Bump mongoose from 5.7.14 to 5.8.9

[dependabot-preview]

Bumps mongoose from 5.7.14 to 5.8.9.

Changelog

Sourced from mongoose's changelog.

5.8.9 / 2020-01-17

• fix(populate): skip populating embedded discriminator array values that don't have a refPath #8499
• docs(queries): clarify when to use queries versus aggregations #8494

5.8.8 / 2020-01-14

• fix(model): allow using lean with insertMany() #8507 #8234 ntsekouras
• fix(document): don't throw parallel validate error when validating subdoc underneath modified nested path #8486
• fix: allow typePojoToMixed as top-level option #8501 #8500 AbdelrahmanHafez
• docs(populate+schematypes): make note of _id getter for ObjectIds in populate docs #8483

5.8.7 / 2020-01-10

• fix(documentarray): modify ownerDocument when setting doc array to a doc array thats part of another document #8479
• fix(document): ensure that you can call splice() after slice() on an array #8482
• docs(populate): improve cross-db populate docs to include model refs #8497

5.8.6 / 2020-01-07

• chore: merge changes from 4.13.20 and override mistaken publish to latest tag

4.13.20 / 2020-01-07

• fix(schema): make aliases handle mongoose-lean-virtuals #6069

5.8.5 / 2020-01-06

• fix(document): throw error when running validate() multiple times on the same document #8468
• fix(model): ensure deleteOne() and deleteMany() set discriminator filter even if no conditions passed #8471
• fix(document): allow pre('validate') hooks to throw errors with name = 'ValidationError' #8466
• fix(update): move top level $set of immutable properties to $setOnInsert so upserting with immutable properties actually sets the property #8467
• fix(document): avoid double-running validators on single nested subdocs within single nested subdocs #8468
• fix(populate): support top-level match option for virtual populate #8475
• fix(model): avoid applying skip when populating virtual with count #8476

5.8.4 / 2020-01-02

• fix(populate): ensure populate virtual gets set to empty array if localField is undefined in the database #8455
• fix(connection): wrap mongoose.connect() server selection timeouts in MongooseTimeoutError for more readable stack traces #8451
• fix(populate): allow deselecting foreignField from projection by prefixing with - #8460
• fix(populate): support embedded discriminators with refPath when not all discriminator schemas have refPath #8452
• fix(array): allow defining enum on array if an array of numbers #8449

5.8.3 / 2019-12-23

• fix: upgrade mongodb -> 3.4.1 #8430 jaschaio
• fix(populate): don't add empty subdocument to array when populating path underneath a non-existent document array #8432
• fix(schema): handle _id option for document array schematypes #8450
• fix(update): call setters when updating mixed type #8444

... (truncated)

Commits

• a28515d chore: release 5.8.9
• 5b2b0e5 docs(queries): clarify when to use queries versus aggregations
• d62e141 chore: now working on 5.8.9
• b186b93 test(populate): reuse collections where possible for populate() tests
• b5f744e style: fix lint
• b636c08 fix(populate): skip populating embedded discriminator array values that don't...
• 6af9874 test(populate): repro #8499
• 14165e7 chore: update opencollective sponsors
• 6c42e00 chore: update size
• 96af6ba chore: update opencollective sponsor
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[dependabot-preview]

Superseded by #73.