegoose/mongodb-memory-server#732
• 7d1f69a chore: correct location for libssl install
• c1ee8cc test: attempt to fix libcrypto test failure for RS tests
• c89c47e chore: release 6.13.7
• e59e342 chore: release 6.13.6
• 64a9f97 fix: disallow nested $where in populate match
• See full diff in compare view

Updates nodemailer from 6.9.16 to 6.10.0

Release notes

Sourced from nodemailer's releases.

v6.10.0

6.10.0 (2025-01-23)

Features

• services: add Seznam email service configuration (#1695) (d1ae0a8)

Bug Fixes

• proxy: Set error and timeout errors for proxied sockets (aa0c99c)

Changelog

Sourced from nodemailer's changelog.

6.10.0 (2025-01-23)

Features

• services: add Seznam email service configuration (#1695) (d1ae0a8)

Bug Fixes

• proxy: Set error and timeout errors for proxied sockets (aa0c99c)

Commits

• 0856796 chore(master): release 6.10.0 [skip-ci] (#1700)
• db59df0 Bumped deps
• aa0c99c fix(proxy): Set error and timeout errors for proxied sockets
• 15146d8 Proton mail fix, issue: nodemailer/nodemailer#1691...
• d1ae0a8 feat(services): add Seznam email service configuration (#1695)
• See full diff in compare view

Updates @types/jsonwebtoken from 9.0.7 to 9.0.8

Commits

• See full diff in compare view

Updates @types/node from 18.19.68 to 18.19.75

Commits

• See full diff in compare view

Updates prettier from 3.4.2 to 3.5.0

Release notes

Sourced from prettier's releases.

3.5.0

diff

🔗 Release note

Changelog

Sourced from prettier's changelog.

3.5.0

diff

🔗 Release Notes

Commits

• 7584432 Release 3.5.0
• 4797054 Remove blog post
• 5ed5dc0 Fix a link in changelog (#17088)
• d8c21c5 Fix tag notation in changelog (#17087)
• 0fcd5db Separate license and third-party licenses (#17073)
• 0c2b4bb chore(deps): update babel to v7.26.8 (#17084)
• e3a5595 chore(deps): update babel to v7.26.8 (#17083)
• 4a5ad1f Add disable_search to codecov/codecov-action (#17082)
• b997ce3 chore(deps): update dependency @​glimmer/syntax to v0.94.3 (#17080)
• 7a6273b chore(deps): update dependency esbuild to v0.25.0 (#17081)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions