Bump mongoose from 5.7.14 to 5.9.0

[dependabot-preview]

Bumps mongoose from 5.7.14 to 5.9.0.

Changelog

Sourced from mongoose's changelog.

5.9.0 / 2020-02-13

• fix: upgrade to MongoDB driver 3.5 #8520 #8563
• feat(schematype): support setting default options for schema type (trim on all strings, etc.) #8487
• feat(populate): add perDocumentLimit option that limits per document in find() result, rather than across all documents #7318
• feat(schematype): enable setting transform option on individual schematypes #8403
• feat(timestamps): allow setting currentTime option for setting custom function to get the current time #3957
• feat(connection): add Connection#watch() to watch for changes on an entire database #8425
• feat(document): add Document#$op property to make it easier to tell what operation is running in middleware #8439
• feat(populate): support limit as top-level populate option #8445

5.8.13 / 2020-02-13

• fix(populate): use safe get to avoid crash if schematype doesn't have options #8586

5.8.12 / 2020-02-12

• fix(query): correctly cast dbref $id with $elemMatch #8577
• fix(populate): handle populating when some embedded discriminator schemas have refPath but none of the subdocs have refPath #8553
• docs: add useUnifiedTopology to homepage example #8558 AbdelrahmanHafez
• refactor(utils): moving promiseOrCallback to helpers/promiseOrCallback #8573 hugosenari

5.8.11 / 2020-01-31

• fix(document): allow calling validate() multiple times in parallel on subdocs to avoid errors if Mongoose double-validates taxilian #8548 #8539
• fix(connection): allow calling initial mongoose.connect() after connection helpers on the same tick #8534
• fix(connection): throw helpful error when callback param to mongoose.connect() or mongoose.createConnection() is not a function #8556
• fix(drivers): avoid unnecessary caught error when importing #8528
• fix(discriminator): remove unnecessary utils.merge() samgladstone #8542
• docs: add "built with mongoose" page #8540

5.8.10 / 2020-01-27

• perf(document): improve performance of document creation by skipping unnecessary split() calls #8533 igrunert-atlassian
• fix(document): only call validate once for deeply nested subdocuments #8532 #8531 taxilian
• fix(document): create document array defaults in forward order, not reverse #8514
• fix(document): allow function as message for date min/max validator #8512
• fix(populate): don't try to populate embedded discriminator that has populated path but no refPath #8527
• fix(document): plugins from base schema when creating a discriminator #8536 samgladstone
• fix(document): ensure parent and ownerDocument are set for subdocs in document array defaults #8509
• fix(document): dont set undefined keys to null if minimize is false #8504
• fix(update): bump timestamps when using update aggregation pipelines #8524
• fix(model): ensure cleanIndexes() drops indexes with different collations #8521
• docs(model): document insertMany lean option #8522
• docs(connections): document authSource option #8517

5.8.9 / 2020-01-17

• fix(populate): skip populating embedded discriminator array values that don't have a refPath #8499
• docs(queries): clarify when to use queries versus aggregations #8494

... (truncated)

Commits

• 34eef34 chore: release 5.9.0
• 868ad17 Merge pull request #8592 from Automattic/5.9
• 0bf6afc chore: upgrade mongodb driver -> 3.5.3
• de4e655 Merge branch '5.9' of github.com:Automattic/mongoose into 5.9
• 79651b7 Merge branch 'master' into 5.9
• 849afd2 chore: release 5.8.13
• 55a3464 fix(populate): use safe get to avoid crash if schematype doesn't have options
• b90dbe9 Merge pull request #8584 from hugosenari/decouple-clone
• 18ea0a8 style(tests) remove comment
• ff41b74 refactor(utils): moving clone to helpers/clone
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[dependabot-preview]

Superseded by #77.